/**
  * Starts the authentication by redirecting to the SSO endpoint
  *
  * The redirect includes the callback URI (the original URI from the given request)
  * the client identifier and a signature of the arguments with the client private key.
  *
  * @param \TYPO3\Flow\Http\Request $request The current request
  * @param \TYPO3\Flow\Http\Response $response The current response
  * @return void
  */
 public function startAuthentication(Request $request, Response $response)
 {
     $callbackUri = $request->getUri();
     if (!isset($this->options['server'])) {
         throw new Exception('Missing "server" option for SingleSignOnRedirect entry point. Please specifiy one using the entryPointOptions setting.', 1351690358);
     }
     $ssoServer = $this->ssoServerFactory->create($this->options['server']);
     $ssoClient = $this->ssoClientFactory->create();
     $redirectUri = $ssoServer->buildAuthenticationEndpointUri($ssoClient, $callbackUri);
     $response->setStatus(303);
     $response->setHeader('Location', $redirectUri);
 }
 /**
  * Notify SSO servers about the logged out client
  *
  * All active authentication tokens of type SingleSignOnToken will be
  * used to get the registered global session id and send a request
  * to the session service on the SSO server.
  *
  * @return void
  */
 public function logout()
 {
     $allConfiguration = $this->configurationManager->getConfiguration(\TYPO3\Flow\Configuration\ConfigurationManager::CONFIGURATION_TYPE_SETTINGS, 'TYPO3.Flow');
     $tokens = $this->securityContext->getAuthenticationTokensOfType('Flowpack\\SingleSignOn\\Client\\Security\\SingleSignOnToken');
     foreach ($tokens as $token) {
         $providerName = $token->getAuthenticationProviderName();
         $serverIdentifier = \TYPO3\Flow\Utility\Arrays::getValueByPath($allConfiguration, 'security.authentication.providers.' . $providerName . '.providerOptions.server');
         if ($serverIdentifier !== NULL) {
             $ssoClient = $this->ssoClientFactory->create();
             $ssoServer = $this->ssoServerFactory->create($serverIdentifier);
             $ssoServer->destroySession($ssoClient, $token->getGlobalSessionId());
         }
     }
 }
 /**
  * Touches the global session on the server to synchronize expiration between
  * clients and the server
  *
  * This is only done in a configurable minimal interval to limit the number of calls.
  *
  * @param \Flowpack\SingleSignOn\Client\Security\SingleSignOnToken $token
  * @return void
  * @throws \Flowpack\SingleSignOn\Client\Exception\SessionNotFoundException
  */
 protected function touchSessionIfNeeded(SingleSignOnToken $token)
 {
     $currentTime = time();
     if ($currentTime - $token->getLastTouchTimestamp() > $this->globalSessionTouchInterval) {
         $ssoClient = $this->ssoClientFactory->create();
         $ssoServer = $this->createSsoServer();
         $sessionId = $token->getGlobalSessionId();
         $ssoServer->touchSession($ssoClient, $sessionId);
         $token->setLastTouchTimestamp(time());
     }
 }