Source of file SAMLAuthenticator.php
Size: 1,892 Bytes - Last Modified: 2021-12-23T10:27:14+00:00
/var/www/docs.ssmods.com/process/src/code/authenticators/SAMLAuthenticator.php
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 | <?php /** * Class SAMLAuthenticator * * Authenticates the user against a SAML IdP via a single sign-on process. * It will create a {@link Member} stub record with rudimentary fields (see {@link SAMLController::acs()}) * if the Member record was not found. * * You can either use: * - just SAMLAuthenticator (which will trigger LDAP sync anyway, via LDAPMemberExtension::memberLoggedIn) * - just LDAPAuthenticator (syncs explicitly, but no single sign-on via IdP done) * - both, so people have multiple tabbed options in the login form. * * Both authenticators understand and collaborate through the GUID field on the Member. */ class SAMLAuthenticator extends Authenticator { /** * @var string */ private $name = 'SAML'; /** * @return string */ public static function get_name() { return Config::inst()->get('SAMLAuthenticator', 'name'); } /** * @param Controller $controller * @return SAMLLoginForm */ public static function get_login_form(Controller $controller) { return new SAMLLoginForm($controller, 'LoginForm'); } /** * Sends the authentication process down the SAML rabbit hole. It will trigger * the IdP redirection via the 3rd party implementation, and if successful, the user * will be delivered to the SAMLController::acs. * * @param array $data * @param Form $form * @return bool|Member|void * @throws SS_HTTPResponse_Exception */ public static function authenticate($data, Form $form = null) { // $data is not used - the form is just one button, with no fields. $auth = Injector::inst()->get('SAMLHelper')->getSAMLAuth(); Session::set('BackURL', isset($data['BackURL']) ? $data['BackURL'] : null); Session::save(); $auth->login(Director::absoluteBaseURL().'saml/'); } } |