The session handler will be instantiated if this is the first call
to this function.
| public static getSessionHandler ( ) : SimpleSAML_SessionHandler | ||
| Результат | SimpleSAML_SessionHandler | The current session handler. |
public function process(&$state)
{
assert('is_array($state)');
if (empty($state['Expire']) || empty($state['Authority'])) {
return;
}
$now = time();
$delta = $state['Expire'] - $now;
$globalConfig = SimpleSAML_Configuration::getInstance();
$sessionDuration = $globalConfig->getInteger('session.duration', 8 * 60 * 60);
/* Extend only if half of session duration already passed */
if ($delta >= $sessionDuration * 0.5) {
return;
}
/* Update authority expire time */
$session = SimpleSAML_Session::getSessionFromRequest();
$session->setAuthorityExpire($state['Authority']);
/* Update session cookies duration */
/* If remember me is active */
$rememberMeExpire = $session->getRememberMeExpire();
if (!empty($state['RememberMe']) && $rememberMeExpire !== NULL && $globalConfig->getBoolean('session.rememberme.enable', FALSE)) {
$session->setRememberMeExpire();
return;
}
/* Or if session lifetime is more than zero */
$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
$cookieParams = $sessionHandler->getCookieParams();
if ($cookieParams['lifetime'] > 0) {
$session->updateSessionCookies();
}
}
$password = $_REQUEST['password'];
} else {
$password = '';
}
if (array_key_exists('organization', $_REQUEST)) {
$organization = $_REQUEST['organization'];
} elseif (isset($state['core:organization'])) {
$organization = (string) $state['core:organization'];
} else {
$organization = '';
}
$errorCode = NULL;
if ($organizations === NULL || !empty($organization)) {
if (!empty($username) && !empty($password)) {
if ($source->getRememberUsernameEnabled()) {
$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
$params = $sessionHandler->getCookieParams();
$params['expire'] = time();
$params['expire'] += isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300;
setcookie($source->getAuthId() . '-username', $username, $params['expire'], $params['path'], $params['domain'], $params['secure'], $params['httponly']);
}
$errorCode = sspmod_core_Auth_UserPassOrgBase::handleLogin($authStateId, $username, $password, $organization);
}
}
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:loginuserpass.php');
$t->data['stateparams'] = array('AuthState' => $authStateId);
$t->data['username'] = $username;
$t->data['forceUsername'] = FALSE;
$t->data['rememberUsernameEnabled'] = $source->getRememberUsernameEnabled();
$t->data['rememberUsernameChecked'] = $source->getRememberUsernameChecked();
/**
* This function logs the user out by deleting the session information from memcache.
*/
private function doLogout()
{
$cookieName = $this->getCookieName();
/* Check if we have a valid cookie. */
if (!array_key_exists($cookieName, $_COOKIE)) {
return;
}
$sessionID = $_COOKIE[$cookieName];
/* Delete the session from memcache. */
$memcache = $this->getMemcache();
$memcache->delete($sessionID);
/* Delete the session cookie. */
$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
$sessionHandler->setCookie($cookieName, NULL);
}
/**
* Check whether the session cookie is set.
*
* This function will only return FALSE if is is certain that the cookie isn't set.
*
* @return bool TRUE if it was set, FALSE if not.
*/
public function hasSessionCookie()
{
$sh = SimpleSAML_SessionHandler::getSessionHandler();
return $sh->hasSessionCookie();
}
/**
* Log out of the given sessions.
*
* @param string $authId The authsource ID.
* @param array $nameId The NameID of the user.
* @param array $sessionIndexes The SessionIndexes we should log out of. Logs out of all if this is empty.
* @returns int|FALSE Number of sessions logged out, or FALSE if not supported.
*/
public static function logoutSessions($authId, array $nameId, array $sessionIndexes)
{
assert('is_string($authId)');
$store = SimpleSAML_Store::getInstance();
if ($store === FALSE) {
/* We don't have a datastore. */
return FALSE;
}
/* Normalize NameID. */
ksort($nameId);
$strNameId = serialize($nameId);
$strNameId = sha1($strNameId);
/* Normalize SessionIndexes. */
foreach ($sessionIndexes as &$sessionIndex) {
assert('is_string($sessionIndex)');
if (strlen($sessionIndex) > 50) {
$sessionIndex = sha1($sessionIndex);
}
}
unset($sessionIndex);
// Remove reference
if ($store instanceof SimpleSAML_Store_SQL) {
$sessions = self::getSessionsSQL($store, $authId, $strNameId);
} elseif (empty($sessionIndexes)) {
/* We cannot fetch all sessions without a SQL store. */
return FALSE;
} else {
$sessions = self::getSessionsStore($store, $authId, $strNameId, $sessionIndexes);
}
if (empty($sessionIndexes)) {
$sessionIndexes = array_keys($sessions);
}
$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
$numLoggedOut = 0;
foreach ($sessionIndexes as $sessionIndex) {
if (!isset($sessions[$sessionIndex])) {
SimpleSAML_Logger::info('saml.LogoutStore: Logout requested for unknown SessionIndex.');
continue;
}
$sessionId = $sessions[$sessionIndex];
$session = SimpleSAML_Session::getSession($sessionId);
if ($session === NULL) {
SimpleSAML_Logger::info('saml.LogoutStore: Skipping logout of missing session.');
continue;
}
if (!$session->isValid($authId)) {
SimpleSAML_Logger::info('saml.LogoutStore: Skipping logout of session because it isn\'t authenticated.');
continue;
}
SimpleSAML_Logger::info('saml.LogoutStore: Logging out of session with trackId [' . $session->getTrackId() . '].');
$session->doLogout($authId);
$numLoggedOut += 1;
}
return $numLoggedOut;
}
/**
* Save the session to the session handler.
*
* This function will check the dirty-flag to check if the session has changed.
*/
public function saveSession()
{
if (!$this->dirty) {
/* Session hasn't changed - don't bother saving it. */
return;
}
$this->dirty = FALSE;
$sessionData = serialize($this);
$sh = SimpleSAML_SessionHandler::getSessionHandler();
$sh->set('SimpleSAMLphp_SESSION', $sessionData);
}
