/**
* Get URL to follow to get logged out
* @return string
*/
public function getLogoutUrl()
{
if (empty($GLOBALS['sugar_config']['SAML_SLO'])) {
return;
}
$auth = new OneLogin_Saml2_Auth(SAMLAuthenticate::loadSettings());
$req = new OneLogin_Saml2_LogoutRequest($auth->getSettings());
return $GLOBALS['sugar_config']['SAML_SLO'] . "?SAMLRequest=" . urlencode($req->getRequest());
}
/**
* Does the actual authentication of the user and returns an id that will be
* used
* to load the current user (loadUserOnSession)
*
* @param string $name
* @param string $password
* @return string id - used for loading the user
*
* Contributions by Erik Mitchell erikm@logicpd.com
*/
public function authenticateUser($name, $password)
{
$GLOBALS['log']->debug('authenticating user.');
if (empty($_POST['SAMLResponse'])) {
return parent::authenticateUser($name, $password);
}
$GLOBALS['log']->debug('have saml data.');
$this->settings = SAMLAuthenticate::loadSettings();
try {
$this->samlresponse = new OneLogin_Saml_Response($this->settings, $_POST['SAMLResponse']);
} catch (Exception $e) {
$GLOBALS['log']->error("Unexpected exception: " . $e->getMessage());
return '';
}
if ($this->samlresponse->isValid()) {
$GLOBALS['log']->debug('response is valid');
$this->samlresponse->attributes = $this->samlresponse->getAttributes();
if (!empty($this->settings->useXML)) {
$this->xpath = new DOMXpath($this->samlresponse->document);
}
$id = $this->get_user_id();
if (!empty($this->settings->id)) {
$user = $this->fetch_user($id, $this->settings->id);
} else {
$user = $this->fetch_user($id);
}
// user already exists use this one
if ($user->id) {
$GLOBALS['log']->debug('have db results');
if ($user->status != 'Inactive') {
$GLOBALS['log']->debug('have current user');
$this->updateCustomFields($user);
return $user->id;
} else {
$GLOBALS['log']->debug('have inactive user');
return '';
}
} else {
$xpath = new DOMXpath($this->samlresponse->document);
if (isset($this->settings->customCreateFunction)) {
return call_user_func($this->settings->customCreateFunction, $this, $this->samlresponse->getNameId(), $xpath, $this->settings);
} else {
return $this->createUser($this->samlresponse->getNameId());
}
}
}
return '';
}
<?php
/*
* Your installation or use of this SugarCRM file is subject to the applicable
* terms available at
* http://support.sugarcrm.com/06_Customer_Center/10_Master_Subscription_Agreements/.
* If you do not agree to all of the applicable terms or do not have the
* authority to bind the entity as an authorized representative, then do not
* install or use this SugarCRM file.
*
* Copyright (C) SugarCRM Inc. All rights reserved.
*/
require_once 'modules/Users/authentication/SAMLAuthenticate/SAMLAuthenticate.php';
require_once 'modules/Users/authentication/SAMLAuthenticate/saml.php';
$authrequest = new OneLogin_Saml_AuthRequest(SAMLAuthenticate::loadSettings());
$url = $authrequest->getRedirectUrl();
header("Location: {$url}");