*
* @package SimpleSAMLphp
*/
// retrieve the authentication state
if (!array_key_exists('AuthState', $_REQUEST)) {
throw new SimpleSAML_Error_BadRequest('Missing mandatory parameter: AuthState');
}
try {
// try to get the state
$state = SimpleSAML_Auth_State::loadState($_REQUEST['AuthState'], 'saml:proxy:invalid_idp');
} catch (Exception $e) {
// the user probably hit the back button after starting the logout, try to recover the state with another stage
$state = SimpleSAML_Auth_State::loadState($_REQUEST['AuthState'], 'core:Logout:afterbridge');
// success! Try to continue with reauthentication, since we no longer have a valid session here
$idp = SimpleSAML_IdP::getById($state['core:IdP']);
sspmod_saml_Auth_Source_SP::reauthPostLogout($idp, $state);
}
if (isset($_POST['cancel'])) {
// the user does not want to logout, cancel login
SimpleSAML_Auth_State::throwException($state, new \SimpleSAML\Module\saml\Error\NoAvailableIDP(\SAML2\Constants::STATUS_RESPONDER, 'User refused to reauthenticate with any of the IdPs requested.'));
}
if (isset($_POST['continue'])) {
// log the user out before being able to login again
$as = SimpleSAML_Auth_Source::getById($state['saml:sp:AuthId'], 'sspmod_saml_Auth_Source_SP');
/** @var sspmod_saml_Auth_Source_SP $as */
$as->reauthLogout($state);
}
$cfg = SimpleSAML_Configuration::getInstance();
$template = new SimpleSAML_XHTML_Template($cfg, 'saml:proxy/invalid_session.php');
$translator = $template->getTranslator();
$template->data['AuthState'] = (string) $_REQUEST['AuthState'];
/**
* @deprecated This method will be removed in SSP 2.0. Please use
* sspmod_saml_Auth_Source_SP::handleUnsolicitedAuth() instead.
*/
public static function handleUnsolicitedAuth($authId, array $state, $redirectTo)
{
sspmod_saml_Auth_Source_SP::handleUnsolicitedAuth($authId, $state, $redirectTo);
}
public function __construct($info, $config)
{
parent::__construct($info, $config);
}
