/** * @param string $fingerprint * @return \Flowpack\SingleSignOn\Client\Domain\Model\SsoServer */ public function findByPublicKey($fingerprint) { foreach ($this->serverConfigurations as $serverIdentifier => $serverConfiguration) { if (isset($serverConfiguration['publicKeyFingerprint']) && $serverConfiguration['publicKeyFingerprint'] === $fingerprint) { return $this->ssoServerFactory->create($serverIdentifier); } } }
/** * Starts the authentication by redirecting to the SSO endpoint * * The redirect includes the callback URI (the original URI from the given request) * the client identifier and a signature of the arguments with the client private key. * * @param \TYPO3\Flow\Http\Request $request The current request * @param \TYPO3\Flow\Http\Response $response The current response * @return void */ public function startAuthentication(Request $request, Response $response) { $callbackUri = $request->getUri(); if (!isset($this->options['server'])) { throw new Exception('Missing "server" option for SingleSignOnRedirect entry point. Please specifiy one using the entryPointOptions setting.', 1351690358); } $ssoServer = $this->ssoServerFactory->create($this->options['server']); $ssoClient = $this->ssoClientFactory->create(); $redirectUri = $ssoServer->buildAuthenticationEndpointUri($ssoClient, $callbackUri); $response->setStatus(303); $response->setHeader('Location', $redirectUri); }
/** * Notify SSO servers about the logged out client * * All active authentication tokens of type SingleSignOnToken will be * used to get the registered global session id and send a request * to the session service on the SSO server. * * @return void */ public function logout() { $allConfiguration = $this->configurationManager->getConfiguration(\TYPO3\Flow\Configuration\ConfigurationManager::CONFIGURATION_TYPE_SETTINGS, 'TYPO3.Flow'); $tokens = $this->securityContext->getAuthenticationTokensOfType('Flowpack\\SingleSignOn\\Client\\Security\\SingleSignOnToken'); foreach ($tokens as $token) { $providerName = $token->getAuthenticationProviderName(); $serverIdentifier = \TYPO3\Flow\Utility\Arrays::getValueByPath($allConfiguration, 'security.authentication.providers.' . $providerName . '.providerOptions.server'); if ($serverIdentifier !== NULL) { $ssoClient = $this->ssoClientFactory->create(); $ssoServer = $this->ssoServerFactory->create($serverIdentifier); $ssoServer->destroySession($ssoClient, $token->getGlobalSessionId()); } } }
/** * Create an SSO server instance from the provider options * * @return \Flowpack\SingleSignOn\Client\Domain\Model\SsoServer */ protected function createSsoServer() { if (!isset($this->options['server'])) { throw new Exception('Missing "server" option for SingleSignOnProvider authentication provider "' . $this->name . '". Please specifiy one using the providerOptions setting.', 1351690847); } $ssoServer = $this->ssoServerFactory->create($this->options['server']); return $ssoServer; }