Skip to content
Snippets Groups Projects
Commit c7ae7d5c authored by Sonia Zorba's avatar Sonia Zorba
Browse files

sso 2019 changes

parent b0d644d5
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
auth/oauth2/linkedin_login.php
+ 1
1
View file @ c7ae7d5c
......@@ -34,7 +34,7 @@ $url = "https://www.linkedin.com/oauth/v2/authorization?response_type=code";
$url .= "&client_id=" . $LinkedIn['id'];
$url .= "&redirect_uri=" . $LinkedIn['callback'];
$url .= "&state=789654123";
$url .= "&scope=r_basicprofile r_emailaddress";
$url .= "&scope=r_liteprofile%20r_emailaddress%20w_member_social";
header("Location: $url");
?>
auth/oauth2/linkedin_token.php
+ 32
4
View file @ c7ae7d5c
......@@ -82,7 +82,7 @@ if ($info1['http_code'] === 200) {
// Call to API
$conn2 = curl_init();
curl_setopt($conn2, CURLOPT_URL, "https://api.linkedin.com/v1/people/~:(first-name,last-name,email-address,id)?format=json");
curl_setopt($conn2, CURLOPT_URL, "https://api.linkedin.com/v2/me");
curl_setopt($conn2, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer ' . $access_token
));
......@@ -107,13 +107,41 @@ if ($info2['http_code'] === 200) {
$user = $userHandler->findUserByIdentity(RAP\Identity::LINKEDIN, $typedId);
if ($user === null) {
// Recall to API for email
$conn2 = curl_init();
curl_setopt($conn2, CURLOPT_URL, "https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))");
curl_setopt($conn2, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer ' . $access_token
));
curl_setopt($conn2, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($conn2);
$info2 = curl_getinfo($conn2);
if ($info2['http_code'] === 200) {
$data2 = json_decode($result, TRUE);
curl_close($conn2);
if (isset($data['errorCode'])) {
$errorMessage = $data['message'];
die($errorMessage);
}
} else {
//show information regarding the error
$errorMessage = "Error: LinkedIn server response code: " . $info2['http_code'] . " - ";
$errorMessage = $errorMessage . curl_error($conn2);
curl_close($conn2);
die($errorMessage);
}
// Create new user
$user = new RAP\User();
$identity = new RAP\Identity(RAP\Identity::LINKEDIN);
$identity->email = $data['emailAddress'];
$identity->name = $data['firstName'];
$identity->surname = $data['lastName'];
$identity->email = $data2['elements'][0]['handle~']['emailAddress'];
$identity->name = $data['localizedFirstName'];
$identity->surname = $data['localizedLastName'];
$identity->typedId = $typedId;
$user->addIdentity($identity);
......
classes/CallbackHandler.php
+ 21
0
View file @ c7ae7d5c
......@@ -91,6 +91,27 @@ class CallbackHandler {
return null;
}
/**
* Each callback has a title,a logo and auth in order to avoid confusion in
* user and show in which application they are logging in using RAP.
* @param type $callbackURL
* @return type the callback auth or null if the callback URL is not listed
* in configuration file or it doesn't have a auth.
*/
public function getCallbackAuth($callbackURL) {
foreach ($this->callbacks as $callback) {
if ($callback['url'] === $callbackURL) {
if (array_key_exists('auth', $callback)) {
return $callback['auth'];
} else {
return null;
}
}
}
return null;
}
public function manageLoginRedirect($user, SessionData $session) {
if ($session->getCallbackURL() === null) {
......
classes/SessionData.php
+ 6
0
View file @ c7ae7d5c
......@@ -34,6 +34,7 @@ class SessionData {
private $callbackURL;
private $callbackTitle;
private $callbackLogo;
private $callbackAuth;
public $user;
public $userSearchResults;
public $x509DataToRegister;
......@@ -75,6 +76,7 @@ class SessionData {
$this->callbackURL = $callbackHandler->filterCallbackURL($callbackURL);
$this->callbackTitle = $callbackHandler->getCallbackTitle($callbackURL);
$this->callbackLogo = $callbackHandler->getCallbackLogo($callbackURL);
$this->callbackAuth = $callbackHandler->getCallbackAuth($callbackURL);
$this->save();
}
......@@ -90,6 +92,10 @@ class SessionData {
return $this->callbackLogo;
}
public function getCallbackAuth() {
return $this->callbackAuth;
}
/**
* Perform a user search and store the results inside the session. This is
* used for achieving the user selection using the dropdown menu in the join
......
