function display($tpl = null)
{
$user = User::getRoot();
// If this is an auth_link account update, carry on, otherwise raise an error
if (!is_object($user) || !array_key_exists('auth_link_id', $user) || !is_numeric($user->get('username')) || !$user->get('username') < 0) {
App::abort('405', 'Method not allowed');
return;
}
// Get and add the js and extra css to the page
\Hubzero\Document\Assets::addComponentStylesheet('com_users', 'link.css');
\Hubzero\Document\Assets::addComponentStylesheet('com_users', 'providers.css');
\Hubzero\Document\Assets::addComponentScript('com_users', 'link');
// Import a few things
jimport('joomla.user.helper');
// Look up a few things
$hzal = \Hubzero\Auth\Link::find_by_id($user->get("auth_link_id"));
$hzad = \Hubzero\Auth\Domain::find_by_id($hzal->auth_domain_id);
$plugins = Plugin::byType('authentication');
// Get the display name for the current plugin being used
Plugin::import('authentication', $hzad->authenticator);
$plugin = Plugin::byType('authentication', $hzad->authenticator);
$pparams = new \Hubzero\Config\Registry($plugin->params);
$refl = new ReflectionClass("plgAuthentication{$plugin->name}");
$display_name = $pparams->get('display_name', $refl->hasMethod('onGetLinkDescription') ? $refl->getMethod('onGetLinkDescription')->invoke(NULL) : ucfirst($plugin->name));
// Look for conflicts - first check in the hub accounts
$profile_conflicts = \Hubzero\User\Profile\Helper::find_by_email($hzal->email);
// Now check the auth_link table
$link_conflicts = \Hubzero\Auth\Link::find_by_email($hzal->email, array($hzad->id));
$conflict = array();
if ($profile_conflicts) {
foreach ($profile_conflicts as $p) {
$user_id = JUserHelper::getUserId($p);
$juser = User::getInstance($user_id);
$auth_link = \Hubzero\Auth\Link::find_by_user_id($juser->id);
$dname = is_object($auth_link) && $auth_link->auth_domain_name ? $auth_link->auth_domain_name : 'hubzero';
$conflict[] = array("auth_domain_name" => $dname, "name" => $juser->name, "email" => $juser->email);
}
}
if ($link_conflicts) {
foreach ($link_conflicts as $l) {
$juser = User::getInstance($l['user_id']);
$conflict[] = array("auth_domain_name" => $l['auth_domain_name'], "name" => $juser->name, "email" => $l['email']);
}
}
// Make sure we don't somehow have any duplicate conflicts
$conflict = array_map("unserialize", array_unique(array_map("serialize", $conflict)));
// @TODO: Could also check for high probability of name matches???
// Get the site name
$sitename = Config::get('sitename');
// Assign variables to the view
$this->assign('hzal', $hzal);
$this->assign('hzad', $hzad);
$this->assign('plugins', $plugins);
$this->assign('display_name', $display_name);
$this->assign('conflict', $conflict);
$this->assign('sitename', $sitename);
$this->assignref('juser', $user);
parent::display($tpl);
}
/**
* This method will return a user object
*
* If options['autoregister'] is true, if the user doesn't exist yet he will be created
*
* @param array $user Holds the user data.
* @param array $options Array holding options (remember, autoregister, group).
* @return object A User object
*/
protected function _getUser($user, $options = array())
{
$instance = JUser::getInstance();
if ($id = intval(JUserHelper::getUserId($user['username']))) {
$instance->load($id);
return $instance;
}
//TODO : move this out of the plugin
$config = Component::params('com_users');
// Default to Registered.
