3 namespace BookStack\Http\Controllers\Auth;
5 use BookStack\Auth\Access\OpenIdConnect\OpenIdConnectService;
6 use BookStack\Http\Controllers\Controller;
7 use Illuminate\Http\Request;
9 class OpenIdConnectController extends Controller
12 protected $oidcService;
15 * OpenIdController constructor.
17 public function __construct(OpenIdConnectService $oidcService)
19 $this->oidcService = $oidcService;
20 $this->middleware('guard:oidc');
24 * Start the authorization login flow via OIDC.
26 public function login()
28 $loginDetails = $this->oidcService->login();
29 session()->flash('oidc_state', $loginDetails['state']);
31 return redirect($loginDetails['url']);
35 * Authorization flow redirect.
36 * Processes authorization response from the OIDC Authorization Server.
38 public function redirect(Request $request)
40 $storedState = session()->pull('oidc_state');
41 $responseState = $request->query('state');
43 if ($storedState !== $responseState) {
44 $this->showErrorNotification(trans('errors.oidc_fail_authed', ['system' => config('oidc.name')]));
45 return redirect('/login');
48 $user = $this->oidcService->processAuthorizeResponse($request->query('code'));
50 $this->showErrorNotification(trans('errors.oidc_fail_authed', ['system' => config('oidc.name')]));
51 return redirect('/login');
54 return redirect()->intended();