diff --git a/src/Services/Sp/Slo.php b/src/Services/Sp/Slo.php index ad8cf74..7b41672 100644 --- a/src/Services/Sp/Slo.php +++ b/src/Services/Sp/Slo.php @@ -37,22 +37,28 @@ class Slo private readonly RequestInterface $request, private readonly ResponseInterface $response, private readonly AuthenticationInterface $authentication, - private readonly Redis $redis + private readonly Redis $redis, ) { } /** * 重定向方式退出单点登录 * - * @param string $uid - * @param string $originToken + * @param string $uid + * @param string $originToken + * @param string|null $idpId + * @param string|null $entityId * * @return PsrResponseInterface */ - public function redirect(string $uid, string $originToken): PsrResponseInterface - { - $idpId = config('saml.server.idp_logout_url'); - $issuer = config('saml.client.entity_id'); + public function redirect( + string $uid, + string $originToken, + ?string $entityId = null, + ?string $idpId = null, + ): PsrResponseInterface { + $idpId ??= config('saml.server.idp_logout_url'); + $entityId ??= config('saml.client.entity_id'); $this->authentication->invalidByToken(); $relayState = $this->request->query('RelayState', ''); @@ -61,7 +67,7 @@ class Slo uid: $uid, token: $originToken, idpID: $idpId, - issuer: $issuer, + issuer: $entityId, relayState: $relayState ); diff --git a/src/Services/Sp/Sso.php b/src/Services/Sp/Sso.php index 5766bf3..362c26c 100644 --- a/src/Services/Sp/Sso.php +++ b/src/Services/Sp/Sso.php @@ -36,36 +36,37 @@ use function Hyperf\Config\config; */ class Sso { - private string $idpId; - private string $idpAssertionUrl; - private string $acsUrl; - private string $issuer; - public function __construct( private readonly Base $base, private readonly RequestInterface $request, private readonly ResponseInterface $response, - private readonly Redis $redis, - private readonly StdoutLoggerInterface $stdoutLogger + private readonly StdoutLoggerInterface $stdoutLogger, + private readonly ?Redis $redis, ) { - $this->idpId = config('saml.server.idp_id'); - $this->idpAssertionUrl = config('saml.server.idp_assertion_url'); - - $this->issuer = config('saml.client.entity_id'); - $this->acsUrl = config('saml.client.acs_url'); } /** * 自动重定向获取用户登录状态 * + * @param string|null $entityId + * @param string|null $acsUrl + * @param string|null $idpAssertionUrl + * * @return PsrResponseInterface */ - public function redirectSsoStatus(): PsrResponseInterface - { + public function redirectSsoStatus( + ?string $entityId = null, + ?string $acsUrl = null, + ?string $idpAssertionUrl = null, + ): PsrResponseInterface { + $idpAssertionUrl ??= config('saml.server.idp_assertion_url'); + + $entityId ??= config('saml.client.entity_id'); + $acsUrl ??= config('saml.client.acs_url'); $url = $this->base->createSamlRequest( - idpID: $this->idpAssertionUrl, - acsUrl: $this->acsUrl, - issuer: $this->issuer, + idpID: $idpAssertionUrl, + acsUrl: $acsUrl, + issuer: $entityId, ); return $this->response->redirect($url, RFC7231::FOUND); } @@ -73,17 +74,31 @@ class Sso /** * 自动重定向到单点登录 * + * @param string|null $entityId + * @param string|null $acsUrl + * @param string|null $idpId + * * @return PsrResponseInterface */ - public function redirectSso(): PsrResponseInterface - { - $language = $this->request->query('language') ?? config('language') ?? 'zh_CN'; + public function redirectSso( + ?string $entityId = null, + ?string $acsUrl = null, + ?string $idpId = null, + ): PsrResponseInterface { + $idpId ??= config('saml.server.idp_id'); + + $entityId ??= config('saml.client.entity_id'); + $acsUrl ??= config('saml.client.acs_url'); + $language = $this->request->query( + 'language', + config('translation.locale') ?? 'en' + ); $relayState = $this->request->query('RelayState', '/'); $url = $this->base->createSamlRequest( - idpID: $this->idpId, - acsUrl: $this->acsUrl, - issuer: $this->issuer, + idpID: $idpId, + acsUrl: $acsUrl, + issuer: $entityId, relayState: $relayState, exactArguments: [ 'language' => $language,