fremo/dj_discourse_sso
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added some debugging output to debugLog.

Browse Source
This commit is contained in:
Dirk Jahnke
2016-10-04 17:04:52 +02:00
parent 1d922de146
commit 2e5fa1fd8e
1 changed files with 18 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
Classes/Controller/SsoController.php
View File

@@ -35,6 +35,13 @@ use \TYPO3\CMS\Extensionmanager\Utility\ConfigurationUtility;
class SsoController extends ActionController class SsoController extends ActionController
{ {
/**
* Configuration Utility (see definitions in ext_conf_template.txt).
*
* @var \TYPO3\CMS\Extensionmanager\Utility\ConfigurationUtility $configurationUtility
* @inject
*/
public $configurationUtility;
/** /**
* Compare if signed data matches given signature. * Compare if signed data matches given signature.
@@ -70,10 +77,12 @@ class SsoController extends ActionController
*/ */
public function authenticateAction() public function authenticateAction()
{ {
/** @var \TYPO3\CMS\Extensionmanager\Utility\ConfigurationUtility $configurationUtility */ $extKey = 'dj_discourse_sso';
$configurationUtility = $this->objectManager->get(\TYPO3\CMS\Extensionmanager\Utility\ConfigurationUtility::class);
$extensionConfiguration = $configurationUtility->getCurrentConfiguration('tx_dj_discourse_sso');
/** @var \TYPO3\CMS\Extensionmanager\Utility\ConfigurationUtility $configurationUtility */
$extensionConfiguration = $this->configurationUtility->getCurrentConfiguration($extKey);
GeneralUtility::devLog('authenticateAction', $extKey, 0, array('config' => $extensionConfiguration));
// Check mandatory settings. // Check mandatory settings.
if (isset($extensionConfiguration['redirect_url']) === false) { if (isset($extensionConfiguration['redirect_url']) === false) {
$errorText = '<div><b>ERROR!</b> ' $errorText = '<div><b>ERROR!</b> '
@@ -105,8 +114,11 @@ class SsoController extends ActionController
$redirectStatus = 303; $redirectStatus = 303;
} }
$hmac = hash_hmac('sha256', $sso, $this->settings['discourse_sso_shared_key']); $sso = urldecode(GeneralUtility::_GP('sso'));
$sig = GeneralUtility::_GP('sig');
$hmac = hash_hmac('sha256', $sso, $sharedKey);
if ($this->_hashsAreEqual($hmac, $sig) === false) { if ($this->_hashsAreEqual($hmac, $sig) === false) {
GeneralUtility::devLog('authenticateAction bad request', $extKey, 0, array('sso' => $sso, 'sig' => $sig, 'hmac' => $hmac));
header('HTTP/1.1 403 Forbidden'); header('HTTP/1.1 403 Forbidden');
$this->throwStatus(403, 'Bad SSO request'); $this->throwStatus(403, 'Bad SSO request');
} else { } else {
@@ -121,8 +133,6 @@ class SsoController extends ActionController
} }
if (isset($user) === true) { if (isset($user) === true) {
$sso = urldecode(GeneralUtility::_GP('sso'));
$sig = GeneralUtility::_GP('sig');
$userId = $user['uid']; $userId = $user['uid'];
$userEmail = $user['email']; $userEmail = $user['email'];
$userName = $user['username']; $userName = $user['username'];
@@ -139,6 +149,7 @@ class SsoController extends ActionController
$signature = hash_hmac('sha256', $payload, $this->settings['discourse_sso_shared_key']); $signature = hash_hmac('sha256', $payload, $this->settings['discourse_sso_shared_key']);
$query = http_build_query(array('sso' => $payload, 'sig' => $signature)); $query = http_build_query(array('sso' => $payload, 'sig' => $signature));
$redirectUrl = $redirectUrlRoot.'/session/sso_login?'.$query; $redirectUrl = $redirectUrlRoot.'/session/sso_login?'.$query;
GeneralUtility::devLog('authenticateAction successful, redirecting', $extKey, 0, array('redirectUrl' => $redirectUrl, 'status' => $redirectStatus));
$this->redirectToUri($redirectUrl, 0, $redirectStatus); $this->redirectToUri($redirectUrl, 0, $redirectStatus);
} else { } else {
// No user logged in. // No user logged in.
@@ -147,6 +158,7 @@ class SsoController extends ActionController
.'You should not see this message!<br />' .'You should not see this message!<br />'
.'This plugin should be made available only, if a Frontend User is logged in.<br />' .'This plugin should be made available only, if a Frontend User is logged in.<br />'
.'Please change this in the setup of this content element.'; .'Please change this in the setup of this content element.';
GeneralUtility::devLog('authenticateAction bad configuration', $extKey, 0, array('error' => $errorText));
return $errorText; return $errorText;
}//end if }//end if
}//end if }//end if