Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F94001424
PhutilAuthAdapterShibboleth.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Tue, Dec 3, 03:59
Size
7 KB
Mime Type
text/x-php
Expires
Thu, Dec 5, 03:59 (1 d, 23 h)
Engine
blob
Format
Raw Data
Handle
22674449
Attached To
rPH Phabricator
PhutilAuthAdapterShibboleth.php
View Options
<?php
final
class
PhutilAuthAdapterShibboleth
extends
PhutilAuthAdapter
{
// Configuration.
private
$shibSessionIdField
;
private
$shibApplicationIdField
;
private
$useridField
;
private
$usernameField
;
private
$realnameField
;
private
$firstnameField
;
private
$lastnameField
;
private
$emailField
;
private
$orgField
;
private
$orgCustomField
;
private
$orgTypeField
;
private
$pageURIPattern
;
private
$imageURIPattern
;
private
$usernameFromRealname
;
private
$addUserToProject
;
private
$userProject
;
// Specific User Request Information.
private
$shibSessionId
;
private
$shibApplicationId
;
private
$userid
;
private
$username
;
private
$realname
;
private
$firstname
;
private
$lastname
;
private
$email
;
private
$org
;
private
$orgType
;
//
// Configuration setters.
//
public
function
setShibSessionIdField
(
$value
)
{
$this
->
shibSessionIdField
=
$value
;
return
$this
;
}
public
function
setShibApplicationIdField
(
$value
)
{
$this
->
shibApplicationIdField
=
$value
;
return
$this
;
}
public
function
setUseridField
(
$value
)
{
$this
->
useridField
=
$value
;
return
$this
;
}
public
function
setUsernameField
(
$value
)
{
$this
->
usernameField
=
$value
;
return
$this
;
}
public
function
setRealnameField
(
$value
)
{
$this
->
realnameField
=
$value
;
return
$this
;
}
public
function
setEmailField
(
$value
)
{
$this
->
emailField
=
$value
;
return
$this
;
}
public
function
setFirstnameField
(
$value
)
{
$this
->
firstnameField
=
$value
;
return
$this
;
}
public
function
setLastnameField
(
$value
)
{
$this
->
lastnameField
=
$value
;
return
$this
;
}
public
function
setOrgField
(
$value
)
{
$this
->
orgField
=
$value
;
return
$this
;
}
public
function
setOrgCustomField
(
$value
)
{
$this
->
orgCustomField
=
$value
;
return
$this
;
}
public
function
setOrgTypeField
(
$value
)
{
$this
->
orgTypeField
=
$value
;
return
$this
;
}
public
function
setPageURIPattern
(
$value
)
{
$this
->
pageURIPattern
=
$value
;
return
$this
;
}
public
function
setImageURIPattern
(
$value
)
{
$this
->
imageURIPattern
=
$value
;
return
$this
;
}
public
function
setIsGeneratedUsername
(
$value
)
{
$this
->
usernameFromRealname
=
$value
;
return
$this
;
}
public
function
setAddUserToProject
(
$value
)
{
$this
->
addUserToProject
=
$value
;
return
$this
;
}
public
function
setUserProject
(
$value
)
{
$this
->
userProject
=
$value
;
return
$this
;
}
//
// Implementation of PhutilAuthAdapter interface.
// User information getters.
//
public
function
getAccountID
()
{
return
$this
->
userid
;
}
public
function
getAdapterType
()
{
return
'shibboleth'
;
}
public
function
getAdapterDomain
()
{
return
'self'
;
}
public
function
getAccountEmail
()
{
return
$this
->
email
;
}
public
function
getAccountName
()
{
return
$this
->
username
;
}
public
function
getAccountURI
()
{
if
(
strlen
(
$this
->
pageURIPattern
))
{
return
sprintf
(
$this
->
pageURIPattern
,
$this
->
username
);
}
return
null
;
}
public
function
getAccountImageURI
()
{
if
(
strlen
(
$this
->
imageURIPattern
))
{
return
sprintf
(
$this
->
imageURIPattern
,
$this
->
username
);
}
return
null
;
}
public
function
getAccountRealName
()
{
return
$this
->
realname
;
}
public
function
getAddUserToProject
()
{
return
$this
->
addUserToProject
;
}
public
function
getUserProject
()
{
return
$this
->
userProject
;
}
public
function
getOrg
()
{
return
$this
->
org
;
}
public
function
getOrgType
()
{
return
$this
->
orgType
;
}
public
function
getOrgCustom
()
{
return
$this
->
orgCustomField
;
}
//
// Extraction of user information from environment variables.
