Pica.php 3.8 KB
Newer Older
David Maus's avatar
David Maus committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php

/**
 * This file is part of SimpleSAMLphp Module Pica.
 *
 * SimpleSAMLphp Module Pica is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * SimpleSAMLphp Module Pica is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with SimpleSAMLphp Module Pica.  If not, see <http://www.gnu.org/licenses/>.
 *
 * @author    David Maus <maus@hab.de>
 * @copyright (c) 2015 by Herzog August Bibliothek Wolfenbüttel
 * @license   http://www.gnu.org/licenses/gpl.txt GNU General Public License v3 or higher
 */

use HAB\Pica\Auth;

/**
 * Authentication source for Pica-based library systems.
 *
 * @author    David Maus <maus@hab.de>
 * @copyright (c) 2015 by Herzog August Bibliothek Wolfenbüttel
 * @license   http://www.gnu.org/licenses/gpl.txt GNU General Public License v3 or higher
 */
class sspmod_pica_Auth_Source_Pica extends sspmod_core_Auth_UserPassBase
{
    /**
     * Factory function for authentication module.
     *
     * @var callable
     */
    private $factory;

    /**
     * {@inheritDoc}
     */
    public function __construct ($info, $config)
    {
        parent::__construct($info, $config);
        if (!array_key_exists('pica', $config)) {
            throw new Exception('Pica authentication source configuration missing: [pica]');
        }

        $configuration = SimpleSAML_Configuration::loadFromArray($config['pica']);
        $module = $configuration->getString('module');
        switch ($module) {
            case 'lbs4-webservice':
                $serviceUrl = $configuration->getString('serviceUrl');
                $catalogNumber = $configuration->getInteger('catalogNumber');
                $lbsUserNumber = $configuration->getInteger('lbsUserNumber');
                $this->factory = function () use ($serviceUrl, $catalogNumber, $lbsUserNumber) {
                    return new Auth\LBSAuthentication($serviceUrl, $catalogNumber, $lbsUserNumber);
                };
                break;
            case 'loan3-web':
                $serviceUrl = $configuration->getString('serviceUrl');
                $this->factory = function () use ($serviceUrl) {
                    return new Auth\LOAN3WebAuthentication($serviceUrl);
                };
                break;
            default:
                throw new Exception("Unknown pica authentication module: '{$module}'");
        }
        $this->attrmap = $configuration->getArray('attrmap', array());
    }

    /**
     * {@inheritDoc}
     */
    protected function login ($username, $password)
    {
        $module = $this->getAuthenticationModule();
        $attributes = $module->authenticate($username, $password);
        if ($attributes === false) {
            throw new SimpleSAML_Error_Error('WRONGUSERPASS');
        }
        return $this->normalize($attributes);
    }

    /**
     * Return normalized attributes.
     *
     * @param  array $attributes
     * @return array
     */
    private function normalize (array $attributes)
    {
        $normalized = array();
        foreach ($this->attrmap as $from => $to) {
            if (array_key_exists($from, $attributes)) {
                $normalized[$to] = (array)$attributes[$from];
            }
        }
        return $normalized;
    }

    /**
     * Return pica authentication module.
     *
     * @return Auth\AuthenticationInterface
     */
    private function getAuthenticationModule ()
    {
        return call_user_func($this->factory);
    }
}