protected function SamlController::getUrlFromDestination in SAML Authentication 8.2
Same name and namespace in other branches
- 8.3 src/Controller/SamlController.php \Drupal\samlauth\Controller\SamlController::getUrlFromDestination()
- 4.x src/Controller/SamlController.php \Drupal\samlauth\Controller\SamlController::getUrlFromDestination()
Constructs a full URL from the 'destination' parameter.
Return value
string|null The full absolute URL (i.e. leading back to ourselves), or NULL if no destination parameter was given. This value is tuned to what login() / logout() expect for an input argument.
Throws
\RuntimeException If the destination is disallowed.
2 calls to SamlController::getUrlFromDestination()
- SamlController::login in src/
Controller/ SamlController.php - Initiates a SAML2 authentication flow.
- SamlController::logout in src/
Controller/ SamlController.php - Initiate a SAML2 logout flow.
File
- src/
Controller/ SamlController.php, line 218
Class
- SamlController
- Returns responses for samlauth module routes.
Namespace
Drupal\samlauth\ControllerCode
protected function getUrlFromDestination() {
$destination_url = NULL;
$destination = $this->requestStack
->getCurrentRequest()->query
->get('destination');
$this->requestStack
->getCurrentRequest()->query
->remove('destination');
if ($destination) {
if (UrlHelper::isExternal($destination)) {
// Prevent authenticating and then redirecting somewhere else.
throw new \RuntimeException("Destination URL query parameter must not be external: {$destination}");
}
// The destination parameter is relative by convention but fromUserInput()
// requires it to start with '/'. (Note '#' and '?' don't make sense here
// because that would be expanded to the current URL, which is saml/*.)
if (strpos($destination, '/') !== 0) {
$destination = "/{$destination}";
}
$destination_url = Url::fromUserInput($destination)
->setAbsolute()
->toString(TRUE)
->getGeneratedUrl();
}
return $destination_url;
}