/**
* @param string $fingerprint
* @return \Flowpack\SingleSignOn\Client\Domain\Model\SsoServer
*/
public function findByPublicKey($fingerprint)
{
foreach ($this->serverConfigurations as $serverIdentifier => $serverConfiguration) {
if (isset($serverConfiguration['publicKeyFingerprint']) && $serverConfiguration['publicKeyFingerprint'] === $fingerprint) {
return $this->ssoServerFactory->create($serverIdentifier);
}
}
}
/**
* Starts the authentication by redirecting to the SSO endpoint
*
* The redirect includes the callback URI (the original URI from the given request)
* the client identifier and a signature of the arguments with the client private key.
*
* @param \TYPO3\Flow\Http\Request $request The current request
* @param \TYPO3\Flow\Http\Response $response The current response
* @return void
*/
public function startAuthentication(Request $request, Response $response)
{
$callbackUri = $request->getUri();
if (!isset($this->options['server'])) {
throw new Exception('Missing "server" option for SingleSignOnRedirect entry point. Please specifiy one using the entryPointOptions setting.', 1351690358);
}
$ssoServer = $this->ssoServerFactory->create($this->options['server']);
$ssoClient = $this->ssoClientFactory->create();
$redirectUri = $ssoServer->buildAuthenticationEndpointUri($ssoClient, $callbackUri);
$response->setStatus(303);
$response->setHeader('Location', $redirectUri);
}
/**
* Notify SSO servers about the logged out client
*
* All active authentication tokens of type SingleSignOnToken will be
* used to get the registered global session id and send a request
* to the session service on the SSO server.
*
* @return void
*/
public function logout()
{
$allConfiguration = $this->configurationManager->getConfiguration(\TYPO3\Flow\Configuration\ConfigurationManager::CONFIGURATION_TYPE_SETTINGS, 'TYPO3.Flow');
$tokens = $this->securityContext->getAuthenticationTokensOfType('Flowpack\\SingleSignOn\\Client\\Security\\SingleSignOnToken');
foreach ($tokens as $token) {
$providerName = $token->getAuthenticationProviderName();
$serverIdentifier = \TYPO3\Flow\Utility\Arrays::getValueByPath($allConfiguration, 'security.authentication.providers.' . $providerName . '.providerOptions.server');
if ($serverIdentifier !== NULL) {
$ssoClient = $this->ssoClientFactory->create();
$ssoServer = $this->ssoServerFactory->create($serverIdentifier);
$ssoServer->destroySession($ssoClient, $token->getGlobalSessionId());
}
}
}
/**
* Create an SSO server instance from the provider options
*
* @return \Flowpack\SingleSignOn\Client\Domain\Model\SsoServer
*/
protected function createSsoServer()
{
if (!isset($this->options['server'])) {
throw new Exception('Missing "server" option for SingleSignOnProvider authentication provider "' . $this->name . '". Please specifiy one using the providerOptions setting.', 1351690847);
}
$ssoServer = $this->ssoServerFactory->create($this->options['server']);
return $ssoServer;
}
