Move set/unset of a few session vars from saveUserToDataStore() to se…

…tUserAttributeSessionVars().

src/Service/Util.php

@@ -802,6 +802,7 @@ public static function saveUserToDataStore(...$args)
         // (e.g., by the error handler in handleGotUser). Then get these
         // session variables into local vars for ease of use.
         static::setUserAttributeSessionVars(...$args);
+
         $remoteuser  = static::getSessionVar('remoteuser');
         $idp         = static::getSessionVar('idp');
         $idpname     = static::getSessionVar('idpname');
@@ -821,8 +822,6 @@ public static function saveUserToDataStore(...$args)
         $entitlement = static::getSessionVar('entitlement');
         $itrustuin   = static::getSessionVar('itrustuin');
 
-        static::setSessionVar('submit', static::getSessionVar('responsesubmit'));
-
         // Make sure parameters are not empty strings, and email is valid
         // Must have at least one of remoteuser/ePPN/ePTID/openidID/oidcID
         if (static::gotUserAttributes()) {
@@ -964,14 +963,7 @@ public static function saveUserToDataStore(...$args)
                 );
             }
             static::unsetSessionVar('authntime');
-        } else { // status is okay, set authntime
-            static::setSessionVar('authntime', time());
         }
-
-        static::unsetSessionVar('responsesubmit');
-        static::unsetSessionVar('requestsilver');
-
-        static::getCsrf()->setCookieAndSession();
     }
 
     /**
@@ -1005,6 +997,13 @@ public static function setUserAttributeSessionVars(...$args)
         ) {
             static::setSessionVar('loa', 'http://incommonfederation.org/assurance/silver');
         }
+
+        static::setSessionVar('status', '0');
+        static::setSessionVar('submit', static::getSessionVar('responsesubmit'));
+        static::setSessionVar('authntime', time());
+        static::unsetSessionVar('responsesubmit');
+        static::unsetSessionVar('requestsilver');
+        static::getCsrf()->setCookieAndSession();
     }
 
     /**