/**
* Handles a page request for our forced login route.
*/
public function forceLogin()
{
// TODO: What if CAS is not configured? need to handle that case.
$query_params = $this->requestStack->getCurrentRequest()->query->all();
$cas_login_url = $this->casHelper->getServerLoginUrl($query_params);
$this->casHelper->log("Cas forced login route, redirecting to: {$cas_login_url}");
return TrustedRedirectResponse::create($cas_login_url, 302);
}
/**
* Handles a page request for our forced login route.
*/
public function forceLogin()
{
// TODO: What if CAS is not configured? need to handle that case.
$query_params = $this->requestStack->getCurrentRequest()->query->all();
$cas_login_url = $this->casHelper->getServerLoginUrl($query_params);
$this->casHelper->log("Cas forced login route, redirecting to: {$cas_login_url}");
// This response is OK to cache, but since the redirect URL is dependent on
// the configured server settings, we need to add some cache metadata tied
// to the settings.
$cacheable_metadata = new CacheableMetadata();
$cacheable_metadata->addCacheTags(array('config:cas.settings'));
$response = TrustedRedirectResponse::create($cas_login_url, 302);
$response->addCacheableDependency($cacheable_metadata);
return $response;
}
/**
* Check if we should implement the CAS gateway feature.
*
* @param GetResponseEvent $event
* The response event from the kernel.
*
* @return bool
* TRUE if gateway mode was implemented, FALSE otherwise.
*/
private function handleGateway(GetResponseEvent $event)
{
// Only implement gateway feature for GET requests, to prevent users from
// being redirected to CAS server for things like form submissions.
if (!$this->requestStack->getCurrentRequest()->isMethod('GET')) {
return FALSE;
}
$config = $this->configFactory->get('cas.settings');
$check_frequency = $config->get('gateway.check_frequency');
if ($check_frequency === CasHelper::CHECK_NEVER) {
return FALSE;
}
// User can indicate specific paths to enable (or disable) gateway mode.
$condition = $this->conditionManager->createInstance('request_path');
$condition->setConfiguration($config->get('gateway.paths'));
if (!$this->conditionManager->execute($condition)) {
return FALSE;
}
// If set to only implement gateway once per session, we use a session
// variable to store the fact that we've already done the gateway check
// so we don't keep doing it.
if ($check_frequency === CasHelper::CHECK_ONCE) {
// If the session var is already set, we know to back out.
if (isset($_SESSION['cas_gateway_checked'])) {
$this->casHelper->log("Gateway already checked, will not check again.");
return FALSE;
}
$_SESSION['cas_gateway_checked'] = TRUE;
}
$cas_login_url = $this->casHelper->getServerLoginUrl(array('returnto' => $this->requestStack->getCurrentRequest()->getUri(), 'cas_temp_disable' => TRUE), TRUE);
$this->casHelper->log("Gateway activated, redirecting to {$cas_login_url}");
$event->setResponse(TrustedRedirectResponse::create($cas_login_url));
return TRUE;
}
/**
* Test constructing the login URL.
*
* @covers ::getServerLoginUrl
* @covers ::__construct
* @covers ::getCasServiceUrl
*
* @dataProvider getServerLoginUrlDataProvider
*/
public function testGetServerLoginUrl($service_params, $gateway, $result)
{
$config_factory = $this->getConfigFactoryStub(array('cas.settings' => array('server.hostname' => 'example.com', 'server.port' => 443, 'server.path' => '/cas')));
$cas_helper = new CasHelper($config_factory, $this->urlGenerator, $this->connection, $this->loggerFactory, $this->session);
if (!empty($service_params)) {
$params = '';
foreach ($service_params as $key => $value) {
$params .= '&' . $key . '=' . urlencode($value);
}
$params = '?' . substr($params, 1);
$return_value = 'https://example.com/client' . $params;
} else {
$return_value = 'https://example.com/client';
}
$this->urlGenerator->expects($this->once())->method('generate')->will($this->returnValue($return_value));
$login_url = $cas_helper->getServerLoginUrl($service_params, $gateway);
$this->assertEquals($result, $login_url);
}