Session end
Removed logout confirmation UI Change-Id: Id1c72127a612b4bf4cf03b506838336b80751f20 Signed-off-by: smarcet <smarcet@gmail.com>
This commit is contained in:
parent
c47546816c
commit
022df21b5b
|
@ -282,55 +282,13 @@ final class OAuth2ProviderController extends Controller
|
||||||
], 400);
|
], 400);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(Request::isMethod('get') )
|
$response = $this->oauth2_protocol->endSession($request);
|
||||||
{
|
|
||||||
$clients = [];
|
if (!is_null($response) && $response instanceof OAuth2Response) {
|
||||||
foreach($this->auth_service->getLoggedRPs() as $client_id)
|
$strategy = OAuth2ResponseStrategyFactoryMethod::buildStrategy($request, $response);
|
||||||
{
|
return $strategy->handle($response);
|
||||||
$client = $this->client_repository->getClientById($client_id);
|
|
||||||
if(!is_null($client)){
|
|
||||||
$clients[] = $client;
|
|
||||||
Log::info(sprintf("added RP %s", $client->getApplicationName()));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Session::put("logout.return_url", Request::server('HTTP_REFERER'));
|
|
||||||
// At the logout endpoint, the OP SHOULD ask the End-User whether he wants to log out of the OP as well.
|
|
||||||
// If the End-User says "yes", then the OP MUST log out the End-User.
|
|
||||||
return View::make('oauth2.session.session-logout',
|
|
||||||
[
|
|
||||||
'clients' => $clients,
|
|
||||||
'id_token_hint' => $request->getIdTokenHint(),
|
|
||||||
'post_logout_redirect_uri' => $request->getPostLogoutRedirectUri(),
|
|
||||||
'state' => $request->getState(),
|
|
||||||
'client_id' => $request->getClientId(),
|
|
||||||
]);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$consent = Input::get('oidc_endsession_consent');
|
return View::make('oauth2.session.session-ended');
|
||||||
|
|
||||||
if($consent === '1')
|
|
||||||
{
|
|
||||||
$response = $this->oauth2_protocol->endSession($request);
|
|
||||||
|
|
||||||
if (!is_null($response) && $response instanceof OAuth2Response) {
|
|
||||||
$strategy = OAuth2ResponseStrategyFactoryMethod::buildStrategy($request, $response);
|
|
||||||
return $strategy->handle($response);
|
|
||||||
}
|
|
||||||
|
|
||||||
return View::make('oauth2.session.session-ended');
|
|
||||||
}
|
|
||||||
|
|
||||||
Log::error('invalid consent response!');
|
|
||||||
return Response::view('errors.404', [], 404);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function cancelLogout()
|
|
||||||
{
|
|
||||||
|
|
||||||
$return_url = Session::get("logout.return_url");
|
|
||||||
if(!empty($return_url)){
|
|
||||||
return Redirect::to($return_url);
|
|
||||||
}
|
|
||||||
return Redirect::action('HomeController@index');
|
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -94,7 +94,6 @@ Route::group(['namespace' => 'App\Http\Controllers', 'middleware' => 'web' ], fu
|
||||||
|
|
||||||
Route::get('/check-session', "OAuth2ProviderController@checkSessionIFrame");
|
Route::get('/check-session', "OAuth2ProviderController@checkSessionIFrame");
|
||||||
Route::get('/end-session', "OAuth2ProviderController@endSession");
|
Route::get('/end-session', "OAuth2ProviderController@endSession");
|
||||||
Route::get('/end-session/cancel', "OAuth2ProviderController@cancelLogout");
|
|
||||||
Route::post('/end-session', "OAuth2ProviderController@endSession");
|
Route::post('/end-session', "OAuth2ProviderController@endSession");
|
||||||
|
|
||||||
//authorization endpoint
|
//authorization endpoint
|
||||||
|
|
Loading…
Reference in New Issue