getProviderByKey() public static method

public static getProviderByKey ( $AuthenticationProviderKey ) : array | boolean | stdClass
$AuthenticationProviderKey
return array | boolean | stdClass
 /**
  *
  *
  * @param bool $UserID
  * @throws Exception
  * @throws Gdn_UserException
  */
 public function sso($UserID = false)
 {
     $this->permission('Garden.Users.Edit');
     $ProviderModel = new Gdn_AuthenticationProviderModel();
     $Form = new Gdn_Form();
     if ($this->Request->isAuthenticatedPostBack()) {
         // Make sure everything has been posted.
         $Form->validateRule('ClientID', 'ValidateRequired');
         $Form->validateRule('UniqueID', 'ValidateRequired');
         if (!validateRequired($Form->getFormValue('Username')) && !validateRequired($Form->getFormValue('Email'))) {
             $Form->addError('Username or Email is required.');
         }
         $Provider = $ProviderModel->getProviderByKey($Form->getFormValue('ClientID'));
         if (!$Provider) {
             $Form->addError(sprintf('%1$s "%2$s" not found.', t('Provider'), $Form->getFormValue('ClientID')));
         }
         if ($Form->errorCount() > 0) {
             throw new Gdn_UserException($Form->errorString());
         }
         // Grab the user.
         $User = false;
         if ($Email = $Form->getFormValue('Email')) {
             $User = Gdn::userModel()->GetByEmail($Email);
         }
         if (!$User && ($Username = $Form->getFormValue('Username'))) {
             $User = Gdn::userModel()->GetByUsername($Username);
         }
         if (!$User) {
             throw new Gdn_UserException(sprintf(t('User not found.'), strtolower(t(UserModel::SigninLabelCode()))), 404);
         }
         // Validate the user's password.
         $PasswordHash = new Gdn_PasswordHash();
         $Password = $this->Form->getFormValue('Password', null);
         if ($Password !== null && !$PasswordHash->CheckPassword($Password, val('Password', $User), val('HashMethod', $User))) {
             throw new Gdn_UserException(t('Invalid password.'), 401);
         }
         // Okay. We've gotten this far. Let's save the authentication.
         $User = (array) $User;
         Gdn::userModel()->saveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $Form->getFormValue('ClientID'), 'UniqueID' => $Form->getFormValue('UniqueID')));
         $Row = Gdn::userModel()->getAuthentication($Form->getFormValue('UniqueID'), $Form->getFormValue('ClientID'));
         if ($Row) {
             $this->setData('Result', $Row);
         } else {
             throw new Gdn_UserException(t('There was an error saving the data.'));
         }
     } else {
         $User = Gdn::userModel()->getID($UserID);
         if (!$User) {
             throw notFoundException('User');
         }
         $Result = Gdn::sql()->select('ua.ProviderKey', '', 'ClientID')->select('ua.ForeignUserKey', '', 'UniqueID')->select('ua.UserID')->select('p.Name')->select('p.AuthenticationSchemeAlias', '', 'Type')->from('UserAuthentication ua')->join('UserAuthenticationProvider p', 'ua.ProviderKey = p.AuthenticationKey')->where('UserID', $UserID)->get()->resultArray();
         $this->setData('Result', $Result);
     }
     $this->render('Blank', 'Utility', 'Dashboard');
 }
示例#2
0
 /**
  * Connect a user with a foreign authentication system.
  *
  * @param string $UniqueID The user's unique key in the other authentication system.
  * @param string $ProviderKey The key of the system providing the authentication.
  * @param array $UserData Data to go in the user table.
  * @param array $Options Additional connect options.
  * @return int The new/existing user ID.
  */
 public function connect($UniqueID, $ProviderKey, $UserData, $Options = [])
 {
     trace('UserModel->Connect()');
     $provider = Gdn_AuthenticationProviderModel::getProviderByKey($ProviderKey);
     // Trusted providers can sync roles.
     if (val('Trusted', $provider) && (!empty($UserData['Roles']) || !empty($UserData['Roles']))) {
         saveToConfig('Garden.SSO.SyncRoles', true, false);
     }
     $UserID = false;
     if (!isset($UserData['UserID'])) {
         // Check to see if the user already exists.
         $Auth = $this->getAuthentication($UniqueID, $ProviderKey);
         $UserID = val('UserID', $Auth);
         if ($UserID) {
             $UserData['UserID'] = $UserID;
         }
     }
     if ($UserID) {
         // Save the user.
         $this->syncUser($UserID, $UserData);
         return $UserID;
     } else {
         // The user hasn't already been connected. We want to see if we can't find the user based on some critera.
         // Check to auto-connect based on email address.
         if (c('Garden.SSO.AutoConnect', c('Garden.Registration.AutoConnect')) && isset($UserData['Email'])) {
             $User = $this->getByEmail($UserData['Email']);
             trace($User, "Autoconnect User");
             if ($User) {
                 $User = (array) $User;
                 // Save the user.
