diff options
author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2020-09-08 14:23:26 +0300 |
---|---|---|
committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2020-09-08 18:05:09 +0300 |
commit | a04f1ace790f209ed970bd5564cfee10f5aa8add (patch) | |
tree | 64408b6d6455286ca011f196e6761ec6ecedd375 | |
parent | f235d75c756a4ea8780f3ec6072c4f50972acd74 (diff) |
acs endpoint to always return a RedirectResponse
* the void statements end up in a useless blank page
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
-rw-r--r-- | lib/Controller/SAMLController.php | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php index 77460942..ef4b49b6 100644 --- a/lib/Controller/SAMLController.php +++ b/lib/Controller/SAMLController.php @@ -260,15 +260,16 @@ class SAMLController extends Controller { * @OnlyUnauthenticatedUsers * @NoSameSiteCookieRequired * - * @return Http\RedirectResponse|void + * @return Http\RedirectResponse * @throws Error * @throws ValidationError */ - public function assertionConsumerService() { + public function assertionConsumerService(): Http\RedirectResponse { // Fetch and decrypt the cookie $cookie = $this->request->getCookie('saml_data'); if ($cookie === null) { - return; + $this->logger->debug('Cookie was not present', ['app' => 'user_saml']); + return new Http\RedirectResponse($this->urlGenerator->getAbsoluteURL('/')); } // Base64 decode @@ -278,7 +279,8 @@ class SAMLController extends Controller { try { $cookie = $this->crypto->decrypt($cookie); } catch (\Exception $e) { - return; + $this->logger->debug('Could not decrypt SAML cookie', ['app' => 'user_saml']); + return new Http\RedirectResponse($this->urlGenerator->getAbsoluteURL('/')); } $data = json_decode($cookie, true); @@ -286,7 +288,8 @@ class SAMLController extends Controller { $AuthNRequestID = $data['AuthNRequestID']; $idp = $data['Idp']; if(is_null($AuthNRequestID) || $AuthNRequestID === '' || is_null($idp)) { - return; + $this->logger->debug('Invalid auth payload', ['app' => 'user_saml']); + return new Http\RedirectResponse($this->urlGenerator->getAbsoluteURL('/')); } $auth = new Auth($this->SAMLSettings->getOneLoginSettingsArray($idp)); |