Pica.php 5.16 KB
Newer Older
David Maus's avatar
David Maus committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<?php

/**
 * This file is part of SimpleSAMLphp Module Pica.
 *
 * SimpleSAMLphp Module Pica is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * SimpleSAMLphp Module Pica is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with SimpleSAMLphp Module Pica.  If not, see <http://www.gnu.org/licenses/>.
 *
 * @author    David Maus <maus@hab.de>
 * @copyright (c) 2015 by Herzog August Bibliothek Wolfenbüttel
 * @license   http://www.gnu.org/licenses/gpl.txt GNU General Public License v3 or higher
 */

use HAB\Pica\Auth;

/**
 * Authentication source for Pica-based library systems.
 *
 * @author    David Maus <maus@hab.de>
 * @copyright (c) 2015 by Herzog August Bibliothek Wolfenbüttel
 * @license   http://www.gnu.org/licenses/gpl.txt GNU General Public License v3 or higher
 */
class sspmod_pica_Auth_Source_Pica extends sspmod_core_Auth_UserPassBase
{
35
36
37
38
39
40
41
    /**
     * Error message settings.
     *
     * @var array
     */
    private $message;

David Maus's avatar
David Maus committed
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
    /**
     * Factory function for authentication module.
     *
     * @var callable
     */
    private $factory;

    /**
     * {@inheritDoc}
     */
    public function __construct ($info, $config)
    {
        parent::__construct($info, $config);
        if (!array_key_exists('pica', $config)) {
            throw new Exception('Pica authentication source configuration missing: [pica]');
        }

        $configuration = SimpleSAML_Configuration::loadFromArray($config['pica']);
60
        $this->factory = $this->createAuthenticationModuleFactory($configuration);
61
        $this->message = $configuration->getArray('errors', array());
David Maus's avatar
David Maus committed
62
63
64
65
66
67
68
69
70
        $this->attrmap = $configuration->getArray('attrmap', array());
    }

    /**
     * {@inheritDoc}
     */
    protected function login ($username, $password)
    {
        $module = $this->getAuthenticationModule();
71
72
73
        try {
            $attributes = $module->authenticate($username, $password);
        } catch (RuntimeException $error) {
74
            $this->handleAuthenticationModuleRuntimeError($error);
75
76
            throw new SimpleSAML_Error_AuthSource('pica', $error->getMessage(), $error);
        }
David Maus's avatar
David Maus committed
77
78
79
80
81
82
        if ($attributes === false) {
            throw new SimpleSAML_Error_Error('WRONGUSERPASS');
        }
        return $this->normalize($attributes);
    }

83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
    /**
     * Return authentication module factory function.
     *
     * @param  SimpleSAML_Configuration $config
     * @return callable
     */
    public function createAuthenticationModuleFactory (SimpleSAML_Configuration $config)
    {
        $module = $config->getString('module');
        switch ($module) {
        case 'lbs4-webservice':
            $serviceUrl = $config->getString('serviceUrl');
            $catalogNumber = $config->getInteger('catalogNumber');
            $lbsUserNumber = $config->getInteger('lbsUserNumber');
            $factory = function () use ($serviceUrl, $catalogNumber, $lbsUserNumber) {
                return new Auth\LBSAuthentication($serviceUrl, $catalogNumber, $lbsUserNumber);
            };
            break;
        case 'loan3-web':
            $serviceUrl = $config->getString('serviceUrl');
            $factory = function () use ($serviceUrl) {
                return new Auth\LOAN3WebAuthentication($serviceUrl);
            };
            break;
        default:
            throw new Exception("Unknown pica authentication module: '{$module}'");
        }
David Maus's avatar
David Maus committed
110
        return $factory;
111
112
    }

113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
    /**
     * Handle authentication module runtime error.
     *
     * @param  RuntimeException $error
     * @return void
     */
    protected function handleAuthenticationModuleRuntimeError (RuntimeException $error)
    {
        if ($this->message) {
            $defaults = array('to' => null, 'from' => null, 'subject' => 'Runtime error in Pica authentication module');
            $settings = array_replace($defaults, array_intersect_key($this->message, $defaults));

            $message = new SimpleSAML_XHTML_EMail($settings['to'], $settings['subject'], $settings['from']);
            $message->setBody(sprintf('<h1>%s</h1><pre>%s</pre>', $error->getMessage(), $error->getTraceAsString()));
            $message->send();
        }
    }

David Maus's avatar
David Maus committed
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
    /**
     * Return normalized attributes.
     *
     * @param  array $attributes
     * @return array
     */
    private function normalize (array $attributes)
    {
        $normalized = array();
        foreach ($this->attrmap as $from => $to) {
            if (array_key_exists($from, $attributes)) {
                $normalized[$to] = (array)$attributes[$from];
            }
        }
        return $normalized;
    }

    /**
     * Return pica authentication module.
     *
     * @return Auth\AuthenticationInterface
     */
153
    protected function getAuthenticationModule ()
David Maus's avatar
David Maus committed
154
155
156
157
    {
        return call_user_func($this->factory);
    }
}