NatLibFi /
Skosmos
@@ -361,10 +361,10 @@ |
||
| 361 | 361 | return $this->getBoolean('skosmos:sparqlCollationEnabled', FALSE); |
| 362 | 362 | } |
| 363 | 363 | |
| 364 | - /** |
|
| 365 | - * @return string|null |
|
| 366 | - */ |
|
| 367 | - public function getAuthenticationProvider() { |
|
| 368 | - return $this->getLiteral('skosmos:authenticationProvider', false); |
|
| 369 | - } |
|
| 364 | + /** |
|
| 365 | + * @return string|null |
|
| 366 | + */ |
|
| 367 | + public function getAuthenticationProvider() { |
|
| 368 | + return $this->getLiteral('skosmos:authenticationProvider', false); |
|
| 369 | + } |
|
| 370 | 370 | } |
@@ -7,12 +7,12 @@ |
||
| 7 | 7 | abstract class BaseConfig extends DataObject |
| 8 | 8 | { |
| 9 | 9 | |
| 10 | - /** |
|
| 11 | - * Returns a boolean value based on a literal value from the config.ttl configuration. |
|
| 12 | - * @param string $property the property to query |
|
| 13 | - * @param boolean $default the default value if the value is not set in configuration |
|
| 14 | - * @return boolean the boolean value for the given property, or the default value if not found |
|
| 15 | - */ |
|
| 10 | + /** |
|
| 11 | + * Returns a boolean value based on a literal value from the config.ttl configuration. |
|
| 12 | + * @param string $property the property to query |
|
| 13 | + * @param boolean $default the default value if the value is not set in configuration |
|
| 14 | + * @return boolean the boolean value for the given property, or the default value if not found |
|
| 15 | + */ |
|
| 16 | 16 | public function getBoolean($property, $default = false) |
| 17 | 17 | { |
| 18 | 18 | $val = $this->getResource()->getLiteral($property); |
@@ -44,7 +44,7 @@ |
||
| 44 | 44 | * @param string $lang preferred language for the literal |
| 45 | 45 | * @return string string value for the given property, or the default value if not found |
| 46 | 46 | */ |
| 47 | - public function getLiteral($property, $default=null, $lang=null) |
|
| 47 | + public function getLiteral($property, $default = null, $lang = null) |
|
| 48 | 48 | { |
| 49 | 49 | if (!isset($lang)) { |
| 50 | 50 | $lang = $this->getEnvLang(); |
@@ -46,45 +46,45 @@ |
||
| 46 | 46 | $this->languages[$langcode]['lemma'] = Punic\Language::getName($langcode, $langcode); |
| 47 | 47 | } |
| 48 | 48 | |
| 49 | - // Check if we have an authentication provider configured |
|
| 50 | - // If so; check if the configured provider is actually a class we can use |
|
| 51 | - if (($authProvider = $this->model->getConfig()->getAuthenticationProvider()) && class_exists($authProvider)) { |
|
| 52 | - $this->invokeAuthenticationLayer(new $authProvider($this)); |
|
| 53 | - } |
|
| 49 | + // Check if we have an authentication provider configured |
|
| 50 | + // If so; check if the configured provider is actually a class we can use |
|
| 51 | + if (($authProvider = $this->model->getConfig()->getAuthenticationProvider()) && class_exists($authProvider)) { |
|
| 52 | + $this->invokeAuthenticationLayer(new $authProvider($this)); |
|
| 53 | + } |
|
| 54 | 54 | } |
| 55 | 55 | |
| 56 | - /** |
|
| 57 | - * Invokes the authentication layer |
|
| 58 | - * |
|
