Merge pull request #127 from TheCrealm/master

Changed signOut() Method parameter to prevent confusion

CHANGELOG.md

@@ -103,6 +103,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 * Support for providers that has a different login URL from the issuer URL, for instance Azure Active Directory. Here, the provider URL is on the format: https://login.windows.net/(tenant-id), while the issuer claim actually is on the format: https://sts.windows.net/(tenant-id).
 
 ### Changed
+* signOut() Method parameter $accessToken -> $idToken to prevent confusion about access and id tokens usage. #127
 * refreshToken method update #124
 
 ### Removed

src/OpenIDConnectClient.php

@@ -435,23 +435,23 @@ public function authenticate() {
      * Connect provider that the end-user has logged out of the relying party site
      * (the client application).
      *
-     * @param string $accessToken ID token (obtained at login)
+     * @param string $idToken ID token (obtained at login)
      * @param string|null $redirect URL to which the RP is requesting that the End-User's User Agent
      * be redirected after a logout has been performed. The value MUST have been previously
      * registered with the OP. Value can be null.
      *
      * @throws OpenIDConnectClientException
      */
-    public function signOut($accessToken, $redirect) {
+    public function signOut($idToken, $redirect) {
         $signout_endpoint = $this->getProviderConfigValue('end_session_endpoint');
 
         $signout_params = null;
         if($redirect === null){
-            $signout_params = array('id_token_hint' => $accessToken);
+            $signout_params = array('id_token_hint' => $idToken);
         }
         else {
             $signout_params = array(
-                'id_token_hint' => $accessToken,
+                'id_token_hint' => $idToken,
                 'post_logout_redirect_uri' => $redirect);
         }