From ed3af6482d731982d2a185d5cfea72a5c84fdabf Mon Sep 17 00:00:00 2001
From: Sabina Palakova <sabina.palakova@volny.cz>
Date: Wed, 2 Nov 2022 15:07:38 +0100
Subject: [PATCH] Fix SAML logout log messages

Fixes SAML logout log messages incorrectly referring to logout
response instead of logout request and vice versa.

Closes gh-12129
---
 .../authentication/logout/OpenSamlLogoutRequestValidator.java | 4 ++--
 .../web/authentication/logout/Saml2LogoutResponseFilter.java  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSamlLogoutRequestValidator.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSamlLogoutRequestValidator.java
index 69df68246a..84077eac3f 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSamlLogoutRequestValidator.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/logout/OpenSamlLogoutRequestValidator.java
@@ -126,7 +126,7 @@ public final class OpenSamlLogoutRequestValidator implements Saml2LogoutRequestV
 			RelyingPartyRegistration registration) {
 		return (errors) -> {
 			if (request.getIssuer() == null) {
-				errors.add(new Saml2Error(Saml2ErrorCodes.INVALID_ISSUER, "Failed to find issuer in LogoutResponse"));
+				errors.add(new Saml2Error(Saml2ErrorCodes.INVALID_ISSUER, "Failed to find issuer in LogoutRequest"));
 				return;
 			}
 			String issuer = request.getIssuer().getValue();
@@ -142,7 +142,7 @@ public final class OpenSamlLogoutRequestValidator implements Saml2LogoutRequestV
 		return (errors) -> {
 			if (request.getDestination() == null) {
 				errors.add(new Saml2Error(Saml2ErrorCodes.INVALID_DESTINATION,
-						"Failed to find destination in LogoutResponse"));
+						"Failed to find destination in LogoutRequest"));
 				return;
 			}
 			String destination = request.getDestination();
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2LogoutResponseFilter.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2LogoutResponseFilter.java
index 239249719a..f583eade21 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2LogoutResponseFilter.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/authentication/logout/Saml2LogoutResponseFilter.java
@@ -114,7 +114,7 @@ public final class Saml2LogoutResponseFilter extends OncePerRequestFilter {
 				logoutRequest.getRelyingPartyRegistrationId());
 		if (registration == null) {
 			this.logger
-					.trace("Did not process logout request since failed to find associated RelyingPartyRegistration");
+					.trace("Did not process logout response since failed to find associated RelyingPartyRegistration");
 			Saml2Error error = new Saml2Error(Saml2ErrorCodes.RELYING_PARTY_REGISTRATION_NOT_FOUND,
 					"Failed to find associated RelyingPartyRegistration");
 			response.sendError(HttpServletResponse.SC_BAD_REQUEST, error.toString());