File Metadata

Created: Thu, Nov 28, 03:45

PhutilAuthAdapterShibboleth.php
View Options

	<?php

	final class PhutilAuthAdapterShibboleth extends PhutilAuthAdapter {

	// Configuration.
	private $shibSessionIdField;
	private $shibApplicationIdField;
	private $useridField;
	private $usernameField;
	private $realnameField;
	private $firstnameField;
	private $lastnameField;
	private $emailField;
	private $pageURIPattern;
	private $imageURIPattern;
	private $usernameFromRealname;
	private $addUserToProject;
	private $userProject;

	// Specific User Request Information.
	private $shibSessionId;
	private $shibApplicationId;
	private $userid;
	private $username;
	private $realname;
	private $firstname;
	private $lastname;
	private $email;

	//
	// Configuration setters.
	//
	public function setShibSessionIdField($value) {
	$this->shibSessionIdField = $value;
	return $this;
	}

	public function setShibApplicationIdField($value) {
	$this->shibApplicationIdField = $value;
	return $this;
	}

	public function setUseridField($value) {
	$this->useridField = $value;
	return $this;
	}

	public function setUsernameField($value) {
	$this->usernameField = $value;
	return $this;
	}

	public function setRealnameField($value) {
	$this->realnameField = $value;
	return $this;
	}

	public function setEmailField($value) {
	$this->emailField = $value;
	return $this;
	}

	public function setFirstnameField($value) {
	$this->firstnameField = $value;
	return $this;
	}

	public function setLastnameField($value) {
	$this->lastnameField = $value;
	return $this;
	}

	public function setPageURIPattern($value) {
	$this->pageURIPattern = $value;
	return $this;
	}

	public function setImageURIPattern($value) {
	$this->imageURIPattern = $value;
	return $this;
	}

	public function setIsGeneratedUsername($value) {
	$this->usernameFromRealname = $value;
	return $this;
	}

	public function setAddUserToPoject($value) {
	$this->addUserToProject = $value;
	return $this;
	}

	public function setUserProject($value) {
	$this->userProject = $value;
	return $this;
	}

	//
	// Implementation of PhutilAuthAdapter interface.
	// User information getters.
	//

	public function getAccountID() {
	return $this->userid;
	}

	public function getAdapterType() {
	return 'shibboleth';
	}

	public function getAdapterDomain() {
	return 'self';
	}

	public function getAccountEmail() {
	return $this->email;
	}

	public function getAccountName() {
	return $this->username;
	}

	public function getAccountURI() {
	if (strlen($this->pageURIPattern)) {
	return sprintf($this->pageURIPattern, $this->username);
	}
	return null;
	}

	public function getAccountImageURI() {
	if (strlen($this->imageURIPattern)) {
	return sprintf($this->imageURIPattern, $this->username);
	}
	return null;
	}

	public function getAccountRealName() {
	return $this->realname;
	}

	public function getAddUserToProject() {
	return $this->addUserToProject;
	}

	public function getUserProject() {
	return $this->userProject;
	}

	//
	// Extraction of user information from environement variables.
	//
	public function getEnvNames() {
	return array(
	$this->shibSessionIdField,
	$this->shibApplicationIdField,
	$this->useridField,
	$this->usernameField,
	$this->realnameField,
	$this->firstnameField,
	$this->lastnameField,
	$this->emailField,
	);
	}

	public function setUserDataFromRequest($env) {

	$this->shibSessionId = $env[$this->shibSessionIdField];
	$this->shibApplicationId = $env[$this->shibApplicationIdField];
	$this->userid = $env[$this->useridField];
	$this->username = $env[$this->usernameField];
	$this->realname = $env[$this->realnameField];
	$this->firstname = $env[$this->firstnameField];
	$this->lastname = $env[$this->lastnameField];
	$this->email = $env[$this->emailField];

	if (!strlen($this->shibSessionId)
	\|\| !strlen($this->shibApplicationId)
	\|\| !strlen($this->userid)
	\|\| (!strlen($this->username) && !$this->usernameFromRealname)
	\|\| (!strlen($this->firstname) && !strlen($this->lastname) && $this->usernameFromRealname)
	\|\| !strlen($this->realname)
	\|\| !strlen($this->email)
	) {
	phlog("SHIB ERROR");
	phlog("UserID: " . $this->userid);
	phlog("Username: " . $this->username);
	phlog("Realname: " . $this->realname);
	phlog("Firstname: " . $this->firstname);
	phlog("Lastname: " . $this->Lastname);
	phlog("Email: " . $this->email);
	return false;
	}

	if ($this->usernameFromRealname) {
	for ($len=0; $len < strlen($this->firstname); $len++) {
	$username = $this->generateUsername($len);
	$user_exists = id(new PhabricatorPeopleQuery())
	->setViewer(PhabricatorUser::getOmnipotentUser())
	->setLimit(1)
	->withUsernames(array($username))
	->execute();
	$this->username = $username;
	if (!$user_exists) {
	break;
	}
	}
	}

	return $this;
	}

	private function generateUsername($len) {
	return $this->cleanName($this->lastname) . substr($this->cleanName($this->firstname), 0, $len);
	}

	private function cleanName($name) {
	$clean = iconv('UTF-8', 'ASCII//TRANSLIT', $name);
	$clean = preg_replace("/[ -]/", '', $clean);
	$clean = strtolower(trim($clean));
	return $clean;
	}
	}

PhutilAuthAdapterShibboleth.php
No OneTemporary
Actions

File Metadata

PhutilAuthAdapterShibboleth.php
View Options

Event Timeline

PhutilAuthAdapterShibboleth.phpNo OneTemporaryActions

File Metadata

PhutilAuthAdapterShibboleth.phpView Options

Event Timeline

PhutilAuthAdapterShibboleth.php
No OneTemporary
Actions

PhutilAuthAdapterShibboleth.php
View Options