Don't redirect on external auth

refs #9660
2015-07-30 12:02:42 +02:00 · 2015-07-30 12:02:42 +02:00 · 3aae37aff3
parent db505281ee
commit 3aae37aff3
2 changed files with 27 additions and 8 deletions
--- a/application/forms/Authentication/LoginForm.php
+++ b/application/forms/Authentication/LoginForm.php
@ -128,14 +128,9 @@ class LoginForm extends Form
    {
        $auth = Auth::getInstance();
        $onlyExternal = true;
-        $user = new User('');
+        // TODO(el): This may be set on the auth chain once iterated. See Auth::authExternal().
        foreach ($auth->getAuthChain() as $backend) {
-            if ($backend instanceof ExternalBackend) {
-                if ($backend->authenticate($user)) {
-                    $auth->setAuthenticated($user);
-                    $this->getResponse()->setRerenderLayout(true)->redirectAndExit($this->getRedirectUrl());
-                }
-            } else {
+            if (! $backend instanceof ExternalBackend) {
                $onlyExternal = false;
            }
        }
--- a/library/Icinga/Authentication/Auth.php
+++ b/library/Icinga/Authentication/Auth.php
@ -7,6 +7,7 @@ use Exception;
 use Icinga\Application\Config;
 use Icinga\Application\Icinga;
 use Icinga\Application\Logger;
+use Icinga\Authentication\User\ExternalBackend;
 use Icinga\Authentication\UserGroup\UserGroupBackend;
 use Icinga\Data\ConfigObject;
 use Icinga\Exception\IcingaException;
@ -79,7 +80,11 @@ class Auth
     */
    public function isAuthenticated($ignoreSession = false)
    {
-        if ($this->user === null && ! $this->authHttp() && ! $ignoreSession) {
+        if ($this->user === null
+            && ! $this->authHttp()
+            && ! $this->authExternal()
+            && ! $ignoreSession
+        ) {
            $this->authenticateFromSession();
        }
        return $this->user !== null;
@ -224,6 +229,25 @@ class Auth
        }
    }

+    /**
+     * Attempt to authenticate a user from external user backends
+     *
+     * @return bool
+     */
+    protected function authExternal()
+    {
+        $user = new User('');
+        foreach ($this->getAuthChain() as $userBackend) {
+            if ($userBackend instanceof ExternalBackend) {
+                if ($userBackend->authenticate($user)) {
+                    $this->setAuthenticated($user);
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
    /**
     * Attempt to authenticate a user using HTTP authentication
     *