Fix on logout missing user hint
Change-Id: I07c8a65898315e849d861d963d60d77431aa9ef3 Signed-off-by: smarcet <smarcet@gmail.com>
This commit is contained in:
smarcet
parent
ee47df943e
commit
bd18981aac
|
|
@ -225,14 +225,21 @@ final class AuthService implements IAuthService
|
|||
*/
|
||||
public function unwrapUserId(string $user_id):string
|
||||
{
|
||||
// first try to get user by raw id
|
||||
$user = $this->getUserById(intval($user_id));
|
||||
|
||||
if(!is_null($user))
|
||||
return $user_id;
|
||||
|
||||
$unwrapped_name = $this->decrypt($user_id);
|
||||
$parts = explode(':', $unwrapped_name);
|
||||
return intval($parts[1]);
|
||||
// check if we have a wrapped user id
|
||||
try {
|
||||
$unwrapped_name = $this->decrypt($user_id);
|
||||
$parts = explode(':', $unwrapped_name);
|
||||
return intval($parts[1]);
|
||||
}
|
||||
catch (Exception $ex){
|
||||
Log::warning($ex);
|
||||
}
|
||||
return $user_id;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -323,14 +330,17 @@ final class AuthService implements IAuthService
|
|||
*/
|
||||
public function getLoggedRPs():array
|
||||
{
|
||||
$rps = Cookie::get(IAuthService::LOGGED_RELAYING_PARTIES_COOKIE_NAME);
|
||||
$zlib = CompressionAlgorithms_Registry::getInstance()->get(CompressionAlgorithmsNames::ZLib);
|
||||
|
||||
if(!empty($rps))
|
||||
{
|
||||
$rps = $this->decrypt($rps);
|
||||
$rps = $zlib->uncompress($rps);
|
||||
return explode('|', $rps);
|
||||
try {
|
||||
$rps = Cookie::get(IAuthService::LOGGED_RELAYING_PARTIES_COOKIE_NAME);
|
||||
$zlib = CompressionAlgorithms_Registry::getInstance()->get(CompressionAlgorithmsNames::ZLib);
|
||||
if (!empty($rps)) {
|
||||
$rps = $this->decrypt($rps);
|
||||
$rps = $zlib->uncompress($rps);
|
||||
return explode('|', $rps);
|
||||
}
|
||||
}
|
||||
catch (Exception $ex){
|
||||
Log::warning($ex);
|
||||
}
|
||||
return [];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1474,18 +1474,26 @@ final class OAuth2Protocol implements IOAuth2Protocol
|
|||
if(!is_null($user_id)){
|
||||
// try to get the user from id token ( if its set )
|
||||
$user_id = $this->auth_service->unwrapUserId(intval($user_id->getString()));
|
||||
$user = $this->auth_service->getUserById($user_id);
|
||||
$user = $this->auth_service->getUserById($user_id);
|
||||
|
||||
if(is_null($user)){
|
||||
$this->log_service->debug_msg("OAuth2Protocol::endSession user not found!");
|
||||
throw new InvalidOAuth2Request('user not found!');
|
||||
Log::warning(sprintf("OAuth2Protocol::endSession user hint not found (%s)", $user_id));
|
||||
}
|
||||
}
|
||||
|
||||
// get current user
|
||||
$logged_user = $this->auth_service->getCurrentUser();
|
||||
|
||||
if(!is_null($logged_user) && !is_null($user) && $logged_user->getId() !== $user->getId()) {
|
||||
Log::warning(sprintf("OAuth2Protocol::endSession user does not match with current session! logged user id %s - user id %s", $logged_user->getId(), $user->getId()));
|
||||
Log::warning
|
||||
(
|
||||
sprintf
|
||||
(
|
||||
"OAuth2Protocol::endSession user does not match with current session! logged user id %s - user id %s",
|
||||
$logged_user->getId(),
|
||||
$user->getId()
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
if(!is_null($logged_user))
|
||||
|
|
|
|||
Loading…
Reference in New Issue