diff --git a/Module.php b/Module.php index e20a32ae2a40dca38c63717ab8c23fbf5546f0e1..405c9bec5469705015219ae29ba1d60b7eded585 100644 --- a/Module.php +++ b/Module.php @@ -69,7 +69,7 @@ class Module implements ConfigProviderInterface, ViewHelperProviderInterface, Se $options = $services->get('unicaen-auth_module_options'); // si l'auth CAS est demandée, modif de la route de connexion pour zapper le formulaire - if ($options->getCasAuthenticationActivated()) { + if ($options->getCas()) { /* @var $router \Zend\Mvc\Router\Http\TreeRouteStack */ $router = $services->get('router'); $router->addRoutes(array( @@ -78,7 +78,7 @@ class Module implements ConfigProviderInterface, ViewHelperProviderInterface, Se 'type' => 'Literal', 'priority' => 1000, 'options' => array( - 'route' => '/utilisateur', + 'route' => '/auth', 'defaults' => array( 'controller' => 'zfcuser', 'action' => 'index', @@ -156,40 +156,40 @@ class Module implements ConfigProviderInterface, ViewHelperProviderInterface, Se { return array( 'factories' => array( - 'unicaen-auth_module_options' => function($sm) { - $config = $sm->get('Configuration'); - return new Options\ModuleOptions(isset($config['unicaen-auth']) ? $config['unicaen-auth'] : array()); - }, - 'UnicaenAuth\Authentication\Adapter\Db' => function() { - return new Authentication\Adapter\Db(); - }, - 'UnicaenAuth\Authentication\Adapter\Ldap' => function() { - return new Authentication\Adapter\Ldap(); - }, - 'UnicaenAuth\Authentication\Adapter\Cas' => function() { - return new Authentication\Adapter\Cas(); - }, - 'UnicaenAuth\Authentication\Storage\Db' => function() { - return new Authentication\Storage\Db(); - }, - 'UnicaenAuth\Authentication\Storage\Ldap' => function() { - return new Authentication\Storage\Ldap(); - }, +// 'unicaen-auth_module_options' => function($sm) { +// $config = $sm->get('Configuration'); +// return new Options\ModuleOptions(isset($config['unicaen-auth']) ? $config['unicaen-auth'] : array()); +// }, +// 'UnicaenAuth\Authentication\Adapter\Db' => function() { +// return new Authentication\Adapter\Db(); +// }, +// 'UnicaenAuth\Authentication\Adapter\Ldap' => function() { +// return new Authentication\Adapter\Ldap(); +// }, +// 'UnicaenAuth\Authentication\Adapter\Cas' => function() { +// return new Authentication\Adapter\Cas(); +// }, +// 'UnicaenAuth\Authentication\Storage\Db' => function() { +// return new Authentication\Storage\Db(); +// }, +// 'UnicaenAuth\Authentication\Storage\Ldap' => function() { +// return new Authentication\Storage\Ldap(); +// }, 'unicaen-auth_user_service' => function () { return new Service\User(); }, - 'zfcuser_auth_service' => function ($sm) { - return new \Zend\Authentication\AuthenticationService( - $sm->get('UnicaenAuth\Authentication\Storage\Mixed'), - $sm->get('ZfcUser\Authentication\Adapter\AdapterChain') - ); - }, - 'UnicaenAuth\Authentication\Storage\Mixed' => function($sm) { - $storage = new Authentication\Storage\Mixed(); - $storage->setLdapStorage($sm->get('UnicaenAuth\Authentication\Storage\Ldap')) - ->setDbStorage($sm->get('UnicaenAuth\Authentication\Storage\Db')); - return $storage; - }, +// 'zfcuser_auth_service' => function ($sm) { +// return new \Zend\Authentication\AuthenticationService( +// $sm->get('UnicaenAuth\Authentication\Storage\Mixed'), +// $sm->get('ZfcUser\Authentication\Adapter\AdapterChain') +// ); +// }, +// 'UnicaenAuth\Authentication\Storage\Mixed' => function($sm) { +// $storage = new Authentication\Storage\Mixed(); +// $storage->setLdapStorage($sm->get('UnicaenAuth\Authentication\Storage\Ldap')) +// ->setDbStorage($sm->get('UnicaenAuth\Authentication\Storage\Db')); +// return $storage; +// }, 'ZfcUser\Authentication\Adapter\AdapterChain' => 