-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathauth.php
63 lines (55 loc) · 2.38 KB
/
auth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
<?php
/**
* Discourse single sign on authentication using Crowd.
* Copyright (c) 2015 University Of Helsinki (The National Library Of Finland)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @author Riikka Kalliomäki <riikka.kalliomaki@helsinki.fi>
* @copyright 2015 University Of Helsinki (The National Library Of Finland)
* @license https://www.gnu.org/licenses/gpl-3.0.txt GPL-3.0
*/
ini_set('log_errors', '1');
ini_set('display_errors', '0');
ini_set('error_log', __DIR__ . '/logs/php_error.log');
chdir(__DIR__);
require 'vendor/autoload.php';
$settings = json_decode(file_get_contents('forum_settings.json'), true);
$auth = new NatLibFi\Discourse\ForumAuth($settings);
try {
if (isset($_GET['sso']) && isset($_GET['sig'])) {
$auth->processSsoRequest($_GET['sso'], $_GET['sig']);
} elseif (isset($_GET['ssoPayload'])) {
if (!$auth->processSsoResponse($_GET['ssoPayload'])) {
header($_SERVER["SERVER_PROTOCOL"] . ' 403 Forbidden', true, 403);
printf('Authentication failed. %s.', $auth->getAuthenticationError());
}
} else {
exit('Unexpected authentication request');
}
} catch (Exception $exception) {
if ($exception instanceof \GuzzleHttp\Exception\ClientException) {
$response = $exception->getResponse();
if ($response->getStatusCode() === 429) {
header($_SERVER["SERVER_PROTOCOL"] . ' 503 Service Unavailable', true, 503);
echo 'The server was too busy to handle your request. Please try again.';
throw $exception;
}
}
header($_SERVER["SERVER_PROTOCOL"] . ' 500 Internal Server Error', true, 500);
echo
'Error occurred during authentication. Please try again or contact ' .
'an administrator, if the problem persists';
throw $exception;
}