You are here

Home » API reference » Bakery Single Sign-On System 8.2

ChildDeprecatedController.php in Bakery Single Sign-On System 8.2

Namespace

Drupal\bakery\Controller

File

src/Controller/ChildDeprecatedController.php
View source 
<?php

namespace Drupal\bakery\Controller;

use Drupal\bakery\Kitchen;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Controller\ControllerBase;
use Drupal\user\Entity\User;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
class ChildDeprecatedController extends ControllerBase {

  /**
   * @var \Drupal\bakery\Kitchen
   */
  protected $kitchen;

  /**
   * Initialize bakery service.
   *
   * @param \Drupal\bakery\Kitchen $kitchen
   *   Kitchen service.
   */
  public function __construct(Kitchen $kitchen) {
    $this->kitchen = $kitchen;
  }

  /**
   * When this controller is created, it will get the bakery.bakery_service.
   *
   * @param \Symfony\Component\DependencyInjection\ContainerInterface $container
   *   For getting Bakery service.
   *
   * @return static
   */
  public static function create(ContainerInterface $container) {
    return new static($container
      ->get('bakery.kitchen'));
  }

  /**
   * Custom return for child registration process.
   *
   * Redirects to the homepage on success or to
   * the register page if there was a problem.
   */
  public function registerReturn() {
    $cookie = $this->kitchen
      ->taste(Kitchen::OATMEAL);
    if ($cookie) {

      // Valid cookie, now destroy it.
      $this->kitchen
        ->eat(Kitchen::OATMEAL);

      // Destination in cookie was set before user left this site, extract it to
      // be sure destination workflow is followed.
      if (empty($cookie['data']['destination'])) {
        $destination = '<front>';
      }
      else {
        $destination = $cookie['data']['destination'];
      }
      $errors = $cookie['data']['errors'];
      if (empty($errors)) {
        $this
          ->messenger()
          ->addMessage($this
          ->t('Registration successful. You are now logged in.'));

        // Redirect to destination.
        $this
          ->redirect($destination);
      }
      else {
        if (!empty($errors['register'])) {
          $this
            ->messenger()
            ->addError($this
            ->t('Registration is not enabled on @master. Please contact a site administrator.', [
            '@master' => $this
              ->config('bakery.settings')
              ->get('bakery_master'),
          ]));
          $this
            ->getLogger('bakery')
            ->error('Master Bakery site user registration is disabled', []);
        }
        if (!empty($errors['validate'])) {

          // If the user must validate their email then we need to create an
          // account for them on the child site.
          // Save a stub account so we have a child UID to send.
          $language = $this
            ->languageManager()
            ->getCurrentLanguage()
            ->getId();
          $account = User::create();

          // Mandatory settings.
          $account
            ->setPassword(user_password());
          $account
            ->enforceIsNew();
          $account
            ->setEmail($cookie['data']['mail']);

          // This username must be unique and accept only a-Z,0-9, - _ @ .
          $account
            ->setUsername($cookie['name']);

          // Optional settings.
          $account
            ->set('init', $this->kitchen
            ->generateInitField($cookie['data']['uid']));
          $account
            ->set('langcode', $language);
          $account
            ->set('preferred_langcode', $language);
          $account
            ->set('preferred_admin_langcode', $language);

          // $user->set("setting_name", 'setting_value');.
          $account
            ->activate();

          // Save user.
          $account
            ->save();

          // Notify the user that they need to validate their email.
          _user_mail_notify('register_no_approval_required', $account);
          unset($_SESSION['bakery']['register']);
          $this
            ->messenger()
            ->addMessage($this
            ->t('A welcome message with further instructions has been sent to your e-mail address.'));
        }
        if (!empty($errors['name'])) {
          $this
            ->messenger()
            ->addError($this
            ->t('Name is already taken.'));
        }
        if (!empty($errors['mail'])) {
          $this
            ->messenger()
            ->addError($this
            ->t('E-mail address is already registered.'));
        }
        if (!empty($errors['mail_denied'])) {
          $this
            ->messenger()
            ->addError($this
            ->t('The e-mail address has been denied access..'));
        }
        if (!empty($errors['name_denied'])) {
          $this
            ->messenger()
            ->addError($this
            ->t('The name has been denied access..'));
        }

        // There are errors so keep user on registration page.
        $this
          ->redirect('user.register');
      }
    }
    throw new AccessDeniedHttpException();
  }

  /**
   * Custom return for errors during child login process.
   */
  public function loginReturn() {
    $cookie = $this->kitchen
      ->taste(Kitchen::OATMEAL);
    if ($cookie) {

      // Valid cookie, now destroy it.
      $this->kitchen
        ->eat(Kitchen::OATMEAL);
      if (!empty($cookie['data']['errors'])) {
        $errors = $cookie['data']['errors'];
        if (!empty($errors['incorrect-credentials'])) {
          $this
            ->messenger()
            ->addError($this
            ->t('Sorry, unrecognized username or password.'));
        }
        elseif (!empty($errors['name'])) {

          // In case an attacker got the hash we filter the argument
          // here to avoid exposing a XSS vector.
          $this
            ->messenger()
            ->addError(Xss::filter($errors['name']));
        }
      }
      if (empty($cookie['data']['destination'])) {
        return $this
          ->redirect('user.page');
      }
      else {

        // This is probably broken. Controller redirect only works for routes
        // and my gut tells me this is going to be populated with like a path
        // or something from a destination parameter.
        return $this
          ->redirect($cookie['data']['destination']);
      }
    }
    throw new AccessDeniedHttpException();
  }

}

Classes

Namesort descending Description
ChildDeprecatedController