'UnicaenAuth\Authentication\Adapter\AdapterChainServiceFactory', ), ); diff --git a/config/module.config.php b/config/module.config.php index 64ddeb943d69e8b31fc1a1f9b1f6c984b8e2e711..7adb67e66331174089066b33ec8510a5d7a2dee4 100644 --- a/config/module.config.php +++ b/config/module.config.php @@ -45,22 +45,60 @@ $zfcuserSettings = array( * Accepted values: boolean true or false */ 'enable_display_name' => true, -// /** -// * Authentication Adapters -// * Specify the adapters that will be used to try and authenticate the user -// * Default value: array containing 'ZfcUser\Authentication\Adapter\Db' with priority 100 -// * Accepted values: array containing services that implement 'ZfcUser\Authentication\Adapter\ChainableAdapter' -// */ -// 'auth_adapters' => array( -//// 300 => 'UnicaenAuth\Authentication\Adapter\Cas', -// 200 => 'UnicaenAuth\Authentication\Adapter\Ldap', -//// 100 => 'UnicaenAuth\Authentication\Adapter\Db', -// ), + /** + * Authentication Adapters + * Specify the adapters that will be used to try and authenticate the user + * Default value: array containing 'ZfcUser\Authentication\Adapter\Db' with priority 100 + * Accepted values: array containing services that implement 'ZfcUser\Authentication\Adapter\ChainableAdapter' + */ + 'auth_adapters' => array( +// 100 => 'UnicaenAuth\Authentication\Service\StrategyService', + 300 => 'UnicaenAuth\Authentication\Adapter\Ldap', // notifié en 1er + 200 => 'UnicaenAuth\Authentication\Adapter\Db', // 2e (si échec d'authentification Ldap) + 100 => 'UnicaenAuth\Authentication\Adapter\Cas', // 3e (si échec d'authentification Db) + ), ); return array( 'zfcuser' => $zfcuserSettings, 'unicaen-auth' => $settings, + 'service_manager' => array( + 'factories' => array( + 'unicaen-auth_module_options' => function(Zend\ServiceManager\ServiceLocatorInterface $serviceLocator) { + $config = $serviceLocator->get('Config'); + return new UnicaenAuth\Options\ModuleOptions(array_merge($config['zfcuser'], $config['unicaen-auth'])); + }, + 'UnicaenAuth\Authentication\Adapter\Cas' => function() { + return new UnicaenAuth\Authentication\Adapter\Cas(); + }, + 'UnicaenAuth\Authentication\Adapter\Ldap' => function() { + return new UnicaenAuth\Authentication\Adapter\Ldap(); + }, + 'UnicaenAuth\Authentication\Adapter\Db' => function() { + return new UnicaenAuth\Authentication\Adapter\Db(); + }, + 'UnicaenAuth\Authentication\Storage\Db' => function() { + return new UnicaenAuth\Authentication\Storage\Db(); + }, + 'UnicaenAuth\Authentication\Storage\Ldap' => function() { + return new UnicaenAuth\Authentication\Storage\Ldap(); + }, + 'UnicaenAuth\Authentication\Storage\LdapDb' => function(Zend\ServiceManager\ServiceLocatorInterface $serviceLocator) { + $storage = new UnicaenAuth\Authentication\Storage\LdapDb(); + $storage->setLdapStorage($serviceLocator->get('UnicaenAuth\Authentication\Storage\Ldap')) + ->setDbStorage( $serviceLocator->get('UnicaenAuth\Authentication\Storage\Db')); + return $storage; + }, + 'zfcuser_auth_service' => function (Zend\ServiceManager\ServiceLocatorInterface $serviceLocator) { + return new \Zend\Authentication\AuthenticationService( + $serviceLocator->get('UnicaenAuth\Authentication\Storage\LdapDb'), + $serviceLocator->get('ZfcUser\Authentication\Adapter\AdapterChain') + ); + }, + 'UnicaenAuth\Authentication\Service\StrategyService' => 'UnicaenAuth\Authentication\Service\StrategyServiceFactory', + 'UnicaenAuth\Authentication\Strategy\Strategy' => 'UnicaenAuth\Authentication\Strategy\StrategyFactory', + ), + ), 'controllers' => array( 'invokables' => array( 'unicaen-auth' => 'UnicaenAuth\Controller\UtilisateurController', @@ -103,7 +141,7 @@ return array( 'type' => 'Literal', 