CAS authentification with minimum change.

13 years ago · 99827958a7
parent 4b76fbe401
commit 99827958a7
5 changed files with 44 additions and 28 deletions
--- a/main/auth/cas/authcas.php
+++ b/main/auth/cas/authcas.php
@ -62,27 +62,41 @@ function cas_is_authenticated()
 			default:
 				$status=5; // Student
 		}*/
-		//If the user is in the dokeos database and we are ,not in a logout request, we upgrade his infomration by ldap
-		if (! $logout){
-			$user_table = Database::get_main_table(TABLE_MAIN_USER);
-			$sql = "SELECT user_id, username, password, auth_source, active, expiration_date ".
-				"FROM $user_table ".
-				"WHERE username = '$login' ";
-
-			$result = api_sql_query($sql,__FILE__,__LINE__);
-			if(mysql_num_rows($result) == 0) { 
-				require_once(api_get_path(SYS_PATH).'main/inc/lib/usermanager.lib.php');
-				$rnumber=rand(0,256000);
-				UserManager::create_user($firstName, $lastName, $status, $email, $login, md5('casplaceholder'.$rnumber), $official_code='',$language='',$phone='',$picture_uri='',$auth_source = PLATFORM_AUTH_SOURCE);
-			}
-			else {
-				$user = mysql_fetch_assoc($result);
-				$user_id = intval($user['user_id']);
-				//echo "deb : $status";
-				UserManager::update_user ($user_id, $firstname, $lastname, $login, null, null, $email, $status, '', '', '', '', 1, null, 0, null,'') ;
-
-			}
-		}
+		if (!$logout){
+		    // get user info from username
+		    $tab_user_info = UserManager::get_user_info($login);
+		    // user found in the chamilo database
+		    if (is_array($tab_user_info)) {
+		        // if option is on we can update user automatically from ldap server
+		        return $login;
+		    }
+		    // user not found
+		    else {
+		        // if option is on we can add user automatically from ldap server
+		        return false;
+		    }
+		}		
+//		//If the user is in the dokeos database and we are ,not in a logout request, we upgrade his infomration by ldap
+//		if (! $logout){
+//			$user_table = Database::get_main_table(TABLE_MAIN_USER);
+//			$sql = "SELECT user_id, username, password, auth_source, active, expiration_date ".
+//				"FROM $user_table ".
+//				"WHERE username = '$login' ";
+//
+//			$result = api_sql_query($sql,__FILE__,__LINE__);
+//			if(mysql_num_rows($result) == 0) { 
+//				require_once(api_get_path(SYS_PATH).'main/inc/lib/usermanager.lib.php');
+//				$rnumber=rand(0,256000);
+//				UserManager::create_user($firstName, $lastName, $status, $email, $login, md5('casplaceholder'.$rnumber), $official_code='',$language='',$phone='',$picture_uri='',$auth_source = PLATFORM_AUTH_SOURCE);
+//			}
+//			else {
+//				$user = mysql_fetch_assoc($result);
+//				$user_id = intval($user['user_id']);
+//				//echo "deb : $status";
+//				UserManager::update_user ($user_id, $firstname, $lastname, $login, null, null, $email, $status, '', '', '', '', 1, null, 0, null,'') ;
+//
+//			}
+//		}
 		return($login);
 	}
 	else 
--- a/main/auth/cas/cas_var.inc.php
+++ b/main/auth/cas/cas_var.inc.php
@ -3,18 +3,19 @@
 * In the future, these will be in the database
 */
 require_once('lib/CAS.php');
-define("CAS_VERSION_2_0",'2.0');
-define("SAML_VERSION_1_1", 'S1'); 

 global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri; 

 $cas_auth_server = api_get_setting('cas_server');
 $cas_auth_uri = api_get_setting('cas_server_uri');
 $cas_auth_port = intval(api_get_setting('cas_port'));
+switch (api_get_setting('cas_protocol')) {
+    case 'CAS1': $cas_auth_ver = CAS_VERSION_1_0; break;
+    case 'CAS2': $cas_auth_ver = CAS_VERSION_2_0; break;
+    case 'SAML': $cas_auth_ver = SAML_VERSION_1_1; break;
+    default : $cas_auth_ver = CAS_VERSION_2_0; break;
+}

 $cas_auth_uri = api_get_setting('cas_server_uri');
 if ( ! is_string($cas_auth_uri)) $cas_auth_uri = ''; 
-	
-$cas_auth_ver = '2.0';
-//$cas_auth_ver = SAML_VERSION_1_1;
 ?>
--- a/main/auth/cas/logincas.php
+++ b/main/auth/cas/logincas.php
@ -21,5 +21,4 @@ if (!is_object($PHPCAS_CLIENT) ) {
 	phpCAS::setNoCasServerValidation();
 }
 phpCAS::forceAuthentication();
-//echo 'ici';
 header('Location: '.api_get_path(WEB_PATH).api_get_setting('page_after_login'));
--- a/main/inc/lib/main_api.lib.php
+++ b/main/inc/lib/main_api.lib.php
@ -118,6 +118,8 @@ define('SECTION_GLOBAL', 'global');

 // CONSTANT name for local authentication source
 define('PLATFORM_AUTH_SOURCE', 'platform');
+define('CAS_AUTH_SOURCE', 'cas');
+define('LDAP_AUTH_SOURCE', 'extldap');

 // CONSTANT defining the default HotPotatoes files directory
 define('DIR_HOTPOTATOES','/HotPotatoes_files');
--- a/main/inc/local.inc.php
+++ b/main/inc/local.inc.php
@ -258,7 +258,7 @@ if (!empty($_SESSION['_user']['user_id']) && ! ($login || $logout)) {
 		if (Database::num_rows($result) > 0) {
 			$uData = Database::fetch_array($result);

-			if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE) {
+			if ($uData['auth_source'] == PLATFORM_AUTH_SOURCE || $uData['auth_source'] == CAS_AUTH_SOURCE) {
 				//the authentification of this user is managed by Chamilo itself
 				$password = trim(stripslashes($password));