function display($tpl = null) { $user = User::getRoot(); // If this is an auth_link account update, carry on, otherwise raise an error if (!is_object($user) || !array_key_exists('auth_link_id', $user) || !is_numeric($user->get('username')) || !$user->get('username') < 0) { App::abort('405', 'Method not allowed'); return; } // Get and add the js and extra css to the page \Hubzero\Document\Assets::addComponentStylesheet('com_users', 'link.css'); \Hubzero\Document\Assets::addComponentStylesheet('com_users', 'providers.css'); \Hubzero\Document\Assets::addComponentScript('com_users', 'link'); // Import a few things jimport('joomla.user.helper'); // Look up a few things $hzal = \Hubzero\Auth\Link::find_by_id($user->get("auth_link_id")); $hzad = \Hubzero\Auth\Domain::find_by_id($hzal->auth_domain_id); $plugins = Plugin::byType('authentication'); // Get the display name for the current plugin being used Plugin::import('authentication', $hzad->authenticator); $plugin = Plugin::byType('authentication', $hzad->authenticator); $pparams = new \Hubzero\Config\Registry($plugin->params); $refl = new ReflectionClass("plgAuthentication{$plugin->name}"); $display_name = $pparams->get('display_name', $refl->hasMethod('onGetLinkDescription') ? $refl->getMethod('onGetLinkDescription')->invoke(NULL) : ucfirst($plugin->name)); // Look for conflicts - first check in the hub accounts $profile_conflicts = \Hubzero\User\Profile\Helper::find_by_email($hzal->email); // Now check the auth_link table $link_conflicts = \Hubzero\Auth\Link::find_by_email($hzal->email, array($hzad->id)); $conflict = array(); if ($profile_conflicts) { foreach ($profile_conflicts as $p) { $user_id = JUserHelper::getUserId($p); $juser = User::getInstance($user_id); $auth_link = \Hubzero\Auth\Link::find_by_user_id($juser->id); $dname = is_object($auth_link) && $auth_link->auth_domain_name ? $auth_link->auth_domain_name : 'hubzero'; $conflict[] = array("auth_domain_name" => $dname, "name" => $juser->name, "email" => $juser->email); } } if ($link_conflicts) { foreach ($link_conflicts as $l) { $juser = User::getInstance($l['user_id']); $conflict[] = array("auth_domain_name" => $l['auth_domain_name'], "name" => $juser->name, "email" => $l['email']); } } // Make sure we don't somehow have any duplicate conflicts $conflict = array_map("unserialize", array_unique(array_map("serialize", $conflict))); // @TODO: Could also check for high probability of name matches??? // Get the site name $sitename = Config::get('sitename'); // Assign variables to the view $this->assign('hzal', $hzal); $this->assign('hzad', $hzad); $this->assign('plugins', $plugins); $this->assign('display_name', $display_name); $this->assign('conflict', $conflict); $this->assign('sitename', $sitename); $this->assignref('juser', $user); parent::display($tpl); }
/** * This method will return a user object * * If options['autoregister'] is true, if the user doesn't exist yet he will be created * * @param array $user Holds the user data. * @param array $options Array holding options (remember, autoregister, group). * @return object A User object */ protected function _getUser($user, $options = array()) { $instance = JUser::getInstance(); if ($id = intval(JUserHelper::getUserId($user['username']))) { $instance->load($id); return $instance; } //TODO : move this out of the plugin $config = Component::params('com_users'); // Default to Registered. $defaultUserGroup = $config->get('new_usertype', 2); $acl = JFactory::getACL(); $instance->set('id', 0); $instance->set('name', $user['fullname']); $instance->set('username', $user['username']); $instance->set('password_clear', isset($user['password_clear']) ? $user['password_clear'] : ''); $instance->set('email', $user['email']); // Result should contain an email (check) $instance->set('usertype', 'deprecated'); $instance->set('groups', array($defaultUserGroup)); // Check joomla user activation setting // 0 = automatically confirmed // 1 = require email confirmation (the norm) // 2 = require admin confirmation $useractivation = $config->get('useractivation', 1); // If requiring admin approval, set user to not approved if ($useractivation == 2) { $instance->set('approved', 0); } else { $instance->set('approved', 2); } // Now, also check to see if user came in via an auth plugin, as that may affect their approval status if (isset($user['auth_link'])) { $domain = \Hubzero\Auth\Domain::find_by_id($user['auth_link']->auth_domain_id); if ($domain && is_object($domain)) { $params = Plugin::params('authentication', $domain->authenticator); if ($params && is_object($params) && $params->get('auto_approve', false)) { $instance->set('approved', 2); } } } // If autoregister is set let's register the user $autoregister = isset($options['autoregister']) ? $options['autoregister'] : $this->params->get('autoregister', 1); if ($autoregister) { if (!