'priority' => 1000, 'options' => array( - 'route' => '/utilisateur', + 'route' => '/auth', 'defaults' => array( 'controller' => 'zfcuser', 'action' => 'index', diff --git a/config/module.unicaen-auth.local.php.dist b/config/module.unicaen-auth.local.php.dist index 629078c09fd73b9f34811d1c7ed718b70737676a..a3cc2e9895fdfc5b6cadc873b48310e5da93c13c 100644 --- a/config/module.unicaen-auth.local.php.dist +++ b/config/module.unicaen-auth.local.php.dist @@ -7,18 +7,22 @@ */ $settings = array( /** - * Activation ou non de l'authentification CAS. + * Paramètres de connexion au serveur CAS : + * - pour désactiver l'authentification CAS, le tableau 'cas' doit être vide. + * - pour l'activer, renseigner les paramètres. */ - 'cas_authentication_activated' => false, - /** - * Connexion au serveur CAS. - */ - 'cas_connection_infos' => array( - 'hostname' => 'cas.unicaen.fr', - 'port' => 443, - 'version' => "2.0", - 'uri' => "", - 'debug' => false, + 'cas' => array( +// 'connection' => array( +// 'default' => array( +// 'params' => array( +// 'hostname' => 'cas.unicaen.fr', +// 'port' => 443, +// 'version' => "2.0", +// 'uri' => "", +// 'debug' => false, +// ), +// ), +// ), ), /** * Mot de passe sésame, chiffré avec l'algo Bcrypt @@ -30,15 +34,13 @@ $settings = array( * Flag indiquant si l'utilisateur authenitifié avec succès via l'annuaire LDAP doit * être enregistré/mis à jour dans la table des utilisateurs de l'appli. */ - 'save_ldap_user_in_database' => true, -); -$zfcuserSettings = array( + 'save_ldap_user_in_database' => false, /** * Enable registration * Allows users to register through the website. * Accepted values: boolean true or false */ - 'enable_registration' => true, + 'enable_registration' => false, ); /** @@ -46,5 +48,7 @@ $zfcuserSettings = array( */ return array( 'unicaen-auth' => $settings, - 'zfcuser' => $zfcuserSettings, + 'zfcuser' => array( + $k='enable_registration' => isset($settings[$k]) ? $settings[$k] : false, + ), ); diff --git a/src/UnicaenAuth/Authentication/Adapter/Cas.php b/src/UnicaenAuth/Authentication/Adapter/Cas.php index ea24627b9d565d062d2e956c3fdfcb89da37b2db..61d10a8f0c1a726b5894f19922db273ab24e6070 100644 --- a/src/UnicaenAuth/Authentication/Adapter/Cas.php +++ b/src/UnicaenAuth/Authentication/Adapter/Cas.php @@ -1,19 +1,40 @@ <?php namespace UnicaenAuth\Authentication\Adapter; +use UnicaenAuth\Options\ModuleOptions; use Zend\Authentication\Exception\UnexpectedValueException; use Zend\Authentication\Result as AuthenticationResult; -use \ZfcUser\Authentication\Adapter\AdapterChainEvent as AuthEvent; -use \ZfcUser\Authentication\Adapter\ChainableAdapter; +use Zend\EventManager\EventManager; +use Zend\EventManager\EventManagerAwareInterface; +use Zend\EventManager\EventManagerInterface; +use Zend\ServiceManager\ServiceManager; +use Zend\ServiceManager\ServiceManagerAwareInterface; +use ZfcUser\Authentication\Adapter\AbstractAdapter; +use ZfcUser\Authentication\Adapter\AdapterChainEvent as AuthEvent; +use ZfcUser\Authentication\Adapter\ChainableAdapter; /** * CAS authentication adpater * * @author Bertrand GAUTHIER <bertrand.gauthier@unicaen.fr> */ -class Cas extends Ldap +class Cas extends AbstractAdapter implements ServiceManagerAwareInterface, EventManagerAwareInterface { + /** + * @var ServiceManager + */ + protected $serviceManager; + + /** + * @var EventManager + */ + protected $eventManager; + /** + * @var ModuleOptions + */ + protected $options; + /** * * @param AuthEvent $e @@ -23,24 +44,28 @@ class Cas extends Ldap */ public function authenticate(AuthEvent $e) { + $config = $this->getOptions()->getCas(); + if (!