public function CasForcedAuthSubscriber::onRequest in CAS 2.x
Respond to kernel request set forced auth redirect response.
Parameters
\Symfony\Component\HttpKernel\Event\GetResponseEvent $event: The event.
1 call to CasForcedAuthSubscriber::onRequest()
- CasForcedAuthSubscriber::on403 in src/
Subscriber/ CasForcedAuthSubscriber.php - Handle 403 errors.
File
- src/
Subscriber/ CasForcedAuthSubscriber.php, line 128
Class
- CasForcedAuthSubscriber
- Event subscriber for implementing CAS forced authentication.
Namespace
Drupal\cas\SubscriberCode
public function onRequest(GetResponseEvent $event) {
// Don't do anything if this is a sub request and not a master request.
if ($event
->getRequestType() != HttpKernelInterface::MASTER_REQUEST) {
return;
}
// Some routes we don't want to run on.
$current_route = $this->routeMatcher
->getRouteName();
if (in_array($current_route, CasHelper::IGNOREABLE_AUTO_LOGIN_ROUTES)) {
return;
}
// Only care about anonymous users.
if ($this->currentUser
->isAuthenticated()) {
return;
}
if (!$this->forcedLoginEnabled) {
return;
}
// Check if user provided specific paths to force/not force a login.
$condition = $this->conditionManager
->createInstance('request_path');
$condition
->setConfiguration($this->forcedLoginPaths);
if (!$this->conditionManager
->execute($condition)) {
return;
}
$this->casHelper
->log(LogLevel::DEBUG, 'Initializing forced login auth from CasSubscriber.');
// Start constructing the URL redirect to CAS for forced auth.
// Add the current path to the service URL as the 'destination' param,
// so that when the ServiceController eventually processess the login,
// it knows to return the user back here.
$request = $event
->getRequest();
$currentPath = str_replace($request
->getSchemeAndHttpHost(), '', $request
->getUri());
$redirectData = new CasRedirectData([
'destination' => $currentPath,
]);
$response = $this->casRedirector
->buildRedirectResponse($redirectData);
if ($response) {
$event
->setResponse($response);
// If there's a 'destination' parameter set on the current request,
// remove it, otherwise Drupal's RedirectResponseSubscriber will send
// users to that location instead of to our CAS server.
$request->query
->remove('destination');
}
}