Add custom web route for saml2 users

- Also set the cookie on the Saml2SignedIn Listener Signed-off-by: Stefanos Georgopoulos <[email protected]>
stefanosgeo · Feb 16, 2024 · cb1ade1 · cb1ade1
1 parent 82c1b04
commit cb1ade1
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 18 deletions.
diff --git a/app/Http/Controllers/Frontend/HomeController.php b/app/Http/Controllers/Frontend/HomeController.php
@@ -6,7 +6,6 @@
 use App\Models\Clip;
 use App\Models\Series;
 use Illuminate\Contracts\Database\Eloquent\Builder as ContractsBuilder;
-use Illuminate\Support\Facades\Log;
 use Illuminate\View\View;
 
 class HomeController extends Controller
@@ -16,7 +15,6 @@ class HomeController extends Controller
      */
     public function __invoke(): View
     {
-        Log::info('Previous URL in home controller is: '.session('url.intended'));
         $series = Series::whereHas('clips.assets')->isPublic()
             ->with(['owner', 'presenters', 'clips' => function (ContractsBuilder $query) {
                 $query->whereHas('assets');

diff --git a/app/Http/Middleware/RememberPreviousUrlMiddleware.php b/app/Http/Middleware/RememberPreviousUrlMiddleware.php
@@ -4,7 +4,6 @@
 
 use Closure;
 use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Log;
 use Symfony\Component\HttpFoundation\Response;
 
 class RememberPreviousUrlMiddleware
@@ -16,8 +15,7 @@ class RememberPreviousUrlMiddleware
      */
     public function handle(Request $request, Closure $next): Response
     {
-        if (! $request->is('login', 'logout', 'register', 'password/*', 'verify-email/*', 'verified/*')) {
-            Log::info('Current URL in Middleware is:'.url()->current());
+        if (! $request->is('login', 'logout', 'register', 'password/*', 'verify-email/*', 'verified/*', 'saml2Login')) {
             session(['url.intended' => url()->current()]);
         }
 

diff --git a/app/Listeners/Saml2UserSignedIn.php b/app/Listeners/Saml2UserSignedIn.php
@@ -3,8 +3,6 @@
 namespace App\Listeners;
 
 use App\Models\User;
-use App\Providers\RouteServiceProvider;
-use Illuminate\Http\RedirectResponse;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Log;
@@ -25,10 +23,8 @@ public function __construct()
     /**
      * Handle the event.
      */
-    public function handle(SignedIn $event): RedirectResponse
+    public function handle(SignedIn $event): void
     {
-        $messageId = $event->getAuth()->getLastMessageId();
-
         // your own code preventing reuse of a $messageId to stop replay attacks
         $samlUser = $event->getSaml2User();
 
@@ -58,11 +54,6 @@ public function handle(SignedIn $event): RedirectResponse
         $lang = $user->settings->data['language'];
         Auth::login($user);
         session()->put('locale', $lang);
-
-        if (session()->has('url.intended')) {
-            return redirect()->intended(session('url.intended'));
-        } else {
-            return redirect()->intended(RouteServiceProvider::HOME);
-        }
+        session()->put('url.intended', session('url.intended'));
     }
 }
diff --git a/routes/web.php b/routes/web.php
@@ -356,11 +356,12 @@ function (string $objType, int $objID, $token, $time, $client) {
     });
 });
 
+//redirect the saml2 logged-in user to previous page e.g. a clip with portal acl
 Route::get('/saml2Login', function () {
     $redirectUrl = (session()->has('url.intended')) ? session('url.intended') : RouteServiceProvider::HOME;
 
-    return redirect()->to($redirectUrl);
-});
+    return redirect($redirectUrl);
+})->name('saml2.redirect');
 Route::get('/test/{series}/elk', function (Series $series, OpenSearchService $elkService) {
     $elkService->createIndex($series);
 })->name('opensearch.test');