/**
* {@inheritdoc}
*/
public function check(Request $request)
{
$username = CosignSharedFunctions::cosign_retrieve_remote_user();
if (isset($username) && $username != '') {
return self::DENY;
}
}
public function cosign_cosignlogout()
{
$logout = CosignSharedFunctions::cosign_logout_url();
user_logout();
$response = new TrustedRedirectResponse($logout);
//this had to be done of user was logged into cosign/drupal for several minutes after logging out
//for ref - Cookie($name, $value, $minutes, $path, $domain, $secure, $httpOnly)
//set value to nonsense and domain to blank so it becomes a host cookie.
$response->headers->setCookie(new Cookie('cosign-' . $_SERVER['HTTP_HOST'], 'jibberish', 0, '/', '', -1, 0));
return $response;
}
/**
* {@inheritdoc}
*/
public function authenticate(Request $request)
{
$username = CosignSharedFunctions::cosign_retrieve_remote_user();
if ($user = CosignSharedFunctions::cosign_user_status($username)) {
return $user;
} else {
if (!CosignSharedFunctions::cosign_is_friend_account($username)) {
drupal_set_message(t('This site is restricted. You may try <a href="/user/login">logging in to cosign</a>.'), 'error');
}
throw new AccessDeniedHttpException();
return null;
}
}
public function checkRedirection(FilterResponseEvent $event)
{
$request_uri = $event->getRequest()->getRequestUri();
if (strpos($request_uri, 'user/login') || strpos($request_uri, 'user/register')) {
$response = $event->getResponse();
if (!CosignSharedFunctions::cosign_is_https()) {
//settargeturl will not work if not an event from a redirect
//the controller takes care of a straight user/login url
//we can intercept the redirect route here and throw to https
//there may be a better way to handle this
// if (!strpos($response->getTargetUrl(), 'user/login') || !strpos($response->getTargetUrl(), 'user/register')) {
$https_url = 'https://' . $_SERVER['HTTP_HOST'] . $request_uri;
$response->setTargetUrl($https_url);
// }
} else {
$destination = \Drupal::destination()->getAsArray()['destination'];
$username = CosignSharedFunctions::cosign_retrieve_remote_user();
global $base_path;
if (!$username && \Drupal::config('cosign.settings')->get('cosign_allow_anons_on_https') == 1) {
$request_uri = \Drupal::config('cosign.settings')->get('cosign_login_path') . '?cosign-' . $_SERVER['HTTP_HOST'] . '&https://' . $_SERVER['HTTP_HOST'];
if ($destination == $base_path . 'user/login' || $destination == $base_path . 'user/register') {
$destination = $base_path;
}
$request_uri = $request_uri . $destination;
} else {
CosignSharedFunctions::cosign_user_status($username);
if ($request_uri == $base_path . 'user/login' || $request_uri == $base_path . 'user/register') {
$request_uri = $base_path;
} else {
$request_uri = $destination;
}
}
if ($response instanceof TrustedRedirectResponse) {
$response->setTargetUrl($request_uri);
} else {
$event->setResponse(new TrustedRedirectResponse($request_uri));
}
}
}
}
