/**
* Removes an account
*
* @param object $object The account to remove
* @return void
* @throws \TYPO3\Flow\Persistence\Exception\IllegalObjectTypeException
*/
public function remove($object)
{
parent::remove($object);
/** @var Account $object */
$tag = 'TYPO3-Flow-Security-Account-' . md5($object->getAccountIdentifier());
$this->sessionManager->destroySessionsByTag($tag, sprintf('The account %s (%s) was deleted', $object->getAccountIdentifier(), $object->getAuthenticationProviderName()));
}
/**
* DELETE /sso/session/xyz-123/destroy
*
* @param string $sessionId The global session id to invalidate
* @param string $serverIdentifier Optional server identifier
*/
public function destroyAction($sessionId, $serverIdentifier = NULL)
{
if ($this->request->getHttpRequest()->getMethod() !== 'DELETE') {
$this->response->setStatus(405);
$this->response->setHeader('Allow', 'DELETE');
return;
}
$sessions = $this->sessionManager->getSessionsByTag('Flowpack_SingleSignOn_Client-' . $sessionId);
if ($sessions !== array()) {
$message = 'Destroyed by SSO client REST service';
if ($serverIdentifier !== NULL) {
$message .= ' from server "' . $serverIdentifier . '"';
}
foreach ($sessions as $session) {
$session->destroy($message);
}
$this->view->assign('value', array('success' => TRUE));
} else {
$this->response->setStatus(404);
$this->view->assign('value', array('error' => 'SessionNotFound'));
}
}
/**
* Logs a user in if a session identifier is available under the given token in the token cache.
*
* @param string $token
* @return void
*/
public function tokenLoginAction($token)
{
$newSessionId = $this->loginTokenCache->get($token);
$this->loginTokenCache->remove($token);
if ($newSessionId === false) {
$this->systemLogger->log(sprintf('Token-based login failed, non-existing or expired token %s', $token), LOG_WARNING);
$this->redirect('index');
}
$this->systemLogger->log(sprintf('Token-based login succeeded, token %s', $token), LOG_DEBUG);
$newSession = $this->sessionManager->getSession($newSessionId);
if ($newSession->canBeResumed()) {
$newSession->resume();
}
if ($newSession->isStarted()) {
$newSession->putData('lastVisitedNode', null);
} else {
$this->systemLogger->log(sprintf('Failed resuming or starting session %s which was referred to in the login token %s.', $newSessionId, $token), LOG_ERR);
}
$this->replaceSessionCookie($newSessionId);
$this->redirect('index', 'Backend\\Backend');
}
/**
* Merges the session and manager tokens. All manager tokens types will be in the result array
* If a specific type is found in the session this token replaces the one (of the same type)
* given by the manager.
*
* @param array $managerTokens Array of tokens provided by the authentication manager
* @param array $sessionTokens Array of tokens restored from the session
* @return array Array of \TYPO3\Flow\Security\Authentication\TokenInterface objects
*/
protected function mergeTokens($managerTokens, $sessionTokens)
{
$resultTokens = array();
if (!is_array($managerTokens)) {
return $resultTokens;
}
/** @var $managerToken \TYPO3\Flow\Security\Authentication\TokenInterface */
foreach ($managerTokens as $managerToken) {
$noCorrespondingSessionTokenFound = true;
if (!is_array($sessionTokens)) {
continue;
}
/** @var $sessionToken \TYPO3\Flow\Security\Authentication\TokenInterface */
foreach ($sessionTokens as $sessionToken) {
if ($sessionToken->getAuthenticationProviderName() === $managerToken->getAuthenticationProviderName()) {
$session = $this->sessionManager->getCurrentSession();
$this->securityLogger->log(sprintf('Session %s contains auth token %s for provider %s. Status: %s', $session->getId(), get_class($sessionToken), $sessionToken->getAuthenticationProviderName(), $this->tokenStatusLabels[$sessionToken->getAuthenticationStatus()]), LOG_INFO, null, 'Flow');
$resultTokens[$sessionToken->getAuthenticationProviderName()] = $sessionToken;
$noCorrespondingSessionTokenFound = false;
}
}
if ($noCorrespondingSessionTokenFound) {
$resultTokens[$managerToken->getAuthenticationProviderName()] = $managerToken;
}
}
return $resultTokens;
}
/**
* Convert a session identifier from $source to a Session object
*
* @param string $source
* @param string $targetType
* @param array $convertedChildProperties
* @param \TYPO3\Flow\Property\PropertyMappingConfigurationInterface $configuration
* @return object the target type
* @throws \TYPO3\Flow\Property\Exception\InvalidTargetException
* @throws \InvalidArgumentException
*/
public function convertFrom($source, $targetType, array $convertedChildProperties = array(), \TYPO3\Flow\Property\PropertyMappingConfigurationInterface $configuration = null)
{
return $this->sessionManager->getSession($source);
}
/**
* Collects the garbage sessions that have expired
*
* This is intended for big applications, as running garbage collection over
* potentially hundreds of thousands of sessions every few requests isn't
* something you want to do in a production environment. Setup a cronjob
* instead that calls this command at night (or once every few hours).
*
* @return void
*/
public function collectGarbageSessionsCommand()
{
$count = $this->sessionManager->getCurrentSession()->collectGarbage();
$this->outputLine('Removed %d expired sessions.', [$count]);
}