Permalink
Browse files

Added code proposed by Marcus

  • Loading branch information...
0 parents commit 76a348f0dcb665fc8877d73f969ecd745c81dbc6 @lucor lucor committed Jun 24, 2010
@@ -0,0 +1,134 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Services_Atlassian_Crowd is a package to use Atlassian Crowd from PHP
+ *
+ * Crowd is a web-based single sign-on (SSO) tool
+ * that simplifies application provisioning and identity management.
+ *
+ * This package is derived from the PHP Client Library for Atlassian Crowd
+ * class written by Infinite Campus, Inc.
+ *
+ * PHP version 5
+ *
+ * Copyright (C) 2010 Marcus Deglos
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @category Services
+ * @package Services_Atlassian_Crowd
+ * @author Infinite Campus, Inc.
+ * @author Luca Corbo <lucor@php.net>
+ * @author Marcus Deglos <marcus@deglos.com>
+ * @copyright 2010 Marcus Deglos
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License
+ * @link http://pear.php.net/packages/Services_Atlassian_Crowd
+ * @link http://www.atlassian.com/software/crowd
+ * @link http://confluence.atlassian.com/display/CROWD/SOAP+API
+ * @link http://confluence.atlassian.com/display/CROWDEXT/Integrate+Crowd+with+PHP
+ */
+
+// Load includes
+require_once('Services/Atlassian/Crowd/Exception.php');
+require_once('Services/Atlassian/Crowd/ApplicationSoapCredentials.php');
+require_once('Services/Atlassian/Crowd/SecurityServer/Interface.php');
+require_once('Services/Atlassian/Crowd/SecurityServer/SOAP.php');
+
+class Services_Atlassian_Crowd
+{
+
+ // $securityServer will be an implementation of Services_Atlassian_Crowd_SecurityServer_Interface
+ private $securityServer;
+
+
+ /**
+ * Constructor.
+ * If credentionals are provided, this will try to invoke the default Soap
+ * implementation. This is the recommended way of using this class.
+ *
+ * @param optional Object applicationSettings
+ * If provided, try to connect using the default Soap handler.
+ *
+ * @throws Services_Atlassian_Crowd_ServerUnreachableException
+ * if the remote Crowd server cannot be reached.
+ */
+ function __construct($soapCredentials = NULL)
+ {
+ if (is_a($soapCredentials, 'Services_Atlassian_Crowd_ApplicationSoapCredentials')) {
+ // try to create a Soap connection.
+ $server = new Services_Atlassian_Crowd_SecurityServer_SOAP($soapCredentials->wsdl);
+ $this->securityServer = $server;
+ $this->securityServer->setSoapCredentials($soapCredentials);
+ }
+ elseif(!is_null($soapCredentials)) {
+ /**
+ * if a paramater was passed, but ISN'T a valid
+ * Services_Atlassian_CrowdApplicationSoapSettings object,
+ * throw an Exception.
+ */
+ $msg = 'Invalid argument: Services_Atlassian_Crowd constructor expects NULL or a Services_Atlassian_Crowd_ApplicationSoapCredentials object.';
+ throw new InvalidArgumentException($msg);
+ }
+ }
+
+ /**
+ * Set the security server to use.
+ * This may be useful if you wish to use a mock object instead of the
+ * default Soap implementation.
+ */
+ function setSecurityServer($server)
+ {
+ if (!is_a($server, 'Services_Atlassian_Crowd_SecurityServer_Interface')) {
+ $msg = 'Invalid argument: setSecurityServer() expects a Services_Atlassian_Crowd_SecurityServer_Interface object.';
+ throw new InvalidArgumentException($msg);
+ }
+ $this->securityServer = $server;
+ }
+
+ /**
+ * getAuthenticationToken
+ * Provide the authentication token.
+ *
+ * @return String|Null
+ * The token (if authenticated), or Null.
+ */
+ public function getAuthenticationToken()
+ {
+ return $this->securityServer->getAuthenticationToken();
+ }
+
+ /**
+ * Magic __call method: pass all Crowd calls to the security server.
+ */
+ function __call($method, $arguments)
+ {
+ // Validate that the securityServer is correctly configured
+ if(!is_a($this->securityServer, 'Services_Atlassian_Crowd_SecurityServer_Interface')) {
+ $msg = 'Services_Atlassian_Crowd is not configured correctly.';
+ throw new RuntimeException($msg);
+ }
+ // validate the method and arguments
+ elseif(!(is_string($method) && is_array($arguments))) {
+ $msg = 'Magic method __call has been called with invalid parameters - __call expects a string as argument 1 and an array as argument 2.';
+ throw new InvalidArgumentException($msg);
+ }
+ // Validate that the method can be called.
