Permalink
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
match/app/src/Auth/EnvAuthenticate.php
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Upgrade CAKEPHP to version 4.2.9 * Upgrade to version CAKEPHP 4.2.10 Co-authored-by: Ioannis Igoumenos <ioigoume@admin.grnet.gr>
121 lines (97 sloc)
4.11 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * COmanage Match Env Authenticate | |
| * | |
| * Portions licensed to the University Corporation for Advanced Internet | |
| * Development, Inc. ("UCAID") under one or more contributor license agreements. | |
| * See the NOTICE file distributed with this work for additional information | |
| * regarding copyright ownership. | |
| * | |
| * UCAID licenses this file to you under the Apache License, Version 2.0 | |
| * (the "License"); you may not use this file except in compliance with the | |
| * License. You may obtain a copy of the License at: | |
| * | |
| * http://www.apache.org/licenses/LICENSE-2.0 | |
| * | |
| * Unless required by applicable law or agreed to in writing, software | |
| * distributed under the License is distributed on an "AS IS" BASIS, | |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| * See the License for the specific language governing permissions and | |
| * limitations under the License. | |
| * | |
| * @link http://www.internet2.edu/comanage COmanage Project | |
| * @package match | |
| * @since COmanage Match v1.0.0 | |
| * @license Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0) | |
| */ | |
| declare(strict_types = 1); | |
| namespace App\Auth; | |
| use Cake\Auth\BaseAuthenticate; | |
| use Cake\Core\InstanceConfigTrait; | |
| use Cake\Http\ServerRequest; | |
| use Cake\Http\Response; | |
| use Cake\Datasource\FactoryLocator; | |
| use Cake\Log\Log; | |
| class EnvAuthenticate extends BaseAuthenticate { | |
| use InstanceConfigTrait; | |
| /** | |
| * Handle an authentication request. | |
| * | |
| * @since COmanage Match v1.0.0 | |
| * @param ServerRequest $request Cake ServerRequest | |
| * @param Response $response Cake Response | |
| * @return Array Array of user information, or false | |
| */ | |
| public function authenticate(ServerRequest $request, Response $response) { | |
| return $this->getUser($request); | |
| } | |
| /** | |
| * Get a user based on information in the request. Primarily used by stateless authentication | |
| * systems like basic and digest auth. | |
| * | |
| * @since COmanage Match v1.0.0 | |
| * @param ServerRequest $request Cake ServerRequest | |
| * @return Array Array of user information, or false | |
| */ | |
| public function getUser(ServerRequest $request) { | |
| Log::write('debug', 'EnvAuthenticate::getUser()'); | |
| $user = $request->getSession()->read('Auth.external.user'); | |
| Log::write('debug', 'EnvAuthenticate::getUser() = ' . $user); | |
| if(!$user) { | |
| return false; | |
| } | |
| // It's not clear we really need to use an array here, it just seems to be | |
| // the convention of the Cake Authenticate classes. | |
| return [ 'username' => $user ]; | |
| } | |
| /** | |
| * Handle an unauthenticated request. | |
| * | |
| * @since COmanage Match v1.0.0 | |
| * @param ServerRequest $request Cake ServerRequest | |
| * @param Response $response Cake Response | |
| * @return Response Cake Response | |
| */ | |
| public function unauthenticated(ServerRequest $request, Response $response) { | |
| $externalUser = $request->getSession()->read('Auth.external.user'); | |
| Log::write('debug', 'EnvAuthenticate::unauthenticated() = ' . $externalUser); | |
| if(!empty($externalUser)) { | |
| // Back from authentication | |
| Log::write('debug', 'EnvAuthenticate::unauthenticated() Back from authentication'); | |
| return null; | |
| } | |
| Log::write('debug', 'EnvAuthenticate::unauthenticated() Redirecting to authentication'); | |
| // We need to figure out the URL to redirect to. This is basically $request->here(), | |
| // except that includes the server base (eg "/match"), and the subsequent redirect | |
| // issued by AuthController will have that added in automatically. | |
| // Note here() and $here return different strings. here() includes query params. | |
| $target = $request->getRequestTarget(); | |
| Log::write('debug', 'EnvAuthenticate::unauthenticated() Redirect target: ' . $target); | |
| // Rather than pass the target URL through the browser, we'll just stuff it | |
| // into the session | |
| $request->getSession()->write('Auth.target', $target); | |
| // Send the request to the web server login target | |
| $newresponse = $response->withLocation("/match/auth/login/login.php"); | |
| return $newresponse; | |
| } | |
| } |