general cleanup, added configuration entry

Author: ralphschindler

composer.json

@@ -6,7 +6,7 @@
     "authors": [
         {
             "name": "Ralph Schindler",
-            "email": "ralph_schindler@ziffdavis.com"
+            "email": "ralph.schindler@ziffmedia.com"
         }
     ],
     "require": {

config/onelogin.php

@@ -65,7 +65,14 @@
              * handler will attempt to redirect to /auth, which the laravel-onelogin package can now handle for you.
              */
             'autologin' => false,
-        ]
+        ],
+
+        /**
+         * In certain circumstances (such as using cloudflare edge auth), the initial ACS POST request is
+         * inadvertantly turned into a GET request to the ACS route. Enabling this will make sure that GET
+         * requests are also redirected back to the onelogin SAML flow
+         */
+        'enable_acs_redirect_for_get' => false,
     ],
 
     /**

src/Controllers/LocalController.php

@@ -3,14 +3,8 @@
 namespace ZiffDavis\Laravel\Onelogin\Controllers;
 
 use Illuminate\Auth\AuthManager;
-use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Http\Request;
 use Illuminate\Routing\Controller;
-use Illuminate\Support\Facades\Event;
-use OneLogin\Saml2\Auth;
-use OneLogin\Saml2\Error;
-use ZiffDavis\Laravel\Onelogin\Events\OneloginLoginEvent;
-use ZiffDavis\Laravel\User\Auth\OneLoginEloquentUserProvider;
 
 class LocalController extends Controller
 {

src/Controllers/OneloginController.php

@@ -14,7 +14,7 @@
 use OneLogin\Saml2\ValidationError;
 use ZiffDavis\Laravel\Onelogin\Events\OneloginLoginEvent;
 
-class OneLoginController extends Controller
+class OneloginController extends Controller
 {
     use HasRedirector;
 
@@ -70,7 +70,12 @@ public function login(Request $request)
 
     public function acs(Request $request, AuthManager $auth)
     {
+        /**
+         * Support GET requests only when configured to respond, in those cases redirect to onelogin
+         */
         if ($request->isMethod('GET')) {
+            abort_if(!config('onelogin.routing.enable_acs_redirect_for_get', false), 405);
+
             return redirect(
                 $this->oneLogin->login($this->getRedirectUrl($request), [], false, false, true)
             );

src/Middleware/OneloginCsrfDisablerMiddleware.php

@@ -5,10 +5,11 @@
 use Illuminate\Contracts\Container\Container;
 use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
 use Illuminate\Routing\Router;
+use Illuminate\Support\Arr;
 
 class OneloginCsrfDisablerMiddleware
 {
-    /** @var \Illuminate\Routing\Router */
+    /** @var Router */
     protected $router;
 
     protected $container;
@@ -21,7 +22,7 @@ public function __construct(Router $router, Container $container)
 
     public function __invoke($request, \Closure $next)
     {
-        $csrfMiddlewareClass = array_first($this->router->gatherRouteMiddleware($this->router->getCurrentRoute()), function ($middleware) {
+        $csrfMiddlewareClass = Arr::first($this->router->gatherRouteMiddleware($this->router->getCurrentRoute()), function ($middleware) {
             return in_array(VerifyCsrfToken::class, class_parents($middleware));
         });
 
@@ -34,4 +35,4 @@ public function __invoke($request, \Closure $next)
 
         return $next($request);
     }
-}
+}

src/OneloginServiceProvider.php

@@ -2,33 +2,34 @@
 
 namespace ZiffDavis\Laravel\Onelogin;
 
-use Illuminate\Auth\AuthManager;
 use Illuminate\Routing\Router;
+use Illuminate\Support\Arr;
 use Illuminate\Support\ServiceProvider;
 use OneLogin\Saml2;
 
 class OneloginServiceProvider extends ServiceProvider
 {
     protected $defer = false;
 
-    public function boot(AuthManager $auth, Router $router)
+    public function boot(Router $router)
     {
         $configSourcePath = realpath(__DIR__ . '/../config/onelogin.php');
 
         $router->middlewareGroup('onelogin', [Middleware\OneloginCsrfDisablerMiddleware::class]);
 
-        $middlewares = array_wrap(config('onelogin.routing.middleware'));
+        $middlewares = Arr::wrap(config('onelogin.routing.middleware'));
 
-        $router->group([
+        $routeGroupParams = [
             'namespace' => 'ZiffDavis\Laravel\Onelogin\Controllers',
             'as' => 'onelogin.',
             'prefix' => 'onelogin/',
             'middleware' => array_merge(['onelogin'], $middlewares),
-        ], function () use ($router) {
+        ];
+
+        // @todo implement SSO routes at /logout
+        $router->group($routeGroupParams, function () use ($router) {
             $router->get('/metadata', 'OneloginController@metadata')->name('metadata');
             $router->get('/login', 'OneloginController@login')->name('login');
-            // @todo implement SSO
-            // $router->get('/logout', 'OneloginController@logout')->name('logout');
             $router->match(['get', 'post'], '/acs', 'OneloginController@acs')->name('acs');
         });