+ elseif(!in_array($method, get_class_methods($this->securityServer))) {
+ $msg = 'Method ' . $method . ' is not supported by Crowd security server object ' . get_class($this->securityServer);
+ throw new BadMethodCallException($msg);
+ }
+ return call_user_func_array(array($this->securityServer, $method), $arguments);
+ }
+}
+?>
@@ -0,0 +1,78 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+
+/**
+ * Services_Atlassian_Crowd_ApplicationSoapCredentials is a helper class to
+ * provide connection information to a Crowd soap-based security server.
+ *
+ * PHP version 5
+ *
+ * Copyright (C) 2010 Marcus Deglos
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @category Services
+ * @package Services_Atlassian_Crowd
+ * @author Infinite Campus, Inc.
+ * @author Luca Corbo <lucor@php.net>
+ * @author Marcus Deglos <marcus@deglos.com>
+ * @copyright 2010 Marcus Deglos
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License
+ * @link http://pear.php.net/packages/Services_Atlassian_Crowd
+ * @link http://www.atlassian.com/software/crowd
+ * @link http://confluence.atlassian.com/display/CROWD/SOAP+API
+ * @link http://confluence.atlassian.com/display/CROWDEXT/Integrate+Crowd+with+PHP
+ */
+
+class Services_Atlassian_Crowd_ApplicationSoapCredentials
+{
+ // The URL of the Crowd security server's WSDL.
+ public $wsdl;
+ // The name of the application used to authenticate to Crowd
+ public $application_name;
+ // The password for the given $application_name
+ public $application_credential;
+ // An authentication token assigned to the application
+ public $application_token = NULL;
+
+ /**
+ * Constructor.
+ * Validates the parameters and assigns them to the class variables.
+ *
+ * @param String $wsdl
+ * The URL of the Crowd security server's WSDL
+ * @param String $application_name
+ * The name of the application used to authenticate to Crowd
+ * @param String $application_credential
+ * The password for the given $application_name
+ * @param optional String $application_token
+ * An authentication token assigned to the application (if this is known,
+ * providing this will save 1 remote call, increasing performance)
+ */
+ public function __construct($wsdl, $application_name, $application_credential, $application_token = NULL)
+ {
+ // validate the arguments
+ if(!(is_string($wsdl) && is_string($application_name) && is_string($application_credential) && (is_string($application_token) || is_null($application_token)))) {
+ $msg = 'Invalid argument: Services_Atlassian_Crowd_ApplicationSoapCredentials constructor requires 3 string arguments, with an optional fourth string argument.';
+ throw new InvalidArgumentException($msg);
+ }
+ $this->wsdl = $wsdl;
+ $this->application_name = $application_name;
+ $this->application_credential = $application_credential;
+ if(is_string($application_token)) {
+ $this->application_token = $application_token;
+ }
+ }
+}
+?>
@@ -0,0 +1,54 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+
+/**
+ * Services_Atlassian_Crowd_Exception
+ *
+ * @category Services
+ * @package Services_Atlassian_Crowd
+ * @author Marcus Deglos <marcus@deglos.com>
+ * @copyright 2010 Marcus Deglos
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License
+ * @link http://pear.php.net/packages/Services_Atlassian_Crowd
+ */
+
+// inherit from the standard PEAR exception
+require_once '/usr/share/php/PEAR/Exception.php';
+
+/**
+ * Base exception for all Crowd-originating exceptions.
+ */
+
+
+
+class Services_Atlassian_Crowd_Exception extends PEAR_Exception
+{
+}
+class Services_Atlassian_Crowd_ServerUnreachableException extends Services_Atlassian_Crowd_Exception
+{
+}
+class Services_Atlassian_Crowd_InvalidApplicationAuthenticationException extends Services_Atlassian_Crowd_Exception
+{
+}
+class Services_Atlassian_Crowd_ApplicationPermissionException extends Services_Atlassian_Crowd_Exception
+{
+}
+class Services_Atlassian_Crowd_InvalidPrincipalAuthenticationException extends Services_Atlassian_Crowd_Exception
+{
+}
+class Services_Atlassian_Crowd_InactiveAccountException extends Services_Atlassian_Crowd_Exception
+{
+}
+class Services_Atlassian_Crowd_InvalidArgumentException extends Services_Atlassian_Crowd_Exception
+{
+}
+class Services_Atlassian_Crowd_ObjectNotFoundException extends Services_Atlassian_Crowd_Exception
+{
+}
+class Services_Atlassian_Crowd_MethodDeprecatedException extends Services_Atlassian_Crowd_Exception
+{
+}
+
+
+?>
@@ -0,0 +1,92 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Services_Atlassian_Crowd_SecurityServer_Interface specifies the class
+ * interface for a Crowd security server implementation.