$defaultUserGroup = $config->get('new_usertype', 2);
$acl = JFactory::getACL();
$instance->set('id', 0);
$instance->set('name', $user['fullname']);
$instance->set('username', $user['username']);
$instance->set('password_clear', isset($user['password_clear']) ? $user['password_clear'] : '');
$instance->set('email', $user['email']);
// Result should contain an email (check)
$instance->set('usertype', 'deprecated');
$instance->set('groups', array($defaultUserGroup));
// Check joomla user activation setting
// 0 = automatically confirmed
// 1 = require email confirmation (the norm)
// 2 = require admin confirmation
$useractivation = $config->get('useractivation', 1);
// If requiring admin approval, set user to not approved
if ($useractivation == 2) {
$instance->set('approved', 0);
} else {
$instance->set('approved', 2);
}
// Now, also check to see if user came in via an auth plugin, as that may affect their approval status
if (isset($user['auth_link'])) {
$domain = \Hubzero\Auth\Domain::find_by_id($user['auth_link']->auth_domain_id);
if ($domain && is_object($domain)) {
$params = Plugin::params('authentication', $domain->authenticator);
if ($params && is_object($params) && $params->get('auto_approve', false)) {
$instance->set('approved', 2);
}
}
}
// If autoregister is set let's register the user
$autoregister = isset($options['autoregister']) ? $options['autoregister'] : $this->params->get('autoregister', 1);
if ($autoregister) {
if (!$instance->save()) {
return new Exception($instance->getError());
}
} else {
// No existing user and autoregister off, this is a temporary user.
$instance->set('tmp_user', true);
}
return $instance;
}
/**
* Method to log out a user.
*
* @since 1.6
*/
public function logout()
{
$app = JFactory::getApplication();
$user = User::getInstance();
$authenticator = Request::getVar('authenticator', '', 'method');
$singleSignOn = Request::getVar('sso', false);
if (empty($authenticator) || $authenticator == '') {
$cookie = \Hubzero\Utility\Cookie::eat('authenticator');
if (isset($cookie->authenticator)) {
$authenticator = $cookie->authenticator;
} else {
$authenticator = null;
}
}
// If a specific authenticator is specified try to call the logout method for that plugin
if (!empty($authenticator)) {
Plugin::import('authentication');
$plugins = Plugin::byType('authentication');
foreach ($plugins as $plugin) {
$className = 'plg' . $plugin->type . $plugin->name;
if ($plugin->name != $authenticator) {
continue;
}
if (class_exists($className)) {
if (method_exists($className, 'logout')) {
$myplugin = new $className($this, (array) $plugin);
// Redirect to user third party signout view
// Only do this for PUCAS for the time being (it's the one that doesn't lose session info after hub logout)
if ($authenticator == 'pucas') {
// Get plugin params
$plugin = Plugin::byType('authentication', $authenticator);
$pparams = new \Hubzero\Config\Registry($plugin->params);
$auto_logoff = $pparams->get('auto_logoff', false);
if ($auto_logoff || $singleSignOn == 'all') {
$result = $myplugin->logout();
break;
} elseif ($singleSignOn === false) {
App::redirect(Route::url('index.php?option=com_users&view=endsinglesignon&authenticator=' . $authenticator, false));
return;
} else {
break;
}
} else {
$result = $myplugin->logout();
break;
}
// Normal path
}
// End verification of logout() method
}
// End plugin check
}
// End foreach
}
// End check for specified authenticator
// Perform the log out
$error = $app->logout();
// Check if the log out succeeded.
if (!$error instanceof Exception) {
// If the authenticator is empty, but they have an active third party session,
// redirect to a page indicating this and offering complete signout
if (isset($user->auth_link_id) && $user->auth_link_id && empty($authenticator)) {
$auth_domain_name = '';
$auth_domain = \Hubzero\Auth\Link::find_by_id($user->auth_link_id);
if (is_object($auth_domain)) {
$auth_domain_id = $auth_domain->auth_domain_id;
$auth_domain_name = \Hubzero\Auth\Domain::find_by_id($auth_domain_id)->authenticator;
}
// Redirect to user third party signout view
// Only do this for PUCAS for the time being (it's the one that doesn't lose session info after hub logout)
if ($auth_domain_name == 'pucas') {
// Get plugin params
$plugin = Plugin::byType('authentication', $auth_domain_name);
$pparams = new \Hubzero\Config\Registry($plugin->params);
$auto_logoff = $pparams->get('auto_logoff', false);
if ($auto_logoff) {
App::redirect(Route::url('index.php?option=com_users&task=user.logout&authenticator=' . $auth_domain_name, false));
return;
} else {
App::redirect(Route::url('index.php?option=com_users&view=endsinglesignon&authenticator=' . $auth_domain_name, false));
return;
}
}
}
// Get the return url from the request and validate that it is internal.
$return = Request::getVar('return', '', 'method', 'base64');
$return = base64_decode($return);
if (!JURI::isInternal($return)) {
$return = '';
}
// Redirect the user.
App::redirect(Route::url($return, false));
} else {
App::redirect(Route::url('index.php?option=com_users&view=login', false));
}
}