views/index.php
+ 51
9
View file @ c7ae7d5c
......@@ -18,9 +18,16 @@ include 'include/header.php';
</h1>
</div>
</div>
<?php
if ($session->getCallbackAuth() != null) {
$authType = $session->getCallbackAuth();
}
?>
<div class="row" id="auth-panel">
<div class="col-xs-12 text-center">
<?php if (isset($auth['eduGAIN'])) { ?>
<?php if (isset($auth['eduGAIN']) and
( !isset($authType) or in_array('eduGAIN', $authType))) { ?>
<div class="home-box">
<div class="img-wrapper">
<a href="edugain?callback=<?php echo $session->getCallbackURL(); ?>">
......@@ -33,26 +40,60 @@ include 'include/header.php';
<?php if (isset($auth['Google']) || isset($auth['Facebook']) || isset($auth['LinkedIn'])) { ?>
<div class="home-box">
<div class="img-wrapper">
<?php if (isset($auth['Google'])) { ?>
<?php if (isset($auth['Google']) and
( !isset($authType) or
in_array('Google', $authType))) { ?>
<a href="google?callback=<?php echo $session->getCallbackURL(); ?>" class="animated pulse">
<?php if ((isset($auth['Facebook']) and
( !isset($authType) or
in_array('Facebook', $authType))) or
(isset($auth['LinkedIn']) and
( !isset($authType) or
in_array('LinkedIn', $authType)))) { ?>
<img src="img/google-60.png" alt="Google Logo" />
</a>
<?php } ?>
<?php if (isset($auth['Facebook'])) { ?>
<?php } else {?>
<img src="img/google-200.png" alt="Google Logo" />
</a>
<?php } } ?>
<?php if (isset($auth['Facebook']) and
( !isset($authType) or
in_array('Facebook', $authType))) { ?>
<a href="facebook?callback=<?php echo $session->getCallbackURL(); ?>">
<?php if ((isset($auth['Google']) and
( !isset($authType) or
in_array('Google', $authType))) or
(isset($auth['LinkedIn']) and
( !isset($authType) or
in_array('LinkedIn', $authType)))) { ?>
<img src="img/facebook-60.png" alt="Facebook Logo" />
</a>
<?php } ?>
<?php if (isset($auth['LinkedIn'])) { ?>
<?php } else {?>
<img src="img/facebook-200.png" alt="Facebook Logo" />
</a>
<?php } } ?>
<?php if (isset($auth['LinkedIn']) and
( !isset($authType) or
in_array('LinkedIn', $authType))) { ?>
<a href="linkedin?callback=<?php echo $session->getCallbackURL(); ?>">
<?php if ((isset($auth['Facebook']) and
( !isset($authType) or
in_array('Facebook', $authType))) or
(isset($auth['Google']) and
( !isset($authType) or
in_array('Google', $authType)))) { ?>
<img src="img/linkedin-60.png" alt="LinkedIn Logo" />
</a>
<?php } ?>
<?php } else {?>
<img src="img/linkedin-200.png" alt="LinkedIn Logo" />
</a>
<?php } } ?>
</div>
Use these Logos to Login or Register to the RAP facility with your social identity
</div>
<?php } ?>
<?php if (isset($auth['X.509'])) { ?>
<?php if (isset($auth['X.509']) and
( !isset($authType) or in_array('X.509', $authType))) { ?>
<div class="home-box">
<div class="img-wrapper">
<a href="x509?callback=<?php echo $session->getCallbackURL(); ?>">
......@@ -62,7 +103,8 @@ include 'include/header.php';
Use the X.509 Logo to Login with your personal certificate (IGTF and TERENA-TACAR, are allowed).
</div>
<?php } ?>
<?php if (isset($auth['DirectIdP'])) { ?>
<?php if (isset($auth['DirectIdP']) and (!isset($authType) or
in_array('DirectIdP', $authType))) { ?>
<div class="home-box">
<div class="img-wrapper">
<a href="direct?callback=<?php echo $session->getCallbackURL(); ?>">
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment