T&C_drupal_auth

1. <?php
2.  
3. /**
4. * @file
5. * drupalauth4ssp module for Drupal.
6. *
7. * This module tightly integrates the SimpleSAMLphp Identity Provider login experience with a Drupal site.
8. *
9. */
10.  
11.  
12. /**
13. * Implements hook_menu().
14. */
15. function drupalauth4ssp_menu() {
16. $items = array();
17.  
18. $items['admin/config/people/drupalauth4ssp'] = array(
19. 'title' => 'Drupalauth for SimpleSAMLphp Settings',
20. 'description' => 'Control the various settings of the drupalauth4ssp module',
21. 'page callback' => 'drupal_get_form',
22. 'page arguments' => array('drupalauth4ssp_settings'),
23. 'access arguments' => array('administer drupalauth4ssp'),
24. 'type' => MENU_LOCAL_TASK | MENU_NORMAL_ITEM,
25. );
26.  
27. return $items;
28. }
29.  
30. /**
31. * Implements hook_admin_paths().
32. */
33. function drupalauth4ssp_admin_paths() {
34. return array('admin/config/people/drupalauth4ssp' => TRUE);
35. }
36.  
37. /**
38. * Implements hook_permission().
39. */
40. function drupalauth4ssp_permission() {
41. return array(
42. 'administer drupalauth4ssp' => array(
43. 'title' => t('Administer drupalauth4ssp'),
44. 'description' => t('Warning: Give to trusted roles only; this permission has security implications.'),
45. ),
46. );
47. }
48.  
49. // implements hook_user_login()
50. function drupalauth4ssp_user_login(&$edit, $account) {
51. _drupalauth4ssp_exec($account);
52. }
53.  
54. // implements hook_user_logout()
55. function drupalauth4ssp_user_logout($account) {
56.  
57. // Get the configuration information from SimpleSAMLphp
58. $sspConfig = _drupalauth4ssp_get_simplesamlphp_config();
59.  
60. // If we don't have configuration, exit without doing anything
61. if (!is_array($sspConfig)) {
62. // The least we can do is write something to the watchdog so someone will know what's happening.
63. watchdog('drupalauth4ssp', 'Could not use drupalauth for %name, could not get the SimpleSAMLphp configuration.', array('%name' => $user->name));
64. return;
65. }
66.  
67. // Delete the cookie
68. setcookie($sspConfig['cookie_name'], "", time() - 3600 , $sspConfig['baseurlpath']);
69.  
70. }
71.  
72.  
73. // implements hook_user_view()
74. function drupalauth4ssp_user_view($account, $view_mode, $langcode) {
75. _drupalauth4ssp_exec($account);
76. }
77.  
78. /**
79. * Implements settings for the module.
80. */
81. function drupalauth4ssp_settings() {
82.  
83. $form['drupalauth4ssp_setup'] = array(
84. '#type' => 'fieldset',
85. '#title' => t('Basic Setup'),
86. '#collapsible' => FALSE,
87. );
88. $form['drupalauth4ssp_setup']['drupalauth4ssp_installdir'] = array(
89. '#type' => 'textfield',
90. '#title' => t('Installation directory (default: /var/simplesamlphp)'),
91. '#default_value' => variable_get('drupalauth4ssp_installdir', NULL),
92. '#description' => t('The base directory of simpleSAMLphp. Absolute path with no trailing slash.'),
93. );
94. $form['drupalauth4ssp_setup']['drupalauth4ssp_authsource'] = array(
95. '#type' => 'textfield',
96. '#title' => t('Authentication source (The one that uses the drupalauth:External class)'),
97. '#default_value' => variable_get('drupalauth4ssp_authsource', NULL),
98. '#description' => t('The simpleSAMLphp authentication source.'),
99. );
100.  
101. return system_settings_form($form);
102. }
103.  
104.  
105. /**
106. * Returns the SimpleSAMLphp configuration
107. */
108. function _drupalauth4ssp_get_simplesamlphp_config() {
109.  
110. $config = NULL;
111.  
112. // Get the simplesamlphp session.
113. $basedir = variable_get('drupalauth4ssp_installdir', NULL);
114.  
115. // if we don't have a va
116. if (!strlen($basedir)) {
117. return;
118. }
119.  
120. require_once($basedir . '/lib/_autoload.php');
121.  
122. $sspConfig = SimpleSAML_Configuration::getInstance();
123.  
124. if (!is_object($sspConfig)) {
125. return;
126. }
127.  
128. // get the secretsalt
129. $config['secretsalt'] = $sspConfig->getValue('secretsalt');
130.  
131. // get the baseurlpath
132. $config['baseurlpath'] = '/' . $sspConfig->getValue('baseurlpath');
133.  
134. unset($sspConfig);
135.  
136. $sspAuthsources = SimpleSAML_Configuration::getConfig('authsources.php');
137.  
138. // get the cookie_name
139. $config['cookie_name'] = $sspAuthsources->getValue('cookie_name', 'drupalauth4ssp');
140.  
141. unset($sspAuthsources);
142.  
143. // make sure every configuration setting is present
144. foreach ($config as $val) {
145.  
146. if (!strlen($val)) {
147. return;
148. }
149.  
150. }
151.  
152. return $config;
153.  
154. }
155.  
156.  
157. // sets a special cookie
158. function _drupalauth4ssp_exec($account) {
159.  
160. // Get the configuration information from SimpleSAMLphp
161. $sspConfig = _drupalauth4ssp_get_simplesamlphp_config();
162.  
163. // If we don't have configuration, exit without doing anything
164. if (!is_array($sspConfig)) {
165. // The least we can do is write something to the watchdog so someone will know what's happening.
166. watchdog('drupalauth4ssp', 'Could not use drupalauth for %name, could not get the SimpleSAMLphp configuration.', array('%name' => $user->name));
167. return;
168. }
169.  
170. // Check legal agreement
171. if (module_exists('entity_legal') && function_exists('entity_legal_page_build')) {
172. entity_legal_page_build();
173. }
174.  
175. // Store the authenticated user's uid in the cookie (create a validation hash to ensure nobody tampers with the uid)
176. setcookie($sspConfig['cookie_name'], sha1($sspConfig['secretsalt'] . $account->uid) . ':' . $account->uid, 0, $sspConfig['baseurlpath']);
177.  
178.  
179.  
180.  
181. // if the ReturnTo URL is present, send the user to the URL
182. if (isset($_GET['ReturnTo']) && $_GET['ReturnTo']) {
183. header('Location: ' . $_GET['ReturnTo']);
184. die;
185. }
186.  
187. }