-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathloop_saml.module
148 lines (127 loc) · 3.6 KB
/
loop_saml.module
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
<?php
/**
* Implements hook_menu().
*/
function loop_saml_menu() {
$items = array();
$items['loop_saml_redirect'] = array(
'title' => 'Simple redirect page',
'page callback' => 'loop_saml_redirect',
'access callback' => TRUE,
'type' => MENU_LOCAL_TASK,
);
return $items;
}
/**
* Implements hook_init().
*/
function loop_saml_init() {
// Do not run this from CLI.
if (php_sapi_name() != 'cli') {
global $user;
// Verify this is an anonymous user.
if ($user->uid === 0) {
$arg = arg();
// Verify this is a front-page request.
if (isset($arg[0]) && ($arg[0] == 'front')) {
// Redirect the user to the IdP.
drupal_goto('saml/drupal_login');
}
}
}
}
/**
* Simple iFrame redirect page.
*/
function loop_saml_redirect() {
// Be sure the session is deleted.
$session_id = session_id();
if ($session_id) {
session_destroy();
}
$output = array(
'#markup' => '<iframe src="https://adfs.aarhuskommune.dk/adfs/ls/?wa=wsignout1.0" frameborder="0" width="0px" height="0px"></iframe>',
);
drupal_add_js(drupal_get_path('module', 'loop_saml') . '/js/loop_saml.js');
return $output;
}
/**
* Implements hook_user_logout().
*/
function loop_saml_user_logout($account) {
if (variable_get('saml_sp_drupal_login__logout', FALSE) === 0) {
// Setup a temporary redirect. This will log the user out of the IdP.
$_GET['destination'] = 'loop_saml_redirect';
}
}
/**
* Implements hook_saml_sp_post_create_user().
*/
function loop_saml_saml_sp_post_create_user_alter($account, $attributes) {
_loop_saml_setup_account($account, $attributes);
}
/**
* Implements hook_saml_sp_post_update_user().
*/
function loop_saml_saml_sp_post_update_user_alter($account, $attributes) {
_loop_saml_setup_account($account, $attributes);
}
/**
* Implements hook_form_ID_alter().
*
* Be sure to redirect to /user page.
*/
function loop_saml_form_user_login_alter(&$form, &$form_state) {
$idp_selection = variable_get('saml_sp_drupal_login__idp', '');
$idp = saml_sp_idp_load($idp_selection);
$options = array('query' => array('returnTo' => url('user')));
$items['link'] = array(
'content' => l(t('Log in using @idp_name', array('@idp_name' => $idp->name)), 'saml/drupal_login', $options),
'class' => array('saml-link'),
);
$form['name']['#prefix'] = theme('loop_saml_prefix_login', $items);
unset($form['saml_sp_drupal_login_links']);
}
/**
* Implements hook_theme().
*/
function loop_saml_theme() {
return array(
'loop_saml_prefix_login' => array(
'variables' => array(),
'template' => 'templates/loop-saml--prefix-login',
),
);
}
/**
* Implements hook_form_ID_alter().
*
* Re-enable password field.
*/
function loop_saml_form_user_profile_form_alter(&$form, &$form_state) {
$form['account']['pass'] = array(
'#type' => 'password_confirm',
'#size' => 25,
'#description' => t('To change the current user password, enter the new password in both fields.'),
);
if (isset($form['account']['mail']['#disabled'])) {
unset($form['account']['mail']['#disabled']);
}
}
/**
* Setup LOOP specicfic acocunt details.
*
* @param object $account
* Drupal account
*
* @param array $attributes
* SAML attributes.
*/
function _loop_saml_setup_account($account, $attributes) {
$fullename = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname'][0];
$names = preg_split("/\s+(?=\S*+$)/", $fullename);
$wrapper = entity_metadata_wrapper('user', $account);
$wrapper->field_first_name->set($names[0]);
$wrapper->field_last_name->set($names[1]);
$wrapper->save();
}