You are here

public function LoginValidatorSso::processLogin in Lightweight Directory Access Protocol (LDAP) 8.4

Perform the actual logging in.

Overrides LoginValidatorInterface::processLogin

File

ldap_authentication/src/Controller/LoginValidatorSso.php, line 25

Class

LoginValidatorSso
Handles the actual testing of credentials and authentication of users.

Namespace

Drupal\ldap_authentication\Controller

Code

public function processLogin() : void {
  if (!$this
    ->validateCommonLoginConstraints()) {
    return;
  }
  if ($this
    ->testCredentials() !== self::AUTHENTICATION_SUCCESS) {
    return;
  }
  if (!$this
    ->deriveDrupalUserName()) {
    return;
  }

  // We now have an LDAP account, matching username and password and the
  // reference Drupal user.
  if (!$this->drupalUser && $this->serverDrupalUser) {
    $this
      ->updateAuthNameFromPuid();
  }

  // Existing Drupal but not mapped to LDAP.
  if ($this->drupalUser && !$this->drupalUserAuthMapped) {
    if (!$this
      ->matchExistingUserWithLdap()) {
      return;
    }
  }

  // Existing Drupal account with incorrect email. Fix email if appropriate.
  $this
    ->fixOutdatedEmailAddress();
  if (!$this->drupalUser) {

    // No existing Drupal account, try provisioning Drupal account.
    $this
      ->provisionDrupalUser();
  }
}