$config) { + return; // NB: l'authentification CAS est désactivée ssi le tableau des options est vide + } + error_reporting($oldErrorReporting = error_reporting() & ~E_NOTICE); require_once __VENDOR_DIR__ . '/gorg/phpcas/CAS.php'; + + if (!isset($config['connection']['default']['params'])) { + throw new \UnicaenApp\Exception("Les paramètres de connexion au serveur CAS sont invalides."); + } + $options = $config['connection']['default']['params']; - $infos = $this->getOptions()->getCasConnectionInfos(); - - if (array_key_exists('debug', $infos) && (bool) $infos['debug']) { + if (array_key_exists('debug', $options) && (bool) $options['debug']) { \phpCAS::setDebug(); } // initialize phpCAS - \phpCAS::client( - $infos['version'], $infos['hostname'], $infos['port'], $infos['uri'], true - ); - + \phpCAS::client($options['version'], $options['hostname'], $options['port'], $options['uri'], true); // no SSL validation for the CAS server \phpCAS::setNoCasServerValidation(); - \phpCAS::forceAuthentication(); // at this step, the user has been authenticated by the CAS server @@ -50,10 +75,10 @@ class Cas extends Ldap error_reporting($oldErrorReporting); - // nécessaire pour que le "base DN" de l'objet \Zend\Ldap\Ldap soit bien initialisé - $this->getLdapAdapter()->setUsername($identity) - ->setPassword('xxx') // peu importe mais pas null - ->authenticate(); +// // nécessaire pour que le "base DN" de l'objet \Zend\Ldap\Ldap soit bien initialisé +// $this->getLdapAdapter()->setUsername($identity) +// ->setPassword('xxx') // peu importe mais pas null +// ->authenticate(); $e->setIdentity($identity); $this->setSatisfied(true); @@ -70,4 +95,69 @@ class Cas extends Ldap return true; } + /** + * @param ModuleOptions $options + */ + public function setOptions(ModuleOptions $options) + { + $this->options = $options; + } + + /** + * @return ModuleOptions + */ + public function getOptions() + { + if (!$this->options instanceof ModuleOptions) { + $options = array_merge( + $this->getServiceManager()->get('zfcuser_module_options')->toArray(), + $this->getServiceManager()->get('unicaen-auth_module_options')->toArray()); + $this->setOptions(new ModuleOptions($options)); + } + return $this->options; + } + + /** + * Get service manager + * + * @return ServiceManager + */ + public function getServiceManager() + { + return $this->serviceManager; + } + + /** + * Set service manager + * + * @param ServiceManager $serviceManager + * @return Ldap + */ + public function setServiceManager(ServiceManager $serviceManager) + { + $this->serviceManager = $serviceManager; + return $this; + } + + /** + * Retrieve EventManager instance + * + * @return EventManagerInterface + */ + public function getEventManager() + { + return $this->eventManager; + } + + /** + * Inject an EventManager instance + * + * @param EventManagerInterface $eventManager + * @return Ldap + */ + public function setEventManager(EventManagerInterface $eventManager) + { + $this->eventManager = $eventManager; + return $this; + } } \ No newline at end of file diff --git a/src/UnicaenAuth/Authentication/Adapter/Db.php b/src/UnicaenAuth/Authentication/Adapter/Db.php index dcaeac11e7189fa1ca25a16bede9095cd552212a..342a722bd9c32bc96f2d3c0efced418ea1ff5005 100644 --- a/src/UnicaenAuth/Authentication/Adapter/Db.php +++ b/src/UnicaenAuth/Authentication/Adapter/Db.php @@ -3,10 +3,11 @@ namespace UnicaenAuth\Authentication\Adapter; use UnicaenApp\Exception; use UnicaenAuth\Authentication\Adapter\Db; -use UnicaenAuth\Options\AuthenticationOptionsInterface; +use UnicaenAuth\Options\ModuleOptions; use Zend\Authentication\Result as AuthenticationResult; use Zend\Crypt\Password\Bcrypt; -use ZfcUser\Authentication\Adapter\AdapterChainEvent; +use Zend\ServiceManager\ServiceManager; +use