public function ChildDeprecatedController::loginReturn in Bakery Single Sign-On System 8.2
Custom return for errors during child login process.
File
- src/
Controller/ ChildDeprecatedController.php, line 137
Class
Namespace
Drupal\bakery\ControllerCode
public function loginReturn() {
$cookie = $this->kitchen
->taste(Kitchen::OATMEAL);
if ($cookie) {
// Valid cookie, now destroy it.
$this->kitchen
->eat(Kitchen::OATMEAL);
if (!empty($cookie['data']['errors'])) {
$errors = $cookie['data']['errors'];
if (!empty($errors['incorrect-credentials'])) {
$this
->messenger()
->addError($this
->t('Sorry, unrecognized username or password.'));
}
elseif (!empty($errors['name'])) {
// In case an attacker got the hash we filter the argument
// here to avoid exposing a XSS vector.
$this
->messenger()
->addError(Xss::filter($errors['name']));
}
}
if (empty($cookie['data']['destination'])) {
return $this
->redirect('user.page');
}
else {
// This is probably broken. Controller redirect only works for routes
// and my gut tells me this is going to be populated with like a path
// or something from a destination parameter.
return $this
->redirect($cookie['data']['destination']);
}
}
throw new AccessDeniedHttpException();
}