+ *
+ * PHP version 5
+ *
+ * Copyright (C) 2010 Marcus Deglos
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @category Services
+ * @package Services_Atlassian_Crowd
+ * @author Infinite Campus, Inc.
+ * @author Luca Corbo <lucor@php.net>
+ * @author Marcus Deglos <marcus@deglos.com>
+ * @copyright 2010 Marcus Deglos
+ * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License
+ * @link http://pear.php.net/packages/Services_Atlassian_Crowd
+ * @link http://www.atlassian.com/software/crowd
+ * @link http://confluence.atlassian.com/display/CROWD/SOAP+API
+ * @link http://confluence.atlassian.com/display/CROWDEXT/Integrate+Crowd+with+PHP
+ */
+
+/**
+ * Specify the implementation of a SecurityServer class.
+ * This is a PHP-ized specification from the Atlassian spec:
+ * @link http://docs.atlassian.com/crowd/current/com/atlassian/crowd/integration/service/soap/server/SecurityServer.html
+ */
+interface Services_Atlassian_Crowd_SecurityServer_Interface
+{
+ public function addAttributeToGroup ($group, $attribute_name, $attribute_value);
+ public function addAttributeToPrincipal ($principal, $attribute_name, $attribute_value);
+ public function addGroup ($name, $description = '', $active = FALSE);
+ public function addPrincipal ($name, $credential, $attributes, $active = false);
+ public function addPrincipalToGroup ($principal, $group);
+ public function addPrincipalToRole ($principal, $role);
+ public function addRole ($role);
+ public function authenticateApplication ($application_name, $application_password);
+ public function authenticatePrincipal ($name, $credential, $user_agent, $remote_ip_address);
+ public function authenticatePrincipalSimple ($name, $credential);
+ public function createPrincipalToken ($name, $user_agent, $remote_ip_address);
+ public function findAllGroupNames ();
+ public function findAllGroupRelationships ();
+ public function findAllPrincipalNames ();
+ public function findAllRoleNames ();
+ public function findGroupByName ($name);
+ public function findGroupMemberships ($principalName);
+ public function findGroupWithAttributesByName ($principalName);
+ public function findPrincipalByName ($name);
+ public function findPrincipalByToken ($token);
+ public function findPrincipalWithAttributesByName ($principalName);
+ public function findRoleByName ($name);
+ public function findRoleMemberships ($principalName) ;
+ // public function getCacheTime (); // DEPRECATED - no need to implement
+ public function getCookieInfo ();
+ // public function getDomain (); // DEPRECATED - no need to implement
+ public function getGrantedAuthorities ();
+ public function invalidatePrincipalToken ($token);
+ public function isCacheEnabled ();
+ public function isGroupMember ($group, $principal);
+ public function isRoleMember ($role, $principal);
+ public function isValidPrincipalToken ($token, $user_agent, $remote_ip_address);
+ public function removeAttributeFromGroup ($group, $attribute);
+ public function removeAttributeFromPrincipal ($principal, $attribute);
+ public function removeGroup ($group);
+ public function removePrincipal ($principal);
+ public function removePrincipalFromGroup ($principal, $group);
+ public function removePrincipalFromRole ($principal, $role);
+ public function removeRole ($role);
+ public function resetPrincipalCredential ($principal);
+ public function searchGroups ($searchRestrictions);
+ public function searchPrincipals ($searchRestrictions);
+ public function searchRoles ($searchRestrictions);
+ public function updateGroup ($group, $description, $active);
+ public function updateGroupAttribute ($group, $attribute_name, $attribute_value);
+ public function updatePrincipalAttribute ($name, $attribute_name, $attribute_value);
+ public function updatePrincipalCredential ($principal, $credential);
+}
+?>
Oops, something went wrong.

0 comments on commit 76a348f

Please sign in to comment.