d6/d13/UserPassOrgBase_8php_source.html

<?php


abstract class sspmod_core_Auth_UserPassOrgBase extends SimpleSAML_Auth_Source {


        const STAGEID = 'sspmod_core_Auth_UserPassOrgBase.state';


        const AUTHID = 'sspmod_core_Auth_UserPassOrgBase.AuthId';


        const ORGID = 'sspmod_core_Auth_UserPassOrgBase.SelectedOrg';


        private $usernameOrgMethod;


        protected $rememberUsernameEnabled = FALSE;


        protected $rememberUsernameChecked = FALSE;


        public function __construct($info, &$config) {

                assert('is_array($info)');

                assert('is_array($config)');


                // Call the parent constructor first, as required by the interface

                parent::__construct($info, $config);


                // Get the remember username config options

                if (isset($config['remember.username.enabled'])) {

                        $this->rememberUsernameEnabled = (bool) $config['remember.username.enabled'];

                        unset($config['remember.username.enabled']);

                }

                if (isset($config['remember.username.checked'])) {

                        $this->rememberUsernameChecked = (bool) $config['remember.username.checked'];

                        unset($config['remember.username.checked']);

                }


                $this->usernameOrgMethod = 'none';

        }


        protected function setUsernameOrgMethod($usernameOrgMethod) {

                assert('in_array($usernameOrgMethod, array("none", "allow", "force"), TRUE)');


                $this->usernameOrgMethod = $usernameOrgMethod;

        }


        public function getUsernameOrgMethod() {

                return $this->usernameOrgMethod;

        }


        public function getRememberUsernameEnabled() {

                return $this->rememberUsernameEnabled;

        }


        public function getRememberUsernameChecked() {

                return $this->rememberUsernameChecked;

        }


        public function authenticate(&$state) {

                assert('is_array($state)');


                // We are going to need the authId in order to retrieve this authentication source later

                $state[self::AUTHID] = $this->authId;


                $id = SimpleSAML_Auth_State::saveState($state, self::STAGEID);


                $url = SimpleSAML\Module::getModuleURL('core/loginuserpassorg.php');

                $params = array('AuthState' => $id);

                \SimpleSAML\Utils\HTTP::redirectTrustedURL($url, $params);

        }


        abstract protected function login($username, $password, $organization);


        abstract protected function getOrganizations();


        public static function handleLogin($authStateId, $username, $password, $organization) {

                assert('is_string($authStateId)');

                assert('is_string($username)');

                assert('is_string($password)');

                assert('is_string($organization)');


                /* Retrieve the authentication state. */

                $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);


                /* Find authentication source. */

                assert('array_key_exists(self::AUTHID, $state)');

                $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);

                if ($source === NULL) {

                        throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);

                }


                $orgMethod = $source->getUsernameOrgMethod();

                if ($orgMethod !== 'none') {

                        $tmp = explode('@', $username, 2);

                        if (count($tmp) === 2) {

                                $username = $tmp[0];

                                $organization = $tmp[1];

                        } else {

                                if ($orgMethod === 'force') {

                                        /* The organization should be a part of the username, but isn't. */

                                        throw new SimpleSAML_Error_Error('WRONGUSERPASS');

                                }

                        }

                }


                /* Attempt to log in. */

                $attributes = $source->login($username, $password, $organization);


                // Add the selected Org to the state

                $state[self::ORGID] = $organization;

                $state['PersistentAuthData'][] = self::ORGID;


                $state['Attributes'] = $attributes;

                SimpleSAML_Auth_Source::completeAuth($state);

        }


        public static function listOrganizations($authStateId) {

                assert('is_string($authStateId)');


                /* Retrieve the authentication state. */

                $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);


                /* Find authentication source. */

                assert('array_key_exists(self::AUTHID, $state)');

                $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);

                if ($source === NULL) {

                        throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);

                }


                $orgMethod = $source->getUsernameOrgMethod();

                if ($orgMethod === 'force') {

                        return NULL;

                }


                return $source->getOrganizations();

        }

}

$source
$source
Definition: linkback.php:22

$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10

php
An exception for terminatinating execution or to throw for unit testing.

SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:303

SimpleSAML\Utils\HTTP\redirectTrustedURL
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition: HTTP.php:962

SimpleSAML_Auth_Source
Definition: Source.php:13

SimpleSAML_Auth_Source\getById
static getById($authId, $type=null)
Retrieve authentication source.
Definition: Source.php:324

SimpleSAML_Auth_Source\completeAuth
static completeAuth(&$state)
Complete authentication.
Definition: Source.php:135

SimpleSAML_Auth_Source\$authId
$authId
Definition: Source.php:22

SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition: State.php:194

SimpleSAML_Auth_State\loadState
static loadState($id, $stage, $allowMissing=false)
Retrieve saved state.
Definition: State.php:259

SimpleSAML_Error_Error
Definition: Error.php:11

sspmod_core_Auth_UserPassOrgBase
Definition: UserPassOrgBase.php:14

sspmod_core_Auth_UserPassOrgBase\$rememberUsernameEnabled
$rememberUsernameEnabled
Definition: UserPassOrgBase.php:50

sspmod_core_Auth_UserPassOrgBase\AUTHID
const AUTHID
The key of the AuthId field in the state.
Definition: UserPassOrgBase.php:26

sspmod_core_Auth_UserPassOrgBase\listOrganizations
static listOrganizations($authStateId)
Get available organizations.
Definition: UserPassOrgBase.php:256

sspmod_core_Auth_UserPassOrgBase\login
login($username, $password, $organization)
Attempt to log in using the given username, password and organization.

sspmod_core_Auth_UserPassOrgBase\getOrganizations
getOrganizations()
Retrieve list of organizations.

sspmod_core_Auth_UserPassOrgBase\authenticate
authenticate(&$state)
Initialize login.
Definition: UserPassOrgBase.php:149

sspmod_core_Auth_UserPassOrgBase\getRememberUsernameChecked
getRememberUsernameChecked()
Getter for the authsource config option remember.username.checked.
Definition: UserPassOrgBase.php:136

sspmod_core_Auth_UserPassOrgBase\STAGEID
const STAGEID
The string used to identify our states.
Definition: UserPassOrgBase.php:20

sspmod_core_Auth_UserPassOrgBase\__construct
__construct($info, &$config)
Constructor for this authentication source.
Definition: UserPassOrgBase.php:70

sspmod_core_Auth_UserPassOrgBase\getUsernameOrgMethod
getUsernameOrgMethod()
Retrieve the way organizations as part of the username should be handled.
Definition: UserPassOrgBase.php:120

sspmod_core_Auth_UserPassOrgBase\getRememberUsernameEnabled
getRememberUsernameEnabled()
Getter for the authsource config option remember.username.enabled.
Definition: UserPassOrgBase.php:128

sspmod_core_Auth_UserPassOrgBase\ORGID
const ORGID
The key of the OrgId field in the state, identifies which org was selected.
Definition: UserPassOrgBase.php:32

sspmod_core_Auth_UserPassOrgBase\$rememberUsernameChecked
$rememberUsernameChecked
Definition: UserPassOrgBase.php:58

sspmod_core_Auth_UserPassOrgBase\$usernameOrgMethod
$usernameOrgMethod
What way do we handle the organization as part of the username.
Definition: UserPassOrgBase.php:42

sspmod_core_Auth_UserPassOrgBase\setUsernameOrgMethod
setUsernameOrgMethod($usernameOrgMethod)
Configure the way organizations as part of the username is handled.
Definition: UserPassOrgBase.php:103

sspmod_core_Auth_UserPassOrgBase\handleLogin
static handleLogin($authStateId, $username, $password, $organization)
Handle login request.
Definition: UserPassOrgBase.php:205

$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14

$config
$config
Definition: flush-definition-cache.php:23

$info
$info
Definition: index.php:5

$url
$url
Definition: proxy_ylocal.php:28

$password
$password
Definition: pwgen.php:17

$attributes
$attributes
Definition: serviceValidate.php:33

$params
$params
Definition: disable.php:11

$authStateId
if(!array_key_exists('AuthState', $_REQUEST)) $authStateId
Definition: yubikeylogin.php:15