Skip to content
Permalink
Browse files

MDL-60432 auth_cas: Using Identity Providers for Authentication CAS

Using Identity Providers for  Authentication CAS , instead of cas_form.html
  • Loading branch information...
fabmen authored and andrewnicols committed Nov 27, 2017
1 parent 33a388e commit ddb9b02b053f39e59ddf4993bacf6e728b6c21af
Showing with 114 additions and 13 deletions.
  1. +23 −13 auth/cas/auth.php
  2. +4 −0 auth/cas/lang/en/auth_cas.php
  3. +75 −0 auth/cas/lib.php
  4. +12 −0 auth/cas/settings.php
@@ -130,21 +130,10 @@ function loginpage_hook() {
}
$authCAS = optional_param('authCAS', '', PARAM_RAW);
if ($authCAS == 'NOCAS') {
if ($authCAS != 'CAS') {
return;
}
// Show authentication form for multi-authentication.
// Test pgtIou parameter for proxy mode (https connection in background from CAS server to the php server).
if ($authCAS != 'CAS' && !isset($_GET['pgtIou'])) {
$PAGE->set_url('/login/index.php');
$PAGE->navbar->add($CASform);
$PAGE->set_title("$site->fullname: $CASform");
$PAGE->set_heading($site->fullname);
echo $OUTPUT->header();
include($CFG->dirroot.'/auth/cas/cas_form.html');
echo $OUTPUT->footer();
exit();
}
}
// Connection to CAS server
@@ -363,4 +352,25 @@ public function postlogout_hook($user) {
phpCAS::logoutWithRedirectService($backurl);
}
}
/**
* Return a list of identity providers to display on the login page.
*
* @param string|moodle_url $wantsurl The requested URL.
* @return array List of arrays with keys url, iconurl and name.
*/
public function loginpage_idp_list($wantsurl) {
global $CFG;
$config = get_config('auth_cas');
$params = ["authCAS" => "CAS"];
$url = new moodle_url(get_login_url(), $params);
$iconurl = moodle_url::make_pluginfile_url(context_system::instance()->id,
'auth_cas',
'logo',
null,
'/',
$config->auth_logo);
$result[] = ['url' => $url, 'iconurl' => $iconurl, 'name' => $config->auth_name];
return $result;
}
}
@@ -24,6 +24,10 @@
$string['accesCAS'] = 'CAS users';
$string['accesNOCAS'] = 'other users';
$string['auth_cas_auth_name'] = 'Authentication method name';
$string['auth_cas_auth_name_description'] = 'Provide a name for the CAS authentication method that is familiar to your users.';
$string['auth_cas_auth_logo'] = 'Authentication method logo';
$string['auth_cas_auth_logo_description'] = 'Provide a logo for the CAS authentication method that is familiar to your users.';
$string['auth_cas_auth_user_create'] = 'Create users externally';
$string['auth_cas_baseuri'] = 'URI of the server (nothing if no baseUri)<br />For example, if the CAS server responds to host.domaine.fr/CAS/ then<br />cas_baseuri = CAS/';
$string['auth_cas_baseuri_key'] = 'Base URI';
@@ -0,0 +1,75 @@
<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Authentication Plugin: CAS Authentication
*
* Authentication using CAS (Central Authentication Server).
*
* @package auth_cas
* @copyright 1999 onwards Martin Dougiamas {@link http://moodle.com}
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
/**
* Serves the logo file settings.
*
* @param stdClass $course course object
* @param stdClass $cm course module object
* @param stdClass $context context object
* @param string $filearea file area
* @param array $args extra arguments
* @param bool $forcedownload whether or not force download
* @param array $options additional options affecting the file serving
* @return bool false if file not found, does not return if found - justsend the file
*/
function auth_cas_pluginfile($course, $cm, $context, $filearea, $args, $forcedownload, array $options=array()) {
if ($context->contextlevel != CONTEXT_SYSTEM) {
return false;
}
if ($filearea !== 'logo' ) {
return false;
}
$itemid = 0;
// Use the itemid to retrieve any relevant data records and perform any security checks to see if the
// user really does have access to the file in question.
// Extract the filename / filepath from the $args array.
$filename = array_pop($args); // The last item in the $args array.
if (!$args) {
$filepath = '/'; // $args is empty => the path is '/'
} else {
$filepath = '/'.implode('/', $args).'/'; // $args contains elements of the filepath
}
// Retrieve the file from the Files API.
$fs = get_file_storage();
$file = $fs->get_file($context->id, 'auth_cas', $filearea, $itemid, $filepath, $filename);
if (!$file) {
return false; // The file does not exist.
}
// We can now send the file back to the browser - in this case with a cache lifetime of 1 day and no filtering.
// From Moodle 2.3, use send_stored_file instead.
send_stored_file($file, null, 0, $forcedownload, $options);
}
@@ -45,6 +45,18 @@
$settings->add(new admin_setting_heading('auth_cas/casserversettings',
new lang_string('auth_cas_server_settings', 'auth_cas'), ''));
// Authentication method name.
$settings->add(new admin_setting_configtext('auth_cas/auth_name',
get_string('auth_cas_auth_name', 'auth_cas'),
get_string('auth_cas_auth_name_description', 'auth_cas'), '', PARAM_RAW_TRIMMED));
// Authentication method logo.
$opts = array('accepted_types' => array('.png', '.jpg', '.gif', '.webp', '.tiff', '.svg'));
$settings->add(new admin_setting_configstoredfile('auth_cas/auth_logo',
get_string('auth_cas_auth_logo', 'auth_cas'),
get_string('auth_cas_auth_logo_description', 'auth_cas'), 'logo', 0, $opts));
// Hostname.
$settings->add(new admin_setting_configtext('auth_cas/hostname',
get_string('auth_cas_hostname_key', 'auth_cas'),

0 comments on commit ddb9b02

Please sign in to comment.
You can’t perform that action at this time.