API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 22nd, 2014
159
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.19 KB | None | 0 0
raw download clone embed print report
  1. user_login_submit(array(), $form_state);
  2.  
  3. ... (Array, 7 elements)
  4. 0 (String, 32 characters ) ldap_user_grab_password_validate | (Callback) ldap_user_grab_password_validate();
  5. 1 (String, 24 characters ) user_login_name_validate | (Callback) user_login_name_validate();
  6. 2 (String, 66 characters ) ldap_authentication_core_override_user_login_au... | (Callback) ldap_authentication_core_override_user_login_au...();
  7. 3 (String, 52 characters ) ldap_authentication_user_login_authenticate_val... | (Callback) ldap_authentication_user_login_authenticate_val...();
  8. 4 (String, 38 characters ) noreqnewpass_user_login_final_validate | (Callback) noreqnewpass_user_login_final_validate();
  9. 5 (String, 32 characters ) readonlymode_check_form_validate | (Callback) readonlymode_check_form_validate();
  10. 6 (String, 22 characters ) ws_rest_auth_authenticate | (Callback) rest_auth_authenticate();
  11.  
  12. <?php
  13.  
  14. /**
  15. * @file
  16. * Allow users to login using an external web service.
  17. *
  18. * Users can login to the site using a RESTful web service. If the user is
  19. * associated with a Drupal user, that user is logged in. If not, a new user is
  20. * created.
  21. */
  22. /**
  23. * Implements hook_menu().
  24. */
  25. function ws_rest_auth_menu()
  26. {
  27. $items['admin/config/people/rest_auth'] = array(
  28. 'title' => 'REST Auth',
  29. 'description' => 'Administer REST Auth settings.',
  30. 'page callback' => 'drupal_get_form',
  31. 'page arguments' => array('ws_rest_auth_settings_form'),
  32. 'access arguments' => array('administer users'),
  33. );
  34. return $items;
  35. }
  36.  
  37. /**
  38. * Form to administer REST Auth settings.
  39. */
  40. function ws_rest_auth_settings_form($form, &$form_state)
  41. {
  42. $form = array();
  43. $form['rest_auth_general'] = array(
  44. '#type' => 'fieldset',
  45. '#title' => t('General settings'),
  46. '#collapsible' => TRUE,
  47. '#collapsed' => FALSE,
  48. );
  49. $form['rest_auth_general']['rest_auth_url'] = array(
  50. '#type' => 'textfield',
  51. '#title' => t('Host'),
  52. '#description' => t('Enter the fully-formed URL of the authentication service.'),
  53. '#default_value' => variable_get('rest_auth_url'),
  54. '#required' => TRUE,
  55. );
  56. $form['rest_auth_general']['rest_auth_param_name'] = array(
  57. '#type' => 'textfield',
  58. '#title' => t('Username parameter'),
  59. '#description' => t('Enter the username parameter name that will get passed to the web service. If the username is buried inside the JSON response object, enter the hierarchy using <strong>\</strong> as level delimiter. For example, if the username is inside <code>{"User": {"name": "Druplicon"}}</code>, enter <code>User\name</code> in this box.'),
  60. '#default_value' => variable_get('rest_auth_param_name'),
  61. '#required' => TRUE,
  62. );
  63. $form['rest_auth_general']['rest_auth_param_pass'] = array(
  64. '#type' => 'textfield',
  65. '#title' => t('Password parameter'),
  66. '#description' => t('Enter the password parameter name that will get passed to the web service. If the password is buried inside the JSON response object, enter the hierarchy using <strong>\</strong> as level delimiter. For example, if the password is inside <code>{"User": {"password": "letmein"}}</code>, enter <code>User\password</code> in this box.'),
  67. '#default_value' => variable_get('rest_auth_param_pass'),
  68. '#required' => TRUE,
  69. );
  70. $form['rest_auth_advanced'] = array(
  71. '#type' => 'fieldset',
  72. '#title' => t('Advanced settings'),
  73. '#collapsible' => TRUE,
  74. '#collapsed' => TRUE,
  75. );
  76. $form['rest_auth_advanced']['rest_auth_auth_side'] = array(
  77. '#type' => 'radios',
  78. '#title' => t('Authentication side'),
  79. '#description' => t('This options allows you to determine where authentication happens.<br /><em>Note: It is more secure to authenticate provider-side, but it may require additional code from the web service provider.</em>'),
  80. '#options' => array(
  81. 'provider' => t('Provider (Web service)'),
  82. 'consumer' => t('Consumer (Drupal)'),
  83. ),
  84. '#default_value' => variable_get('rest_auth_auth_side', 'provider'),
  85. );
  86. $form['rest_auth_advanced']['rest_auth_response_name'] = array(
  87. '#type' => 'textfield',
  88. '#title' => t('Response username'),
