1212use Firebase \JWT \Key ;
1313use OC \Core \Controller \ClientFlowLoginController ;
1414use OC \Core \Controller \ClientFlowLoginV2Controller ;
15- use OC \Security \CSRF \CsrfTokenManager ;
1615use OCA \User_SAML \Attributes \OnlyUnauthenticatedUsers ;
1716use OCA \User_SAML \Exceptions \NoUserFoundException ;
1817use OCA \User_SAML \Exceptions \UserFilterViolationException ;
1918use OCA \User_SAML \Helper \TXmlHelper ;
2019use OCA \User_SAML \SAMLSettings ;
20+ use OCA \User_SAML \Service \ProviderListingService ;
2121use OCA \User_SAML \Service \SessionService ;
2222use OCA \User_SAML \UserBackend ;
2323use OCA \User_SAML \UserData ;
4242use OneLogin \Saml2 \Error ;
4343use OneLogin \Saml2 \Settings ;
4444use OneLogin \Saml2 \ValidationError ;
45- use Psr \Container \ContainerExceptionInterface ;
46- use Psr \Container \NotFoundExceptionInterface ;
4745use Psr \Log \LoggerInterface ;
4846
4947class SAMLController extends Controller {
@@ -66,6 +64,7 @@ public function __construct(
6664 private ICrypto $ crypto ,
6765 private ITrustedDomainHelper $ trustedDomainHelper ,
6866 private SessionService $ sessionService ,
67+ private ProviderListingService $ providerListingService ,
6968 ) {
7069 parent ::__construct ($ appName , $ request );
7170 }
@@ -591,68 +590,12 @@ public function selectUserBackEnd(string $redirectUrl = ''): Http\TemplateRespon
591590 ];
592591 }
593592
594- $ attributes ['loginUrls ' ]['ssoLogin ' ] = $ this ->getIdps ($ redirectUrl );
593+ $ attributes ['loginUrls ' ]['ssoLogin ' ] = $ this ->providerListingService -> getIdps ($ redirectUrl );
595594 $ attributes ['useCombobox ' ] = count ($ attributes ['loginUrls ' ]['ssoLogin ' ]) > 4 ;
596595
597596 return new Http \TemplateResponse ($ this ->appName , 'selectUserBackEnd ' , $ attributes , 'guest ' );
598597 }
599598
600- /**
601- * get the IdPs showed at the login page
602- */
603- private function getIdps (string $ redirectUrl ): array {
604- $ result = [];
605- $ idps = $ this ->samlSettings ->getListOfIdps ();
606- foreach ($ idps as $ idpId => $ displayName ) {
607- $ result [] = [
608- 'url ' => $ this ->getSSOUrl ($ redirectUrl , (string )$ idpId ),
609- 'display-name ' => $ this ->getSSODisplayName ($ displayName ),
610- ];
611- }
612-
613- return $ result ;
614- }
615-
616- /**
617- * @throws ContainerExceptionInterface
618- * @throws NotFoundExceptionInterface
619- * @throws \OCP\DB\Exception
620- */
621- private function getSSOUrl (string $ redirectUrl , string $ idp ): string {
622- $ originalUrl = '' ;
623- if (!empty ($ redirectUrl )) {
624- $ originalUrl = $ this ->urlGenerator ->getAbsoluteURL ($ redirectUrl );
625- }
626-
627- /** @var CsrfTokenManager $csrfTokenManager */
628- $ csrfTokenManager = Server::get (CsrfTokenManager::class);
629- $ csrfToken = $ csrfTokenManager ->getToken ();
630-
631- $ settings = $ this ->samlSettings ->get ((int )$ idp );
632- $ method = $ settings ['general-is_saml_request_using_post ' ] ?? 'get ' ;
633-
634- return $ this ->urlGenerator ->linkToRouteAbsolute (
635- 'user_saml.SAML.login ' ,
636- [
637- 'requesttoken ' => $ csrfToken ->getEncryptedValue (),
638- 'originalUrl ' => $ originalUrl ,
639- 'idp ' => $ idp ,
640- 'method ' => $ method ,
641- ]
642- );
643- }
644-
645- /**
646- * Return the display name of the SSO identity provider.
647- */
648- protected function getSSODisplayName (?string $ displayName ): string {
649- if ($ displayName === null || $ displayName === '' ) {
650- $ displayName = $ this ->l ->t ('SSO & SAML log in ' );
651- }
652-
653- return $ displayName ;
654- }
655-
656599 /**
657600 * get Nextcloud login URL
658601 */
0 commit comments