Add authentication processor core:ExtendIdPSession (patch 3 from issue #571).

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3277 44740490-163a-0410-bde0-09ae8108e29a

Add authentication processor core:ExtendIdPSession (patch 3 from issue #571).
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3277 44740490-163a-0410-bde0-09ae8108e29a
106f0ac9 · Andjelko Horvat · f2c2e6ea · 106f0ac9
Commit 106f0ac9 authored 11 years ago by Andjelko Horvat
--- a/modules/core/lib/Auth/Process/ExtendIdPSession.php
+++ b/modules/core/lib/Auth/Process/ExtendIdPSession.php
+<?php
+/**
+ * Extend IdP session and cookies.
+*/
+class sspmod_core_Auth_Process_ExtendIdPSession extends SimpleSAML_Auth_ProcessingFilter {
+	public function process(&$state) {
+		assert('is_array($state)');
+		if (empty($state['Expire']) || empty($state['Authority'])) {
+			return;
+		}
+		$now = time();
+		$delta = $state['Expire'] - $now;
+		$globalConfig = SimpleSAML_Configuration::getInstance();
+		$sessionDuration = $globalConfig->getInteger('session.duration', 8*60*60);
+		/* Extend only if half of session duration already passed */
+		if ($delta >= ($sessionDuration * 0.5)) {
+			return;
+		}
+		/* Update authority expire time */
+		$session = SimpleSAML_Session::getInstance();
+		$session->setAuthorityExpire($state['Authority']);
+		/* Update session cookies duration */
+		/* If remember me is active */
+		$rememberMeExpire = $session->getRememberMeExpire();
+		if (!empty($state['RememberMe']) && $rememberMeExpire !== NULL && $globalConfig->getBoolean('session.rememberme.enable', FALSE)) {
+			$session->setRememberMeExpire();
+			return;
+		}
+		/* Or if session lifetime is more than zero */
+		$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
+		$cookieParams = $sessionHandler->getCookieParams();
+		if ($cookieParams['lifetime'] > 0) {
+			$session->updateSessionCookies();
+		}
+	}
+}