| 59 | - * @param BaseAuthInterface $provider |
|
| 60 | - * @return void |
|
| 61 | - */ |
|
| 62 | - private function invokeAuthenticationLayer(BaseAuthInterface $authProvider) { |
|
| 63 | - |
|
| 64 | - // Validate the authentication provider's configuration parameters |
|
| 65 | - if ($authProvider->validate()) { |
|
| 66 | - |
|
| 67 | - // We don't have a valid user session; so sign in the user |
|
| 68 | - if (!$authProvider->isSignedIn()) { |
|
| 69 | - $authProvider->signIn(); |
|
| 70 | - |
|
| 71 | - // We have a valid session for this user; see if it wants to do anything.. |
|
| 72 | - } elseif (isset($_GET['auth_do'])) { |
|
| 73 | - $action = $_GET['auth_do']; |
|
| 74 | - |
|
| 75 | - // Signout |
|
| 76 | - if ($action === 'signout') { |
|
| 77 | - $authProvider->signOut(); |
|
| 78 | - |
|
| 79 | - // Retrieve user info |
|
| 80 | - } else if ($action === 'info') { |
|
| 81 | - echo json_encode($authProvider->getUserAttributes()); |
|
| 82 | - $this->sendHeader('Content-Type: application/json'); |
|
| 83 | - exit(); |
|
| 84 | - } |
|
| 85 | - } |
|
| 86 | - } |
|
| 87 | - } |
|
| 56 | + /** |
|
| 57 | + * Invokes the authentication layer |
|
| 58 | + * |
|
| 59 | + * @param BaseAuthInterface $provider |
|
| 60 | + * @return void |
|
| 61 | + */ |
|
| 62 | + private function invokeAuthenticationLayer(BaseAuthInterface $authProvider) { |
|
| 63 | + |
|
| 64 | + // Validate the authentication provider's configuration parameters |
|
| 65 | + if ($authProvider->validate()) { |
|
| 66 | + |
|
| 67 | + // We don't have a valid user session; so sign in the user |
|
| 68 | + if (!$authProvider->isSignedIn()) { |
|
| 69 | + $authProvider->signIn(); |
|
| 70 | + |
|
| 71 | + // We have a valid session for this user; see if it wants to do anything.. |
|
| 72 | + } elseif (isset($_GET['auth_do'])) { |
|
| 73 | + $action = $_GET['auth_do']; |
|
| 74 | + |
|
| 75 | + // Signout |
|
| 76 | + if ($action === 'signout') { |
|
| 77 | + $authProvider->signOut(); |
|
| 78 | + |
|
| 79 | + // Retrieve user info |
|
| 80 | + } else if ($action === 'info') { |
|
| 81 | + echo json_encode($authProvider->getUserAttributes()); |
|
| 82 | + $this->sendHeader('Content-Type: application/json'); |
|
| 83 | + exit(); |
|
| 84 | + } |
|
| 85 | + } |
|
| 86 | + } |
|
| 87 | + } |
|
| 88 | 88 | |
| 89 | 89 | /** |
| 90 | 90 | * Sets the locale language properties from the parameter (used by gettext and some Model classes). |
@@ -2,45 +2,45 @@ |
||
| 2 | 2 | |
| 3 | 3 | interface BaseAuthInterface { |
| 4 | 4 | |
| 5 | - public function __construct(Controller $controller); |
|
| 6 | - |
|
| 7 | - /** |
|
| 8 | - * Validate if all requirements are met to load this |
|
| 9 | - * authentication method. This function is useful for |
|
| 10 | - * validating configuration options inside Config.ttl. |
|
| 11 | - * |
|
| 12 | - * @return bool |
|
| 13 | - */ |
|
| 14 | - public function validate(): bool; |
|
| 15 | - |
|
| 16 | - /** |
|
| 17 | - * Checks if the current user has a valid session on the |
|
| 18 | - * authorization endpoint. |
|
| 19 | - * |
|
| 20 | - * @return bool |
|
| 21 | - */ |
|
| 22 | - public function isSignedIn(): bool; |
|
| 23 | - |
|
