From 055d05059b331382293d9362183cbe6aba55c3db Mon Sep 17 00:00:00 2001 From: Ro$k0 Date: Mon, 10 Sep 2018 22:42:26 +1200 Subject: [PATCH 1/5] Added composer.json. --- composer.json | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 composer.json diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..cdd8923 --- /dev/null +++ b/composer.json @@ -0,0 +1,33 @@ +{ + "name": "drupalauth/simplesamlphp-module-drupalauth", + "description": "A SimpleSAMLphp module adding support for Drupal as the authentication source.", + "homepage": "https://github.com/drupalauth/simplesamlphp-module-drupalauth", + "type": "simplesamlphp-module", + "keywords": [ + "SimpleSAMLphp", + "Drupal", + "Authentication" + ], + "license": "LGPL-2.1", + "authors": [ + { + "name": "Steve Moitozo", + "email": "smoitozo@gmail.com" + }, + { + "name": "Contributors", + "homepage": "https://github.com/drupalauth/simplesamlphp-module-drupalauth/graphs/contributors", + "role": "Contributors" + } + ], + "require": { + "simplesamlphp/simplesamlphp": "~1.0", + "simplesamlphp/composer-module-installer": "~1.0" + }, + "require-dev": { + "phpunit/phpunit": "^5|^6" + }, + "autoload-dev": { + "classmap": ["lib/", "tests/lib/"] + } +} From d1e8bfa200e32346e49ee403cc42f106bf17e75b Mon Sep 17 00:00:00 2001 From: Roderik Muit Date: Sat, 26 Jan 2019 15:08:28 +0100 Subject: [PATCH 2/5] Convert assert() arguments from strings to expressions; each is boolean. (This is also what SimpleSAMLphp 1.6 does.) --- lib/Auth/Source/External.php | 12 ++++++------ lib/Auth/Source/UserPass.php | 8 ++++---- lib/ConfigHelper.php | 4 ++-- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/Auth/Source/External.php b/lib/Auth/Source/External.php index 39b2151..9791767 100755 --- a/lib/Auth/Source/External.php +++ b/lib/Auth/Source/External.php @@ -141,8 +141,8 @@ class sspmod_drupalauth_Auth_Source_External extends SimpleSAML_Auth_Source { * @param array $config Configuration. */ public function __construct($info, $config) { - assert('is_array($info)'); - assert('is_array($config)'); + assert(is_array($info)); + assert(is_array($config)); /* Call the parent constructor first, as required by the interface. */ parent::__construct($info, $config); @@ -318,7 +318,7 @@ private function getUser() { * @param array &$state Information about the current authentication. */ public function authenticate(&$state) { - assert('is_array($state)'); + assert(is_array($state) ); $attributes = $this->getUser(); if ($attributes !== NULL) { @@ -390,7 +390,7 @@ public function authenticate(&$state) { /* * The redirect function never returns, so we never get this far. */ - assert('FALSE'); + assert(FALSE); } @@ -469,7 +469,7 @@ public static function resume() { /* * The completeAuth-function never returns, so we never get this far. */ - assert('FALSE'); + assert(FALSE); } @@ -480,7 +480,7 @@ public static function resume() { * @param array &$state The logout state array. */ public function logout(&$state) { - assert('is_array($state)'); + assert(is_array($state)); if (!session_id()) { /* session_start not called before. Do it here. */ diff --git a/lib/Auth/Source/UserPass.php b/lib/Auth/Source/UserPass.php index c80db8e..641d559 100644 --- a/lib/Auth/Source/UserPass.php +++ b/lib/Auth/Source/UserPass.php @@ -98,8 +98,8 @@ class sspmod_drupalauth_Auth_Source_UserPass extends sspmod_core_Auth_UserPassBa * @param array $config Configuration. */ public function __construct($info, $config) { - assert('is_array($info)'); - assert('is_array($config)'); + assert(is_array($info)); + assert(is_array($config)); /* Call the parent constructor first, as required by the interface. */ parent::__construct($info, $config); @@ -148,8 +148,8 @@ public function __construct($info, $config) { * @return array Associative array with the users attributes. */ protected function login($username, $password) { - assert('is_string($username)'); - assert('is_string($password)'); + assert(is_string($username)); + assert(is_string($password)); // authenticate the user $drupaluid = user_authenticate($username, $password); diff --git a/lib/ConfigHelper.php b/lib/ConfigHelper.php index c975efd..10866bc 100644 --- a/lib/ConfigHelper.php +++ b/lib/ConfigHelper.php @@ -73,8 +73,8 @@ class sspmod_drupalauth_ConfigHelper { * @param string $location The location of this configuration. Used for error reporting. */ public function __construct($config, $location) { - assert('is_array($config)'); - assert('is_string($location)'); + assert(is_array($config)); + assert(is_string($location)); $this->location = $location; From 3ffaf3bebb09cf0c5153b500231a8b0dec90fbf4 Mon Sep 17 00:00:00 2001 From: Kirill Roskolii Date: Tue, 9 Apr 2024 06:31:55 +1200 Subject: [PATCH 3/5] Remove extra space --- lib/Auth/Source/External.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Auth/Source/External.php b/lib/Auth/Source/External.php index 9791767..b0d0c9a 100755 --- a/lib/Auth/Source/External.php +++ b/lib/Auth/Source/External.php @@ -318,7 +318,7 @@ private function getUser() { * @param array &$state Information about the current authentication. */ public function authenticate(&$state) { - assert(is_array($state) ); + assert(is_array($state)); $attributes = $this->getUser(); if ($attributes !== NULL) { From 965bf01fbb6e24ba70ea58bd0f2df9e895f6671a Mon Sep 17 00:00:00 2001 From: Daniel Mundra Date: Mon, 8 Apr 2024 10:56:54 -0700 Subject: [PATCH 4/5] Updating 1.7.x to support SimpleSAMLphp 2.0.x, new directory structure. --- {www => public}/resume.php | 5 ++- {lib => src}/Auth/Source/External.php | 40 +++++++++-------- {lib => src}/Auth/Source/UserPass.php | 62 ++++++++++++++------------- {lib => src}/ConfigHelper.php | 14 +++--- 4 files changed, 68 insertions(+), 53 deletions(-) rename {www => public}/resume.php (69%) rename {lib => src}/Auth/Source/External.php (91%) rename {lib => src}/Auth/Source/UserPass.php (93%) rename {lib => src}/ConfigHelper.php (93%) diff --git a/www/resume.php b/public/resume.php similarity index 69% rename from www/resume.php rename to public/resume.php index d1d8261..a7a0a57 100644 --- a/www/resume.php +++ b/public/resume.php @@ -9,4 +9,7 @@ * @package simpleSAMLphp * @version $Id$ */ -sspmod_drupalauth_Auth_Source_External::resume(); + +use SimpleSAML\Module\drupalauth\Auth\Source\External; + +External::resume($_REQUEST['State']); diff --git a/lib/Auth/Source/External.php b/src/Auth/Source/External.php similarity index 91% rename from lib/Auth/Source/External.php rename to src/Auth/Source/External.php index b0d0c9a..9b0534c 100755 --- a/lib/Auth/Source/External.php +++ b/src/Auth/Source/External.php @@ -1,5 +1,10 @@ authId, TRUE)); $this->debug = $drupalAuthConfig->getDebug(); @@ -162,7 +167,7 @@ public function __construct($info, $config) { define('DRUPAL_ROOT', $drupalAuthConfig->getDrupalroot()); } - $ssp_config = SimpleSAML_Configuration::getInstance(); + $ssp_config = \SimpleSAML\Configuration::getInstance(); $this->cookie_path = '/' . $ssp_config->getValue('baseurlpath'); $this->cookie_salt = $ssp_config->getValue('secretsalt'); @@ -211,7 +216,7 @@ private function getUser() { if(sha1($this->cookie_salt . $arrCookie[1]) == $arrCookie[0]) { $drupaluid = $arrCookie[1]; } else { - throw new SimpleSAML_Error_Exception('Cookie hash invalid. This indicates either tampering or an out of date drupal4ssp module.'); + throw new \SimpleSAML\Error\Exception('Cookie hash invalid. This indicates either tampering or an out