#97 Support SimpleSAMLphp 2.0.x in Drupal 7

Author: RoSk0

www/resume.php renamed to public/resume.php

@@ -9,4 +9,7 @@
  * @package simpleSAMLphp
  * @version $Id$
  */
-sspmod_drupalauth_Auth_Source_External::resume();
+
+use SimpleSAML\Module\drupalauth\Auth\Source\External;
+
+External::resume($_REQUEST['State']);

lib/Auth/Source/External.php renamed to src/Auth/Source/External.php

@@ -1,5 +1,10 @@
 <?php
 
+namespace SimpleSAML\Module\drupalauth\Auth\Source;
+
+use SimpleSAML\Auth\Source;
+use SimpleSAML\Module\drupalauth\ConfigHelper;
+
 /**
  * Drupalath authentication source for using Drupal's login page.
  *
@@ -92,7 +97,7 @@
  * @package drupalauth
  * @version $Id$
  */
-class sspmod_drupalauth_Auth_Source_External extends SimpleSAML_Auth_Source {
+class External extends Source {
 
   /**
    * Whether to turn on debugging
@@ -149,7 +154,7 @@ public function __construct($info, $config) {
 
 
     /* Get the configuration for this module */
-    $drupalAuthConfig = new sspmod_drupalauth_ConfigHelper($config,
+    $drupalAuthConfig = new ConfigHelper($config,
       'Authentication source ' . var_export($this->authId, TRUE));
 
     $this->debug       = $drupalAuthConfig->getDebug();
@@ -162,7 +167,7 @@ public function __construct($info, $config) {
       define('DRUPAL_ROOT', $drupalAuthConfig->getDrupalroot());
     }
 
-    $ssp_config = SimpleSAML_Configuration::getInstance();
+    $ssp_config = \SimpleSAML\Configuration::getInstance();
     $this->cookie_path = '/' . $ssp_config->getValue('baseurlpath');
     $this->cookie_salt = $ssp_config->getValue('secretsalt');
 
@@ -211,7 +216,7 @@ private function getUser() {
         if(sha1($this->cookie_salt . $arrCookie[1]) == $arrCookie[0]) {
             $drupaluid = $arrCookie[1];
         } else {
-            throw new SimpleSAML_Error_Exception('Cookie hash invalid. This indicates either tampering or an out of date drupal4ssp module.');
+            throw new \SimpleSAML\Error\Exception('Cookie hash invalid. This indicates either tampering or an out of date drupal4ssp module.');
         }
       }
 
@@ -296,7 +301,7 @@ private function getUser() {
               }
               $attributes[$userAttrNames[$userKey]] = is_array($value) ? $value : array($value);
             }
-            catch (Exception $e) {
+            catch (\Exception $e) {
               watchdog_exception('simplesaml', $e);
             }
           }
@@ -317,7 +322,7 @@ private function getUser() {
 	 *
 	 * @param array &$state  Information about the current authentication.
 	 */
-	public function authenticate(&$state) {
+	public function authenticate(array &$state): void {
 		assert(is_array($state));
 
 		$attributes = $this->getUser();
@@ -357,14 +362,14 @@ public function authenticate(&$state) {
 		 * and restores it in another location, and thus bypasses steps in
 		 * the authentication process.
 		 */
-		$stateId = SimpleSAML_Auth_State::saveState($state, 'drupalauth:External');
+		$stateId = \SimpleSAML\Auth\State::saveState($state, 'drupalauth:External');
 
 		/*
 		 * Now we generate an URL the user should return to after authentication.
 		 * We assume that whatever authentication page we send the user to has an
 		 * option to return the user to a specific page afterwards.
 		 */
-		$returnTo = SimpleSAML_Module::getModuleURL('drupalauth/resume.php', array(
+		$returnTo = \SimpleSAML\Module::getModuleURL('drupalauth/resume.php', array(
 			'State' => $stateId,
 		));
 
@@ -383,7 +388,8 @@ public function authenticate(&$state) {
 		 * Note the 'ReturnTo' parameter. This must most likely be replaced with
 		 * the real name of the parameter for the login page.
 		 */
-		SimpleSAML_Utilities::redirect($authPage, array(
+    $http = new \SimpleSAML\Utils\HTTP();
+    $http->redirectTrustedURL($authPage, array(
 			'ReturnTo' => $returnTo,
 		));
 
@@ -409,27 +415,27 @@ public static function resume() {
 		 * it in the 'State' request parameter.
 		 */
 		if (!isset($_REQUEST['State'])) {
-			throw new SimpleSAML_Error_BadRequest('Missing "State" parameter.');
+			throw new \SimpleSAML\Error\BadRequest('Missing "State" parameter.');
 		}
 		$stateId = (string)$_REQUEST['State'];
 
