/**
* Take some actions during the login event of a user
*
* @param string $event the name of the event
* @param string $type type of the event
* @param ElggUser $object the current user trying to login
*
* @return void
*/
public static function loginEvent($event, $type, $object)
{
if (!$object instanceof \ElggUser) {
return;
}
$saml_attributes = simplesaml_get_from_session('saml_attributes');
$source = simplesaml_get_from_session('saml_source');
// simplesaml login?
if (!isset($saml_attributes) || !isset($source)) {
return;
}
// source enabled
if (!simplesaml_is_enabled_source($source)) {
return;
}
// validate additional authentication rules
if (!simplesaml_validate_authentication_attributes($source, $saml_attributes)) {
return;
}
// link the user to this source
$saml_uid = elgg_extract('elgg:external_id', $saml_attributes);
if (!empty($saml_uid)) {
if (is_array($saml_uid)) {
$saml_uid = $saml_uid[0];
}
// save the external id so the next login will go faster
simplesaml_link_user($object, $source, $saml_uid);
}
// save the attributes to the user
simplesaml_save_authentication_attributes($object, $source, $saml_attributes);
// save source name for single logout
simplesaml_store_in_session('saml_login_source', $source);
// cleanup
simplesaml_remove_from_session('saml_attributes');
simplesaml_remove_from_session('saml_source');
}
}
simplesaml_link_user($user, $source, $saml_uid);
}
// save attributes
simplesaml_save_authentication_attributes($user, $source, $saml_attributes);
// restore hidden setting
access_show_hidden_entities($hidden);
// notify user about registration
system_message(elgg_echo('registerok', [elgg_get_site_entity()->name]));
// cleanup session
simplesaml_remove_from_session('saml_source');
simplesaml_remove_from_session('saml_attributes');
// try to login the user
try {
// check for the persistent login plugin setting
$persistent = false;
if (elgg_get_plugin_setting($source . '_remember_me', 'simplesaml')) {
$persistent = true;
}
// login the user
login($user);
// get forward url
$forward_url = simplesaml_get_from_session('last_forward_from', '');
simplesaml_remove_from_session('last_forward_from');
} catch (Exception $e) {
// make sure we don't force login
simplesaml_store_in_session('simplesaml_disable_sso', true);
$forward_url = '';
}
}
forward($forward_url);
login($user, $persistent);
// forward to correct place
$forward_url = simplesaml_get_from_session('last_forward_from', '');
simplesaml_remove_from_session('last_forward_from');
system_message(elgg_echo('loginok'));
} catch (Exception $e) {
// report the error
register_error($e->getMessage());
// make sure we don't force login
simplesaml_store_in_session('simplesaml_disable_sso', true);
// forward to front page
$forward_url = '';
}
// unset session vars
simplesaml_remove_from_session('saml_attributes');
simplesaml_remove_from_session('saml_source');
} else {
// check if we can automaticly create an account for this user
if (simplesaml_check_auto_create_account($source, $saml_attributes)) {
// we have enough information to create the account so let's do that
$forward_url = "action/simplesaml/register?saml_source={$source}";
$forward_url = elgg_add_action_tokens_to_url($forward_url);
} else {
// no user found, so forward to a different page
$forward_url = "saml/no_linked_account/{$source}";
system_message(elgg_echo('simplesaml:login:no_linked_account', [$label]));
}
}
// restore hidden settings
access_show_hidden_entities($hidden);
}
