use BookStack\Auth\Access\Saml2Service;
use BookStack\Http\Controllers\Controller;
-use Illuminate\Http\Request;
class Saml2Controller extends Controller
{
{
parent::__construct();
$this->samlService = $samlService;
+
+ // SAML2 access middleware
+ $this->middleware(function ($request, $next) {
+ if (!config('saml2.enabled')) {
+ $this->showPermissionError();
+ }
+
+ return $next($request);
+ });
}
/**
return redirect($loginDetails['url']);
}
+ /**
+ * Start the logout flow via SAML2.
+ */
+ public function logout()
+ {
+ $logoutDetails = $this->samlService->logout();
+
+ if ($logoutDetails['id']) {
+ session()->flash('saml2_logout_request_id', $logoutDetails['id']);
+ }
+
+ return redirect($logoutDetails['url']);
+ }
+
/*
* Get the metadata for this SAML2 service provider.
*/
*/
public function sls()
{
- // TODO
+ $requestId = session()->pull('saml2_logout_request_id', null);
+ $redirect = $this->samlService->processSlsResponse($requestId) ?? '/';
+ return redirect($redirect);
}
/**
return redirect('/login');
}
+ session()->put('last_login_type', 'saml2');
return redirect()->intended();
}
projects / bookstack / blobdiff