ホーム エクスプローラ ヘルプ
サインイン
ajdunevent
/
gnu-social
フォーク元 diogo/gnu-social
Watch 1
Star 0
Fork 0
ファイル
ツリー: 6e031d623a
ブランチ タグ
gnu-social
/
plugins
/
CasAuthentication
/
CasAuthenticationPlugin.php

CasAuthenticationPlugin.php 5.1 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144 
  1. <?php
    2. 

  2. // This file is part of GNU social - https://www.gnu.org/software/social
    3. 

  3. //
    4. 

  4. // GNU social is free software: you can redistribute it and/or modify
    5. 

  5. // it under the terms of the GNU Affero General Public License as published by
    6. 

  6. // the Free Software Foundation, either version 3 of the License, or
    7. 

  7. // (at your option) any later version.
    8. 

  8. //
    9. 

  9. // GNU social is distributed in the hope that it will be useful,
    10. 

  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12. // GNU Affero General Public License for more details.
    13. 

  13. //
    14. 

  14. // You should have received a copy of the GNU Affero General Public License
    15. 

  15. // along with GNU social.  If not, see <http://www.gnu.org/licenses/>.
    16. 

  16. 

  17. /**
    18. 

  18.  * Plugin to enable Single Sign On via CAS (Central Authentication Service)
    19. 

  19.  *
    20. 

  20.  * @category  Plugin
    21. 

  21.  * @package   GNUsocial
    22. 

  22.  * @author    Craig Andrews <candrews@integralblue.com>
    23. 

  23.  * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
    24. 

  24.  * @license   https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
    25. 

  25.  */
    26. 

  26. 

  27. defined('GNUSOCIAL') || die();
    28. 

  28. 

  29. class CasAuthenticationPlugin extends AuthenticationPlugin
    30. 

  30. {
    31. 

  31.     const PLUGIN_VERSION = '2.0.0';
    32. 

  32. 

  33.     public $server;
    34. 

  34.     public $port = 443;
    35. 

  35.     public $path = '';
    36. 

  36.     public $takeOverLogin = false;
    37. 

  37.     public $user_whitelist = null;
    38. 

  38. 

  39.     public function checkPassword($username, $password)
    40. 

  40.     {
    41. 

  41.         global $casTempPassword;
    42. 

  42.         return ($casTempPassword == $password);
    43. 

  43.     }
    44. 

  44. 

  45.     public function onArgsInitialize(&$args)
    46. 

  46.     {
    47. 

  47.         if ($this->takeOverLogin && $args['action'] === 'login') {
    48. 

  48.             $args['action'] = 'caslogin';
    49. 

  49.         }
    50. 

  50.     }
    51. 

  51. 

  52.     public function onStartInitializeRouter($m)
    53. 

  53.     {
    54. 

  54.         $m->connect('main/cas', array('action' => 'caslogin'));
    55. 

  55.         return true;
    56. 

  56.     }
    57. 

  57. 

  58.     public function onEndLoginGroupNav($action)
    59. 

  59.     {
    60. 

  60.         $action_name = $action->trimmed('action');
    61. 

  61. 

  62.         $action->menuItem(
    63. 

  63.             common_local_url('caslogin'),
    64. 

  64.             // TRANS: Menu item. CAS is Central Authentication Service.
    65. 

  65.             _m('CAS'),
    66. 

  66.             // TRANS: Tooltip for menu item. CAS is Central Authentication Service.
    67. 

  67.             _m('Login or register with CAS.'),
    68. 

  68.             ($action_name === 'caslogin')
    69. 

  69.         );
    70. 

  70. 

  71.         return true;
    72. 

  72.     }
    73. 

  73. 

  74.     public function onEndShowPageNotice($action)
    75. 

  75.     {
    76. 

  76.         $name = $action->trimmed('action');
    77. 

  77. 

  78.         switch ($name) {
    79. 

  79.             case 'login':
    80. 

  80.                 // TRANS: Invitation to users with a CAS account to log in using the service.
    81. 

  81.                 // TRANS: "[CAS login]" is a link description. (%%action.caslogin%%) is the URL.
    82. 

  82.                 // TRANS: These two elements may not be separated.
    83. 

  83.                 $instr = _m('(Have an account with CAS? ' .
    84. 

  84.                     'Try our [CAS login](%%action.caslogin%%)!)');
    85. 

  85.                 break;
    86. 

  86.             default:
    87. 

  87.                 return true;
    88. 

  88.         }
    89. 

  89. 

  90.         $output = common_markup_to_html($instr);
    91. 

  91.         $action->raw($output);
    92. 

  92.         return true;
    93. 

  93.     }
    94. 

  94. 

  95.     public function onLoginAction($action, &$login)
    96. 

  96.     {
    97. 

  97.         switch ($action) {
    98. 

  98.             case 'caslogin':
    99. 

  99.                 $login = true;
    100. 

  100.                 return false;
    101. 

  101.             default:
    102. 

  102.                 return true;
    103. 

  103.         }
    104. 

  104.     }
    105. 

  105. 

  106.     public function onInitializePlugin()
    107. 

  107.     {
    108. 

  108.         parent::onInitializePlugin();
    109. 

  109.         if (!isset($this->server)) {
    110. 

  110.             // TRANS: Exception thrown when the CAS Authentication plugin has been configured incorrectly.
    111. 

  111.             throw new Exception(_m("Specifying a server is required."));
    112. 

  112.         }
    113. 

  113.         if (!isset($this->port)) {
    114. 

  114.             // TRANS: Exception thrown when the CAS Authentication plugin has been configured incorrectly.
    115. 

  115.             throw new Exception(_m("Specifying a port is required."));
    116. 

  116.         }
    117. 

  117.         if (!isset($this->path)) {
    118. 

  118.             // TRANS: Exception thrown when the CAS Authentication plugin has been configured incorrectly.
    119. 

  119.             throw new Exception(_m("Specifying a path is required."));
    120. 

  120.         }
    121. 

  121.         //These values need to be accessible to a action object
    122. 

  122.         //I can't think of any other way than global variables
    123. 

  123.         //to allow the action instance to be able to see values :-(
    124. 

  124.         global $casSettings;
    125. 

  125.         $casSettings = array();
    126. 

  126.         $casSettings['server']=$this->server;
    127. 

  127.         $casSettings['port']=$this->port;
    128. 

  128.         $casSettings['path']=$this->path;
    129. 

  129.         $casSettings['takeOverLogin']=$this->takeOverLogin;
    130. 

  130.         $casSettings['user_whitelist']=$this->user_whitelist;
    131. 

  131.     }
    132. 

  132. 

  133.     public function onPluginVersion(array &$versions): bool
    134. 

  134.     {
    135. 

  135.         $versions[] = array('name' => 'CAS Authentication',
    136. 

  136.                             'version' => self::PLUGIN_VERSION,
    137. 

  137.                             'author' => 'Craig Andrews',
    138. 

  138.                             'homepage' => GNUSOCIAL_ENGINE_REPO_URL . 'tree/master/plugins/CasAuthentication',
    139. 

  139.                             // TRANS: Plugin description. CAS is Central Authentication Service.
    140. 

  140.                             'rawdescription' => _m('The CAS Authentication plugin allows for StatusNet to handle authentication through CAS (Central Authentication Service).'));
    141. 

  141.         return true;
    142. 

  142.     }
    143. 

  143. }
    144. 

  144.