/** * @param ServiceInfo $serviceInfo * @param string $nameID * @param string $sessionIndex * @return SSOState[] */ protected function getSSOState(ServiceInfo $serviceInfo, $nameID, $sessionIndex) { if ($sessionIndex) { $result = array(); $state = $this->ssoStore->getOneByNameIDSessionIndex($serviceInfo->getProviderID(), $serviceInfo->getAuthenticationService(), $nameID, $sessionIndex); if ($state) { $result[] = $state; } } else { $result = $this->ssoStore->getAllByNameID($serviceInfo->getProviderID(), $serviceInfo->getAuthenticationService(), $nameID); } return $result; }
/** * @param \Symfony\Component\HttpFoundation\Request $request * @throws \AerialShip\SamlSPBundle\Error\SSOSessionException * @return \Symfony\Component\HttpFoundation\Response|SamlSpInfo|null */ public function manage(Request $request) { /** @var SamlSpToken $token */ $token = $this->securityContext->getToken(); $samlSpInfo = $token->getSamlSpInfo(); $ssoState = $this->ssoStore->getOneByNameIDSessionIndex($token->getProviderKey(), $samlSpInfo->getAuthenticationServiceID(), $samlSpInfo->getNameID()->getValue(), $samlSpInfo->getAuthnStatement()->getSessionIndex()); if ($ssoState == null || $ssoState->getNameID() != $samlSpInfo->getNameID()->getValue()) { $this->securityContext->setToken(new AnonymousToken($this->providerKey, 'anon.')); $ex = new SSOSessionException('SSO session has expired'); $ex->setToken($token); throw $ex; } return null; }