fixed sso authentication

15 years ago · c6eaa11890
parent 9790d83c10
commit c6eaa11890
2 changed files with 9 additions and 4 deletions
--- a/main/auth/sso/sso.class.php
+++ b/main/auth/sso/sso.class.php
@ -154,9 +154,12 @@ class sso {
                                api_session_register('_user');
                                event_login();
                                // Redirect to homepage
-                                $sso_target = isset($sso['target']) ? $sso['target'] : api_get_path(WEB_PATH) .'.index.php';
+                                $protocol = api_get_setting('sso_authentication_protocol');
+                                $master_url = api_get_setting('sso_authentication_domain');
+                                $target = $protocol.$master_url;
+                                $sso_target = isset($target) ? $target : api_get_path(WEB_PATH) .'.index.php';
                                header('Location: '. $sso_target);
-				exit;
+                                exit;
                            }
                        } else {
                            // user account expired
--- a/main/inc/local.inc.php
+++ b/main/inc/local.inc.php
@ -454,7 +454,9 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
                // Redirect to master server
                $osso->ask_master();
            } elseif (isset($_GET['sso_cookie'])) {
-                if (isset($_GET['sso_referer']) ? $_GET['sso_referer'] === $master['protocol']. $master_url : FALSE) {
+                $protocol = api_get_setting('sso_authentication_protocol');
+                $master_url = api_get_setting('sso_authentication_domain').api_get_setting('sso_authentication_auth_uri');
+                if (isset($_GET['sso_referer']) ? $_GET['sso_referer'] === $protocol.$master_url  : FALSE) {
                    //make all the process of checking 
                    //if the user exists (delegated to the sso class)
                    $osso->check_user();