/** * {@inheritdoc} */ public function check(Request $request) { $username = CosignSharedFunctions::cosign_retrieve_remote_user(); if (isset($username) && $username != '') { return self::DENY; } }
public function cosign_cosignlogout() { $logout = CosignSharedFunctions::cosign_logout_url(); user_logout(); $response = new TrustedRedirectResponse($logout); //this had to be done of user was logged into cosign/drupal for several minutes after logging out //for ref - Cookie($name, $value, $minutes, $path, $domain, $secure, $httpOnly) //set value to nonsense and domain to blank so it becomes a host cookie. $response->headers->setCookie(new Cookie('cosign-' . $_SERVER['HTTP_HOST'], 'jibberish', 0, '/', '', -1, 0)); return $response; }
/** * {@inheritdoc} */ public function authenticate(Request $request) { $username = CosignSharedFunctions::cosign_retrieve_remote_user(); if ($user = CosignSharedFunctions::cosign_user_status($username)) { return $user; } else { if (!CosignSharedFunctions::cosign_is_friend_account($username)) { drupal_set_message(t('This site is restricted. You may try <a href="/user/login">logging in to cosign</a>.'), 'error'); } throw new AccessDeniedHttpException(); return null; } }
public function checkRedirection(FilterResponseEvent $event) { $request_uri = $event->getRequest()->getRequestUri(); if (strpos($request_uri, 'user/login') || strpos($request_uri, 'user/register')) { $response = $event->getResponse(); if (!CosignSharedFunctions::cosign_is_https()) { //settargeturl will not work if not an event from a redirect //the controller takes care of a straight user/login url //we can intercept the redirect route here and throw to https //there may be a better way to handle this // if (!strpos($response->getTargetUrl(), 'user/login') || !strpos($response->getTargetUrl(), 'user/register')) { $https_url = 'https://' . $_SERVER['HTTP_HOST'] . $request_uri; $response->setTargetUrl($https_url); // } } else { $destination = \Drupal::destination()->getAsArray()['destination']; $username = CosignSharedFunctions::cosign_retrieve_remote_user(); global $base_path; if (!$username && \Drupal::config('cosign.settings')->get('cosign_allow_anons_on_https') == 1) { $request_uri = \Drupal::config('cosign.settings')->get('cosign_login_path') . '?cosign-' . $_SERVER['HTTP_HOST'] . '&https://' . $_SERVER['HTTP_HOST']; if ($destination == $base_path . 'user/login' || $destination == $base_path . 'user/register') { $destination = $base_path; } $request_uri = $request_uri . $destination; } else { CosignSharedFunctions::cosign_user_status($username); if ($request_uri == $base_path . 'user/login' || $request_uri == $base_path . 'user/register') { $request_uri = $base_path; } else { $request_uri = $destination; } } if ($response instanceof TrustedRedirectResponse) { $response->setTargetUrl($request_uri); } else { $event->setResponse(new TrustedRedirectResponse($request_uri)); } } } }