]> BookStack Code Mirror - bookstack/blob - app/Http/Controllers/Auth/OidcController.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Updated SAML ACS post to retain user session
[bookstack] / app / Http / Controllers / Auth / OidcController.php
1 <?php
2
3 namespace BookStack\Http\Controllers\Auth;
4
5 use BookStack\Auth\Access\Oidc\OidcService;
6 use BookStack\Http\Controllers\Controller;
7 use Illuminate\Http\Request;
8
9 class OidcController extends Controller
10 {
11     protected $oidcService;
12
13     /**
14      * OpenIdController constructor.
15      */
16     public function __construct(OidcService $oidcService)
17     {
18         $this->oidcService = $oidcService;
19         $this->middleware('guard:oidc');
20     }
21
22     /**
23      * Start the authorization login flow via OIDC.
24      */
25     public function login()
26     {
27         $loginDetails = $this->oidcService->login();
28         session()->flash('oidc_state', $loginDetails['state']);
29
30         return redirect($loginDetails['url']);
31     }
32
33     /**
34      * Authorization flow redirect callback.
35      * Processes authorization response from the OIDC Authorization Server.
36      */
37     public function callback(Request $request)
38     {
39         $storedState = session()->pull('oidc_state');
40         $responseState = $request->query('state');
41
42         if ($storedState !== $responseState) {
43             $this->showErrorNotification(trans('errors.oidc_fail_authed', ['system' => config('oidc.name')]));
44
45             return redirect('/login');
46         }
47
48         $this->oidcService->processAuthorizeResponse($request->query('code'));
49
50         return redirect()->intended();
51     }
52 }
The core source code for the BookStack project.