/** * @param \Symfony\Component\HttpFoundation\Request $request * @throws \AerialShip\SamlSPBundle\Error\SSOSessionException * @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null */ public function manage(Request $request) { /** @var SamlSpToken $token */ $token = $this->securityContext->getToken(); $samlSpInfo = $token->getSamlSpInfo(); $ssoState = $this->ssoStore->getOneByNameIDSessionIndex($token->getProviderKey(), $samlSpInfo->getAuthenticationServiceID(), $samlSpInfo->getNameID()->getValue(), $samlSpInfo->getAuthnStatement()->getSessionIndex()); if ($ssoState == null || $ssoState->getNameID() != $samlSpInfo->getNameID()->getValue()) { $this->securityContext->setToken(new AnonymousToken($this->providerKey, 'anon.')); $ex = new SSOSessionException('SSO session has expired'); $ex->setToken($token); throw $ex; } return null; }
protected function createSSOState(ServiceInfo $serviceInfo, Assertion $assertion) { $ssoState = $this->ssoStore->create(); $ssoState->setNameID($assertion->getSubject()->getNameID()->getValue()); $ssoState->setNameIDFormat($assertion->getSubject()->getNameID()->getFormat() ?: ''); $ssoState->setAuthenticationServiceName($serviceInfo->getAuthenticationService()); $ssoState->setProviderID($serviceInfo->getProviderID()); $ssoState->setSessionIndex($assertion->getAuthnStatement()->getSessionIndex()); $this->ssoStore->set($ssoState); return $ssoState; }
protected function deleteSSOState(array $arrStates) { foreach ($arrStates as $state) { $this->ssoStore->remove($state); } }