/**
* @param \Symfony\Component\HttpFoundation\Request $request
* @throws \AerialShip\SamlSPBundle\Error\SSOSessionException
* @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null
*/
public function manage(Request $request)
{
/** @var SamlSpToken $token */
$token = $this->securityContext->getToken();
$samlSpInfo = $token->getSamlSpInfo();
$ssoState = $this->ssoStore->getOneByNameIDSessionIndex($token->getProviderKey(), $samlSpInfo->getAuthenticationServiceID(), $samlSpInfo->getNameID()->getValue(), $samlSpInfo->getAuthnStatement()->getSessionIndex());
if ($ssoState == null || $ssoState->getNameID() != $samlSpInfo->getNameID()->getValue()) {
$this->securityContext->setToken(new AnonymousToken($this->providerKey, 'anon.'));
$ex = new SSOSessionException('SSO session has expired');
$ex->setToken($token);
throw $ex;
}
return null;
}
protected function createSSOState(ServiceInfo $serviceInfo, Assertion $assertion)
{
$ssoState = $this->ssoStore->create();
$ssoState->setNameID($assertion->getSubject()->getNameID()->getValue());
$ssoState->setNameIDFormat($assertion->getSubject()->getNameID()->getFormat() ?: '');
$ssoState->setAuthenticationServiceName($serviceInfo->getAuthenticationService());
$ssoState->setProviderID($serviceInfo->getProviderID());
$ssoState->setSessionIndex($assertion->getAuthnStatement()->getSessionIndex());
$this->ssoStore->set($ssoState);
return $ssoState;
}
protected function deleteSSOState(array $arrStates)
{
foreach ($arrStates as $state) {
$this->ssoStore->remove($state);
}
}
