Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F90106
D7524.diff
All Users
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
4 KB
Referenced Files
None
Subscribers
None
D7524.diff
View Options
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -93,6 +93,7 @@
'PhutilAuthAdapter' => 'auth/PhutilAuthAdapter.php',
'PhutilAuthAdapterEmpty' => 'auth/PhutilAuthAdapterEmpty.php',
'PhutilAuthAdapterLDAP' => 'auth/PhutilAuthAdapterLDAP.php',
+ 'PhutilAuthAdapterShibboleth' => 'auth/PhutilAuthAdapterShibboleth.php',
'PhutilAuthAdapterOAuth' => 'auth/PhutilAuthAdapterOAuth.php',
'PhutilAuthAdapterOAuth1' => 'auth/PhutilAuthAdapterOAuth1.php',
'PhutilAuthAdapterOAuthAmazon' => 'auth/PhutilAuthAdapterOAuthAmazon.php',
@@ -498,6 +499,7 @@
'PhutilAuthAdapterOAuthJIRA' => 'PhutilAuthAdapterOAuth1',
'PhutilAuthAdapterOAuthTwitch' => 'PhutilAuthAdapterOAuth',
'PhutilAuthAdapterOAuthTwitter' => 'PhutilAuthAdapterOAuth1',
+ 'PhutilAuthAdapterShibboleth' => 'PhutilAuthAdapterShibboleth',
'PhutilAuthAdapterPersona' => 'PhutilAuthAdapter',
'PhutilAuthException' => 'Exception',
'PhutilAuthUserAbortedException' => 'PhutilAuthException',
diff --git a/src/auth/PhutilAuthAdapterShibboleth.php b/src/auth/PhutilAuthAdapterShibboleth.php
new file mode 100644
--- /dev/null
+++ b/src/auth/PhutilAuthAdapterShibboleth.php
@@ -0,0 +1,144 @@
+<?php
+
+final class PhutilAuthAdapterShibboleth extends PhutilAuthAdapter {
+
+ // Configuration.
+ private $shibSessionIdField;
+ private $shibApplicationIdField;
+ private $useridField;
+ private $usernameField;
+ private $realnameField;
+ private $emailField;
+ private $pageURIPattern;
+ private $imageURIPattern;
+
+ // Specific User Request Information.
+ private $shibSessionId;
+ private $shibApplicationId;
+ private $userid;
+ private $username;
+ private $realname;
+ private $email;
+
+ //
+ // Configuration setters.
+ //
+ public function setShibSessionIdField($value) {
+ $this->shibSessionIdField = $value;
+ return $this;
+ }
+
+ public function setShibApplicationIdField($value) {
+ $this->shibApplicationIdField = $value;
+ return $this;
+ }
+
+ public function setUseridField($value) {
+ $this->useridField = $value;
+ return $this;
+ }
+
+ public function setUsernameField($value) {
+ $this->usernameField = $value;
+ return $this;
+ }
+
+ public function setRealnameField($value) {
+ $this->realnameField = $value;
+ return $this;
+ }
+
+ public function setEmailField($value) {
+ $this->emailField = $value;
+ return $this;
+ }
+
+ public function setPageURIPattern($value) {
+ $this->pageURIPattern = $value;
+ return $this;
+ }
+
+ public function setImageURIPattern($value) {
+ $this->imageURIPattern = $value;
+ return $this;
+ }
+
+ //
+ // Implementation of PhutilAuthAdapter interface.
+ // User information getters.
+ //
+
+ public function getAccountID() {
+ return $this->userid;
+ }
+
+ public function getAdapterType() {
+ return 'shibboleth';
+ }
+
+ public function getAdapterDomain() {
+ return 'self';
+ }
+
+ public function getAccountEmail() {
+ return $this->email;
+ }
+
+ public function getAccountName() {
+ return $this->username;
+ }
+
+ public function getAccountURI() {
+ if (strlen($this->pageURIPattern)) {
+ return sprintf($this->pageURIPattern, $this->username);
+ }
+ return null;
+ }
+
+ public function getAccountImageURI() {
+ if (strlen($this->imageURIPattern)) {
+ return sprintf($this->imageURIPattern, $this->username);
+ }
+ return null;
+ }
+
+ public function getAccountRealName() {
+ return $this->realname;
+ }
+
+ //
+ // Extraction of user information from request headers.
+ //
+ public function getHeaderNames() {
+ return array(
+ $this->shibSessionIdField,
+ $this->shibApplicationIdField,
+ $this->useridField,
+ $this->usernameField,
+ $this->realnameField,
+ $this->emailField,
+ );
+ }
+
+ public function setUserDataFromRequest($headers) {
+
+ $this->shibSessionId = $headers[$this->shibSessionIdField];
+ $this->shibApplicationId = $headers[$this->shibApplicationIdField];
+ $this->userid = $headers[$this->useridField];
+ $this->username = $headers[$this->usernameField];
+ $this->realname = $headers[$this->realnameField];
+ $this->email = $headers[$this->emailField];
+
+ if (!strlen($this->shibSessionId)
+ || !strlen($this->shibApplicationId)
+ || !strlen($this->userid)
+ || !strlen($this->username)
+ || !strlen($this->realname)
+ || !strlen($this->email)
+ ) {
+ return false;
+ }
+
+ return $this;
+ }
+}
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
amazon-s3
Storage Format
Raw Data
Storage Handle
phabricator/6g/m3/5veccjlm7qamvxkw
Default Alt Text
D7524.diff (4 KB)
Attached To
Mode
D7524: Adding an authentication adapter for Shibboleth SSO.
Attached
Detach File
Event Timeline
Log In to Comment