root/elgg/trunk/auth/sso/lib.php

Revision 170, 4.9 kB (checked in by bettse, 1 year ago)

This does two things

  • At a user's first login, enable notifications for their account by default
  • At a user's first login, if their username exists but has no email address defined, use the SSO data to update their user info (This allows us to create new users by creating new usernames, then the extra user data (email,

name, etc) will be filled in by the system at their first login).

Line 
1 <?php
2 ini_set('display_errors','1');
3 ini_set('display_startup_errors','1');
4 error_reporting (E_ALL);
5
6 /**
7  * SSO authentication for elgg.
8  *
9  * sso/
10  *    lib.php   <- file with authentication callback functions used by elgg
11  *    sso_config.php   <- sso configuration
12  *    sso.php      <- sso library
13  *
14  * To use sso authentication in elgg in your
15  * config.php file add the two lines below
16  *   $CFG->auth = 'sso';            // tells elgg to use sso
17  *   $CFG->sso_user_create = true;  // tells elgg to create a user for sso authenticated visitors
18  *
19  */
20
21 // sso library
22 require_once('sso.php');
23
24 // sso configuration
25 require_once('sso_config.php');
26
27
28 /**
29  * This method is a callback function used by elgg.
30  * This function is called by  authenticate_account
31  * in lib/elgglib.php.
32  */
33 function sso_authenticate_user_login()
34 {
35     global $CFG;
36     $redirect = "/social/index.php";
37
38     sso_authenticate(true, true, array('bounce'=>$redirect));
39     $data = sso_session_userinfo();
40
41     if (array_key_exists('userinfo', $data) && array_key_exists('username', $data['userinfo']) && $data['userinfo']['username'] != '') {
42         // Onid login successful
43         $username = $data['userinfo']['username'];
44
45         if ($CFG->sso_user_create == true) {
46             // create elgg user automatically
47             sso_create_elgg_user($username, $data['userinfo']);
48         }
49         // Return the user object
50         return get_record_select('users', "username = ? AND active = ? AND user_type = ? ", array($username,'yes','person'));
51     }
52     return false;
53 }
54
55 /**
56  * creates an entry in the elgg database for the given onid username.
57  */
58 function sso_create_elgg_user($username, $user_info) {
59     if(!validate_username($username)) {
60         $messages[] = __gettext("Error! ONID Username does not meet Elgg requirements");
61     } else {
62         // Does the user already exist?
63         $username = strtolower($username);
64
65         if (record_exists('users','username',$username)) {
66             // onid usernames are unique, so if it's already in the db, we're good to go
67
68             //since a user name have been created by being defined as a member of a project without having previously logged in
69             //we check if they have a name defined and if not, we update from sso.
70             if($temp = get_record('users','username',$username, 'name', '')) {//if the username exists, but the name is blank
71
72                 $user = new StdClass;
73                 $user->ident = $temp->ident;
74                 $user->email = $user_info["email"];
75                 $user->name  = $user_info["firstname"];
76                 $user->name  = $user->name . " " . $user_info["lastname"];
77                 $user->username = $username;
78                 $user->password = md5($password);
79                 $user->user_type = 'person';
80                 $user->owner = -1;
81
82                 update_record('users',$user);
83                 //Since this is the first time the user has logged in, do normal user creation stuff
84                 $rssresult = run("weblogs:rss:publish", array($user->ident, false));
85                 $rssresult = run("files:rss:publish", array($user->ident, false));
86                 $rssresult = run("profile:rss:publish", array($user->ident, false));
87                 user_flag_set("emailnotifications", '1', $user->ident);
88
89            }
90            return true;
91         } else {
92             // Everything OK, create user
93             $user = new StdClass;
94             $user->email = $user_info["email"];
95             $user->name  = $user_info["firstname"];
96             $user->name  = $user->name . " " . $user_info["lastname"];
97             $user->username = $username;
98             $user->password = md5($password);
99             $user->user_type = 'person';
100             $user->owner = -1;
101
102             $user_id = insert_record('users',$user);
103
104             if (!empty($user_id)) {
105                 $rssresult = run("weblogs:rss:publish", array($user_id, false));
106                 $rssresult = run("files:rss:publish", array($user_id, false));
107                 $rssresult = run("profile:rss:publish", array($user_id, false));
108                 user_flag_set("emailnotifications", '1', $user_id);
109             } else {
110                 // User creation failed
111                 $messages[] = sprintf(__gettext("User addition %d failed: Unknown reason, please contact you system administrator."), $username);
112             }
113         }
114     }
115 }
116
117 /**
118  * This function logs the user out of sso.
119  * It is is called by login/logout.php
120  */
121 function sso_authenticate_user_logout()
122 {
123     sso_logout();
124     unset($_SESSION['sso']);
125     unset($_SESSION['ldap']);
126
127 }
128
129 /**
130  * This function checks whether or not we have
131  * sso information in session. If we do have sso
132  * information we proceed to authenticate user.
133  *
134  * This function is called by isloggedin() in
135  * lib/elgglib.php
136  */
137 function check_sso_session ()
138 {
139     global $USER;
140     $data = sso_session_userinfo();
141     if ($data != null) {
142         authenticate_account(null, null);
143     }
144 }
145 ?>
146
Note: See TracBrowser for help on using the browser.