| 24 | - /** |
|
| 25 | - * Signs in the current user |
|
| 26 | - * |
|
| 27 | - * @return mixed |
|
| 28 | - */ |
|
| 29 | - public function signIn(); |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * Signs out the user |
|
| 33 | - * |
|
| 34 | - * @return mixed |
|
| 35 | - */ |
|
| 36 | - public function signOut(); |
|
| 37 | - |
|
| 38 | - /** |
|
| 39 | - * Retrieve the user's attributes |
|
| 40 | - * |
|
| 41 | - * @return array |
|
| 42 | - */ |
|
| 43 | - public function getUserAttributes(): array; |
|
| 5 | + public function __construct(Controller $controller); |
|
| 6 | + |
|
| 7 | + /** |
|
| 8 | + * Validate if all requirements are met to load this |
|
| 9 | + * authentication method. This function is useful for |
|
| 10 | + * validating configuration options inside Config.ttl. |
|
| 11 | + * |
|
| 12 | + * @return bool |
|
| 13 | + */ |
|
| 14 | + public function validate(): bool; |
|
| 15 | + |
|
| 16 | + /** |
|
| 17 | + * Checks if the current user has a valid session on the |
|
| 18 | + * authorization endpoint. |
|
| 19 | + * |
|
| 20 | + * @return bool |
|
| 21 | + */ |
|
| 22 | + public function isSignedIn(): bool; |
|
| 23 | + |
|
| 24 | + /** |
|
| 25 | + * Signs in the current user |
|
| 26 | + * |
|
| 27 | + * @return mixed |
|
| 28 | + */ |
|
| 29 | + public function signIn(); |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * Signs out the user |
|
| 33 | + * |
|
| 34 | + * @return mixed |
|
| 35 | + */ |
|
| 36 | + public function signOut(); |
|
| 37 | + |
|
| 38 | + /** |
|
| 39 | + * Retrieve the user's attributes |
|
| 40 | + * |
|
| 41 | + * @return array |
|
| 42 | + */ |
|
| 43 | + public function getUserAttributes(): array; |
|
| 44 | 44 | |
| 45 | 45 | |
| 46 | 46 | } |
| 47 | 47 | \ No newline at end of file |
@@ -10,109 +10,109 @@ |
||
| 10 | 10 | */ |
| 11 | 11 | class SimpleSamlPHP implements BaseAuthInterface { |
| 12 | 12 | |
| 13 | - /** |
|
| 14 | - * @var Model |
|
| 15 | - */ |
|
| 16 | - private $model; |
|
| 17 | - |
|
| 18 | - /** |
|
| 19 | - * Placeholder of the SimpleSamlPHP authentication entity. |
|
| 20 | - * |
|
| 21 | - * @var string|null |
|
| 22 | - */ |
|
| 23 | - private $authEntity; |
|
| 24 | - |
|
| 25 | - /** |
|
| 26 | - * The configured application URL |
|
| 27 | - * |
|
| 28 | - * @var string |
|
| 29 | - */ |
|
| 30 | - private $baseHref; |
|
| 31 | - |
|
| 32 | - /** |
|
| 33 | - * @param Model $model |
|
| 34 | - */ |
|
| 35 | - public function __construct(Controller $controller) { |
|
| 36 | - $this->model = $controller->model; |
|
| 37 | - $this->baseHref = $controller->getBaseHref(); |
|
| 38 | - } |
|
| 39 | - |
|
| 40 | - /** |
|
| 41 | - * @inheritDoc |
|
| 42 | - */ |
|
| 43 | - public function validate(): bool { |
|
| 44 | - $authDirectory = $this->model->getConfig()->getLiteral( 'skosmos:authProviderIncludeDirectory' ); |
|
| 45 | - if (!$authDirectory) { |
|
| 46 | - return false; |
|
| 47 | - } |
|
| 48 | - |
|
| 49 | - $authEntity = $this->model->getConfig()->getLiteral( 'skosmos:authProviderAuthEntity' ); |
|
| 50 | - if (!$authEntity) { |
|
| 51 | - return false; |
|
| 52 | - } else { |
|
| 53 | - $this->authEntity = $authEntity; |