 		/*
 		 * Once again, note the second parameter to the loadState function. This must
 		 * match the string we used in the saveState-call above.
 		 */
-		$state = SimpleSAML_Auth_State::loadState($stateId, 'drupalauth:External');
+		$state = \SimpleSAML\Auth\State::loadState($stateId, 'drupalauth:External');
 
 		/*
 		 * Now we have the $state-array, and can use it to locate the authentication
 		 * source.
 		 */
-		$source = SimpleSAML_Auth_Source::getById($state['drupalauth:AuthID']);
+		$source = Source::getById($state['drupalauth:AuthID']);
 		if ($source === NULL) {
 			/*
 			 * The only way this should fail is if we remove or rename the authentication source
 			 * while the user is at the login page.
 			 */
-			throw new SimpleSAML_Error_Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
+			throw new \SimpleSAML\Error\Exception('Could not find authentication source with id ' . $state['drupalauth:AuthID']);
 		}
 
 		/*
@@ -438,7 +444,7 @@ public static function resume() {
 		 * change config/authsources.php while an user is logging in.
 		 */
 		if (! ($source instanceof self)) {
-			throw new SimpleSAML_Error_Exception('Authentication source type changed.');
+			throw new \SimpleSAML\Error\Exception('Authentication source type changed.');
 		}
 
 
@@ -455,7 +461,7 @@ public static function resume() {
 			 * Here we simply throw an exception, but we could also redirect the user back to the
 			 * login page.
 			 */
-			throw new SimpleSAML_Error_Exception('User not authenticated after login page.');
+			throw new \SimpleSAML\Error\Exception('User not authenticated after login page.');
 		}
 
 		/*
@@ -464,7 +470,7 @@ public static function resume() {
 		 */
 
 		$state['Attributes'] = $attributes;
-		SimpleSAML_Auth_Source::completeAuth($state);
+		Source::completeAuth($state);
 
 		/*
 		 * The completeAuth-function never returns, so we never get this far.
@@ -479,7 +485,7 @@ public static function resume() {
 	 *
 	 * @param array &$state  The logout state array.
 	 */
-	public function logout(&$state) {
+	public function logout(array &$state): void {
     assert(is_array($state));
 
     if (!session_id()) {

lib/Auth/Source/UserPass.php renamed to src/Auth/Source/UserPass.php

@@ -1,9 +1,14 @@
 <?php
 
+namespace SimpleSAML\Module\drupalauth\Auth\Source;
+
+use SimpleSAML\Module\core\Auth\UserPassBase;
+use SimpleSAML\Module\drupalauth\ConfigHelper;
+
 /**
  * Drupal authentication source for simpleSAMLphp
  *
- * Copyright SIL International, Steve Moitozo, <[email protected]>, http://www.sil.org 
+ * Copyright SIL International, Steve Moitozo, <[email protected]>, http://www.sil.org
  *
  * This class is a Drupal authentication source which authenticates users
  * against a Drupal site located on the same server.
@@ -21,18 +26,18 @@
  * -------------------------------------------------------------------
  *
  * To use this put something like this into config/authsources.php:
- *	
+ *
  * 	'drupal-userpass' => array(
  * 		'drupalauth:UserPass',
- * 
+ *
  * 		// The filesystem path of the Drupal directory.
  * 		'drupalroot' => '/var/www/drupal-7.0',
- * 
+ *
  * 		// Whether to turn on debug
  * 		'debug' => true,
- * 
- * 		// Which attributes should be retrieved from the Drupal site.				     
- * 				     
+ *
+ * 		// Which attributes should be retrieved from the Drupal site.
+ *
  *              'attributes' => array(
  *                                    array('drupaluservar'   => 'uid',  'callit' => 'uid'),
  *                                     array('drupaluservar' => 'name', 'callit' => 'cn'),
@@ -43,12 +48,12 @@
  *                                     array('drupaluservar' => 'roles','callit' => 'roles'),
  *                                   ),
  * 	),
- * 
+ *
  * Format of the 'attributes' array explained:
  *
  * 'attributes' can be an associate array of attribute names, or NULL, in which case
  * all attributes are fetched.
- * 
+ *
  * If you want everything (except) the password hash do this:
  *  	'attributes' => NULL,
  *
@@ -59,10 +64,10 @@
  *                     array('drupaluservar' => 'mail', 'callit' => 'mail'),
  *                     array('drupaluservar' => 'roles','callit' => 'roles'),
  *                      ),
- * 
- *  The value for 'drupaluservar' is the variable name for the attribute in the 
+ *
+ *  The value for 'drupaluservar' is the variable name for the attribute in the
  *  Drupal user object.
- * 
+ *
  *  The value for 'callit' is the name you want the attribute to have when it's
  *  returned after authentication. You can use the same value in both or you can
  *  customize by putting something different in for 'callit'. For an example,
@@ -73,7 +78,7 @@
  * @package drupalauth
  * @version $Id$
  */
-class sspmod_drupalauth_Auth_Source_UserPass extends sspmod_core_Auth_UserPassBase {
+class UserPass extends UserPassBase {
 
