authcas.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172
  1. <?php
  2. /* Written by Noel Dieschburg <noel@cblue.be> for the paris5 university
  3. * Checks if the user is already logged in via the cas system
  4. * Gets all the info via the ldap module (ldap has to work)
  5. */
  6. require_once(api_get_path(SYS_PATH).'main/auth/cas/cas_var.inc.php');
  7. require_once(api_get_path(SYS_PATH).'main/auth/external_login/ldap.inc.php');
  8. require_once(api_get_path(SYS_PATH).'main/auth/external_login/functions.inc.php');
  9. /**
  10. * @return true if cas is configured
  11. *
  12. **/
  13. function cas_configured() {
  14. global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
  15. $res = false;
  16. if (!empty($cas_auth_ver) && !empty($cas_auth_server) && !empty($cas_auth_port)) {
  17. $res = true;
  18. }
  19. return $res;
  20. }
  21. /**
  22. * checks if the user already get a session
  23. * @return the user login if the user already has a session ,false otherwise
  24. **/
  25. function cas_is_authenticated()
  26. {
  27. global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
  28. global $PHPCAS_CLIENT;
  29. global $logout;
  30. if (!cas_configured()) {
  31. return;
  32. }
  33. if (!is_object($PHPCAS_CLIENT) )
  34. {
  35. phpCAS::client($cas_auth_ver,$cas_auth_server,$cas_auth_port,$cas_auth_uri);
  36. phpCAS::setNoCasServerValidation();
  37. }
  38. $auth = phpCAS::checkAuthentication();
  39. if ($auth) {
  40. $login= trim(phpCAS::getUser());
  41. /*
  42. Get user attributes. Here are the attributes for crdp platform
  43. sn => name
  44. ENTPersonMailInterne => mail
  45. ENTPersonAlias => login
  46. ENTPersonProfils => profil
  47. givenName => first name
  48. */
  49. /*$user=phpCAS::getAttributes();
  50. $firstName = trim($user['givenName']);
  51. $lastName = trim($user['sn']);
  52. $login = trim($user['ENTPersonAlias']);
  53. $profil = trim($user['ENTPersonProfils']);
  54. $email = trim($user['ENTPersonMailInterne']);
  55. $satus=5;
  56. switch ($profil){
  57. case 'admin_etab':
  58. $status=3; //Session admin
  59. break;
  60. case 'admin_sie':
  61. $status=3; //Session admin
  62. break;
  63. case 'National_3':
  64. $status=1; // Teacher
  65. break;
  66. case 'National_1':
  67. $status=5; // Student
  68. break;
  69. default:
  70. $status=5; // Student
  71. }*/
  72. if (!$logout){
  73. // get user info from username
  74. $tab_user_info = UserManager::get_user_info($login);
  75. // user found in the chamilo database
  76. if (is_array($tab_user_info)) {
  77. // if option is on we update user automatically from ldap server
  78. if (api_get_setting("update_user_info_cas_with_ldap") == "true") {
  79. $ldapuser = extldap_authenticate($login, 'nopass', true);
  80. if ($ldap_user !== false) {
  81. $chamilo_user = extldap_get_chamilo_user($ldapuser);
  82. $chamilo_user['user_id'] = $tab_user_info['user_id'];
  83. $chamilo_user['status'] = $tab_user_info['status'];
  84. UserManager::update_user ($chamilo_user["user_id"], $chamilo_user["firstname"], $chamilo_user["lastname"], $login, null, null, $chamilo_user["email"], $chamilo_user["status"], '', '', '', '', 1, null, 0, null,'') ;
  85. }
  86. }
  87. return $login;
  88. }
  89. // user not found
  90. else {
  91. // if option is on we can ADD user automatically from ldap server or by modify own profil
  92. $user_added = false;
  93. switch (api_get_setting("cas_add_user_activate")) {
  94. case PLATFORM_AUTH_SOURCE :
  95. // user will have to modify firstname, lastname, email in chamilo profil edit
  96. $userdata = get_lang("EditInProfil");
  97. UserManager::create_user($userdata, $userdata, '5', $userdata, $login, 'casplaceholder', '','','','',CAS_AUTH_SOURCE);
  98. $user_added = $login;
  99. break;
  100. case LDAP_AUTH_SOURCE :
  101. // user info are read from ldap connexion
  102. // get user info from ldap server
  103. // user has already been authenticated by CAS
  104. // If user not found in LDAP, user not created
  105. $ldapuser = extldap_authenticate($login, 'nopass', true);
  106. if ($ldap_user !== false) {
  107. $chamilo_user = extldap_get_chamilo_user($ldapuser);
  108. $chamilo_user['username'] = $login;
  109. $chamilo_user['auth_source'] = CAS_AUTH_SOURCE;
  110. $chamilo_uid = external_add_user($chamilo_user);
  111. $user_added = $login;
  112. }
  113. break;
  114. default : break;
  115. }
  116. return $user_added;
  117. }
  118. }
  119. // //If the user is in the dokeos database and we are ,not in a logout request, we upgrade his infomration by ldap
  120. // if (! $logout){
  121. // $user_table = Database::get_main_table(TABLE_MAIN_USER);
  122. // $sql = "SELECT user_id, username, password, auth_source, active, expiration_date ".
  123. // "FROM $user_table ".
  124. // "WHERE username = '$login' ";
  125. //
  126. // $result = api_sql_query($sql,__FILE__,__LINE__);
  127. // if(mysql_num_rows($result) == 0) {
  128. // require_once(api_get_path(SYS_PATH).'main/inc/lib/usermanager.lib.php');
  129. // $rnumber=rand(0,256000);
  130. // UserManager::create_user($firstName, $lastName, $status, $email, $login, md5('casplaceholder'.$rnumber), $official_code='',$language='',$phone='',$picture_uri='',$auth_source = PLATFORM_AUTH_SOURCE);
  131. // }
  132. // else {
  133. // $user = mysql_fetch_assoc($result);
  134. // $user_id = intval($user['user_id']);
  135. // //echo "deb : $status";
  136. // UserManager::update_user ($user_id, $firstname, $lastname, $login, null, null, $email, $status, '', '', '', '', 1, null, 0, null,'') ;
  137. //
  138. // }
  139. // }
  140. return $login;
  141. }
  142. else
  143. {
  144. return false;
  145. }
  146. }
  147. /**
  148. * Logs out the user of the cas
  149. * The user MUST be logged in with cas to use this function
  150. **/
  151. function cas_logout()
  152. {
  153. //phpCAS::logoutWithRedirectService("fmc.univ-paris5.fr");
  154. phpCAS::logoutWithRedirectService(api_get_path(WEB_PATH));
  155. }
  156. ?>