of date drupal4ssp module.'); } } @@ -296,7 +301,7 @@ private function getUser() { } $attributes[$userAttrNames[$userKey]] = is_array($value) ? $value : array($value); } - catch (Exception $e) { + catch (\Exception $e) { watchdog_exception('simplesaml', $e); } } @@ -317,7 +322,7 @@ private function getUser() { * * @param array &$state Information about the current authentication. */ - public function authenticate(&$state) { + public function authenticate(array &$state): void { assert(is_array($state)); $attributes = $this->getUser(); @@ -357,14 +362,14 @@ public function authenticate(&$state) { * and restores it in another location, and thus bypasses steps in * the authentication process. */ - $stateId = SimpleSAML_Auth_State::saveState($state, 'drupalauth:External'); + $stateId = \SimpleSAML\Auth\State::saveState($state, 'drupalauth:External'); /* * Now we generate an URL the user should return to after authentication. * We assume that whatever authentication page we send the user to has an * option to return the user to a specific page afterwards. */ - $returnTo = SimpleSAML_Module::getModuleURL('drupalauth/resume.php', array( + $returnTo = \SimpleSAML\Module::getModuleURL('drupalauth/resume.php', array( 'State' => $stateId, )); @@ -383,7 +388,8 @@ public function authenticate(&$state) { * Note the 'ReturnTo' parameter. This must most likely be replaced with * the real name of the parameter for the login page. */ - SimpleSAML_Utilities::redirect($authPage, array( + $http = new \SimpleSAML\Utils\HTTP(); + $http->redirectTrustedURL($authPage, array( 'ReturnTo' => $returnTo, )); @@ -409,7 +415,7 @@ public static function resume() { * it in the 'State' request parameter. */ if (!isset($_REQUEST['State'])) { - throw new SimpleSAML_Error_BadRequest('Missing "State" parameter.'); + throw new \SimpleSAML\Error\BadRequest('Missing "State" parameter.'); } $stateId = (string)$_REQUEST['State']; @@ -417,19 +423,19 @@ public static function resume() { * Once again, note the second parameter to the loadState function. This must * match the string we used in the saveState-call above. */ - $state = SimpleSAML_Auth_State::loadState($stateId, 'drupalauth:External'); + $state = \SimpleSAML\Auth\State::loadState($stateId, 'drupalauth:External'); /* * Now we have the $state-array, and can use it to locate the authentication * source. */ - $source = SimpleSAML_Auth_Source::getById($state['drupalauth:AuthID']); + $source = Source::getById($state['drupalauth:AuthID']); if ($source === NULL) { /* * The only way this should fail is if we remove or rename the authentication source * while the user is at the login page. */ - throw new SimpleSAML_Error_Exception('Could not find authentication source with id ' . $state[self::AUTHID]); + throw new \SimpleSAML\Error\Exception('Could not find authentication source with id ' . $state['drupalauth:AuthID']); } /* @@ -438,7 +444,7 @@ public static function resume() { * change config/authsources.php while an user is logging in. */ if (! ($source instanceof self)) { - throw new SimpleSAML_Error_Exception('Authentication source type changed.'); + throw new \SimpleSAML\Error\Exception('Authentication source type changed.'); } @@ -455,7 +461,7 @@ public static function resume() { * Here we simply throw an exception, but we could also redirect the user back to the * login page. */ - throw new SimpleSAML_Error_Exception('User not authenticated after login page.'); + throw new \SimpleSAML\Error\Exception('User not authenticated after login page.'); } /* @@ -464,7 +470,7 @@ public static function resume() { */ $state['Attributes'] = $attributes; - SimpleSAML_Auth_Source::completeAuth($state); + Source::completeAuth($state); /* * The