/** * {@inheritdoc} */ public function check(Request $request) { $username = CosignSharedFunctions::cosign_retrieve_remote_user(); if (isset($username) && $username != '') { return self::DENY; } }
public function cosign_login(Request $request) { $request_uri = $request->getRequestUri(); global $base_path; if (!CosignSharedFunctions::cosign_is_https()) { return new TrustedRedirectResponse('https://' . $_SERVER['HTTP_HOST'] . $request_uri); } else { if ($request_uri == $base_path) { //The front page is set to /user. we have to login here to avoid a redirect loop $username = CosignSharedFunctions::cosign_retrieve_remote_user(); $user = CosignSharedFunctions::cosign_user_status($username); if (empty($user) || $user->id() == 0) { $response = array('#type' => 'markup', '#title' => 'Auto creation of user accounts is disabled.', '#markup' => t('<p>This site does not auto create users from cosign. Please contact the <a href="mailto:' . \Drupal::config("system.site")->get("mail") . '">site administrator</a> to have an account created.</p>')); return $response; } else { if (in_array('administrator', $user->getRoles())) { drupal_set_message('When the homepage is set to /user (Drupal default), anonymous browsing will not always work', 'warning'); } $referrer = $base_path . 'user'; } } elseif (isset($_SERVER['HTTP_REFERER'])) { $referrer = $_SERVER['HTTP_REFERER']; } else { $referrer = $base_path; } return new TrustedRedirectResponse($referrer); } }
/** * {@inheritdoc} */ public function authenticate(Request $request) { $username = CosignSharedFunctions::cosign_retrieve_remote_user(); if ($user = CosignSharedFunctions::cosign_user_status($username)) { return $user; } else { if (!CosignSharedFunctions::cosign_is_friend_account($username)) { drupal_set_message(t('This site is restricted. You may try <a href="/user/login">logging in to cosign</a>.'), 'error'); } throw new AccessDeniedHttpException(); return null; } }
public function checkRedirection(FilterResponseEvent $event) { $request_uri = $event->getRequest()->getRequestUri(); if (strpos($request_uri, 'user/login') || strpos($request_uri, 'user/register')) { $response = $event->getResponse(); if (!CosignSharedFunctions::cosign_is_https()) { //settargeturl will not work if not an event from a redirect //the controller takes care of a straight user/login url //we can intercept the redirect route here and throw to https //there may be a better way to handle this // if (!strpos($response->getTargetUrl(), 'user/login') || !strpos($response->getTargetUrl(), 'user/register')) { $https_url = 'https://' . $_SERVER['HTTP_HOST'] . $request_uri; $response->setTargetUrl($https_url); // } } else { $destination = \Drupal::destination()->getAsArray()['destination']; $username = CosignSharedFunctions::cosign_retrieve_remote_user(); global $base_path; if (!$username && \Drupal::config('cosign.settings')->get('cosign_allow_anons_on_https') == 1) { $request_uri = \Drupal::config('cosign.settings')->get('cosign_login_path') . '?cosign-' . $_SERVER['HTTP_HOST'] . '&https://' . $_SERVER['HTTP_HOST']; if ($destination == $base_path . 'user/login' || $destination == $base_path . 'user/register') { $destination = $base_path; } $request_uri = $request_uri . $destination; } else { CosignSharedFunctions::cosign_user_status($username); if ($request_uri == $base_path . 'user/login' || $request_uri == $base_path . 'user/register') { $request_uri = $base_path; } else { $request_uri = $destination; } } if ($response instanceof TrustedRedirectResponse) { $response->setTargetUrl($request_uri); } else { $event->setResponse(new TrustedRedirectResponse($request_uri)); } } } }