NB-Public/user_saml
14
0
Fork 0
mirror of https://github.com/netzbegruenung/user_saml.git synced 2024-05-02 09:14:50 +02:00
Code Issues Projects Releases Wiki Activity
user_saml/lib/controller/samlcontroller.php

126 lines
3.6 KiB
PHP
Raw Normal View History

Initial import
2016-06-29 00:04:23 +02:00
<?php
/**
* @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\User_SAML\Controller;
use OCA\User_SAML\SAMLSettings;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\IRequest;
use OCP\ISession;
use OCP\IUserSession;
class SAMLController extends Controller {
/** @var ISession */
private $session;
/** @var IUserSession */
private $userSession;
/** @var SAMLSettings */
private $SAMLSettings;
/**
* @param string $appName
* @param IRequest $request
* @param ISession $session
* @param IUserSession $userSession
* @param SAMLSettings $SAMLSettings
*/
public function __construct($appName,
IRequest $request,
ISession $session,
IUserSession $userSession,
SAMLSettings $SAMLSettings) {
parent::__construct($appName, $request);
$this->session = $session;
$this->userSession = $userSession;
$this->SAMLSettings = $SAMLSettings;
}
/**
* @PublicPage
* @NoCSRFRequired
*/
public function login() {
$auth = new \OneLogin_Saml2_Auth($this->SAMLSettings->getOneLoginSettingsArray());
$auth->login(\OC::$server->getURLGenerator()->getAbsoluteURL('/'));
}
/**
* @PublicPage
* @NoCSRFRequired
*/
public function getMetadata() {
$settings = new \OneLogin_Saml2_Settings($this->SAMLSettings->getOneLoginSettingsArray());
$metadata = $settings->getSPMetadata();
$errors = $settings->validateMetadata($metadata);
if (empty($errors)) {
return new Http\DataDownloadResponse($metadata, 'metadata.xml', 'text/xml');
} else {
throw new \OneLogin_Saml2_Error(
'Invalid SP metadata: '.implode(', ', $errors),
\OneLogin_Saml2_Error::METADATA_SP_INVALID
);
}
}
/**
* @PublicPage
* @NoCSRFRequired
* @UseSession
*/
public function assertionConsumerService() {
$auth = new \OneLogin_Saml2_Auth($this->SAMLSettings->getOneLoginSettingsArray());
$auth->processResponse(null);
$errors = $auth->getErrors();
// FIXME: Appframworkize
if (!empty($errors)) {
print_r('<p>'.implode(', ', $errors).'</p>');
}
if (!$auth->isAuthenticated()) {
echo "<p>Not authenticated</p>";
exit();
}
$this->session->set('user_saml.samlUserData', $auth->getAttributes());
$this->session->set('user_saml.samlNameId', $auth->getNameId());
$this->session->set('user_saml.samlSessionIndex', $auth->getSessionIndex());
$this->session->set('user_saml.samlSessionExpiration', $auth->getSessionExpiration());
return new Http\RedirectResponse(\OC::$server->getURLGenerator()->getAbsoluteURL('/'));
}
/**
* @PublicPage
* @NoCSRFRequired
*/
public function singleLogoutService() {
$auth = new \OneLogin_Saml2_Auth($this->SAMLSettings->getOneLoginSettingsArray());
$returnTo = null;
$parameters = array();
$nameId = $this->session->get('user_saml.samlNameId');
$sessionIndex = $this->session->get('user_saml.samlSessionIndex');
$this->userSession->logout();
$auth->logout($returnTo, $parameters, $nameId, $sessionIndex);
}
}
Reference in a new issue Copy permalink