completeAuth-function never returns, so we never get this far. @@ -479,7 +485,7 @@ public static function resume() { * * @param array &$state The logout state array. */ - public function logout(&$state) { + public function logout(array &$state): void { assert(is_array($state)); if (!session_id()) { diff --git a/lib/Auth/Source/UserPass.php b/src/Auth/Source/UserPass.php similarity index 93% rename from lib/Auth/Source/UserPass.php rename to src/Auth/Source/UserPass.php index 641d559..c904151 100644 --- a/lib/Auth/Source/UserPass.php +++ b/src/Auth/Source/UserPass.php @@ -1,9 +1,13 @@ , http://www.sil.org + * Copyright SIL International, Steve Moitozo, , http://www.sil.org * * This class is a Drupal authentication source which authenticates users * against a Drupal site located on the same server. @@ -21,18 +25,18 @@ * ------------------------------------------------------------------- * * To use this put something like this into config/authsources.php: - * + * * 'drupal-userpass' => array( * 'drupalauth:UserPass', - * + * * // The filesystem path of the Drupal directory. * 'drupalroot' => '/var/www/drupal-7.0', - * + * * // Whether to turn on debug * 'debug' => true, - * - * // Which attributes should be retrieved from the Drupal site. - * + * + * // Which attributes should be retrieved from the Drupal site. + * * 'attributes' => array( * array('drupaluservar' => 'uid', 'callit' => 'uid'), * array('drupaluservar' => 'name', 'callit' => 'cn'), @@ -43,12 +47,12 @@ * array('drupaluservar' => 'roles','callit' => 'roles'), * ), * ), - * + * * Format of the 'attributes' array explained: * * 'attributes' can be an associate array of attribute names, or NULL, in which case * all attributes are fetched. - * + * * If you want everything (except) the password hash do this: * 'attributes' => NULL, * @@ -59,10 +63,10 @@ * array('drupaluservar' => 'mail', 'callit' => 'mail'), * array('drupaluservar' => 'roles','callit' => 'roles'), * ), - * - * The value for 'drupaluservar' is the variable name for the attribute in the + * + * The value for 'drupaluservar' is the variable name for the attribute in the * Drupal user object. - * + * * The value for 'callit' is the name you want the attribute to have when it's * returned after authentication. You can use the same value in both or you can * customize by putting something different in for 'callit'. For an example, @@ -73,7 +77,7 @@ * @package drupalauth * @version $Id$ */ -class sspmod_drupalauth_Auth_Source_UserPass extends sspmod_core_Auth_UserPassBase { +class UserPass extends \SimpleSAML\Module\core\Auth\UserPassBase { /** * Whether to turn on debugging @@ -103,9 +107,9 @@ public function __construct($info, $config) { /* Call the parent constructor first, as required by the interface. */ parent::__construct($info, $config); - - /* Get the configuration for this module */ - $drupalAuthConfig = new sspmod_drupalauth_ConfigHelper($config, + + /* Get the configuration for this module */ + $drupalAuthConfig = new ConfigHelper($config, 'Authentication source ' . var_export($this->authId, TRUE)); $this->debug = $drupalAuthConfig->getDebug(); @@ -125,7 +129,7 @@ public function __construct($info, $config) { * prevents the need for hackery here and makes this module work better in different environments. */ drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL); - + // we need to be able to call Drupal user function so we load some required modules drupal_load('module', 'system'); drupal_load('module', 'user'); @@ -154,7 +158,7 @@ protected function login($username, $password) { // authenticate the user $drupaluid = user_authenticate($username, $password); if(0 == $drupaluid){ - throw new SimpleSAML_Error_Error('WRONGUSERPASS'); + throw