summaryrefslogtreecommitdiff
path: root/plugins/CasAuthentication/CasAuthenticationPlugin.php
blob: 6b751a0aa4fa9e02b39d688e590e411e7851e682 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
<?php
/**
 * StatusNet, the distributed open-source microblogging tool
 *
 * Plugin to enable Single Sign On via CAS (Central Authentication Service)
 *
 * PHP version 5
 *
 * LICENCE: This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * @category  Plugin
 * @package   StatusNet
 * @author    Craig Andrews <candrews@integralblue.com>
 * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
 * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
 * @link      http://status.net/
 */

if (!defined('STATUSNET') && !defined('LACONICA')) {
    exit(1);
}

// We bundle the phpCAS library...
set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/extlib/CAS');

class CasAuthenticationPlugin extends AuthenticationPlugin
{
    public $server;
    public $port = 443;
    public $path = '';
    public $takeOverLogin = false;

    function checkPassword($username, $password)
    {
        global $casTempPassword;
        return ($casTempPassword == $password);
    }

    function onAutoload($cls)
    {
        switch ($cls)
        {
         case 'phpCAS':
            require_once(INSTALLDIR.'/plugins/CasAuthentication/extlib/CAS.php');
            return false;
         case 'CasloginAction':
            require_once(INSTALLDIR.'/plugins/CasAuthentication/' . strtolower(mb_substr($cls, 0, -6)) . '.php');
            return false;
        }
    }

    function onArgsInitialize(&$args)
    {
        if($this->takeOverLogin && $args['action'] == 'login')
        {
            $args['action'] = 'caslogin';
        }
    }

    function onStartInitializeRouter($m)
    {
        $m->connect('main/cas', array('action' => 'caslogin'));
        return true;
    }

    function onEndLoginGroupNav(&$action)
    {
        $action_name = $action->trimmed('action');

        $action->menuItem(common_local_url('caslogin'),
                          // TRANS: Menu item. CAS is Central Authentication Service.
                          _m('CAS'),
                          // TRANS: Tooltip for menu item. CAS is Central Authentication Service.
                          _m('Login or register with CAS.'),
                          $action_name === 'caslogin');

        return true;
    }

    function onEndShowPageNotice($action)
    {
        $name = $action->trimmed('action');

        switch ($name)
        {
         case 'login':
            // TRANS: Invitation to users with a CAS account to log in using the service.
            // TRANS: "[CAS login]" is a link description. (%%action.caslogin%%) is the URL.
            // TRANS: These two elements may not be separated.
            $instr = _m('(Have an account with CAS? ' .
              'Try our [CAS login](%%action.caslogin%%)!)');
            break;
         default:
            return true;
        }

        $output = common_markup_to_html($instr);
        $action->raw($output);
        return true;
    }

    function onLoginAction($action, &$login)
    {
        switch ($action)
        {
         case 'caslogin':
            $login = true;
            return false;
         default:
            return true;
        }
    }

    function onInitializePlugin(){
        parent::onInitializePlugin();
        if(!isset($this->server)){
            throw new Exception(_m("Specifying a server is required.");
        }
        if(!isset($this->port)){
            throw new Exception(_m("Specifying a port is required.");
        }
        if(!isset($this->path)){
            throw new Exception(_m("Specifying a path is required.");
        }
        //These values need to be accessible to a action object
        //I can't think of any other way than global variables
        //to allow the action instance to be able to see values :-(
        global $casSettings;
        $casSettings = array();
        $casSettings['server']=$this->server;
        $casSettings['port']=$this->port;
        $casSettings['path']=$this->path;
        $casSettings['takeOverLogin']=$this->takeOverLogin;
    }

    function onPluginVersion(&$versions)
    {
        $versions[] = array('name' => 'CAS Authentication',
                            'version' => STATUSNET_VERSION,
                            'author' => 'Craig Andrews',
                            'homepage' => 'http://status.net/wiki/Plugin:CasAuthentication',
                            // TRANS: Plugin description. CAS is Central Authentication Service.
                            'rawdescription' => _m('The CAS Authentication plugin allows for StatusNet to handle authentication through CAS (Central Authentication Service).'));
        return true;
    }
}