From 1799bde093a99f976a2e8044a5ea7736cca5530b Mon Sep 17 00:00:00 2001
From: TheCrealm <me@thecrealm.de>
Date: Wed, 20 Jun 2018 13:53:26 +0200
Subject: [PATCH 1/2] Change signOut() Method parameter $accessToken ->
 $idToken

to prevent confusion about Access and ID Token usage.
---
 src/OpenIDConnectClient.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/OpenIDConnectClient.php b/src/OpenIDConnectClient.php
index dff26b1c..9a85d88a 100644
--- a/src/OpenIDConnectClient.php
+++ b/src/OpenIDConnectClient.php
@@ -391,22 +391,22 @@ public function authenticate() {
      * Connect provider that the end-user has logged out of the relying party site
      * (the client application).
      *
-     * @param string $accessToken ID token (obtained at login)
+     * @param string $idToken ID token (obtained at login)
      * @param string $redirect URL to which the RP is requesting that the End-User's User Agent
      * be redirected after a logout has been performed. The value MUST have been previously
      * registered with the OP. Value can be null.
      *
      */
-    public function signOut($accessToken, $redirect) {
+    public function signOut($idToken, $redirect) {
         $signout_endpoint = $this->getProviderConfigValue("end_session_endpoint");
 
         $signout_params = null;
         if($redirect == null){
-          $signout_params = array('id_token_hint' => $accessToken);
+          $signout_params = array('id_token_hint' => $idToken);
         }
         else {
           $signout_params = array(
-                'id_token_hint' => $accessToken,
+                'id_token_hint' => $idToken,
                 'post_logout_redirect_uri' => $redirect);
         }
 

From cac2e6ecb036be9903a7a06810055dd62e91476a Mon Sep 17 00:00:00 2001
From: TheCrealm <me@thecrealm.de>
Date: Wed, 20 Jun 2018 13:57:10 +0200
Subject: [PATCH 2/2] Update CHANGELOG.md

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6a52b314..f4aa4b6c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 ## [Unreleased]
 
 ### Added
+* signOut() Method parameter $accessToken -> $idToken to prevent confusion about access and id tokens usage.
 * verifyJWTsignature() method private -> public #126
 * Support for providers where provider/login URL is not the same as the issuer URL. #125
 * Support for providers that has a different login URL from the issuer URL, for instance Azure Active Directory. Here, the provider URL is on the format: https://login.windows.net/(tenant-id), while the issuer claim actually is on the format: https://sts.windows.net/(tenant-id).