Page MenuHomec4science

PhutilAuthAdapterShibboleth.php
No OneTemporary

File Metadata

Created
Tue, Dec 3, 03:59

PhutilAuthAdapterShibboleth.php

<?php
final class PhutilAuthAdapterShibboleth extends PhutilAuthAdapter {
// Configuration.
private $shibSessionIdField;
private $shibApplicationIdField;
private $useridField;
private $usernameField;
private $realnameField;
private $firstnameField;
private $lastnameField;
private $emailField;
private $orgField;
private $orgCustomField;
private $orgTypeField;
private $pageURIPattern;
private $imageURIPattern;
private $usernameFromRealname;
private $addUserToProject;
private $userProject;
// Specific User Request Information.
private $shibSessionId;
private $shibApplicationId;
private $userid;
private $username;
private $realname;
private $firstname;
private $lastname;
private $email;
private $org;
private $orgType;
//
// Configuration setters.
//
public function setShibSessionIdField($value) {
$this->shibSessionIdField = $value;
return $this;
}
public function setShibApplicationIdField($value) {
$this->shibApplicationIdField = $value;
return $this;
}
public function setUseridField($value) {
$this->useridField = $value;
return $this;
}
public function setUsernameField($value) {
$this->usernameField = $value;
return $this;
}
public function setRealnameField($value) {
$this->realnameField = $value;
return $this;
}
public function setEmailField($value) {
$this->emailField = $value;
return $this;
}
public function setFirstnameField($value) {
$this->firstnameField = $value;
return $this;
}
public function setLastnameField($value) {
$this->lastnameField = $value;
return $this;
}
public function setOrgField($value) {
$this->orgField = $value;
return $this;
}
public function setOrgCustomField($value) {
$this->orgCustomField = $value;
return $this;
}
public function setOrgTypeField($value) {
$this->orgTypeField = $value;
return $this;
}
public function setPageURIPattern($value) {
$this->pageURIPattern = $value;
return $this;
}
public function setImageURIPattern($value) {
$this->imageURIPattern = $value;
return $this;
}
public function setIsGeneratedUsername($value) {
$this->usernameFromRealname = $value;
return $this;
}
public function setAddUserToProject($value) {
$this->addUserToProject = $value;
return $this;
}
public function setUserProject($value) {
$this->userProject = $value;
return $this;
}
//
// Implementation of PhutilAuthAdapter interface.
// User information getters.
//
public function getAccountID() {
return $this->userid;
}
public function getAdapterType() {
return 'shibboleth';
}
public function getAdapterDomain() {
return 'self';
}
public function getAccountEmail() {
return $this->email;
}
public function getAccountName() {
return $this->username;
}
public function getAccountURI() {
if (strlen($this->pageURIPattern)) {
return sprintf($this->pageURIPattern, $this->username);
}
return null;
}
public function getAccountImageURI() {
if (strlen($this->imageURIPattern)) {
return sprintf($this->imageURIPattern, $this->username);
}
return null;
}
public function getAccountRealName() {
return $this->realname;
}
public function getAddUserToProject() {
return $this->addUserToProject;
}
public function getUserProject() {
return $this->userProject;
}
public function getOrg() {
return $this->org;
}
public function getOrgType() {
return $this->orgType;
}
public function getOrgCustom() {
return $this->orgCustomField;
}
//
// Extraction of user information from environment variables.
//
public function getEnvNames() {
return array(
$this->shibSessionIdField,
$this->shibApplicationIdField,
$this->useridField,
$this->usernameField,
$this->realnameField,
$this->firstnameField,
$this->lastnameField,
$this->emailField,
$this->orgField,
$this->orgTypeField,
);
}
public function setUserDataFromRequest($env) {
$this->shibSessionId = $env[$this->shibSessionIdField];
$this->shibApplicationId = $env[$this->shibApplicationIdField];
$this->userid = $env[$this->useridField];
$this->realname = $env[$this->realnameField];
$this->firstname = $env[$this->firstnameField];
$this->lastname = $env[$this->lastnameField];
$this->email = $env[$this->emailField];
$this->org = $env[$this->orgField];
$this->orgType = $env[$this->orgTypeField];
if ($this->usernameFromRealname) {
for ($len=0; $len < strlen($this->firstname); $len++) {
$username = $this->generateUsername($len);
$user_exists = id(new PhabricatorPeopleQuery())
->setViewer(PhabricatorUser::getOmnipotentUser())
->setLimit(1)
->withUsernames(array($username))
->execute();
$this->username = $username;
if (!$user_exists) {
break;
}
}
} else {
$this->username = $env[$this->usernameField];
}
if(!strlen($this->realname) && strlen($this->firstname) && strlen($this->lastname)){
$this->realname = $this->firstname . ' ' . $this->lastname;
}
if (!strlen($this->shibSessionId)
|| !strlen($this->shibApplicationId)
|| !strlen($this->userid)
|| !strlen($this->username)
|| !strlen($this->realname)
|| !strlen($this->email)
) {
phlog("SHIB ERROR");
phlog("SessionID: " . $this->shibApplicationId . " (" . strlen($this->shibApplicationId) . ")");
phlog("ApplicationID: " . $this->shibSessionId . " (" . strlen($this->shibSessionId) . ")");
phlog("UserID: " . $this->userid . " (" . strlen($this->userid) . ")");
phlog("Username: " . $this->username . " (" . strlen($this->username) . ")");
phlog("Realname: " . $this->realname . " (" . strlen($this->realname) . ")");
phlog("Firstname: " . $this->firstname . " (" . strlen($this->firstname) . ")");
phlog("Lastname: " . $this->lastname . " (" . strlen($this->lastname) . ")");
phlog("Email: " . $this->email . " (" . strlen($this->email) . ")");
phlog("Org: " . $this->org . " (" . strlen($this->org) . ")");
phlog("Org type: " . $this->orgType . " (" . strlen($this->orgType) . ")");
return false;
}
return $this;
}
private function generateUsername($len) {
return $this->cleanName($this->lastname) . substr($this->cleanName($this->firstname), 0, $len);
}
private function cleanName($name) {
$clean = iconv('UTF-8', 'ASCII//TRANSLIT', $name);
$clean = preg_replace("/[ -]/", '', $clean);
$clean = strtolower(trim($clean));
return $clean;
}
}

Event Timeline