                 $this->syncUser($User, $UserData);
                 $UserID = $User['UserID'];
             }
         }
         if (!$UserID) {
             // Create a new user.
             $UserData['Password'] = md5(microtime());
             $UserData['HashMethod'] = 'Random';
             touchValue('CheckCaptcha', $Options, false);
             touchValue('NoConfirmEmail', $Options, true);
             touchValue('NoActivity', $Options, true);
             // Translate SSO style roles to an array of role IDs suitable for registration.
             if (!empty($UserData['Roles']) && !isset($UserData['RoleID'])) {
                 $UserData['RoleID'] = $this->lookupRoleIDs($UserData['Roles']);
             }
             touchValue('SaveRoles', $Options, !empty($UserData['RoleID']) && c('Garden.SSO.SyncRoles', false));
             trace($UserData, 'Registering User');
             $UserID = $this->register($UserData, $Options);
         }
         if ($UserID) {
             // Save the authentication.
             $this->saveAuthentication(['UniqueID' => $UniqueID, 'Provider' => $ProviderKey, 'UserID' => $UserID]);
         } else {
             trace($this->Validation->resultsText(), TRACE_ERROR);
         }
     }
     return $UserID;
 }
示例#3
0
 /**
  *
  *
  * @param $String
  * @param bool $ThrowError
  * @return int|void
  */
 public function sso($String, $ThrowError = false)
 {
     if (!$String) {
         return;
     }
     $Parts = explode(' ', $String);
     $String = $Parts[0];
     trace($String, "SSO String");
     $Data = json_decode(base64_decode($String), true);
     trace($Data, 'RAW SSO Data');
     $Errors = array();
     if (!isset($Parts[1])) {
         $Errors[] = 'Missing SSO signature';
     }
     if (!isset($Parts[2])) {
         $Errors[] = 'Missing SSO timestamp';
     }
     if (!empty($Errors)) {
         return;
     }
     $Signature = $Parts[1];
     $Timestamp = $Parts[2];
     $HashMethod = val(3, $Parts, 'hmacsha1');
     $ClientID = val('client_id', $Data);
     if (!$ClientID) {
         trace('Missing SSO client_id', TRACE_ERROR);
         return;
     }
     $Provider = Gdn_AuthenticationProviderModel::getProviderByKey($ClientID);
     if (!$Provider) {
         trace("Unknown SSO Provider: {$ClientID}", TRACE_ERROR);
         return;
     }
     $Secret = $Provider['AssociationSecret'];
     // Check the signature.
     switch ($HashMethod) {
         case 'hmacsha1':
             $CalcSignature = hash_hmac('sha1', "{$String} {$Timestamp}", $Secret);
             break;
         default:
             trace("Invalid SSO hash method {$HashMethod}.", TRACE_ERROR);
             return;
     }
     if ($CalcSignature != $Signature) {
         trace("Invalid SSO signature: {$Signature}", TRACE_ERROR);
         return;
     }
     $UniqueID = $Data['uniqueid'];
     $User = arrayTranslate($Data, array('name' => 'Name', 'email' => 'Email', 'photourl' => 'Photo', 'roles' => 'Roles', 'uniqueid' => null, 'client_id' => null), true);
     trace($User, 'SSO User');
     $UserID = Gdn::userModel()->connect($UniqueID, $ClientID, $User);
     return $UserID;
 }
 /**
  *
  *
  * @param null $ProviderKey
  * @param bool $Force
  * @return array|bool|stdClass
  */
 public function getProvider($ProviderKey = null, $Force = false)
 {
     static $AuthModel = null;
     static $Provider = null;
     if (is_null($AuthModel)) {
         $AuthModel = new Gdn_AuthenticationProviderModel();
     }
     $AuthenticationSchemeAlias = $this->getAuthenticationSchemeAlias();
     if (is_null($Provider) || $Force === true) {
         if (!is_null($ProviderKey)) {
             $ProviderData = $AuthModel->getProviderByKey($ProviderKey);
         } else {
             $ProviderData = $AuthModel->getProviderByScheme($AuthenticationSchemeAlias, Gdn::session()->UserID);
             if (!$ProviderData && Gdn::session()->UserID > 0) {
                 $ProviderData = $AuthModel->getProviderByScheme($AuthenticationSchemeAlias, null);
             }
         }
         if ($ProviderData) {
             $Provider = $ProviderData;
         } else {
             return false;
         }
     }
     return $Provider;
 }
示例#5
0
 /**
  *  Return all the information saved in provider table.
  *
  * @return array Stored provider data (secret, client_id, etc.).
  */
 public function provider()
 {
     if (!$this->provider) {
         $this->provider = Gdn_AuthenticationProviderModel::getProviderByKey($this->providerKey);
     }
     return $this->provider;
 }