authcas.php 6.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197
  1. <?php
  2. /* Written by Noel Dieschburg <noel@cblue.be> for the paris5 university
  3. * Checks if the user is already logged in via the cas system
  4. * Gets all the info via the ldap module (ldap has to work)
  5. */
  6. require_once api_get_path(SYS_PATH).'main/auth/cas/cas_var.inc.php';
  7. require_once api_get_path(SYS_PATH).'main/auth/external_login/ldap.inc.php';
  8. require_once api_get_path(SYS_PATH).'main/auth/external_login/functions.inc.php';
  9. /**
  10. * @return true if cas is configured
  11. *
  12. **/
  13. function cas_configured() {
  14. global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
  15. $res = false;
  16. if (!empty($cas_auth_ver) && !empty($cas_auth_server) && !empty($cas_auth_port)) {
  17. $res = true;
  18. }
  19. return $res;
  20. }
  21. /**
  22. * checks if the user already get a session
  23. * @return the user login if the user already has a session ,false otherwise
  24. **/
  25. function cas_is_authenticated()
  26. {
  27. global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
  28. global $PHPCAS_CLIENT;
  29. global $logout;
  30. if (!cas_configured()) {
  31. return;
  32. }
  33. if (!is_object($PHPCAS_CLIENT)) {
  34. phpCAS::client($cas_auth_ver,$cas_auth_server,$cas_auth_port,$cas_auth_uri);
  35. phpCAS::setNoCasServerValidation();
  36. }
  37. $auth = phpCAS::checkAuthentication();
  38. if ($auth) {
  39. $login= trim(phpCAS::getUser());
  40. /*
  41. Get user attributes. Here are the attributes for crdp platform
  42. sn => name
  43. ENTPersonMailInterne => mail
  44. ENTPersonAlias => login
  45. ENTPersonProfils => profil
  46. givenName => first name
  47. */
  48. /*$user=phpCAS::getAttributes();
  49. $firstName = trim($user['givenName']);
  50. $lastName = trim($user['sn']);
  51. $login = trim($user['ENTPersonAlias']);
  52. $profil = trim($user['ENTPersonProfils']);
  53. $email = trim($user['ENTPersonMailInterne']);
  54. $satus=5;
  55. switch ($profil){
  56. case 'admin_etab':
  57. $status=3; //Session admin
  58. break;
  59. case 'admin_sie':
  60. $status=3; //Session admin
  61. break;
  62. case 'National_3':
  63. $status=1; // Teacher
  64. break;
  65. case 'National_1':
  66. $status=5; // Student
  67. break;
  68. default:
  69. $status=5; // Student
  70. }*/
  71. if (!$logout){
  72. // get user info from username
  73. $tab_user_info = api_get_user_info($login);
  74. // user found in the chamilo database
  75. if (is_array($tab_user_info)) {
  76. // if option is on we update user automatically from ldap server
  77. if (api_get_setting("update_user_info_cas_with_ldap") == "true") {
  78. $ldapuser = extldap_authenticate($login, 'nopass', true);
  79. if ($ldapuser !== false) {
  80. $chamilo_user = extldap_get_chamilo_user($ldapuser);
  81. $chamilo_user['user_id'] = $tab_user_info['user_id'];
  82. $chamilo_user['status'] = $tab_user_info['status'];
  83. UserManager::update_user ($chamilo_user["user_id"], $chamilo_user["firstname"], $chamilo_user["lastname"], $login, null, null, $chamilo_user["email"], $chamilo_user["status"], '', '', '', '', 1, null, 0, null,'') ;
  84. }
  85. }
  86. return $login;
  87. }
  88. // user not found
  89. else {
  90. // if option is on we can ADD user automatically from ldap server or by modify own profil
  91. $user_added = false;
  92. switch (api_get_setting("cas_add_user_activate")) {
  93. case PLATFORM_AUTH_SOURCE :
  94. // user will have to modify firstname, lastname, email in chamilo profil edit
  95. $userdata = get_lang("EditInProfil");
  96. UserManager::create_user($userdata, $userdata, '5', $userdata, $login, 'casplaceholder', '','','','',CAS_AUTH_SOURCE);
  97. $user_added = $login;
  98. break;
  99. case LDAP_AUTH_SOURCE :
  100. // user info are read from ldap connexion
  101. // get user info from ldap server
  102. // user has already been authenticated by CAS
  103. // If user not found in LDAP, user not created
  104. $ldapuser = extldap_authenticate($login, 'nopass', true);
  105. if ($ldapuser !== false) {
  106. $chamilo_user = extldap_get_chamilo_user($ldapuser);
  107. $chamilo_user['username'] = $login;
  108. $chamilo_user['auth_source'] = CAS_AUTH_SOURCE;
  109. $chamilo_uid = external_add_user($chamilo_user);
  110. $user_added = $login;
  111. }
  112. break;
  113. default : break;
  114. }
  115. return $user_added;
  116. }
  117. }
  118. // //If the user is in the dokeos database and we are ,not in a logout request, we upgrade his infomration by ldap
  119. // if (! $logout){
  120. // $user_table = Database::get_main_table(TABLE_MAIN_USER);
  121. // $sql = "SELECT user_id, username, password, auth_source, active, expiration_date ".
  122. // "FROM $user_table ".
  123. // "WHERE username = '$login' ";
  124. //
  125. // $result = Database::query($sql,__FILE__,__LINE__);
  126. // if(mysql_num_rows($result) == 0) {
  127. // require_once(api_get_path(SYS_PATH).'main/inc/lib/usermanager.lib.php');
  128. // $rnumber=rand(0,256000);
  129. // UserManager::create_user($firstName, $lastName, $status, $email, $login, md5('casplaceholder'.$rnumber), $official_code='',$language='',$phone='',$picture_uri='',$auth_source = PLATFORM_AUTH_SOURCE);
  130. // }
  131. // else {
  132. // $user = mysql_fetch_assoc($result);
  133. // $user_id = intval($user['user_id']);
  134. // //echo "deb : $status";
  135. // UserManager::update_user ($user_id, $firstname, $lastname, $login, null, null, $email, $status, '', '', '', '', 1, null, 0, null,'') ;
  136. //
  137. // }
  138. // }
  139. return $login;
  140. } else {
  141. return false;
  142. }
  143. }
  144. /**
  145. * Logs out the user of the cas
  146. * The user MUST be logged in with cas to use this function
  147. *
  148. * @param $uinfo array user info (not needed)
  149. * @param $location string redirect url
  150. *
  151. * @see online_logout()
  152. */
  153. function cas_logout($uinfo=null, $location=null)
  154. {
  155. global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
  156. global $PHPCAS_CLIENT;
  157. if (!is_object($PHPCAS_CLIENT)) {
  158. phpCAS::client($cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri);
  159. phpCAS::setNoCasServerValidation();
  160. }
  161. if (!isset($location)) {
  162. $location = api_get_path(WEB_PATH);
  163. }
  164. phpCAS::logoutWithRedirectService($location);
  165. }
  166. /*
  167. * Return the direct URL to a course code with CAS login
  168. */
  169. function get_cas_direct_URL($in_course_code)
  170. {
  171. return api_get_path(WEB_PATH).'main/auth/cas/logincas.php?firstpage='.$in_course_code;
  172. }
  173. function getCASLogoHTML()
  174. {
  175. $out_res = "";
  176. if (api_get_setting("casLogoURL") != "") {
  177. $out_res = "<img src='".api_get_setting("casLogoURL")."' alt='CAS Logo' />";
  178. }
  179. return $out_res;
  180. }