$instance->save()) { return new Exception($instance->getError()); } } else { // No existing user and autoregister off, this is a temporary user. $instance->set('tmp_user', true); } return $instance; }
/** * Method to log out a user. * * @since 1.6 */ public function logout() { $app = JFactory::getApplication(); $user = User::getInstance(); $authenticator = Request::getVar('authenticator', '', 'method'); $singleSignOn = Request::getVar('sso', false); if (empty($authenticator) || $authenticator == '') { $cookie = \Hubzero\Utility\Cookie::eat('authenticator'); if (isset($cookie->authenticator)) { $authenticator = $cookie->authenticator; } else { $authenticator = null; } } // If a specific authenticator is specified try to call the logout method for that plugin if (!empty($authenticator)) { Plugin::import('authentication'); $plugins = Plugin::byType('authentication'); foreach ($plugins as $plugin) { $className = 'plg' . $plugin->type . $plugin->name; if ($plugin->name != $authenticator) { continue; } if (class_exists($className)) { if (method_exists($className, 'logout')) { $myplugin = new $className($this, (array) $plugin); // Redirect to user third party signout view // Only do this for PUCAS for the time being (it's the one that doesn't lose session info after hub logout) if ($authenticator == 'pucas') { // Get plugin params $plugin = Plugin::byType('authentication', $authenticator); $pparams = new \Hubzero\Config\Registry($plugin->params); $auto_logoff = $pparams->get('auto_logoff', false); if ($auto_logoff || $singleSignOn == 'all') { $result = $myplugin->logout(); break; } elseif ($singleSignOn === false) { App::redirect(Route::url('index.php?option=com_users&view=endsinglesignon&authenticator=' . $authenticator, false)); return; } else { break; } } else { $result = $myplugin->logout(); break; } // Normal path } // End verification of logout() method } // End plugin check } // End foreach } // End check for specified authenticator // Perform the log out $error = $app->logout(); // Check if the log out succeeded. if (!$error instanceof Exception) { // If the authenticator is empty, but they have an active third party session, // redirect to a page indicating this and offering complete signout if (isset($user->auth_link_id) && $user->auth_link_id && empty($authenticator)) { $auth_domain_name = ''; $auth_domain = \Hubzero\Auth\Link::find_by_id($user->auth_link_id); if (is_object($auth_domain)) { $auth_domain_id = $auth_domain->auth_domain_id; $auth_domain_name = \Hubzero\Auth\Domain::find_by_id($auth_domain_id)->authenticator; } // Redirect to user third party signout view // Only do this for PUCAS for the time being (it's the one that doesn't lose session info after hub logout) if ($auth_domain_name == 'pucas') { // Get plugin params $plugin = Plugin::byType('authentication', $auth_domain_name); $pparams = new \Hubzero\Config\Registry($plugin->params); $auto_logoff = $pparams->get('auto_logoff', false); if ($auto_logoff) { App::redirect(Route::url('index.php?option=com_users&task=user.logout&authenticator=' . $auth_domain_name, false)); return; } else { App::redirect(Route::url('index.php?option=com_users&view=endsinglesignon&authenticator=' . $auth_domain_name, false)); return; } } } // Get the return url from the request and validate that it is internal. $return = Request::getVar('return', '', 'method', 'base64'); $return = base64_decode($return); if (!JURI::isInternal($return)) { $return = ''; } // Redirect the user. App::redirect(Route::url($return, false)); } else { App::redirect(Route::url('index.php?option=com_users&view=login', false)); } }