 	/**
 	 * Whether to turn on debugging
@@ -103,9 +108,9 @@ public function __construct($info, $config) {
 
 		/* Call the parent constructor first, as required by the interface. */
 		parent::__construct($info, $config);
-		
-		/* Get the configuration for this module */	
-		$drupalAuthConfig = new sspmod_drupalauth_ConfigHelper($config,
+
+		/* Get the configuration for this module */
+		$drupalAuthConfig = new ConfigHelper($config,
 			'Authentication source ' . var_export($this->authId, TRUE));
 
 		$this->debug      = $drupalAuthConfig->getDebug();
@@ -125,7 +130,7 @@ public function __construct($info, $config) {
      * prevents the need for hackery here and makes this module work better in different environments.
      */
 		drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
-		
+
 		// we need to be able to call Drupal user function so we load some required modules
     drupal_load('module', 'system');
 		drupal_load('module', 'user');
@@ -154,51 +159,51 @@ protected function login($username, $password) {
 		// authenticate the user
 		$drupaluid = user_authenticate($username, $password);
 		if(0 == $drupaluid){
-			throw new SimpleSAML_Error_Error('WRONGUSERPASS');
+			throw new \SimpleSAML\Error\Error('WRONGUSERPASS');
 		}
 
 		// load the user object from Drupal
 		$drupaluser = user_load($drupaluid);
 
 		// get all the attributes out of the user object
 		$userAttrs = get_object_vars($drupaluser);
-		
+
 		// define some variables to use as arrays
 		$userAttrNames = null;
 		$attributes    = null;
-		
+
 		// figure out which attributes to include
 		if(NULL == $this->attributes){
 		   $userKeys = array_keys($userAttrs);
-		   
+
 		   // populate the attribute naming array
 		   foreach($userKeys as $userKey){
 		      $userAttrNames[$userKey] = $userKey;
 		   }
-		   
+
 		}else{
 		   // populate the array of attribute keys
 		   // populate the attribute naming array
 		   foreach($this->attributes as $confAttr){
-		   
+
 		      $userKeys[] = $confAttr['drupaluservar'];
 		      $userAttrNames[$confAttr['drupaluservar']] = $confAttr['callit'];
-		   
+
 		   }
-		   
+
 		}
-		   
+
 		// an array of the keys that should never be included
 		// (e.g., pass)
 		$skipKeys = array('pass');
 
-		// package up the user attributes	
+		// package up the user attributes
 		foreach($userKeys as $userKey){
 
 		  // skip any keys that should never be included
 		  if(!in_array($userKey, $skipKeys)){
 
-		    if(   is_string($userAttrs[$userKey]) 
+		    if(   is_string($userAttrs[$userKey])
 		       || is_numeric($userAttrs[$userKey])
 		       || is_bool($userAttrs[$userKey])    ){
 
@@ -217,7 +222,7 @@ protected function login($username, $password) {
 
 		  }
 		}
-						    
+
 		return $attributes;
 	}
 

lib/ConfigHelper.php renamed to src/ConfigHelper.php

@@ -1,9 +1,11 @@
 <?php
 
+namespace SimpleSAML\Module\drupalauth;
+
 /**
  * Drupal authentication source configuration parser.
  *
- * Copyright SIL International, Steve Moitozo, <[email protected]>, http://www.sil.org 
+ * Copyright SIL International, Steve Moitozo, <[email protected]>, http://www.sil.org
  *
  * This class is a Drupal authentication source which authenticates users
  * against a Drupal site located on the same server.
@@ -18,7 +20,7 @@
  * @package drupalauth
  * @version $Id$
  */
-class sspmod_drupalauth_ConfigHelper {
+class ConfigHelper {
 
 
 	/**
@@ -79,7 +81,7 @@ public function __construct($config, $location) {
 		$this->location = $location;
 
 		/* Parse configuration. */
-		$config = SimpleSAML_Configuration::loadFromArray($config, $location);
+		$config = \SimpleSAML\Configuration::loadFromArray($config, $location);
 
 		$this->drupalroot = $config->getString('drupalroot');
 		$this->debug = $config->getBoolean('debug', FALSE);
@@ -89,15 +91,15 @@ public function __construct($config, $location) {
     $this->drupal_login_url = $config->getString('drupal_login_url', NULL);
 
 	}
-	
+
 
 	/**
 	 * Return the debug
 	 *
 	 * @param boolean $debug whether or not debugging should be turned on
 	 */
 	public function getDebug() {
-	   return $this->debug; 
+	   return $this->debug;
 	}
 
 	/**
@@ -106,7 +108,7 @@ public function getDebug() {
 	 * @param string $drupalroot the directory of the Drupal site
 	 */
 	public function getDrupalroot() {
-	   return $this->drupalroot; 
+	   return $this->drupalroot;
 	}
 
   /**