global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
// phpCAS
/*
If we are not logged and in our browser enter an URL with a name of a course
e.g. http://www.chamilo.fr/chamilo/courses/COURSTESTOSETE/?id_session=0
We go to page api_not_allowed :
> You are not allowed to see this page.
> Sorry, you are not allowed to access this page, or maybe your connection has expired.
> Please click your browser's \"Back\" button or follow the link below to return to the previous page
If we click on the link to go to homepage, some datas are entered in $_SESSION and if we enter our CAS loggin, we go to api_not_allowad_page again
and again
As a result, if we are not logged on, we have to destroy the session variables, before calling CAS page
*/
if (api_is_anonymous()) {
Session::destroy();
}
if (cas_configured()) {
$firstpage = "";
if (isset($_GET['firstpage'])) {
$firstpage = $_GET['firstpage'];
setcookie("GotoCourse", $firstpage);
}
if (!is_object($PHPCAS_CLIENT)) {
phpCAS::client($cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri);
phpCAS::setNoCasServerValidation();
}
phpCAS::forceAuthentication();
header('Location: ' . api_get_path(WEB_PATH) . api_get_setting('page_after_login'));
} else {
header('Location: ' . api_get_path(WEB_PATH));
}
<?php
// Show the CAS button to login using CAS
require_once api_get_path(SYS_PATH) . 'main/auth/cas/authcas.php';
$_template['show_message'] = false;
if (api_is_anonymous()) {
$_template['cas_activated'] = api_is_cas_activated();
$_template['cas_configured'] = cas_configured();
$_template['show_message'] = true;
// the default title
$button_label = "Connexion via CAS";
if (!empty($plugin_info['settings']['add_cas_login_button_cas_button_label'])) {
$button_label = api_htmlentities($plugin_info['settings']['add_cas_login_button_cas_button_label']);
}
// the comm
$comm_label = api_htmlentities($plugin_info['settings']['add_cas_login_button_cas_button_comment']);
// URL of the image
$url_label = $plugin_info['settings']['add_cas_login_button_cas_image_url'];
$_template['button_label'] = $button_label;
$_template['comm_label'] = $comm_label;
$_template['url_label'] = $url_label;
}
/**
* checks if the user already get a session
* @return the user login if the user already has a session ,false otherwise
**/
function cas_is_authenticated()
{
global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
global $PHPCAS_CLIENT;
global $logout;
if (!cas_configured()) {
return;
}
if (!is_object($PHPCAS_CLIENT)) {
phpCAS::client($cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri);
phpCAS::setNoCasServerValidation();
}
$auth = phpCAS::checkAuthentication();
if ($auth) {
$login = trim(phpCAS::getUser());
/*
Get user attributes. Here are the attributes for crdp platform
sn => name
ENTPersonMailInterne => mail
ENTPersonAlias => login
ENTPersonProfils => profil
givenName => first name
*/
/*$user=phpCAS::getAttributes();
$firstName = trim($user['givenName']);
$lastName = trim($user['sn']);
$login = trim($user['ENTPersonAlias']);
$profil = trim($user['ENTPersonProfils']);
$email = trim($user['ENTPersonMailInterne']);
$satus=5;
switch ($profil){
case 'admin_etab':
$status=3; //Session admin
break;
case 'admin_sie':
$status=3; //Session admin
break;
case 'National_3':
$status=1; // Teacher
break;
case 'National_1':
$status=5; // Student
break;
default:
$status=5; // Student
}*/
if (!$logout) {
// get user info from username
$tab_user_info = UserManager::get_user_info($login);
// user found in the chamilo database
if (is_array($tab_user_info)) {
// if option is on we update user automatically from ldap server
if (api_get_setting("update_user_info_cas_with_ldap") == "true") {
$ldapuser = extldap_authenticate($login, 'nopass', true);
if ($ldap_user !== false) {
$chamilo_user = extldap_get_chamilo_user($ldapuser);
$chamilo_user['user_id'] = $tab_user_info['user_id'];
$chamilo_user['status'] = $tab_user_info['status'];
UserManager::update_user($chamilo_user["user_id"], $chamilo_user["firstname"], $chamilo_user["lastname"], $login, null, null, $chamilo_user["email"], $chamilo_user["status"], '', '', '', '', 1, null, 0, null, '');
}
}
return $login;
} else {
// if option is on we can ADD user automatically from ldap server or by modify own profil
$user_added = false;
switch (api_get_setting("cas_add_user_activate")) {
case PLATFORM_AUTH_SOURCE:
// user will have to modify firstname, lastname, email in chamilo profil edit
$userdata = get_lang("EditInProfil");
UserManager::create_user($userdata, $userdata, '5', $userdata, $login, 'casplaceholder', '', '', '', '', CAS_AUTH_SOURCE);
$user_added = $login;
break;
case LDAP_AUTH_SOURCE:
// user info are read from ldap connexion
// get user info from ldap server
// user has already been authenticated by CAS
// If user not found in LDAP, user not created
$ldapuser = extldap_authenticate($login, 'nopass', true);
if ($ldap_user !== false) {
$chamilo_user = extldap_get_chamilo_user($ldapuser);
$chamilo_user['username'] = $login;
$chamilo_user['auth_source'] = CAS_AUTH_SOURCE;
$chamilo_uid = external_add_user($chamilo_user);
$user_added = $login;
}
break;
default:
break;
}
return $user_added;
}
}
// //If the user is in the dokeos database and we are ,not in a logout request, we upgrade his infomration by ldap
// if (! $logout){
// $user_table = Database::get_main_table(TABLE_MAIN_USER);
// $sql = "SELECT user_id, username, password, auth_source, active, expiration_date ".
// "FROM $user_table ".
// "WHERE username = '******' ";
//
// $result = Database::query($sql,__FILE__,__LINE__);
// if(mysql_num_rows($result) == 0) {
// require_once(api_get_path(SYS_PATH).'main/inc/lib/usermanager.lib.php');
// $rnumber=rand(0,256000);
// UserManager::create_user($firstName, $lastName, $status, $email, $login, md5('casplaceholder'.$rnumber), $official_code='',$language='',$phone='',$picture_uri='',$auth_source = PLATFORM_AUTH_SOURCE);
// }
// else {
// $user = mysql_fetch_assoc($result);
// $user_id = intval($user['user_id']);
// //echo "deb : $status";
// UserManager::update_user ($user_id, $firstname, $lastname, $login, null, null, $email, $status, '', '', '', '', 1, null, 0, null,'') ;
//
// }
// }
return $login;
} else {
return false;
}
}