Skip to content
This repository was archived by the owner on Sep 19, 2022. It is now read-only.

Commit df2ffc9

Browse files
author
Dominik František Bučík
authored
Merge pull request #41 from BaranekD/updateUserExtSource
Update user ext source
2 parents 0bd11f6 + f37bfa7 commit df2ffc9

File tree

5 files changed

+164
-0
lines changed

5 files changed

+164
-0
lines changed

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ All notable changes to this project will be documented in this file.
1313
- Added new model Resource
1414
- New methods for getting data from Perun LDAP and Perun RPC
1515
- Added function for generating metadata for SimpleSAMLphp Proxy AAI from Perun
16+
- Added UpdateUserExtSource filter
1617

1718
[Changed]
1819
- Connectors methods are not static for now.

lib/Adapter.php

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -131,6 +131,31 @@ public abstract function searchFacilitiesByAttributeValue($attribute);
131131
*/
132132
public abstract function getFacilityAttributes($facility, $attrNames);
133133

134+
/**
135+
* @param $extSourceName string name of ext source
136+
* @param $extSourceLogin string login
137+
* @return array user ext source
138+
*/
139+
public abstract function getUserExtSource($extSourceName, $extSourceLogin);
140+
141+
/**
142+
* @param $userExtSource array ext source
143+
*/
144+
public abstract function updateUserExtSourceLastAccess($userExtSource);
145+
146+
/**
147+
* @param $userExtSourceId int userExtSourceId
148+
* @param $attributes array attributes
149+
* @return array attributes
150+
*/
151+
public abstract function getUserExtSourceAttributes($userExtSourceId, $attributes);
152+
153+
/**
154+
* @param $userExtSourceId int userExtSourceId
155+
* @param $attributes array attributes
156+
*/
157+
public abstract function setUserExtSourceAttributes($userExtSourceId, $attributes);
158+
134159
/**
135160
* @param sspmod_perun_model_HasId[] $entities
136161
* @return sspmod_perun_model_HasId[] without duplicates

lib/AdapterLdap.php

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -213,6 +213,26 @@ public function getFacilityAttributes($facility, $attrNames)
213213
// TODO: Implement getFacilityAttributes() method.
214214
}
215215

216+
public function getUserExtSource($extSourceName, $extSourceLogin)
217+
{
218+
// TODO: Implement getUserExtSource() method.
219+
}
220+
221+
public function updateUserExtSourceLastAccess($userExtSource)
222+
{
223+
// TODO: Implement updateUserExtSourceLastAccess() method.
224+
}
225+
226+
public function getUserExtSourceAttributes($userExtSourceId, $attrNames)
227+
{
228+
// TODO: Implement getAttributes() method.
229+
}
230+
231+
public function setUserExtSourceAttributes($userExtSourceId, $attributes)
232+
{
233+
// TODO: Implement setAttributes() method.
234+
}
235+
216236
public function getUsersGroupsOnFacility($spEntityId, $userId)
217237
{
218238
$resources = $this->connector->searchForEntities($this->ldapBase,

lib/AdapterRpc.php

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -362,4 +362,33 @@ public function getFacilityAttributes($facility, $attrNames) {
362362
}
363363
return $attributes;
364364
}
365+
366+
public function getUserExtSource($extSourceName, $extSourceLogin) {
367+
return $this->connector->get('usersManager', 'getUserExtSourceByExtLoginAndExtSourceName', array(
368+
"extSourceName" => $extSourceName,
369+
"extSourceLogin" => $extSourceLogin
370+
));
371+
}
372+
373+
public function updateUserExtSourceLastAccess($userExtSource) {
374+
$this->connector->post( 'usersManager', 'updateUserExtSourceLastAccess', array(
375+
"userExtSource" => $userExtSource
376+
));
377+
}
378+
379+
public function getUserExtSourceAttributes($userExtSourceId, $attrNames)
380+
{
381+
return $this->connector->get('attributesManager', 'getAttributes', array(
382+
"userExtSource" => $userExtSourceId,
383+
"attrNames" => $attrNames
384+
));
385+
}
386+
387+
public function setUserExtSourceAttributes($userExtSourceId, $attributes)
388+
{
389+
$this->connector->post('attributesManager', 'setAttributes', array(
390+
"userExtSource" => $userExtSourceId,
391+
"attributes" => $attributes
392+
));
393+
}
365394
}