|
| 54 | - } |
|
| 55 | - |
|
| 56 | - $sspAutoloader = $authDirectory . DIRECTORY_SEPARATOR . 'lib/_autoload.php'; |
|
| 57 | - if (!file_exists($sspAutoloader)) { |
|
| 58 | - return false; |
|
| 59 | - } else { |
|
| 60 | - require $sspAutoloader; |
|
| 61 | - } |
|
| 62 | - |
|
| 63 | - return true; |
|
| 64 | - } |
|
| 65 | - |
|
| 66 | - /** |
|
| 67 | - * @inheritDoc |
|
| 68 | - */ |
|
| 69 | - public function isSignedIn(): bool { |
|
| 70 | - return $this->getSessionFromRequest()->isValid($this->authEntity); |
|
| 71 | - } |
|
| 72 | - |
|
| 73 | - /** |
|
| 74 | - * @inheritDoc |
|
| 75 | - */ |
|
| 76 | - public function signIn() { |
|
| 77 | - $this->getAuthenticationSource()->requireAuth([ |
|
| 78 | - 'ReturnTo' => $this->baseHref |
|
| 79 | - ]); |
|
| 80 | - } |
|
| 81 | - |
|
| 82 | - /** |
|
| 83 | - * @inheritDoc |
|
| 84 | - */ |
|
| 85 | - public function signOut() { |
|
| 86 | - $this->getAuthenticationSource()->logout([ |
|
| 87 | - 'ReturnTo' => $this->baseHref |
|
| 88 | - ]); |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - /** |
|
| 92 | - * @inheritDoc |
|
| 93 | - */ |
|
| 94 | - public function getUserAttributes(): array { |
|
| 95 | - if ($this->isSignedIn()) { |
|
| 96 | - return []; |
|
| 97 | - } |
|
| 98 | - return [ |
|
| 99 | - 'auth_source' => $this->authEntity, |
|
| 100 | - 'attributes' => $this->getAuthenticationSource()->getAttributes() |
|
| 101 | - ]; |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - /** |
|
| 105 | - * @return \SimpleSAML\Auth\Simple |
|
| 106 | - */ |
|
| 107 | - private function getAuthenticationSource() { |
|
| 108 | - return new SimpleSAML\Auth\Simple($this->authEntity); |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - /** |
|
| 112 | - * @return SimpleSAML\Session::getSessionFromRequest() |
|
| 113 | - */ |
|
| 114 | - private function getSessionFromRequest() { |
|
| 115 | - return SimpleSAML\Session::getSessionFromRequest(); |
|
| 116 | - } |
|
| 13 | + /** |
|
| 14 | + * @var Model |
|
| 15 | + */ |
|
| 16 | + private $model; |
|
| 17 | + |
|
| 18 | + /** |
|
| 19 | + * Placeholder of the SimpleSamlPHP authentication entity. |
|
| 20 | + * |
|
| 21 | + * @var string|null |
|
| 22 | + */ |
|
| 23 | + private $authEntity; |
|
| 24 | + |
|
| 25 | + /** |
|
| 26 | + * The configured application URL |
|
| 27 | + * |
|
| 28 | + * @var string |
|
| 29 | + */ |
|
| 30 | + private $baseHref; |
|
| 31 | + |
|
| 32 | + /** |
|
| 33 | + * @param Model $model |
|
| 34 | + */ |
|
| 35 | + public function __construct(Controller $controller) { |
|
| 36 | + $this->model = $controller->model; |
|
| 37 | + $this->baseHref = $controller->getBaseHref(); |
|
| 38 | + } |
|
| 39 | + |
|
| 40 | + /** |
|
| 41 | + * @inheritDoc |
|
| 42 | + */ |
|
| 43 | + public function validate(): bool { |
|
| 44 | + $authDirectory = $this->model->getConfig()->getLiteral( 'skosmos:authProviderIncludeDirectory' ); |
|
| 45 | + if (!$authDirectory) { |
|
| 46 | + return false; |
|
| 47 | + } |
|
| 48 | + |
|
| 49 | + $authEntity = $this->model->getConfig()->getLiteral( 'skosmos:authProviderAuthEntity' ); |
|
| 50 | + if (!$authEntity) { |
|
| 51 | + return false; |
|
