From 039052c9d47d1c7f1c91f7852083f1c3eb74a809 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E4=B8=9C=E4=BA=91?= <dongyun.li@luxcreo.ai>
Date: Fri, 8 Jul 2022 11:28:28 +0800
Subject: [PATCH] =?UTF-8?q?fix(acs):=20=E4=BF=AE=E5=A4=8DisLogin=E6=AF=8F?=
 =?UTF-8?q?=E6=AC=A1=E8=A7=A6=E5=8F=91acs=E6=97=B6=E9=83=BD=E4=BC=9A?=
 =?UTF-8?q?=E6=9B=B4=E6=96=B0=E6=9C=80=E5=90=8E=E7=99=BB=E5=BD=95=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=EF=BC=8C=E5=AF=BC=E8=87=B4=E6=97=A0=E6=B3=95=E8=B8=A2?=
 =?UTF-8?q?=E6=8E=89=E4=B9=8B=E5=89=8D=E7=94=A8=E6=88=B7=E7=9A=84=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 李东云 <dongyun.li@luxcreo.ai>
---
 src/Services/Sp/Assertion.php | 33 +++++++++++++++++++--------------
 1 file changed, 19 insertions(+), 14 deletions(-)

diff --git a/src/Services/Sp/Assertion.php b/src/Services/Sp/Assertion.php
index d17617a..0f1fec9 100644
--- a/src/Services/Sp/Assertion.php
+++ b/src/Services/Sp/Assertion.php
@@ -87,30 +87,35 @@ class Assertion
     {
         $allow_multi_online = config('saml.allow_multi_online');
         $redis_prefix = config('common.redis.prefix');
-        
-        $oldUser = $this->authentication->getCurrentUser(returnNull: true);
-        $user = $this->base->getAllAttributes($response);
-        
-        $user = array_replace($oldUser?->toArray() ?? [], $user->toArray());
-        
+    
+        // Session 中的现有数据
+        $oldUser = $this->authentication->getCurrentUser(returnNull: true)?->toArray() ?? [];
+        // SSO 响应的过来的断言
+        $user = $this->base->getAllAttributes($response)->toArray();
+    
+        $user = array_replace($oldUser, $user);
+    
         // 更新
         $token = $this->authentication->generate(new User($user));
-        // 记录映射
-        $key = "{$redis_prefix}user:token_map:{$user['uid']}";
-        if ($allow_multi_online) {
-            $this->redis->hSet($key, $user['originToken'], $token);
-        } else {
-            $this->redis->set($key, $token);
-        }
     
         // 据此判断是登录还是isLogin
         $relayState = $this->base->getRelayStateFromResponse($response);
         if (!is_null($relayState)) {
             // 登录时的处理
+            {
+                // 记录映射
+                $key = "{$redis_prefix}user:token_map:{$user['uid']}";
+                if ($allow_multi_online) {
+                    $this->redis->hSet($key, $user['originToken'], $token);
+                } else {
+                    $this->redis->set($key, $token);
+                }
+            }
+        
             $url = config('saml.client.landing_host');
             $login_status_cookie = new Cookie(
                 'is_login',
-                "1",
+                '1',
                 time() + config('session.options.cookie_lifetime'),
                 '/',
                 domain: config('session.options.domain'),