Zend\ServiceManager\ServiceManagerAwareInterface; use ZfcUser\Authentication\Adapter\AdapterChainEvent as AuthEvent; use ZfcUser\Entity\UserInterface; @@ -15,22 +16,27 @@ use ZfcUser\Entity\UserInterface; * * @author Bertrand GAUTHIER <bertrand.gauthier@unicaen.fr> */ -class Db extends \ZfcUser\Authentication\Adapter\Db +class Db extends \ZfcUser\Authentication\Adapter\Db implements ServiceManagerAwareInterface { /** - * @var AuthenticationOptionsInterface + * @var ServiceManager */ - protected $unicaenUserOptions; + protected $serviceManager; /** * Authentification. * - * @param AdapterChainEvent $e + * @param AuthEvent $e * @return boolean */ public function authenticate(AuthEvent $e) { - $result = parent::authenticate($e); + try { + $result = parent::authenticate($e); + } + catch (\PDOException $e) { + return false; + } // Failure, try sesame if (false === $result) { @@ -43,7 +49,7 @@ class Db extends \ZfcUser\Authentication\Adapter\Db //$credential = $this->preProcessCredential($credential); $bcrypt = new Bcrypt(); $bcrypt->setCost($this->getOptions()->getPasswordCost()); - if (($sesame = $this->getUnicaenAuthOptions()->getSesamePassword()) && $bcrypt->verify($credential, $sesame)) { + if (($sesame = $this->getOptions()->getSesamePassword()) && $bcrypt->verify($credential, $sesame)) { // Success! $e->setIdentity($userObject->getId()); $this->checkIfBcryptCostHasChanged($sesame, $bcrypt); @@ -101,28 +107,45 @@ class Db extends \ZfcUser\Authentication\Adapter\Db } return $this; } - + /** - * Spécifie les options de config de ce module. - * - * @param AuthenticationOptionsInterface $options + * @param ModuleOptions $options */ - public function setUnicaenAuthOptions(AuthenticationOptionsInterface $options) + public function setOptions(ModuleOptions $options) { - $this->unicaenUserOptions = $options; + $this->options = $options; } /** - * Retourne les options de config de ce module. - * - * @return AuthenticationOptionsInterface + * @return ModuleOptions */ - public function getUnicaenAuthOptions() + public function getOptions() { - if (!$this->unicaenUserOptions instanceof AuthenticationOptionsInterface) { - $this->setUnicaenAuthOptions($this->getServiceManager()->get('unicaen-auth_module_options')); + if (!$this->options instanceof ModuleOptions) { + $this->setOptions($this->getServiceManager()->get('unicaen-auth_module_options')); } - return $this->unicaenUserOptions; + return $this->options; + } + + /** + * Get service manager + * + * @return ServiceManager + */ + public function getServiceManager() + { + return $this->serviceManager; } + /** + * Set service manager + * + * @param ServiceManager $serviceManager + * @return Ldap + */ + public function setServiceManager(ServiceManager $serviceManager) + { + $this->serviceManager = $serviceManager; + return $this; + } } \ No newline at end of file diff --git a/src/UnicaenAuth/Authentication/Adapter/Ldap.php b/src/UnicaenAuth/Authentication/Adapter/Ldap.php index fb18a2683467efaea517b05412073f4eeefe38bc..148ce6847eb378a578ff7793ab0e6771f6d4d96f 100644 --- a/src/UnicaenAuth/Authentication/Adapter/Ldap.php +++ b/src/UnicaenAuth/Authentication/Adapter/Ldap.php @@ -1,17 +1,19 @@ <?php namespace UnicaenAuth\Authentication\Adapter; -use UnicaenAuth\Options\AuthenticationOptionsInterface as AuthenticationOptionsInterface; -use Zend\Authentication\Adapter\Ldap as LdapAdapter; +use UnicaenAuth\Options\ModuleOptions; use Zend\Authentication\Exception\UnexpectedValueException; use Zend\Authentication\Result as AuthenticationResult; +use Zend\Authentication\Adapter\Ldap as LdapAuthAdapter; +use Zend\Crypt\Password\Bcrypt; +use Zend\EventManager\EventManager; +use Zend\EventManager\EventManagerAwareInterface; +use