Add "webservice_validation" conf to validate login against a webservice

See BT#14613
8 years ago · 7b1bf11218
parent 2109fc9591
commit 7b1bf11218
2 changed files with 33 additions and 1 deletions
--- a/main/inc/local.inc.php
+++ b/main/inc/local.inc.php
@ -355,8 +355,31 @@ if (!empty($_SESSION['_user']['user_id']) && !($login || $logout)) {
                    $uData['salt']
                );

+                $checkUserFromExternalWebservice = false;
+                // If user can't connect directly to chamilo then check the webservice setting
+                if ($validPassword === false) {
+                    // Use external webservice to
+                    $options = api_get_configuration_value('webservice_validation');
+                    if (!empty($options) && isset($options['options']) && !empty($options['options'])) {
+                        $options = $options['options'];
+                        $soapclient = new nusoap_client($options['wsdl']);
+                        $function = $options['check_login_function'];
+                        $params = [
+                            'login' => $uData['username'],
+                            'password' => $password
+                        ];
+                        $result = $soapclient->call($function, [serialize($params)]);
+                        if ($error = $soapclient->getError()) {
+                            error_log('error');
+                            error_log(print_r($error, 1));
+                        } elseif ((int) $result === 1) {
+                            $checkUserFromExternalWebservice = true;
+                        }
+                    }
+                }
+
                // Check the user's password
-                if (($validPassword || $cas_login) &&
+                if (($validPassword || $cas_login || $checkUserFromExternalWebservice) &&
                    (trim($login) == $uData['username'])
                ) {
                    // Means that the login was loaded in a different page than index.php
--- a/main/install/configuration.dist.php
+++ b/main/install/configuration.dist.php
@ -931,6 +931,15 @@ VALUES (2, 13, 'session_courses_read_only_mode', 'Lock Course In Session', 1, 1,
 // ALTER TABLE usergroup ADD author_id INT DEFAULT NULL;
 //$_configuration['allow_teachers_to_classes'] = false;

+// Validate user login via a webservice, Chamilo will send a "login" and "password" parameters
+// to the "myWebServiceFunctionToLogin" function, the result should be "1" if the user have access.
+/*$_configuration['webservice_validation'] = [
+    'options' => [
+        'wsdl' => 'https://example.com/soap?wsdl',
+        'check_login_function' => 'myWebServiceFunctionToLogin'
+    ]
+];*/
+
 // ------ Custom DB changes (keep this at the end)
 // Add user activation by confirmation email
 // This option prevents the new user to login in the platform if your account is not confirmed via email