File manager - Edit - /var/www/html/homologBancodetalentos/app/Http/Middleware/OptionalAuthSSOWeb.php
Back
<?php namespace App\Http\Middleware; use App\Http\Services\AuthService; use App\Support\SsoWebSession; use App\Support\TalentBank\IntegrationLog; use App\Support\TalentBankBypassAuth; use Closure; use Illuminate\Http\Client\ConnectionException; use Illuminate\Http\JsonResponse; use Illuminate\Http\Request; /** * Quando existe token de sessão, hidrata o request com o payload do usuário (mesmo formato do AuthSSO). * Em falha de /api/session com token OAuth real, limpa sessão inválida e segue sem auth (navegação pública). * * Sessões sintéticas (cadastro local / SSO popup Conta Angra) não chamam o serviço de identidade aqui — * usam apenas session('sso.user_payload'), evitando invalidar o token fictício. */ class OptionalAuthSSOWeb { /** * @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next */ public function handle(Request $request, Closure $next) { if (TalentBankBypassAuth::enabled()) { $payload = TalentBankBypassAuth::userPayload(); $request->user = $payload; $request->merge(['user' => $payload]); return $next($request); } if (! SsoWebSession::hasToken()) { return $next($request); } if (SsoWebSession::isLocalDevSession() || SsoWebSession::isAngraSsoSession()) { $payload = session('sso.user_payload', []); if (! is_array($payload) || $payload === []) { IntegrationLog::warning('sso.web.optional', 'empty_payload_synthetic', [ 'session_type' => SsoWebSession::isAngraSsoSession() ? 'angra_sso' : 'local_dev', ]); SsoWebSession::forget(); return $next($request); } $request->user = $payload; $request->merge(['user' => $payload]); return $next($request); } $authService = new AuthService(); try { $response = $authService->session($request); } catch (ConnectionException $e) { IntegrationLog::warning('sso.web.optional', 'session_connection_failed', [ 'message' => $e->getMessage(), ]); return $next($request); } if ($response->status() != JsonResponse::HTTP_OK) { IntegrationLog::warning('sso.web.optional', 'session_not_ok', [ 'http_status' => $response->status(), ]); SsoWebSession::forget(); return $next($request); } $payload = $response->json(); $request->user = $payload; $request->merge(['user' => $payload]); return $next($request); } }
| ver. 1.4 |
Github
|
.
| PHP 8.3.28 | Generation time: 0.01 |
proxy
|
phpinfo
|
Settings