From 106f0ac95e4db6aa35bff7e72f32e81b380a65a4 Mon Sep 17 00:00:00 2001
From: Andjelko Horvat <comel@vingd.com>
Date: Fri, 13 Sep 2013 11:07:13 +0000
Subject: [PATCH] Add authentication processor core:ExtendIdPSession (patch 3
 from issue #571).

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3277 44740490-163a-0410-bde0-09ae8108e29a
---
 .../lib/Auth/Process/ExtendIdPSession.php     | 47 +++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 modules/core/lib/Auth/Process/ExtendIdPSession.php

diff --git a/modules/core/lib/Auth/Process/ExtendIdPSession.php b/modules/core/lib/Auth/Process/ExtendIdPSession.php
new file mode 100644
index 000000000..84616811d
--- /dev/null
+++ b/modules/core/lib/Auth/Process/ExtendIdPSession.php
@@ -0,0 +1,47 @@
+<?php
+
+/**
+ * Extend IdP session and cookies.
+*/
+class sspmod_core_Auth_Process_ExtendIdPSession extends SimpleSAML_Auth_ProcessingFilter {
+
+	public function process(&$state) {
+		assert('is_array($state)');
+
+		if (empty($state['Expire']) || empty($state['Authority'])) {
+			return;
+		}
+
+		$now = time();
+		$delta = $state['Expire'] - $now;
+
+		$globalConfig = SimpleSAML_Configuration::getInstance();
+		$sessionDuration = $globalConfig->getInteger('session.duration', 8*60*60);
+
+		/* Extend only if half of session duration already passed */
+		if ($delta >= ($sessionDuration * 0.5)) {
+			return;
+		}
+
+		/* Update authority expire time */
+		$session = SimpleSAML_Session::getInstance();
+		$session->setAuthorityExpire($state['Authority']);
+
+		/* Update session cookies duration */
+
+		/* If remember me is active */
+		$rememberMeExpire = $session->getRememberMeExpire();
+		if (!empty($state['RememberMe']) && $rememberMeExpire !== NULL && $globalConfig->getBoolean('session.rememberme.enable', FALSE)) {
+			$session->setRememberMeExpire();
+			return;
+		}
+
+		/* Or if session lifetime is more than zero */
+		$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
+		$cookieParams = $sessionHandler->getCookieParams();
+		if ($cookieParams['lifetime'] > 0) {
+			$session->updateSessionCookies();
+		}
+	}
+
+}
-- 
GitLab