  89. '#description' => t('If your authentication is consumer-side, and the username is located in a different part of the JSON response object, enter that location here. If the username is burried inside the JSON response object, enter the hierarchy using <strong>\</strong> as level delimiter. For example, if the username is inside <code>{"User": {"username": "Druplicon"}}</code>, enter <code>User\username</code> in this box.'),
  90. '#default_value' => variable_get('rest_auth_response_name'),
  91. );
  92. $form['rest_auth_advanced']['rest_auth_param_email'] = array(
  93. '#type' => 'textfield',
  94. '#title' => t('Email parameter'),
  95. '#description' => t('If the response contains an email address, enter the email parameter name that will be returned from the web service. If this is left empty or if the parameter is not found, the module will try to use the username as the account email. If the email is buried inside the JSON response object, enter the hierarchy using <strong>\</strong> as level delimiter. For example, if the email is inside <code>{"User": {"email": "mail@example.com"}}</code>, enter <code>User\email</code> in this box.'),
  96. '#default_value' => variable_get('rest_auth_param_email'),
  97. );
  98. $roles = user_roles(TRUE);
  99. unset($roles[DRUPAL_AUTHENTICATED_RID]);
  100. $form['rest_auth_advanced']['rest_auth_roles'] = array(
  101. '#type' => 'checkboxes',
  102. '#title' => t('Roles'),
  103. '#description' => t('Select the role(s) you would like to assign to new users created by REST Auth.'),
  104. '#options' => $roles,
  105. '#default_value' => variable_get('rest_auth_roles', array()),
  106. );
  107. if (module_exists('devel'))
  108. {
  109. $form['rest_auth_advanced']['rest_auth_debug'] = array(
  110. '#type' => 'radios',
  111. '#title' => t('Debug'),
  112. '#description' => t('This option allows you to view the response object. Turn off for production websites.'),
  113. '#options' => array(
  114. 0 => t('Disabled'),
  115. 1 => t('Enabled'),
  116. ),
  117. '#default_value' => variable_get('rest_auth_debug', 0),
  118. );
  119. }
  120. return system_settings_form($form);
  121. }
  122.  
  123. /**
  124. * Implements hook_form_alter().
  125. */
  126. function ws_rest_auth_form_alter(&$form, &$form_state, $form_id)
  127. {
  128. if ($form_id == 'user_login' || $form_id == 'user_login_block')
  129. {
  130. if (isset($form_state['input']['name']))
  131. {
  132. array_unshift($form['#validate'], 'ws_rest_auth_authenticate');
  133.  
  134. dsm($form['#validate']);
  135. }
  136. }
  137. }
  138.  
  139. /**
  140. * Authenticates the user.
  141. */
  142. function ws_rest_auth_authenticate($form, &$form_state)
  143. {
  144. $url = variable_get('rest_auth_url');
  145. $name = $form_state['values']['name'];
  146. $pass = $form_state['values']['pass'];
  147. $data = array(
  148. variable_get('rest_auth_param_name', 'name') => $name,
  149. variable_get('rest_auth_param_pass', 'pass') => md5($pass),
  150. );
  151. $options = array(
  152. 'headers' => array(
  153. 'Accept' => 'application/json',
  154. 'Content-Type' => 'application/x-www-form-urlencoded',
  155. ),
  156. 'method' => 'POST',
  157. 'data' => drupal_http_build_query($data),
  158. );
  159. $response = drupal_http_request($url, $options);
  160. if (module_exists('devel') && variable_get('rest_auth_debug', 0))
  161. {
  162. dpm($response, t('Response'));
  163. }
  164. // Verify for response error
  165. if (isset($response->error))
  166. {
  167. drupal_set_message($response->error, 'error');
  168. }
  169. else
  170. {
  171. // Parse response data
  172. $data = json_decode($response->data, TRUE);
  173. if (module_exists('devel') && variable_get('rest_auth_debug', 0))
  174. {
  175. dpm($data, t('Data'));
  176. }
  177. if ($error = json_last_error())
  178. {
  179. // Error
  180. switch ($error)
  181. {
  182. case JSON_ERROR_DEPTH:
  183. drupal_set_message(t('The maximum stack depth has been exceeded'), 'error');
  184. break;
  185. case JSON_ERROR_STATE_MISMATCH:
  186. drupal_set_message(t('Underflow or mode mismatch'), 'error');
  187. break;
  188. case JSON_ERROR_CTRL_CHAR:
  189. drupal_set_message(t('Unexpected control character found'), 'error');
  190. break;
  191. case JSON_ERROR_SYNTAX:
  192. drupal_set_message(t('Syntax error. Invalid or malformed JSON'), 'error');
  193. break;
  194. case JSON_ERROR_UTF8:
  195. drupal_set_message(t('Malformed UTF-8 characters, possibly incorrectly encoded'), 'error');
  196. break;
  197. default:
  198. drupal_set_message(t('Unknown error parsing data'), 'error');
  199. break;
  200. }
  201. }
  202. else
  203. {
  204. // Success
  205. if ($uid = _rest_auth_login_register($data, $name, $pass, $form_state))
  206. {
  207. $form_state['uid'] = $uid;
  208. return true;
  209. dd(__LINE__);
  210. }
  211. }
  212. }
  213. }
  214.  
