use BookStack\Auth\Access\Saml2Service;
use BookStack\Http\Controllers\Controller;
-use Illuminate\Http\Request;
class Saml2Controller extends Controller
{
-
protected $samlService;
/**
*/
public function __construct(Saml2Service $samlService)
{
- parent::__construct();
$this->samlService = $samlService;
+ $this->middleware('guard:saml2');
}
/**
return redirect($loginDetails['url']);
}
+ /**
+ * Start the logout flow via SAML2.
+ */
+ public function logout()
+ {
+ $logoutDetails = $this->samlService->logout();
+
+ if ($logoutDetails['id']) {
+ session()->flash('saml2_logout_request_id', $logoutDetails['id']);
+ }
+
+ return redirect($logoutDetails['url']);
+ }
+
/*
* Get the metadata for this SAML2 service provider.
*/
public function metadata()
{
$metaData = $this->samlService->metadata();
+
return response()->make($metaData, 200, [
- 'Content-Type' => 'text/xml'
+ 'Content-Type' => 'text/xml',
]);
}
*/
public function sls()
{
- // TODO
+ $requestId = session()->pull('saml2_logout_request_id', null);
+ $redirect = $this->samlService->processSlsResponse($requestId) ?? '/';
+
+ return redirect($redirect);
}
/**
$user = $this->samlService->processAcsResponse($requestId);
if ($user === null) {
$this->showErrorNotification(trans('errors.saml_fail_authed', ['system' => config('saml2.name')]));
+
return redirect('/login');
}
return redirect()->intended();
}
-
}
projects / bookstack / blobdiff