/** * Handles a page request for our forced login route. */ public function forceLogin() { // TODO: What if CAS is not configured? need to handle that case. $query_params = $this->requestStack->getCurrentRequest()->query->all(); $cas_login_url = $this->casHelper->getServerLoginUrl($query_params); $this->casHelper->log("Cas forced login route, redirecting to: {$cas_login_url}"); return TrustedRedirectResponse::create($cas_login_url, 302); }
/** * Handles a page request for our forced login route. */ public function forceLogin() { // TODO: What if CAS is not configured? need to handle that case. $query_params = $this->requestStack->getCurrentRequest()->query->all(); $cas_login_url = $this->casHelper->getServerLoginUrl($query_params); $this->casHelper->log("Cas forced login route, redirecting to: {$cas_login_url}"); // This response is OK to cache, but since the redirect URL is dependent on // the configured server settings, we need to add some cache metadata tied // to the settings. $cacheable_metadata = new CacheableMetadata(); $cacheable_metadata->addCacheTags(array('config:cas.settings')); $response = TrustedRedirectResponse::create($cas_login_url, 302); $response->addCacheableDependency($cacheable_metadata); return $response; }
/** * Check if we should implement the CAS gateway feature. * * @param GetResponseEvent $event * The response event from the kernel. * * @return bool * TRUE if gateway mode was implemented, FALSE otherwise. */ private function handleGateway(GetResponseEvent $event) { // Only implement gateway feature for GET requests, to prevent users from // being redirected to CAS server for things like form submissions. if (!$this->requestStack->getCurrentRequest()->isMethod('GET')) { return FALSE; } $config = $this->configFactory->get('cas.settings'); $check_frequency = $config->get('gateway.check_frequency'); if ($check_frequency === CasHelper::CHECK_NEVER) { return FALSE; } // User can indicate specific paths to enable (or disable) gateway mode. $condition = $this->conditionManager->createInstance('request_path'); $condition->setConfiguration($config->get('gateway.paths')); if (!$this->conditionManager->execute($condition)) { return FALSE; } // If set to only implement gateway once per session, we use a session // variable to store the fact that we've already done the gateway check // so we don't keep doing it. if ($check_frequency === CasHelper::CHECK_ONCE) { // If the session var is already set, we know to back out. if (isset($_SESSION['cas_gateway_checked'])) { $this->casHelper->log("Gateway already checked, will not check again."); return FALSE; } $_SESSION['cas_gateway_checked'] = TRUE; } $cas_login_url = $this->casHelper->getServerLoginUrl(array('returnto' => $this->requestStack->getCurrentRequest()->getUri(), 'cas_temp_disable' => TRUE), TRUE); $this->casHelper->log("Gateway activated, redirecting to {$cas_login_url}"); $event->setResponse(TrustedRedirectResponse::create($cas_login_url)); return TRUE; }
/** * Test constructing the login URL. * * @covers ::getServerLoginUrl * @covers ::__construct * @covers ::getCasServiceUrl * * @dataProvider getServerLoginUrlDataProvider */ public function testGetServerLoginUrl($service_params, $gateway, $result) { $config_factory = $this->getConfigFactoryStub(array('cas.settings' => array('server.hostname' => 'example.com', 'server.port' => 443, 'server.path' => '/cas'))); $cas_helper = new CasHelper($config_factory, $this->urlGenerator, $this->connection, $this->loggerFactory, $this->session); if (!empty($service_params)) { $params = ''; foreach ($service_params as $key => $value) { $params .= '&' . $key . '=' . urlencode($value); } $params = '?' . substr($params, 1); $return_value = 'https://example.com/client' . $params; } else { $return_value = 'https://example.com/client'; } $this->urlGenerator->expects($this->once())->method('generate')->will($this->returnValue($return_value)); $login_url = $cas_helper->getServerLoginUrl($service_params, $gateway); $this->assertEquals($result, $login_url); }