new \SimpleSAML\Error\Error('WRONGUSERPASS'); } // load the user object from Drupal @@ -162,43 +166,43 @@ protected function login($username, $password) { // get all the attributes out of the user object $userAttrs = get_object_vars($drupaluser); - + // define some variables to use as arrays $userAttrNames = null; $attributes = null; - + // figure out which attributes to include if(NULL == $this->attributes){ $userKeys = array_keys($userAttrs); - + // populate the attribute naming array foreach($userKeys as $userKey){ $userAttrNames[$userKey] = $userKey; } - + }else{ // populate the array of attribute keys // populate the attribute naming array foreach($this->attributes as $confAttr){ - + $userKeys[] = $confAttr['drupaluservar']; $userAttrNames[$confAttr['drupaluservar']] = $confAttr['callit']; - + } - + } - + // an array of the keys that should never be included // (e.g., pass) $skipKeys = array('pass'); - // package up the user attributes + // package up the user attributes foreach($userKeys as $userKey){ // skip any keys that should never be included if(!in_array($userKey, $skipKeys)){ - if( is_string($userAttrs[$userKey]) + if( is_string($userAttrs[$userKey]) || is_numeric($userAttrs[$userKey]) || is_bool($userAttrs[$userKey]) ){ @@ -217,7 +221,7 @@ protected function login($username, $password) { } } - + return $attributes; } diff --git a/lib/ConfigHelper.php b/src/ConfigHelper.php similarity index 93% rename from lib/ConfigHelper.php rename to src/ConfigHelper.php index 10866bc..9256345 100644 --- a/lib/ConfigHelper.php +++ b/src/ConfigHelper.php @@ -1,9 +1,11 @@ , http://www.sil.org + * Copyright SIL International, Steve Moitozo, , http://www.sil.org * * This class is a Drupal authentication source which authenticates users * against a Drupal site located on the same server. @@ -18,7 +20,7 @@ * @package drupalauth * @version $Id$ */ -class sspmod_drupalauth_ConfigHelper { +class ConfigHelper { /** @@ -79,7 +81,7 @@ public function __construct($config, $location) { $this->location = $location; /* Parse configuration. */ - $config = SimpleSAML_Configuration::loadFromArray($config, $location); + $config = \SimpleSAML\Configuration::loadFromArray($config, $location); $this->drupalroot = $config->getString('drupalroot'); $this->debug = $config->getBoolean('debug', FALSE); @@ -89,7 +91,7 @@ public function __construct($config, $location) { $this->drupal_login_url = $config->getString('drupal_login_url', NULL); } - + /** * Return the debug @@ -97,7 +99,7 @@ public function __construct($config, $location) { * @param boolean $debug whether or not debugging should be turned on */ public function getDebug() { - return $this->debug; + return $this->debug; } /** @@ -106,7 +108,7 @@ public function getDebug() { * @param string $drupalroot the directory of the Drupal site */ public function getDrupalroot() { - return $this->drupalroot; + return $this->drupalroot; } /** From 6d023940e6e2a40799c578d52aed84302a954665 Mon Sep 17 00:00:00 2001 From: Daniel Mundra Date: Mon, 8 Apr 2024 13:18:51 -0700 Subject: [PATCH 5/5] Switched UserPassBase to use 'use' statement. --- src/Auth/Source/UserPass.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Auth/Source/UserPass.php b/src/Auth/Source/UserPass.php index c904151..1115d98 100644 --- a/src/Auth/Source/UserPass.php +++ b/src/Auth/Source/UserPass.php @@ -2,6 +2,7 @@ namespace SimpleSAML\Module\drupalauth\Auth\Source; +use SimpleSAML\Module\core\Auth\UserPassBase; use SimpleSAML\Module\drupalauth\ConfigHelper; /** @@ -77,7 +78,7 @@ * @package drupalauth * @version $Id$ */ -class UserPass extends \SimpleSAML\Module\core\Auth\UserPassBase { +class UserPass extends UserPassBase { /** * Whether to turn on debugging