Zend\EventManager\EventManagerInterface; use Zend\ServiceManager\ServiceManager; use Zend\ServiceManager\ServiceManagerAwareInterface; -use Zend\EventManager\EventManagerInterface; -use Zend\EventManager\EventManagerAwareInterface; -use \ZfcUser\Authentication\Adapter\AbstractAdapter; -use \ZfcUser\Authentication\Adapter\AdapterChainEvent as AuthEvent; -use \ZfcUser\Authentication\Adapter\ChainableAdapter; +use ZfcUser\Authentication\Adapter\AbstractAdapter; +use ZfcUser\Authentication\Adapter\AdapterChainEvent as AuthEvent; +use ZfcUser\Authentication\Adapter\ChainableAdapter; /** * LDAP authentication adpater @@ -20,31 +22,26 @@ use \ZfcUser\Authentication\Adapter\ChainableAdapter; */ class Ldap extends AbstractAdapter implements ServiceManagerAwareInterface, EventManagerAwareInterface { - /** - * @var LdapAdapter - */ - protected $ldapAdapter; - /** * @var ServiceManager */ protected $serviceManager; /** - * @var \Zend\EventManager\EventManager + * @var EventManager */ protected $eventManager; - + /** - * @var AuthenticationOptionsInterface + * @var LdapAuthAdapter */ - protected $options; + protected $ldapAuthAdapter; /** - * @var \ZfcUser\Options\AuthenticationOptionsInterface + * @var ModuleOptions */ - protected $zfcUserOptions; - + protected $options; + /** * * @param AuthEvent $e @@ -62,25 +59,22 @@ class Ldap extends AbstractAdapter implements ServiceManagerAwareInterface, Even return; } - $identity = $e->getRequest()->getPost()->get('identity'); + $username = $e->getRequest()->getPost()->get('identity'); $credential = $e->getRequest()->getPost()->get('credential'); - // username is the only identity source supported - $fields = $this->getZfcUserOptions()->getAuthIdentityFields(); - if ('username' !== ($mode = array_shift($fields))) { - throw new UnexpectedValueException("Username is the only identity source supported by the LDAP adapter."); - } +// // username is the only identity source supported +// $fields = $this->getZfcUserOptions()->getAuthIdentityFields(); +// if ('username' !== ($mode = array_shift($fields))) { +// throw new UnexpectedValueException("Username is the only identity source supported by the LDAP adapter."); +// } // LDAP auth - $this->getLdapAdapter()->setUsername($identity) - ->setPassword($credential); - $result = $this->getLdapAdapter()->authenticate(); + $result = $this->getLdapAuthAdapter()->setUsername($username)->setPassword($credential)->authenticate(); $failure = true; if (!$result->isValid()) { // if account exists but invalid credential, and sesame password used : get LDAP entry manually - if (($sesame = $this->getOptions()->getSesamePassword()) - && AuthenticationResult::FAILURE_CREDENTIAL_INVALID === $result->getCode()) { - $bcrypt = new \Zend\Crypt\Password\Bcrypt(); + if (($sesame = $this->getOptions()->getSesamePassword()) && AuthenticationResult::FAILURE_CREDENTIAL_INVALID === $result->getCode()) { + $bcrypt = new Bcrypt(); if ($bcrypt->verify($credential, $sesame)) { // Sesame password matches $failure = false; @@ -99,7 +93,7 @@ class Ldap extends AbstractAdapter implements ServiceManagerAwareInterface, Even return false; } - $e->setIdentity($identity); + $e->setIdentity($username); $this->setSatisfied(true); $storage = $this->getStorage()->read(); $storage['identity'] = $e->getIdentity(); @@ -115,111 +109,107 @@ class Ldap extends AbstractAdapter implements ServiceManagerAwareInterface, Even } /** - * Retrieve service manager instance - * - * @return ServiceManager + * @param ModuleOptions $options */ - public function getServiceManager() + public function setOptions(ModuleOptions $options) { - return $this->serviceManager; + $this->options = $options; } /** - * Set service manager - * - * @param ServiceManager $serviceManager - * @return Ldap + * @return ModuleOptions */ - public function setServiceManager(ServiceManager $serviceManager) + public function getOptions() { - $this->serviceManager = $serviceManager; - return $this; + if (!