public function cosign_login(Request $request)
{
$request_uri = $request->getRequestUri();
global $base_path;
if (!CosignSharedFunctions::cosign_is_https()) {
return new TrustedRedirectResponse('https://' . $_SERVER['HTTP_HOST'] . $request_uri);
} else {
if ($request_uri == $base_path) {
//The front page is set to /user. we have to login here to avoid a redirect loop
$username = CosignSharedFunctions::cosign_retrieve_remote_user();
$user = CosignSharedFunctions::cosign_user_status($username);
if (empty($user) || $user->id() == 0) {
$response = array('#type' => 'markup', '#title' => 'Auto creation of user accounts is disabled.', '#markup' => t('<p>This site does not auto create users from cosign. Please contact the <a href="mailto:' . \Drupal::config("system.site")->get("mail") . '">site administrator</a> to have an account created.</p>'));
return $response;
} else {
if (in_array('administrator', $user->getRoles())) {
drupal_set_message('When the homepage is set to /user (Drupal default), anonymous browsing will not always work', 'warning');
}
$referrer = $base_path . 'user';
}
} elseif (isset($_SERVER['HTTP_REFERER'])) {
$referrer = $_SERVER['HTTP_REFERER'];
} else {
$referrer = $base_path;
}
return new TrustedRedirectResponse($referrer);
}
}
/**
* {@inheritdoc}
*/
public function applies(Request $request)
{
$username = CosignSharedFunctions::cosign_retrieve_remote_user();
$drupal_user = user_load_by_name($username);
//This session variable is set and sticks even after user_logout() causing numerous problems. if we put cosign module priority after the user module (priority 0 or below in services.yml) the symfony session sticks and the previous user gets logged in. if we put it above the user module (above priority 0) the user gets relogged in every time because drupal's session hasn't been set yet...even though symfony's has.
//TODO This should be the proper way to get this but it doesnt get it -
//$symfony_uid = $request->getSession()-> get('_sf2_attributes');
if ($drupal_user && $drupal_user->id() == $_SESSION['_sf2_attributes']['uid']) {
//the user is already logged in. symfony knows, drupal doesnt yet. bypass cosign so we dont login again
return FALSE;
}
if (CosignSharedFunctions::cosign_is_https() && $request->getRequestUri() != '/user/logout' && (\Drupal::config('cosign.settings')->get('cosign_allow_cosign_anons') == 0 || \Drupal::config('cosign.settings')->get('cosign_allow_anons_on_https') == 0 || strpos($request->getRequestUri(), 'user/login') || strpos($request->getRequestUri(), 'user/register'))) {
return TRUE;
} else {
return FALSE;
}
}
public function checkRedirection(FilterResponseEvent $event)
{
$request_uri = $event->getRequest()->getRequestUri();
if (strpos($request_uri, 'user/login') || strpos($request_uri, 'user/register')) {
$response = $event->getResponse();
if (!CosignSharedFunctions::cosign_is_https()) {
//settargeturl will not work if not an event from a redirect
//the controller takes care of a straight user/login url
//we can intercept the redirect route here and throw to https
//there may be a better way to handle this
// if (!strpos($response->getTargetUrl(), 'user/login') || !strpos($response->getTargetUrl(), 'user/register')) {
$https_url = 'https://' . $_SERVER['HTTP_HOST'] . $request_uri;
$response->setTargetUrl($https_url);
// }
} else {
$destination = \Drupal::destination()->getAsArray()['destination'];
$username = CosignSharedFunctions::cosign_retrieve_remote_user();
global $base_path;
if (!$username && \Drupal::config('cosign.settings')->get('cosign_allow_anons_on_https') == 1) {
$request_uri = \Drupal::config('cosign.settings')->get('cosign_login_path') . '?cosign-' . $_SERVER['HTTP_HOST'] . '&https://' . $_SERVER['HTTP_HOST'];
if ($destination == $base_path . 'user/login' || $destination == $base_path . 'user/register') {
$destination = $base_path;
}
$request_uri = $request_uri . $destination;
} else {
CosignSharedFunctions::cosign_user_status($username);
if ($request_uri == $base_path . 'user/login' || $request_uri == $base_path . 'user/register') {
$request_uri = $base_path;
} else {
$request_uri = $destination;
}
}
if ($response instanceof TrustedRedirectResponse) {
$response->setTargetUrl($request_uri);
} else {
$event->setResponse(new TrustedRedirectResponse($request_uri));
}
}
}
}
