public function transferSecurityInfo($request)
{/*{{{*/
if (false == $this->databucket->isLegal())
return 0;
$requestArgs = $request->collectAllRequest();
$this->setCryptKey($requestArgs);
$requestArgs = AuthInfo::transferSecurityInfo($request->collectAllRequest(), $request->action, $this->databucket->cryptKey);
if (is_numeric($requestArgs))
{
$this->databucket->errorCode = $requestArgs; return 0;
}
self::_log($requestArgs);
$this->args = $requestArgs;
}/*}}}*/
public function process()
{
$ssoUrl = $this->config->getValue("sso_login_url");
$userInfo = RequestManager::getRequest(ISingleSignOnRequest::INFO);
$authInfo = AuthInfo::get();
$userInfo->setup(array("action" => "webLogin"));
if ($this->unnecessaryAuth($this->request->getRequestUri())) {
$uri = substr($this->request->getRequestUri(), -1 * strlen($this->config->getValue("sso_admin_login_uri")));
if ($uri === $this->config->getValue("sso_admin_login_uri") && $this->visitPort != $this->config->getValue("sso_admin_login_port")) {
Util::redirect($this->defaultPageUrl);
}
return;
}
if (isset($_GET["logout"]) && $_GET["logout"] == "true") {
if ($this->config->getValue("sso_global_logout")) {
RequestManager::send(ISingleSignOnRequest::INVALIDTOKEN, $authInfo);
}
\OC_User::logout();
$template = new \OC_Template("singlesignon", "logout", "guest");
$template->printPage();
die;
}
if (\OC_User::isLoggedIn() && $this->config->getValue("sso_one_time_password")) {
return;
}
if (\OC_User::isLoggedIn() && !$authInfo) {
header("HTTP/1.1 " . \OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
header("Status: " . \OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
header("WWW-Authenticate: ");
header("Retry-After: 120");
$template = new \OC_Template("singlesignon", "unauthorizedActions", "guest");
$template->printPage();
die;
}
if (\OC_User::isLoggedIn() && (!RequestManager::send(ISingleSignOnRequest::VALIDTOKEN, $authInfo) && !$this->config->getValue("sso_one_time_password"))) {
header("HTTP/1.1 " . \OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
header("Status: " . \OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
header("WWW-Authenticate: ");
header("Retry-After: 120");
$template = new \OC_Template("singlesignon", "tokenExpired", "guest");
$template->printPage();
die;
}
if (!$authInfo || !RequestManager::send(ISingleSignOnRequest::VALIDTOKEN, $authInfo) && !$this->config->getValue("sso_one_time_password")) {
$url = $this->redirectUrl ? $ssoUrl . $this->config->getValue("sso_return_url_key") . $this->redirectUrl : $ssoUrl;
Util::redirect($url);
}
if (\OC_User::isLoggedIn()) {
return;
}
if (empty($ssoUrl) || !$userInfo->send($authInfo) || !$userInfo->hasPermission()) {
header("HTTP/1.1 " . \OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
header("Status: " . \OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
header("WWW-Authenticate: ");
header("Retry-After: 120");
$template = new \OC_Template("singlesignon", "verificationFailure", "guest");
$template->printPage();
if ($userInfo->hasErrorMsg()) {
\OCP\Util::writeLog("Single Sign-On", $userInfo->getErrorMsg(), \OCP\Util::ERROR);
}
die;
}
if ($this->config->getValue("sso_multiple_region")) {
Util::redirectRegion($userInfo, $this->config->getValue("sso_regions"), $this->config->getValue("sso_owncloud_url"));
}
if (!\OC_User::userExists($userInfo->getUserId())) {
Util::firstLogin($userInfo, $authInfo);
if ($this->request->getHeader("ORIGIN")) {
return;
}
Util::redirect($this->defaultPageUrl);
} else {
Util::login($userInfo, $authInfo);
if ($this->request->getHeader("ORIGIN")) {
return;
}
Util::redirect($this->defaultPageUrl);
}
}
