Select Git revision
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
StudipAuthShib.class.php 4.95 KiB
<?php
# Lifter007: TODO
# Lifter003: TODO
# Lifter010: TODO
/*
* StudipAuthShib.class.php - Stud.IP authentication against Shibboleth server
* Copyright (c) 2007 Elmar Ludwig, Universitaet Osnabrueck
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
*/
class StudipAuthShib extends StudipAuthSSO
{
public $env_remote_user = 'HTTP_REMOTE_USER';
public $local_domain;
public $session_initiator;
public $validate_url;
public $userdata;
public $username_attribute = 'username';
/**
* Constructor: read auth information from remote SP.
*/
public function __construct($config = [])
{
parent::__construct($config);
if (!isset($this->plugin_fullname)) {
$this->plugin_fullname = _('Shibboleth');
}
if (!isset($this->login_description)) {
$this->login_description = _('für Single Sign On mit Shibboleth');
}
if (Request::get('sso') === $this->plugin_name && isset($this->validate_url) && isset($_REQUEST['token'])) {
$context = get_default_http_stream_context($this->validate_url);
$auth = file_get_contents($this->validate_url . '/' . $_REQUEST['token'], false, $context);
$this->userdata = json_decode($auth, true);
if ($this->username_attribute !== 'username') {
$this->userdata['username'] = $this->userdata[$this->username_attribute];
}
if (isset($this->local_domain)) {
$this->userdata['username'] =
str_replace('@' . $this->local_domain, '', $this->userdata['username']);
}
}
}
/**
* Return the current username.
*/
function getUser()
{
return $this->userdata['username'];
}
/**
* Return the current URL (including parameters).
*/
function getURL()
{
$url = $_SERVER['HTTPS'] == 'on' ? 'https' : 'http';
$url .= '://';
if (empty($_SERVER['SERVER_NAME'])) {