You are here

function _drupalauth4ssp_exec in DrupalAuth for SimpleSAMLphp 7

Sets a special cookie for drupalauth4ssp.

2 calls to _drupalauth4ssp_exec()
drupalauth4ssp_user_login in ./drupalauth4ssp.module
Implements hook_user_login().
drupalauth4ssp_user_view in ./drupalauth4ssp.module
Implements hook_user_view().

File

./drupalauth4ssp.module, line 166
DrupalAuth For simpleSAMLphp module.

Code

function _drupalauth4ssp_exec($account) {

  // Get the configuration information from SimpleSAMLphp.
  $ssp_config = _drupalauth4ssp_get_simplesamlphp_config();

  // If we don't have configuration, exit without doing anything.
  if (!is_array($ssp_config)) {

    // The least we can do is write something to the watchdog so someone will know what's happening.
    watchdog('drupalauth4ssp', 'Could not use drupalauth for %name, could not get the SimpleSAMLphp configuration.', array(
      '%name' => $account->name,
    ));
    return;
  }

  // Store the authenticated user's uid in the cookie (create a validation hash to ensure nobody tampers with the uid).
  setcookie($ssp_config['cookie_name'], sha1($ssp_config['secretsalt'] . $account->uid) . ':' . $account->uid, 0, $ssp_config['baseurlpath']);

  // If the ReturnTo URL is present, send the user to the URL.
  if (isset($_GET['ReturnTo']) && $_GET['ReturnTo']) {

    // Check the ReturnTo if it's in the allowed list.
    if (!drupalauth4ssp_valid_returnto_parameter()) {
      return;
    }
    header('Location: ' . $_GET['ReturnTo']);
    die;
  }
}