lib/Auth/Process/UpdateUserExtSource.php

Lines changed: 89 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,89 @@
1+
<?php
2+
3+
/**
4+
* Class sspmod_perun_Auth_Process_UpdateUserExtSource
5+
*
6+
* This filter updates userExtSource attributes when he logs in.
7+
*
8+
* @author Dominik Baránek <[email protected]>
9+
*/
10+
class sspmod_perun_Auth_Process_UpdateUserExtSource extends SimpleSAML_Auth_ProcessingFilter
11+
{
12+
private $attrMap;
13+
private $attrsToConversion;
14+
private $adapter;
15+
const UES_ATTR_NMS = 'urn:perun:ues:attribute-def:def:';
16+
17+
public function __construct($config, $reserved)
18+
{
19+
parent::__construct($config, $reserved);
20+
21+
assert('is_array($config)');
22+
23+
if (!isset($config['attrMap'])) {
24+
throw new SimpleSAML_Error_Exception("perun:UpdateUserExtSource: missing mandatory configuration option 'attrMap'.");
25+
}
26+
27+
if (isset($config['arrayToStringConversion'])) {
28+
$this->attrsToConversion = (array) $config['arrayToStringConversion'];
29+
} else {
30+
$this->attrsToConversion = array();
31+
}
32+
33+
$this->attrMap = (array)$config['attrMap'];
34+
$this->adapter = sspmod_perun_Adapter::getInstance(sspmod_perun_Adapter::RPC);
35+
}
36+
37+
public function process(&$request)
38+
{
39+
assert('is_array($request)');
40+
try {
41+
$userExtSource = $this->adapter->getUserExtSource($request['Attributes']['sourceIdPEntityID'][0], $request['Attributes']['sourceIdPEppn'][0]);
42+
if (is_null($userExtSource)) {
43+
throw new SimpleSAML_Error_Exception("sspmod_perun_Auth_Process_UpdateUserExtSource: there is no UserExtSource with ExtSource " . $request['Attributes']['sourceIdPEntityID'][0] . " and Login " . $request['Attributes']['sourceIdPEppn'][0]);
44+
}
45+
46+
$attributes = $this->adapter->getUserExtSourceAttributes($userExtSource['id'], array_keys($this->attrMap));
47+
48+
if (is_null($attributes)) {
49+
throw new SimpleSAML_Error_Exception("sspmod_perun_Auth_Process_UpdateUserExtSource: getting attributes was not successful.");
50+
}
51+
52+
$attributesToUpdate = array();
53+
foreach ($attributes as $attribute) {
54+
$attr = $request['Attributes'][$this->attrMap[self::UES_ATTR_NMS . $attribute['friendlyName']]];
55+
56+
if (in_array(self::UES_ATTR_NMS . $attribute['friendlyName'], $this->attrsToConversion)) {
57+
$arrayAsString = array();
58+
foreach ($attr as $value) {
59+
$arrayAsString[0] .= $value . ';';
60+
}
61+
if (!empty($arrayAsString[0])) {
62+
$arrayAsString[0] = substr($arrayAsString[0], 0, -1);
63+
}
64+
$attr = $arrayAsString;
65+
}
66+
67+
if (strpos($attribute['type'], 'String') || strpos($attribute['type'], 'Integer') || strpos($attribute['type'], 'Boolean')) {
68+
$valueFromIdP = $attr[0];
69+
70+
} elseif (strpos($attribute['type'], 'Array') || strpos($attribute['type'], 'Map')) {
71+
$valueFromIdP = $attr;
72+
} else {
73+
throw new SimpleSAML_Error_Exception("sspmod_perun_Auth_Process_UpdateUserExtSource: unsupported type of attribute.");
74+
}
75+
if ($valueFromIdP != $attribute['value']) {
76+
$attribute['value'] = $valueFromIdP;
77+
array_push($attributesToUpdate, $attribute);
78+
}
79+
}
80+
81+
if (!empty($attributesToUpdate)) {
82+
$this->adapter->setUserExtSourceAttributes($userExtSource['id'], $attributesToUpdate);
83+
}
84+
$this->adapter->updateUserExtSourceLastAccess($userExtSource['id']);
85+
} catch (Exception $ex) {
86+
SimpleSAML\Logger::warning("sspmod_perun_Auth_Process_UpdateUserExtSource: update was not successful: " . $ex->getMessage() . " Skip to next filter.");
87+
}
88+
}
89+
}

0 commit comments

Comments
 (0)