|
7 | 7 | use Authwave\ProviderUri\LogoutUri; |
8 | 8 | use Authwave\ProviderUri\ProfileUri; |
9 | 9 | use Authwave\ResponseData\UserResponseData; |
| 10 | +use Gt\Cipher\InitVector; |
10 | 11 | use Gt\Cipher\Key; |
11 | 12 | use Gt\Cipher\Message\EncryptedMessage; |
| 13 | +use Gt\Cipher\Message\PlainTextMessage; |
12 | 14 | use Gt\Http\Uri; |
13 | 15 | use Gt\Logger\Log; |
14 | 16 | use Gt\Session\SessionContainer; |
|
17 | 19 | class Authenticator { |
18 | 20 | const SESSION_STORE_KEY = "AUTHWAVE_CONSUMER_SESSION"; |
19 | 21 | const RESPONSE_QUERY_PARAMETER = "AUTHWAVE_RESPONSE_DATA"; |
| 22 | + const FAKE_EMAIL = "[email protected]"; |
20 | 23 |
|
21 | 24 | private SessionData $sessionData; |
22 | 25 | private User $user; |
@@ -84,9 +87,47 @@ public function logout(Token $token = null):void { |
84 | 87 | $token = new Token($this->secret); |
85 | 88 | } |
86 | 89 |
|
87 | | - $this->sessionData = new SessionData($token); |
88 | | - $this->session->set(SessionData::class, $this->sessionData); |
89 | | - $this->redirectHandler->redirect($this->getLogoutUri($token)); |
| 90 | + if($this->user->email === self::FAKE_EMAIL) { |
| 91 | + $this->session->remove(SessionData::class); |
| 92 | + unset($this->user); |
| 93 | + } |
| 94 | + else { |
| 95 | + $this->redirectHandler->redirect($this->getLogoutUri($token)); |
| 96 | + $this->sessionData = new SessionData($token); |
| 97 | + $this->session->set(SessionData::class, $this->sessionData); |
| 98 | + } |
| 99 | + } |
| 100 | + |
| 101 | + public function fakeLogin(string $userId, string $redirectTo = "/"):void { |
| 102 | + $secretIv = new InitVector(); |
| 103 | + $token = new Token($this->secret, $secretIv); |
| 104 | + $sessionData = new SessionData($token); |
| 105 | + $this->session->set(SessionData::class, $sessionData); |
| 106 | + |
| 107 | + $userData = new UserResponseData( |
| 108 | + $userId, |
| 109 | + self::FAKE_EMAIL, |
| 110 | + ); |
| 111 | + |
| 112 | + $this->session->set( |
| 113 | + SessionData::class, |
| 114 | + new SessionData($token, $userData) |
| 115 | + ); |
| 116 | + |
| 117 | + $message = new PlainTextMessage( |
| 118 | + json_encode([ |
| 119 | + "id" => $userData->getId(), |
| 120 | + "email" => $userData->getEmail(), |
| 121 | + ]), |
| 122 | + $secretIv, |
| 123 | + ); |
| 124 | + |
| 125 | + $cipherText = $message->encrypt(new Key($this->secret)); |
| 126 | + $queryString = http_build_query([ |
| 127 | + "AUTHWAVE_RESPONSE_DATA" => (string)$cipherText, |
| 128 | + ]); |
| 129 | + $uri = new Uri("$redirectTo?$queryString"); |
| 130 | + $this->redirectHandler->redirect($uri); |
90 | 131 | } |
91 | 132 |
|
92 | 133 | public function getUser():User { |
@@ -140,7 +181,6 @@ private function completeAuth():void { |
140 | 181 | } |
141 | 182 |
|
142 | 183 | if(!isset($this->sessionData)) { |
143 | | - die("No session data"); |
144 | 184 | $this->tidyResponseData(); |
145 | 185 | return; |
146 | 186 | } |
|
0 commit comments