/** * Will redirect the user directly to the IdP login endpoint if: * * 1) the 'SAMLAuthenticator' is the default authenticator * 2) there isn't a GET param showloginform set to 1 * 3) the member is not currently logged in * 4) there are no form messages (errors or notices) * * @return void */ public function onBeforeSecurityLogin() { if (Authenticator::get_default_authenticator() != 'SAMLAuthenticator') { return; } // by going to the URL Security/login?showloginform=1 we bypass the auto sign on if ($this->owner->request->getVar('showloginform') == 1) { return; } // if member is already logged in, don't auto-sign-on, this is most likely because // of unsufficient permissions. $member = Member::currentUser(); if ($member && $member->exists()) { return; } // if there are form messages, don't auto-sign-on, this is most likely because of // login errors / failures or other notices. if (Session::get('FormInfo')) { // since FormInfo can be a "nulled" array, we have to check foreach (Session::get('FormInfo') as $form => $info) { foreach ($info as $name => $value) { if ($value !== null) { return; } } } } $backURL = Session::get('BackURL'); if ($this->owner->request->getVar('BackURL')) { $backURL = $this->owner->request->getVar('BackURL'); } $authenticator = Injector::inst()->create('SAMLAuthenticator'); $authenticator->authenticate(array("BackURL" => $backURL)); }
function setUp() { self::$fixture_file = MODULE_SECUREFILES_PATH . '/tests/SecureFileControllerTest.yml'; parent::setUp(); $this->priorAuthenticators = Authenticator::get_authenticators(); $this->priorDefaultAuthenticator = Authenticator::get_default_authenticator(); Authenticator::register('MemberAuthenticator'); Authenticator::set_default_authenticator('MemberAuthenticator'); if (!file_exists(ASSETS_PATH)) { mkdir(ASSETS_PATH); } /* Create a test folders for each of the fixture references */ $fileIDs = $this->allFixtureIDs('Folder'); foreach ($fileIDs as $fileID) { $file = DataObject::get_by_id('Folder', $fileID); if (!file_exists(BASE_PATH . "/{$file->Filename}")) { mkdir(BASE_PATH . "/{$file->Filename}"); } } /* Create a test files for each of the fixture references */ $fileIDs = $this->allFixtureIDs('File'); foreach ($fileIDs as $fileID) { $file = DataObject::get_by_id('File', $fileID); $fh = fopen(BASE_PATH . "/{$file->Filename}", "w"); fwrite($fh, str_repeat('x', 1000)); fclose($fh); } // USERS: // 1 x ADMIN user // 1 x Member with SECUREFILEACCESS // 1 x Member with SECURE_FILE_SETTINGS // 1 x Member }
function setUp() { // This test assumes that MemberAuthenticator is present and the default $this->priorAuthenticators = Authenticator::get_authenticators(); $this->priorDefaultAuthenticator = Authenticator::get_default_authenticator(); Authenticator::register('MemberAuthenticator'); Authenticator::set_default_authenticator('MemberAuthenticator'); parent::setUp(); }
function setUp() { // This test assumes that MemberAuthenticator is present and the default $this->priorAuthenticators = Authenticator::get_authenticators(); $this->priorDefaultAuthenticator = Authenticator::get_default_authenticator(); Authenticator::register('MemberAuthenticator'); Authenticator::set_default_authenticator('MemberAuthenticator'); // And that the unique identified field is 'Email' $this->priorUniqueIdentifierField = Member::get_unique_identifier_field(); Member::set_unique_identifier_field('Email'); parent::setUp(); }
public function setUp() { // This test assumes that MemberAuthenticator is present and the default $this->priorAuthenticators = Authenticator::get_authenticators(); $this->priorDefaultAuthenticator = Authenticator::get_default_authenticator(); foreach ($this->priorAuthenticators as $authenticator) { Authenticator::unregister($authenticator); } Authenticator::register('MemberAuthenticator'); Authenticator::set_default_authenticator('MemberAuthenticator'); // And that the unique identified field is 'Email' $this->priorUniqueIdentifierField = Member::config()->unique_identifier_field; $this->priorRememberUsername = Security::config()->remember_username; Member::config()->unique_identifier_field = 'Email'; parent::setUp(); }
/** * The authenticate function * * Takes the basic auth details and attempts to log a user in from the DB * * @return Member|false The Member object, or false if no member */ public static function authenticate() { //if there is no username or password, break if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) { return false; } //Attempt to authenticate with the default authenticator for the site $authClass = Authenticator::get_default_authenticator(); $member = $authClass::authenticate(array('Email' => $_SERVER['PHP_AUTH_USER'], 'Password' => $_SERVER['PHP_AUTH_PW'])); //Log the member in and return the member, if they were found if ($member) { $member->LogIn(false); return $member; } return false; }
function setUp() { // This test assumes that MemberAuthenticator is present and the default $this->priorAuthenticators = Authenticator::get_authenticators(); $this->priorDefaultAuthenticator = Authenticator::get_default_authenticator(); //Authenticator::register('MemberAuthenticator'); Authenticator::register_authenticator('ExternalAuthenticator'); Authenticator::set_default_authenticator('ExternalAuthenticator'); //Create the sources in this order. Switching them around would mean that //all tests use the fake driver because this always succeeds and auto create //is on ExternalAuthenticator::createSource('sstripe_unittest', 'SSTRIPE', 'SilverStripe'); ExternalAuthenticator::createSource('fake_unittest', 'FAKE', 'Fake Source'); ExternalAuthenticator::setAuthSequential(true); ExternalAuthenticator::setAuthSSLock('sstripe_unittest', true); ExternalAuthenticator::setAuthSSLock('fake_unittest', false); ExternalAuthenticator::setAutoAdd('fake_unittest', 'mygroup'); ExternalAuthenticator::setDefaultDomain('fake_unittest', 'silverstripe.com'); ExternalAuthenticator::setAuthDebug(false); ExternalAuthenticator::setAuditLogFile(false); ExternalAuthenticator::setAuditLogSStripe(true); parent::setUp(); }
/** * Get the login form to process according to the submitted data */ public function LoginForm() { if (isset($this->requestParams['AuthenticationMethod'])) { $authenticator = trim($_REQUEST['AuthenticationMethod']); $authenticators = Authenticator::get_authenticators(); if (in_array($authenticator, $authenticators)) { return call_user_func(array($authenticator, 'get_login_form'), $this); } } else { if ($authenticator = Authenticator::get_default_authenticator()) { return call_user_func(array($authenticator, 'get_login_form'), $this); } } user_error('Passed invalid authentication method', E_USER_ERROR); }
/** * Get the selected authenticator for this request * * @return string Class name of Authenticator */ protected function getAuthenticator() { $authenticator = $this->getRequest()->requestVar('AuthenticationMethod'); if ($authenticator) { $authenticators = Authenticator::get_authenticators(); if (in_array($authenticator, $authenticators)) { return $authenticator; } } else { return Authenticator::get_default_authenticator(); } }