예제 #1
0
 /**
  * Get URL to follow to get logged out
  * @return string
  */
 public function getLogoutUrl()
 {
     if (empty($GLOBALS['sugar_config']['SAML_SLO'])) {
         return;
     }
     $auth = new OneLogin_Saml2_Auth(SAMLAuthenticate::loadSettings());
     $req = new OneLogin_Saml2_LogoutRequest($auth->getSettings());
     return $GLOBALS['sugar_config']['SAML_SLO'] . "?SAMLRequest=" . urlencode($req->getRequest());
 }
예제 #2
0
 /**
  * Does the actual authentication of the user and returns an id that will be
  * used
  * to load the current user (loadUserOnSession)
  *
  * @param string $name
  * @param string $password
  * @return string id - used for loading the user
  *
  *         Contributions by Erik Mitchell erikm@logicpd.com
  */
 public function authenticateUser($name, $password)
 {
     $GLOBALS['log']->debug('authenticating user.');
     if (empty($_POST['SAMLResponse'])) {
         return parent::authenticateUser($name, $password);
     }
     $GLOBALS['log']->debug('have saml data.');
     $this->settings = SAMLAuthenticate::loadSettings();
     try {
         $this->samlresponse = new OneLogin_Saml_Response($this->settings, $_POST['SAMLResponse']);
     } catch (Exception $e) {
         $GLOBALS['log']->error("Unexpected exception: " . $e->getMessage());
         return '';
     }
     if ($this->samlresponse->isValid()) {
         $GLOBALS['log']->debug('response is valid');
         $this->samlresponse->attributes = $this->samlresponse->getAttributes();
         if (!empty($this->settings->useXML)) {
             $this->xpath = new DOMXpath($this->samlresponse->document);
         }
         $id = $this->get_user_id();
         if (!empty($this->settings->id)) {
             $user = $this->fetch_user($id, $this->settings->id);
         } else {
             $user = $this->fetch_user($id);
         }
         // user already exists use this one
         if ($user->id) {
             $GLOBALS['log']->debug('have db results');
             if ($user->status != 'Inactive') {
                 $GLOBALS['log']->debug('have current user');
                 $this->updateCustomFields($user);
                 return $user->id;
             } else {
                 $GLOBALS['log']->debug('have inactive user');
                 return '';
             }
         } else {
             $xpath = new DOMXpath($this->samlresponse->document);
             if (isset($this->settings->customCreateFunction)) {
                 return call_user_func($this->settings->customCreateFunction, $this, $this->samlresponse->getNameId(), $xpath, $this->settings);
             } else {
                 return $this->createUser($this->samlresponse->getNameId());
             }
         }
     }
     return '';
 }
예제 #3
0
<?php

/*
 * Your installation or use of this SugarCRM file is subject to the applicable
 * terms available at
 * http://support.sugarcrm.com/06_Customer_Center/10_Master_Subscription_Agreements/.
 * If you do not agree to all of the applicable terms or do not have the
 * authority to bind the entity as an authorized representative, then do not
 * install or use this SugarCRM file.
 *
 * Copyright (C) SugarCRM Inc. All rights reserved.
 */
require_once 'modules/Users/authentication/SAMLAuthenticate/SAMLAuthenticate.php';
require_once 'modules/Users/authentication/SAMLAuthenticate/saml.php';
$authrequest = new OneLogin_Saml_AuthRequest(SAMLAuthenticate::loadSettings());
$url = $authrequest->getRedirectUrl();
header("Location: {$url}");