/** * Initialize login. * * This function saves the information about the login, and redirects to a * login page. * * @param array &$state Information about the current authentication. */ public function authenticate(&$state) { assert('is_array($state)'); $config = SimpleSAML_Configuration::getConfig('authsources.php'); $state[sspmod_authTiqr_Auth_Tiqr::CONFIGID] = $config->getArray(self::getAuthId(), array()); /* We are going to need the authId in order to retrieve this authentication source later. */ $state[self::AUTHID] = $this->authId; $id = SimpleSAML_Auth_State::saveState($state, sspmod_authTiqr_Auth_Tiqr::STAGEID); $server = sspmod_authTiqr_Auth_Tiqr::getServer(false); $session = SimpleSAML_Session::getSessionFromRequest(); $sessionId = $session->getSessionId(); $user = $server->getAuthenticatedUser($sessionId); if (empty($user)) { $url = SimpleSAML_Module::getModuleURL('authTiqr/login.php'); SimpleSAML_Utilities::redirect($url, array('AuthState' => $id)); } else { $attributes = array('uid' => array($user), 'displayName' => array(sspmod_authTiqr_Auth_Tiqr::getUserStorage()->getDisplayName($user))); $attributes = array_merge($attributes, sspmod_authTiqr_Auth_Tiqr::getUserStorage()->getAdditionalAttributes($user)); $state['Attributes'] = $attributes; } }
// Check if userid exists $uidAttribute = $config["enroll.uidAttribute"]; $displayNameAttribute = $config["enroll.cnAttribute"]; if (!isset($attributes[$uidAttribute])) { throw new Exception('User ID is missing'); } $state["tiqrUser"]["userId"] = $attributes[$uidAttribute][0]; $state["tiqrUser"]["displayName"] = $attributes[$displayNameAttribute][0]; } else { SimpleSAML_Auth_Default::initLogin($config["enroll.authsource"], SimpleSAML_Utilities::selfURL(), NULL, $_REQUEST); } } } } $template = 'newuser.php'; $store = sspmod_authTiqr_Auth_Tiqr::getUserStorage(); if (is_array($_POST) && count($_POST) && isset($_POST["create"])) { // Page was posted, so new user form has been filled. if ($state == NULL) { // throw new SimpleSAML_Error_NoState(); } $displayName = isset($_POST['displayName']) ? $_POST['displayName'] : NULL; $userId = isset($_POST['userId']) ? $_POST['userId'] : NULL; if (empty($userId) || empty($displayName)) { $errorcode = "userdatarequired"; } else { if (!preg_match('/^[A-Za-z0-9_\\.]*$/', $userId)) { $errorcode = "invaliduserid"; } else { if ($store->userExists($userId)) { // User already exists. If we don't have a secret yet, we must however still enroll him.