fix(acs): 修复isLogin每次触发acs时都会更新最后登录用户，导致无法踢掉之前用户的问题

Signed-off-by: 李东云 <dongyun.li@luxcreo.ai>

src/Services/Sp/Assertion.php

@@ -87,30 +87,35 @@ class Assertion
     {
         $allow_multi_online = config('saml.allow_multi_online');
         $redis_prefix = config('common.redis.prefix');
-        
-        $oldUser = $this->authentication->getCurrentUser(returnNull: true);
-        $user = $this->base->getAllAttributes($response);
-        
-        $user = array_replace($oldUser?->toArray() ?? [], $user->toArray());
-        
+    
+        // Session 中的现有数据
+        $oldUser = $this->authentication->getCurrentUser(returnNull: true)?->toArray() ?? [];
+        // SSO 响应的过来的断言
+        $user = $this->base->getAllAttributes($response)->toArray();
+    
+        $user = array_replace($oldUser, $user);
+    
         // 更新
         $token = $this->authentication->generate(new User($user));
-        // 记录映射
-        $key = "{$redis_prefix}user:token_map:{$user['uid']}";
-        if ($allow_multi_online) {
-            $this->redis->hSet($key, $user['originToken'], $token);
-        } else {
-            $this->redis->set($key, $token);
-        }
     
         // 据此判断是登录还是isLogin
         $relayState = $this->base->getRelayStateFromResponse($response);
         if (!is_null($relayState)) {
             // 登录时的处理
+            {
+                // 记录映射
+                $key = "{$redis_prefix}user:token_map:{$user['uid']}";
+                if ($allow_multi_online) {
+                    $this->redis->hSet($key, $user['originToken'], $token);
+                } else {
+                    $this->redis->set($key, $token);
+                }
+            }
+        
             $url = config('saml.client.landing_host');
             $login_status_cookie = new Cookie(
                 'is_login',
-                "1",
+                '1',
                 time() + config('session.options.cookie_lifetime'),
                 '/',
                 domain: config('session.options.domain'),