  215. /**
  216. * Log in the user, registering if the user doesn't exist yet.
  217. */
  218. function _rest_auth_login_register($data, $name, $pass, &$form_state)
  219. {
  220. $account = null;
  221.  
  222. //this user should not be existing in ldap_user
  223.  
  224. $count = db_query("SELECT module FROM {authmap} WHERE authname = :authname and module <> :module ", array(':authname' => $name, ':module' => 'ws_rest_auth'))->rowCount();
  225.  
  226. if ($count > 0)
  227. {
  228. //ignore it as this user has already entry thru another extrnal authentication
  229. return FALSE;
  230. }
  231.  
  232. // Authenticate if necessary
  233. // Create account if it does not exist
  234. if (!$account)
  235. {
  236.  
  237. // Determine what the email for the user should be
  238. $mail_candidate = _rest_auth_parse_data($data, variable_get('rest_auth_param_email'));
  239. if (valid_email_address($mail_candidate))
  240. {
  241.  
  242. // Use if it is a valid email
  243. $mail = $mail_candidate;
  244. }
  245. elseif (valid_email_address($name))
  246. {
  247. // Default to username as email
  248. $mail = $name;
  249. }
  250. else
  251. {
  252. drupal_set_message(t('A valid email was not found for this user'), 'error');
  253. return FALSE;
  254. }
  255.  
  256. //A valid email has been found
  257.  
  258.  
  259. if (_rest_auth_user_exists($name))
  260. {
  261. //just verify the password and log him in
  262. $account = user_external_load($name); //he must be existing in this
  263. }
  264. else
  265. {
  266. // Create and save new user
  267. $userinfo = array(
  268. 'name' => $name,
  269. 'pass' => $pass,
  270. 'mail' => $mail,
  271. 'init' => $mail,
  272. 'status' => 1,
  273. 'roles' => variable_get('rest_auth_roles', array()),
  274. 'access' => REQUEST_TIME,
  275. 'data' => $data,
  276. );
  277. // Provide hook to alter user information
  278. drupal_alter('rest_auth_user', $userinfo, $data);
  279. $account = user_save(drupal_anonymous_user(), $userinfo);
  280. // Set an error if the account creation failed
  281.  
  282. if (!$account)
  283. {
  284.  
  285. drupal_set_message(t('Error saving user account.'), 'error');
  286. return FALSE;
  287. }
  288.  
  289. user_set_authmaps($account, array('authname_rest_auth' => $name));
  290. }
  291. }
  292. else
  293. {
  294.  
  295. // Update $user->data with information from the server
  296. $userinfo = array('data' => $data);
  297. // Provide hook to alter user information
  298. $context = array('user' => clone $account);
  299. drupal_alter('rest_auth_user', $userinfo, $data, $context);
  300. user_save($account, $userinfo);
  301.  
  302. }
  303. // Log the user in
  304. dd($account->uid, 'uid');
  305. $form_state['uid'] = $account->uid;
  306.  
  307. user_login_submit(array(), $form_state);
  308.  
  309. header('Location: http://localhost/my/user/1');
  310. die();
  311. return $account->uid;
  312. }
  313.  
  314. /**
  315. * Checks if a username already exists.
  316. */
  317. function _rest_auth_user_exists($name)
  318. {
  319. if (db_query_range('SELECT 1 FROM {users} WHERE name = :name', 0, 1, array(':name' => $name))->fetchField())
  320. {
  321. return TRUE;
  322. }
  323. else
  324. {
  325. return FALSE;
  326. }
  327. }
  328.  
  329. /**
  330. * Get the email based on the configured response path.
  331. */
  332. function _rest_auth_parse_data($data, $xpath)
  333. {
  334. if ($xpath)
  335. {
  336. $xpath = explode('\', $xpath);
  337. $value = $data;
  338. foreach ($xpath as $key)
  339. {
  340. if (isset($value[$key]))
  341. {
  342. $value = $value[$key];
  343. }
  344. }
  345. return $value;
  346. }
  347. }
  348.  
  349. /**
  350. * The final validation handler on the login form.
  351. *
  352. * Sets a form error if user has not been authenticated, or if too many
  353. * logins have been attempted. This validation function should always
  354. * be the last one.
  355. */
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!