]> BookStack Code Mirror - bookstack/blob - app/Http/Controllers/Auth/Saml2Controller.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New translations validation.php (German Informal)
[bookstack] / app / Http / Controllers / Auth / Saml2Controller.php
1 <?php
2
3 namespace BookStack\Http\Controllers\Auth;
4
5 use BookStack\Auth\Access\Saml2Service;
6 use BookStack\Http\Controllers\Controller;
7
8 class Saml2Controller extends Controller
9 {
10
11     protected $samlService;
12
13     /**
14      * Saml2Controller constructor.
15      */
16     public function __construct(Saml2Service $samlService)
17     {
18         parent::__construct();
19         $this->samlService = $samlService;
20
21         // SAML2 access middleware
22         $this->middleware(function ($request, $next) {
23             if (!config('saml2.enabled')) {
24                 $this->showPermissionError();
25             }
26
27             return $next($request);
28         });
29     }
30
31     /**
32      * Start the login flow via SAML2.
33      */
34     public function login()
35     {
36         $loginDetails = $this->samlService->login();
37         session()->flash('saml2_request_id', $loginDetails['id']);
38
39         return redirect($loginDetails['url']);
40     }
41
42     /**
43      * Start the logout flow via SAML2.
44      */
45     public function logout()
46     {
47         $logoutDetails = $this->samlService->logout();
48
49         if ($logoutDetails['id']) {
50             session()->flash('saml2_logout_request_id', $logoutDetails['id']);
51         }
52
53         return redirect($logoutDetails['url']);
54     }
55
56     /*
57      * Get the metadata for this SAML2 service provider.
58      */
59     public function metadata()
60     {
61         $metaData = $this->samlService->metadata();
62         return response()->make($metaData, 200, [
63             'Content-Type' => 'text/xml'
64         ]);
65     }
66
67     /**
68      * Single logout service.
69      * Handle logout requests and responses.
70      */
71     public function sls()
72     {
73         $requestId = session()->pull('saml2_logout_request_id', null);
74         $redirect = $this->samlService->processSlsResponse($requestId) ?? '/';
75         return redirect($redirect);
76     }
77
78     /**
79      * Assertion Consumer Service.
80      * Processes the SAML response from the IDP.
81      */
82     public function acs()
83     {
84         $requestId = session()->pull('saml2_request_id', null);
85
86         $user = $this->samlService->processAcsResponse($requestId);
87         if ($user === null) {
88             $this->showErrorNotification(trans('errors.saml_fail_authed', ['system' => config('saml2.name')]));
89             return redirect('/login');
90         }
91
92         session()->put('last_login_type', 'saml2');
93         return redirect()->intended();
94     }
95
96 }
The core source code for the BookStack project.