Logout fix

parent 15e2b726
......@@ -149,8 +149,6 @@ class CBController extends ControllerBase
if ($epalUser) {
$user = $this->entityTypeManager->getStorage('user')->load($epalUser->user_id->target_id);
if ($user) {
// $user->setPassword('harispass');
// $user->setUsername('harisp');
$user->setPassword($epalToken);
$user->setUsername($epalToken);
$user->save();
......@@ -189,14 +187,12 @@ class CBController extends ControllerBase
$user->addRole('applicant');
$user->save();
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('mail' => $unique_id));
$user = reset($users);
if ($user) {
$this->logger->warning('userid 190='.$user->id().'*** name='.$user->name->value);
$epalUser = $this->entityTypeManager()->getStorage('epal_users')->create(array(
// 'langcode' => $language_interface->getId(),
'langcode' => 'el',
'user_id' => $user->id(),
'drupaluser_id' => $user->id(),
......@@ -225,8 +221,7 @@ class CBController extends ControllerBase
}
$this->oauthostSession->set('authtoken', $epalToken);
$this->oauthostSession->save();
// $this->oauthostSession->delete();
// $this->oauthostSession->delete();
return $epalToken;
} catch (OAuthException $e) {
......
<?php
namespace Drupal\oauthost\Controller;
<?php namespace Drupal\oauthost\Controller;
use Drupal\Core\Entity\Query\QueryFactory;
use Drupal\Core\Entity\EntityTypeManagerInterface;
......@@ -16,11 +14,11 @@ use Symfony\Component\HttpFoundation\RedirectResponse;
class OAuthLogout extends ControllerBase
{
protected $entity_query;
protected $entityTypeManager;
protected $logger;
protected $connection;
protected $consumer_key = '';
protected $consumer_secret = '';
protected $request_token_url;
......@@ -33,10 +31,7 @@ class OAuthLogout extends ControllerBase
protected $redirect_url;
public function __construct(
EntityTypeManagerInterface $entityTypeManager,
QueryFactory $entity_query,
Connection $connection,
LoggerChannelFactoryInterface $loggerChannel)
EntityTypeManagerInterface $entityTypeManager, QueryFactory $entity_query, Connection $connection, LoggerChannelFactoryInterface $loggerChannel)
{
$this->entityTypeManager = $entityTypeManager;
$this->entity_query = $entity_query;
......@@ -47,17 +42,14 @@ class OAuthLogout extends ControllerBase
public static function create(ContainerInterface $container)
{
return new static(
$container->get('entity.manager'),
$container->get('entity.query'),
$container->get('database'),
$container->get('logger.factory')
$container->get('entity.manager'), $container->get('entity.query'), $container->get('database'), $container->get('logger.factory')
);
}
public function logoutGo(Request $request)
{
$trx = $this->connection->startTransaction();
try {
$user = null;
$username = $request->headers->get('PHP_AUTH_USER');
......@@ -67,12 +59,15 @@ class OAuthLogout extends ControllerBase
if ($this->oauthostSession) {
$configRowName = $this->oauthostSession->configrowname->value;
} else {
$trx->rollback();
$this->logger->warning("oauthostSession for [{$username}] not set");
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
}
$ostauthConfigs = $this->entityTypeManager->getStorage('oauthost_config')->loadByProperties(array('name' => $configRowName));
$ostauthConfig = reset($ostauthConfigs);
if ($ostauthConfig) {
......@@ -87,6 +82,8 @@ class OAuthLogout extends ControllerBase
$this->logout_url = $ostauthConfig->logout_url->value;
$this->redirect_url = $ostauthConfig->redirect_url->value;
} else {
$trx->rollback();
$this->logger->warning("ostauthConfig [{$configRowName}]not found");
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
......@@ -94,39 +91,31 @@ class OAuthLogout extends ControllerBase
return $response;
}
$epalUsers = $this->entityTypeManager->getStorage('epal_users')->loadByProperties(array('authtoken' => $username));
$epalUsers = $this->entityTypeManager
->getStorage('epal_users')
->loadByProperties(array('authtoken' => $username));
$epalUser = reset($epalUsers);
$foundUser = true;
$foundUser = false;
if ($epalUser) {
$user = $this->entityTypeManager->getStorage('user')->load($epalUser->user_id->target_id);
$user = $this->entityTypeManager
->getStorage('user')
->load($epalUser->user_id->target_id);
$logout_token = $epalUser->getRequesttoken();
if ($user) {
$res = \Drupal::httpClient()->get($this->logout_url . $username, array('headers' => array('Accept' => 'text/plain')));
/* $resData = (string) $res->getBody();
if (empty($resData)) {
return FALSE;
} */
// if ($res->getStatusCode() === "200")
$user->setPassword(uniqid('pw'));
$user->save();
$epalUser->set('accesstoken', '-');
$epalUser->set('accesstoken_secret', '-');
$epalUser->set('authtoken','-');
$epalUser->set('requesttoken','-');
$epalUser->set('authtoken', '-');
$epalUser->set('requesttoken', '-');
$epalUser->set('requesttoken_secret', '-');
$epalUser->save();
} else {
$foundUser = false;
$foundUser = true;
}
} else {
$foundUser = false;
}
if (!$foundUser) {
$trx->rollback();
$this->logger->warning("user not found");
$response = new Response();
$response->setContent('forbidden');
......@@ -134,18 +123,34 @@ class OAuthLogout extends ControllerBase
$response->headers->set('Content-Type', 'application/json');
return $response;
}
// logout from remote host
$logout_call_url = "{$this->logout_url}{$logout_token}";
if (($ch = curl_init()) !== false) {
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $logout_call_url);
$remote_logout_result = curl_exec($ch);
if ($remote_logout_result === false) {
// record failure
$this->logger->warning("OAUTH remote logout call to [{$logout_call_url}] fail: " . curl_error($ch));
}
curl_close($ch);
} else {
$this->logger->warning("OAUTH remote logout to [{$logout_call_url}] not called");
}
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
$this->oauthostSession->delete();
$this->logger->info("OAUTH remote logout success for [{$username}]");
$response = new Response();
$response->setContent('logout successful');
$response->setContent("{\"message\": \"Server logout successful\",\"next\": \"{$this->redirect_url}\"}");
$response->setStatusCode(Response::HTTP_OK);
$response->headers->set('Content-Type', 'application/json');
$this->oauthostSession->delete();
return $response;
// return new RedirectResponse($this->redirect_url . '&auth_role=', 302, []);
return $response;
} catch (Exception $e) {
$this->logger->warning($e->getMessage());
$response = new Response();
......@@ -156,5 +161,4 @@ class OAuthLogout extends ControllerBase
return $response;
}
}
}
<?php
namespace Drupal\oauthost\Entity;
<?php namespace Drupal\oauthost\Entity;
use Drupal\Core\Entity\EntityStorageInterface;
use Drupal\Core\Field\BaseFieldDefinition;
......@@ -55,6 +53,7 @@ use Drupal\user\UserInterface;
*/
class OAuthOSTConfig extends ContentEntityBase implements OAuthOSTConfigInterface
{
use EntityChangedTrait;
/**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment