giteaservice = $giteaservice; } public function login(Request $request, AuthenticationUtils $authenticationUtils) { $auth_mode=$this->getParameter("appAuth"); switch($auth_mode) { case "SQL": return $this->loginMYSQL($request,$authenticationUtils); break; case "OAUTH": return $this->loginOAUTH($request,$authenticationUtils); break; case "CAS": return $this->loginCAS($request,$authenticationUtils); break; } } public function loginMYSQL(Request $request, AuthenticationUtils $authenticationUtils) { return $this->render('Home/login.html.twig', array( 'last_username' => $authenticationUtils->getLastUsername(), 'error' => $authenticationUtils->getLastAuthenticationError(), )); } public function loginCAS(Request $request, AuthenticationUtils $authenticationUtils) { // Récupération de la cible de navigation $redirect = $this->get('session')->get("_security.main.target_path"); // Init Client CAS \phpCAS::client(CAS_VERSION_2_0, $this->getParameter('casHost'), intval($this->getParameter('casPort')), is_null($this->getParameter('casPath')) ? '' : $this->getParameter('casPath'), false); \phpCAS::setNoCasServerValidation(); // Authentification \phpCAS::forceAuthentication(); // Récupération UID $username = \phpCAS::getUser(); // Récupération Attribut $attributes = \phpCAS::getAttributes(); // Init $email = ""; $lastname = ""; $firstname = ""; // Rechercher l'utilisateur $em = $this->getDoctrine()->getManager(); if(isset($attributes[$this->getParameter('casUsername')])) $username = $attributes[$this->getParameter('casUsername')]; if(isset($attributes[$this->getParameter('casEmail')])) $email = $attributes[$this->getParameter('casEmail')]; if(isset($attributes[$this->getParameter('casLastname')])) $lastname = $attributes[$this->getParameter('casLastname')]; if(isset($attributes[$this->getParameter('casFirstname')])) $firstname = $attributes[$this->getParameter('casFirstname')]; $user = $em->getRepository('App:User')->findOneBy(array("username"=>$username)); $exists = $user ? true : false; if (!$exists) { if(empty($email)) $email = $username."@nomail.com"; $user = new User(); $key = Uuid::uuid4(); $user->setUsername($username); $user->setLastname($lastname); $user->setFirstname($firstname); $user->setEmail($email); $user->setApiKey($key); $user->setPassword("CASPWD-".$username); $user->setSalt("CASPWD-".$username); $em->persist($user); $em->flush(); } else { if(isset($lastname)) $user->setLastname($lastname); if(isset($firstname)) $user->setFirstname($firstname); if(isset($email)) $user->setEmail($email); $em->persist($user); $em->flush(); } // Sauvegarde des attributes en session $this->get('session')->set('attributes', $attributes); // Autoconnexion // Récupérer le token de l'utilisateur $token = new UsernamePasswordToken($user, null, "main", $user->getRoles()); $this->get("security.token_storage")->setToken($token); // Simuler l'evenement de connexion $event = new InteractiveLoginEvent($request, $token); $dispatcher = new EventDispatcher(); $dispatcher->dispatch($event); // Redirection if($redirect) return $this->redirect($redirect); else return $this->redirect($this->generateUrl('app_home')); } public function loginOAUTH() { $callback=$this->generateUrl('app_login_callback', array(), UrlGeneratorInterface::ABSOLUTE_URL); $callback=str_replace("http://",$this->getParameter("appProtocol")."://",$callback); $this->get('session')->set('giteacallback', $callback); $url=$this->getParameter("oauthLoginurl")."?client_id=".$this->getParameter("oauthClientid")."&redirect_uri=".$callback."&response_type=code&state=STATE"; return $this->redirect($url); } public function callback(Request $request) { $this->get('session')->set('giteacode', $request->get("code")); $token=$this->giteaservice->gettoken(); // Rechercher l'utilisateur associé au token $giteauser=$this->giteaservice->getuser(); if(!$giteauser) die("Problème d'accès avec GITEA - no user"); // Sauvegarde du user gitea en session $this->get('session')->set('giteauser', json_decode(json_encode($giteauser), true)); // Recherche du user gitea dans ninegitea $em = $this->getDoctrine()->getManager(); $user = $em->getRepository('App:User')->findOneBy(array("username"=>$giteauser->login)); $exists = $user ? true : false; if (!$exists) { if(empty($giteauser->email)) $email = $giteauser->login."@nomail.com"; $user = new User(); $key = Uuid::uuid4(); $user->setUsername($giteauser->login); $user->setEmail($giteauser->email); $user->setApiKey($key); $user->setRoles(["ROLE_USER"]); $user->setAvatar("noavatar.png"); $user->setPassword("OAUTH-".$giteauser->login); $user->setSalt("OAUTH-".$giteauser->login); if(in_array($giteauser->login,$this->getParameter("appAdmins"))) $user->setRoles(["ROLE_ADMIN"]); $em->persist($user); $em->flush(); } else { if(isset($email)) $user->setEmail($giteauser->email); if(in_array($giteauser->login,$this->getParameter("appAdmins"))) $user->setRoles(["ROLE_ADMIN"]); $em->persist($user); $em->flush(); } // Autoconnexion // Récupérer le token de l'utilisateur $token = new UsernamePasswordToken($user, null, "main", $user->getRoles()); $this->get("security.token_storage")->setToken($token); // Simuler l'evenement de connexion $event = new InteractiveLoginEvent($request, $token); $dispatcher = new EventDispatcher(); $dispatcher->dispatch($event); // Redirection $redirect = $this->get('session')->get("_security.main.target_path"); if($redirect) { $redirect=str_replace("http://",$this->getParameter("appProtocol")."://",$redirect); } else { $redirect=$this->generateUrl('app_home'); $redirect=str_replace("http://",$this->getParameter("appProtocol")."://",$redirect); } return $this->redirect($redirect); } public function logout() { $auth_mode=$this->getParameter("appAuth"); switch($auth_mode) { case "SQL": return $this->logoutMYSQL(); break; case "CAS": return $this->logoutCAS(); break; } } public function logoutMYSQL() { $this->get('security.token_storage')->setToken(null); $this->get('session')->invalidate(); return $this->redirect($this->generateUrl("app_home")); } public function logoutcas() { $this->get('security.token_storage')->setToken(null); $this->get('session')->invalidate(); // Init Client CAS \phpCAS::client(CAS_VERSION_2_0, $this->getParameter('casHost'), intval($this->getParameter('casPort')), is_null($this->getParameter('casPath')) ? '' : $this->getParameter('casPath'), false); \phpCAS::setNoCasServerValidation(); // Logout $url=$this->generateUrl('app_home', array(), UrlGeneratorInterface::ABSOLUTE_URL); \phpCAS::logout(array("service"=>$url)); return true; } public function casdebug() { $attributes = $this->get('session')->get('attributes'); return $this->render('Home/casdebug.html.twig',[ "useheader" => true, "usesidebar" => false, "attributes" => $attributes, ]); } }