CASLogout.php 6.09 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13
<?php

namespace Drupal\casost\Controller;

use Drupal\Core\Entity\Query\QueryFactory;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Drupal\Core\Controller\ControllerBase;
use Drupal\user\Entity\User;
use Drupal\Core\Database\Connection;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Drupal\Core\Logger\LoggerChannelFactoryInterface;
14
use phpCAS;
15 16 17

class CASLogout extends ControllerBase
{
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
    protected $serverVersion;
    protected $serverHostname;
    protected $serverPort;
    protected $serverUri;
    protected $changeSessionId;
    protected $CASServerCACert;
    protected $CASServerCNValidate;
    protected $noCASServerValidation;
    protected $proxy;
    protected $handleLogoutRequests;
    protected $CASLang;
    protected $allowed1;
    protected $allowed1Value;
    protected $allowed2;
    protected $allowed2Value;

34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62
    protected $entity_query;
    protected $entityTypeManager;
    protected $logger;
    protected $connection;

    public function __construct(
    EntityTypeManagerInterface $entityTypeManager,
    QueryFactory $entity_query,
    Connection $connection,
    LoggerChannelFactoryInterface $loggerChannel)
    {
        $this->entityTypeManager = $entityTypeManager;
        $this->entity_query = $entity_query;
        $this->connection = $connection;
        $this->logger = $loggerChannel->get('casost');
    }

    public static function create(ContainerInterface $container)
    {
        return new static(
          $container->get('entity.manager'),
          $container->get('entity.query'),
          $container->get('database'),
          $container->get('logger.factory')
      );
    }

    public function logoutGo(Request $request)
    {
63
        $configRowName = 'casost_sch_sso_config';
64
        try {
65

66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89
            $configRowId = $request->query->get('config');
            if ($configRowId) {
                $configRowName = $configRowName.'_'.$configRowId;
            }
            $CASOSTConfigs = $this->entityTypeManager->getStorage('casost_config')->loadByProperties(array('name' => $configRowName));
            $CASOSTConfig = reset($CASOSTConfigs);
            if ($CASOSTConfig) {
                $this->serverVersion = $CASOSTConfig->serverversion->value;
                $this->serverHostname = $CASOSTConfig->serverhostname->value;
                $this->serverPort = $CASOSTConfig->serverport->value;
                $this->serverUri = $CASOSTConfig->serveruri->value === null ? '' : $CASOSTConfig->serveruri->value;
                $this->redirectUrl = $CASOSTConfig->redirecturl->value;
                $this->changeSessionId = $CASOSTConfig->changesessionid->value;
                $this->CASServerCACert = $CASOSTConfig->casservercacert->value;
                $this->CASServerCNValidate = $CASOSTConfig->casservercnvalidate->value;
                $this->noCASServerValidation = $CASOSTConfig->nocasservervalidation->value;
                $this->proxy = $CASOSTConfig->proxy->value;
                $this->handleLogoutRequests = $CASOSTConfig->handlelogoutrequests->value;
                $this->CASLang = $CASOSTConfig->caslang->value;
                $this->allowed1 = $CASOSTConfig->allowed1->value;
                $this->allowed1Value = $CASOSTConfig->allowed1value->value;
                $this->allowed2 = $CASOSTConfig->allowed2->value;
                $this->allowed2Value = $CASOSTConfig->allowed2value->value;
            } else {
90
                return $this->redirectForbidden($configRowName, '7001');
91
            }
92 93

            // Enable debugging
94
            phpCAS::setDebug("phpcas.log");
95
            // Enable verbose error messages. Disable in production!
Open Source Developer's avatar
trans  
Open Source Developer committed
96
           // phpCAS::setVerbose(true);
97 98 99 100 101 102 103 104 105 106 107 108 109

            // Initialize phpCAS
            phpCAS::client($this->serverVersion,
                $this->serverHostname,
                intval($this->serverPort),
                $this->serverUri,
                boolval($this->changeSessionId));

            $authToken = $request->headers->get('PHP_AUTH_USER');
            $users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
            $user = reset($users);

            if (!$user) {
110
                return $this->redirectForbidden($configRowName, '7002');
111
            }
112
//            phpCAS::handleLogoutRequests();
113

114
//            phpCAS::logoutWithRedirectService('http://eduslim2.minedu.gov.gr/dist/#/school');
115 116
//            session_unset();
//            session_destroy();
117 118
            $user->setPassword(uniqid('pw'));
            $user->save();
119 120 121 122




123
            $response = new Response();
124
            $response->setContent('logout successful');
125 126
            $response->setStatusCode(Response::HTTP_OK);
            $response->headers->set('Content-Type', 'application/json');
127

128 129
        //    phpCAS::logout(array('url'=>$this->redirectUrl));
        //    phpCAS::logout();
130 131 132 133 134
        session_unset();
        session_destroy();
            \Drupal::service('page_cache_kill_switch')->trigger();
//            phpCAS::logoutWithRedirectServiceAndUrl('https://sso-test.sch.gr/logout','');
//            header('Location: '.'https://sso-test.sch.gr/login?service=https%3A%2F%2Feduslim2.minedu.gov.gr%2Fdrupal%2Fcas%2Flogin%3Fconfig%3D2');
135
//            header('Location: https://sso-test.sch.gr/logout');
136 137
    //        exit(0);
    //        return new RedirectResponseWithCookieExt("https://sso-test.sch.gr/logout", 302, []);
138
            return $response;
139 140
        } catch (\Exception $e) {
            $this->logger->warning($e->getMessage());
141 142 143
            return $this->redirectForbidden($configRowName, '8000');
        }
    }
144

145 146 147 148 149 150 151 152
    private function redirectForbidden($configRowName, $errorCode) {
        session_unset();
        session_destroy();
        \Drupal::service('page_cache_kill_switch')->trigger();
        if ('casost_sch_sso_config' === $configRowName) {
            return new RedirectResponse($this->redirectUrl.'&error_code=' . $errorCode, 302, []);
        } else {
            return new RedirectResponseWithCookieExt($this->redirectUrl .'&error_code=' . $errorCode, 302, []);
153
        }
154
    }
Open Source Developer's avatar
trans  
Open Source Developer committed
155
}