chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Enabling SSO by POST and GET Request refs - BT#10805

Browse Source
pull/2487/head
Nicolas Ducoulombier 8 years ago
parent 4662d4d71b
commit 027689a864
1 changed files with 5 additions and 5 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 10
      main/inc/local.inc.php

10
main/inc/local.inc.php
Unescape View File

@ -660,22 +660,22 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
$forceSsoRedirect = api_get_setting('sso_force_redirect');
if ($forceSsoRedirect === 'true') {
// all users to be redirected unless they are connected (removed req on sso_cookie)
$redirectToMasterConditions = !isset($_GET['sso_referer']) && !isset($_GET['loginFailed']);
$redirectToMasterConditions = !isset($_REQUEST['sso_referer']) && !isset($_GET['loginFailed']);
} else {
// Users to still see the homepage without connecting
$redirectToMasterConditions = !isset($_GET['sso_referer']) && !isset($_GET['loginFailed']) && isset($_GET['sso_cookie']);
$redirectToMasterConditions = !isset($_REQUEST['sso_referer']) && !isset($_GET['loginFailed']) && isset($_GET['sso_cookie']);
}
if ($redirectToMasterConditions) {
// Redirect to master server
$osso->ask_master();
} elseif (isset($_GET['sso_cookie'])) {
} elseif (isset($_REQUEST['sso_cookie'])) {
// Here we are going to check the origin of
// what the call says should be used for
// authentication, and ensure we know it
$matches_domain = false;
if (isset($_GET['sso_referer'])) {
if (isset($_REQUEST['sso_referer'])) {
$protocol = api_get_setting('sso_authentication_protocol');
// sso_authentication_domain can list
// several, comma-separated, domains
@ -690,7 +690,7 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
// then skip other possibilities
// Do NOT compare the whole referer, as this might cause confusing errors with friendly urls,
// like in Drupal /?q=user& vs /user?
$referrer = substr($_GET['sso_referer'], 0, strrpos($_GET['sso_referer'], '/'));
$referrer = substr($_REQUEST['sso_referer'], 0, strrpos($_REQUEST['sso_referer'], '/'));
if ($protocol.trim($mu) === $referrer) {
$matches_domain = true;
break;

Write Preview
Loading…
Cancel
Save