public function executeSignin($request)
{
$user = $this->getUser();
if ($user->isAuthenticated()) {
return $this->redirect('@homepage');
}
// Create SimpleSAML module
$simpleSAMLAuth = new SimpleSAML_Auth_Simple('default-sp');
// If the user is authenticated from the IdP
if ($simpleSAMLAuth->isAuthenticated()) {
$attributes = $simpleSAMLAuth->getAttributes();
// save the referer
$user_referer = $user->getReferer($request->getReferer());
// Try to find the user with his uid
$query = Doctrine_Core::getTable('sfGuardUser')->createQuery('u')->where('u.username = ?', $attributes['eduPersonPrincipalName'][0]);
// If the sGuardUser already exists in the database, it's OK
if ($query->count() >= 1) {
$guard_user = $query->fetchOne();
$guard_user->setEmailAddress($attributes['mail'][0]);
$guard_user->setLastName($attributes['cn'][0]);
$guard_user->save();
} else {
// the user doesn't exist, we create a new one with random password
$guard_user = new sfGuardUser();
$guard_user->setUsername($attributes['eduPersonPrincipalName'][0]);
$guard_user->setPassword(md5(microtime() . $attributes['eduPersonPrincipalName'][0] . mt_rand()));
$guard_user->setEmailAddress($attributes['mail'][0]);
$guard_user->setLastName($attributes['cn'][0]);
$guard_user->setIsActive(true);
$guard_user->save();
}
// Let the User signin
// The auth is not rembered : the IdP can decide that
$this->getUser()->signin($guard_user, $remember = false);
// always redirect to a URL set in app.yml
// or to the referer
// or to the homepage
$signinUrl = sfConfig::get('app_sf_guard_plugin_success_signin_url', $user_referer);
return $this->redirect('' != $signinUrl ? $signinUrl : '@homepage');
} else {
if ($request->isXmlHttpRequest()) {
$this->getResponse()->setHeaderOnly(true);
$this->getResponse()->setStatusCode(401);
return sfView::NONE;
}
// if we have been forwarded, then the referer is the current URL
// if not, this is the referer of the current request
$user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer());
/* gyufi $this->url_idp = $simpleSAMLAuth->login(array(
//'saml:idp' => 'https://openidp.feide.no',
'saml:idp' => 'https://aai.sztaki.hu/idp-partners',
'saml:idp' => 'https://aai.sztaki.hu/idp',
));
*/
$this->url_idp = $simpleSAMLAuth->login();
// Nothing happened after there, $simpleSAMLAuth->login() calls exit()
/*
$module = sfConfig::get('sf_login_module');
if ($this->getModuleName() != $module)
{
return $this->redirect($module.'/'.sfConfig::get('sf_login_action'));
}
$this->getResponse()->setStatusCode(401);
*/
}
}