Пример #1
0
 /**
  * {@inheritdoc}
  */
 public function __invoke(Request $request, Response $response, callable $out = null)
 {
     do {
         // Check if a guest.
         $actor = $request->getAttribute('actor');
         if (!$actor->isGuest()) {
             break;
         }
         // Check for the global cookie setting.
         $authSettings = SingleSO::settingsAuth($this->settings, false);
         if (!$authSettings) {
             break;
         }
         // Check if the cookie is configured.
         $globalCookie = $authSettings['global_cookie'];
         if (!$globalCookie) {
             break;
         }
         // Check if that cookie is set.
         $cookies = $request->getCookieParams();
         if (!isset($cookies[$globalCookie])) {
             break;
         }
         // Get current request path.
         // And URL hash is unfortunately unavailable.
         // Such data will be discarded on auto-login.
         $requestUri = $request->getUri();
         $requestPath = $requestUri->getPath();
         // Ignore if the controller path, avoid infinite redirect.
         if (strpos($requestPath, SingleSO::CONTROLLER_PATH) === 0) {
             break;
         }
         // Get any query parameters.
         $query = $requestUri->getQuery();
         // Create the redirect path, preserve ? even if no query.
         $params = $request->getQueryParams();
         $redirect = $requestPath . ($query ? '?' . $query : (isset($_SERVER['REQUEST_URI']) && strpos($_SERVER['REQUEST_URI'], '?') !== false ? '?' : ''));
         // Create the login path.
         $loginPath = rtrim($this->app->url(), '/') . SingleSO::CONTROLLER_PATH . '/login';
         // Create the redirect target, include return redirect parameters.
         $target = SingleSO::addParams($loginPath, ['redirect' => $redirect]);
         // Take over the response, redirect to login URL.
         return new RedirectResponse($target);
     } while (false);
     return $out ? $out($request, $response) : $response;
 }
Пример #2
0
 /**
  * @param Symfony\Component\HttpFoundation\Session\Session $session
  * @param mixed $value
  * @return string
  */
 public function sessionStateCreate($session, $value)
 {
     $token = SingleSO::randStr(16);
     $this->sessionStateSet($session, ['token' => $token, 'value' => $value]);
     return $token;
 }
Пример #3
0
 /**
  * @param ConfigureClientView $event
  */
 public function addAssets(ConfigureClientView $event)
 {
     if ($event->isForum()) {
         // Check that the settings are configured before taking over login.
         $authSettings = SingleSO::settingsAuth($this->settings, false);
         if ($authSettings) {
             // Register the forum script.
             $event->addAssets([__DIR__ . '/../../js/forum/dist/extension.js']);
             $event->addBootstrapper('singleso/singleso-flarum/main');
             // Register some settings for the extension.
             $view = $event->view;
             $actor = $view->getActor();
             // Is the viewing user a guest.
             $guest = (bool) $actor->isGuest();
             // Is the user a manged user.
             $managed = (bool) (!$guest && isset($actor->singleso_id));
             // Logout hook if has logout URL, and is managed user.
             $logout = (bool) $authSettings['logout_url'];
             // Register the extension settings.
             $view->setVariable('singleso-singleso-flarum', ['controller' => SingleSO::CONTROLLER_PATH, 'logout' => $logout, 'managed' => $managed, 'guest' => $guest]);
             // JavaScript could also do the auto-login redirect.
             // Advantages:
             // - Preserve the URL hash (only used on the admin panel?).
             // - Potentially JSONP checking instead of cookie.
             // Disadvantages:
             // - Error pages not handled (pages that require login).
             // - Slower to do the login redirect.
             // - Requires JavaScript (Flarum already requires it).
             // Choosing to use middelware for the auto-login cookie.
             // do {
             // 	// Check if a guest.
             // 	if (!$guest) {
             // 		break;
             // 	}
             //
             // 	// Check if global login cookie configured.
             // 	$globalCookie = $authSettings['global_cookie'];
             // 	if (!$globalCookie) {
             // 		break;
             // 	}
             //
             // 	// Check if request contains the cookie.
             // 	$request = $view->getRequest();
             // 	$cookies = $request->getCookieParams();
             // 	if (!isset($cookies[$globalCookie])) {
             // 		break;
             // 	}
             //
             // 	// If all checks passed, inject the inline script.
             // 	$view->addHeadString(
             // 		'<script>' . $this->autoLoginScript() . '</script>',
             // 		'singleso-singleso-flarum-autologin'
             // 	);
             // } while(false);
         }
     }
     if ($event->isAdmin()) {
         // Register admin panel script.
         $event->addAssets([__DIR__ . '/../../js/admin/dist/extension.js']);
         $event->addBootstrapper('singleso/singleso-flarum/main');
         $view = $event->view;
         // Register the extension settings.
         $view->setVariable('singleso-singleso-flarum', ['controller' => SingleSO::CONTROLLER_PATH]);
     }
 }