| 52 | + } else { |
|
| 53 | + $this->authEntity = $authEntity; |
|
| 54 | + } |
|
| 55 | + |
|
| 56 | + $sspAutoloader = $authDirectory . DIRECTORY_SEPARATOR . 'lib/_autoload.php'; |
|
| 57 | + if (!file_exists($sspAutoloader)) { |
|
| 58 | + return false; |
|
| 59 | + } else { |
|
| 60 | + require $sspAutoloader; |
|
| 61 | + } |
|
| 62 | + |
|
| 63 | + return true; |
|
| 64 | + } |
|
| 65 | + |
|
| 66 | + /** |
|
| 67 | + * @inheritDoc |
|
| 68 | + */ |
|
| 69 | + public function isSignedIn(): bool { |
|
| 70 | + return $this->getSessionFromRequest()->isValid($this->authEntity); |
|
| 71 | + } |
|
| 72 | + |
|
| 73 | + /** |
|
| 74 | + * @inheritDoc |
|
| 75 | + */ |
|
| 76 | + public function signIn() { |
|
| 77 | + $this->getAuthenticationSource()->requireAuth([ |
|
| 78 | + 'ReturnTo' => $this->baseHref |
|
| 79 | + ]); |
|
| 80 | + } |
|
| 81 | + |
|
| 82 | + /** |
|
| 83 | + * @inheritDoc |
|
| 84 | + */ |
|
| 85 | + public function signOut() { |
|
| 86 | + $this->getAuthenticationSource()->logout([ |
|
| 87 | + 'ReturnTo' => $this->baseHref |
|
| 88 | + ]); |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + /** |
|
| 92 | + * @inheritDoc |
|
| 93 | + */ |
|
| 94 | + public function getUserAttributes(): array { |
|
| 95 | + if ($this->isSignedIn()) { |
|
| 96 | + return []; |
|
| 97 | + } |
|
| 98 | + return [ |
|
| 99 | + 'auth_source' => $this->authEntity, |
|
| 100 | + 'attributes' => $this->getAuthenticationSource()->getAttributes() |
|
| 101 | + ]; |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + /** |
|
| 105 | + * @return \SimpleSAML\Auth\Simple |
|
| 106 | + */ |
|
| 107 | + private function getAuthenticationSource() { |
|
| 108 | + return new SimpleSAML\Auth\Simple($this->authEntity); |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + /** |
|
| 112 | + * @return SimpleSAML\Session::getSessionFromRequest() |
|
| 113 | + */ |
|
| 114 | + private function getSessionFromRequest() { |
|
| 115 | + return SimpleSAML\Session::getSessionFromRequest(); |
|
| 116 | + } |
|
| 117 | 117 | |
| 118 | 118 | } |
| 119 | 119 | \ No newline at end of file |
@@ -41,19 +41,19 @@ |
||
| 41 | 41 | * @inheritDoc |
| 42 | 42 | */ |
| 43 | 43 | public function validate(): bool { |
| 44 | - $authDirectory = $this->model->getConfig()->getLiteral( 'skosmos:authProviderIncludeDirectory' ); |
|
| 44 | + $authDirectory = $this->model->getConfig()->getLiteral('skosmos:authProviderIncludeDirectory'); |
|
| 45 | 45 | if (!$authDirectory) { |
| 46 | 46 | return false; |
| 47 | 47 | } |
| 48 | 48 | |
| 49 | - $authEntity = $this->model->getConfig()->getLiteral( 'skosmos:authProviderAuthEntity' ); |
|
| 49 | + $authEntity = $this->model->getConfig()->getLiteral('skosmos:authProviderAuthEntity'); |
|
| 50 | 50 | if (!$authEntity) { |
| 51 | 51 | return false; |
| 52 | 52 | } else { |
| 53 | 53 | $this->authEntity = $authEntity; |
| 54 | 54 | } |
| 55 | 55 | |
| 56 | - $sspAutoloader = $authDirectory . DIRECTORY_SEPARATOR . 'lib/_autoload.php'; |
|
| 56 | + $sspAutoloader = $authDirectory.DIRECTORY_SEPARATOR.'lib/_autoload.php'; |
|
| 57 | 57 | if (!file_exists($sspAutoloader)) { |
| 58 | 58 | return false; |
| 59 | 59 | } else { |