//
public
function
getEnvNames
()
{
return
array
(
$this
->
shibSessionIdField
,
$this
->
shibApplicationIdField
,
$this
->
useridField
,
$this
->
usernameField
,
$this
->
realnameField
,
$this
->
firstnameField
,
$this
->
lastnameField
,
$this
->
emailField
,
$this
->
orgField
,
$this
->
orgTypeField
,
);
}
public
function
setUserDataFromRequest
(
$env
)
{
$this
->
shibSessionId
=
$env
[
$this
->
shibSessionIdField
];
$this
->
shibApplicationId
=
$env
[
$this
->
shibApplicationIdField
];
$this
->
userid
=
$env
[
$this
->
useridField
];
$this
->
realname
=
$env
[
$this
->
realnameField
];
$this
->
firstname
=
$env
[
$this
->
firstnameField
];
$this
->
lastname
=
$env
[
$this
->
lastnameField
];
$this
->
email
=
$env
[
$this
->
emailField
];
$this
->
org
=
$env
[
$this
->
orgField
];
$this
->
orgType
=
$env
[
$this
->
orgTypeField
];
if
(
$this
->
usernameFromRealname
)
{
for
(
$len
=
0
;
$len
<
strlen
(
$this
->
firstname
);
$len
++)
{
$username
=
$this
->
generateUsername
(
$len
);
$user_exists
=
id
(
new
PhabricatorPeopleQuery
())
->
setViewer
(
PhabricatorUser
::
getOmnipotentUser
())
->
setLimit
(
1
)
->
withUsernames
(
array
(
$username
))
->
execute
();
$this
->
username
=
$username
;
if
(!
$user_exists
)
{
break
;
}
}
}
else
{
$this
->
username
=
$env
[
$this
->
usernameField
];
}
if
(!
strlen
(
$this
->
realname
)
&&
strlen
(
$this
->
firstname
)
&&
strlen
(
$this
->
lastname
)){
$this
->
realname
=
$this
->
firstname
.
' '
.
$this
->
lastname
;
}
if
(!
strlen
(
$this
->
shibSessionId
)
||
!
strlen
(
$this
->
shibApplicationId
)
||
!
strlen
(
$this
->
userid
)
||
!
strlen
(
$this
->
username
)
||
!
strlen
(
$this
->
realname
)
||
!
strlen
(
$this
->
email
)
)
{
phlog
(
"SHIB ERROR"
);
phlog
(
"SessionID: "
.
$this
->
shibApplicationId
.
" ("
.
strlen
(
$this
->
shibApplicationId
)
.
")"
);
phlog
(
"ApplicationID: "
.
$this
->
shibSessionId
.
" ("
.
strlen
(
$this
->
shibSessionId
)
.
")"
);
phlog
(
"UserID: "
.
$this
->
userid
.
" ("
.
strlen
(
$this
->
userid
)
.
")"
);
phlog
(
"Username: "
.
$this
->
username
.
" ("
.
strlen
(
$this
->
username
)
.
")"
);
phlog
(
"Realname: "
.
$this
->
realname
.
" ("
.
strlen
(
$this
->
realname
)
.
")"
);
phlog
(
"Firstname: "
.
$this
->
firstname
.
" ("
.
strlen
(
$this
->
firstname
)
.
")"
);
phlog
(
"Lastname: "
.
$this
->
lastname
.
" ("
.
strlen
(
$this
->
lastname
)
.
")"
);
phlog
(
"Email: "
.
$this
->
email
.
" ("
.
strlen
(
$this
->
email
)
.
")"
);
phlog
(
"Org: "
.
$this
->
org
.
" ("
.
strlen
(
$this
->
org
)
.
")"
);
phlog
(
"Org type: "
.
$this
->
orgType
.
" ("
.
strlen
(
$this
->
orgType
)
.
")"
);
return
false
;
}
return
$this
;
}
private
function
generateUsername
(
$len
)
{
return
$this
->
cleanName
(
$this
->
lastname
)
.
substr
(
$this
->
cleanName
(
$this
->
firstname
),
0
,
$len
);
}
private
function
cleanName
(
$name
)
{
$clean
=
iconv
(
'UTF-8'
,
'ASCII//TRANSLIT'
,
$name
);
$clean
=
preg_replace
(
"/[ -]/"
,
''
,
$clean
);
$clean
=
strtolower
(
trim
(
$clean
));
return
$clean
;
}
}
Event Timeline
Log In to Comment