$this->options instanceof ModuleOptions) { + $options = array_merge( + $this->getServiceManager()->get('zfcuser_module_options')->toArray(), + $this->getServiceManager()->get('unicaen-auth_module_options')->toArray()); + $this->setOptions(new ModuleOptions($options)); + } + return $this->options; } - + /** - * Retrieve EventManager instance - * - * @return EventManagerInterface + * @return \UnicaenApp\Options\ModuleOptions */ - public function getEventManager() + public function getAppModuleOptions() { - return $this->eventManager; - } - - /** - * Inject an EventManager instance - * - * @param EventManagerInterface $eventManager - * @return Ldap - */ - public function setEventManager(EventManagerInterface $eventManager) - { - $this->eventManager = $eventManager; - return $this; + return $this->getServiceManager()->get('unicaen-app_module_options'); } /** * get ldap connection adapter * - * @return LdapAdapter + * @return LdapAuthAdapter */ - public function getLdapAdapter() + public function getLdapAuthAdapter() { - if (null === $this->ldapAdapter) { - $this->ldapAdapter = new LdapAdapter(); - $this->ldapAdapter->setLdap($this->getServiceManager()->get('ldap_people_service')->getLdap()); + if (null === $this->ldapAuthAdapter) { + $options = array(); + if (($config = $this->getAppModuleOptions()->getLdap())) { + foreach ($config['connection'] as $name => $connection) { + $options[$name] = $connection['params']; + } + } + $this->ldapAuthAdapter = new LdapAuthAdapter($options); // NB: array(array) } - return $this->ldapAdapter; + return $this->ldapAuthAdapter; } /** * set ldap connection adapter * - * @param LdapAdapter $adapter + * @param LdapAuthAdapter $authAdapter * @return Ldap */ - public function setLdapAdapter(LdapAdapter $adapter) + public function setLdapAuthAdapter(LdapAuthAdapter $authAdapter) { - $this->ldapAdapter = $adapter; + $this->ldapAuthAdapter = $authAdapter; return $this; } /** - * @param AuthenticationOptionsInterface $options + * Get service manager + * + * @return ServiceManager */ - public function setOptions(AuthenticationOptionsInterface $options) + public function getServiceManager() { - $this->options = $options; + return $this->serviceManager; } /** - * @return AuthenticationOptionsInterface + * Set service manager + * + * @param ServiceManager $serviceManager + * @return Ldap */ - public function getOptions() + public function setServiceManager(ServiceManager $serviceManager) { - if (!$this->options instanceof AuthenticationOptionsInterface) { - $this->setOptions($this->getServiceManager()->get('unicaen-auth_module_options')); - } - return $this->options; + $this->serviceManager = $serviceManager; + return $this; } - + /** - * @param \ZfcUser\Options\AuthenticationOptionsInterface $options + * Retrieve EventManager instance + * + * @return EventManagerInterface */ - public function setZfcUserOptions(\ZfcUser\Options\AuthenticationOptionsInterface $options) + public function getEventManager() { - $this->zfcUserOptions = $options; + return $this->eventManager; } - + /** - * @return \ZfcUser\Options\AuthenticationOptionsInterface + * Inject an EventManager instance + * + * @param EventManagerInterface $eventManager + * @return Ldap */ - public function getZfcUserOptions() + public function setEventManager(EventManagerInterface $eventManager) { - if (!$this->zfcUserOptions instanceof \ZfcUser\Options\AuthenticationOptionsInterface) { - $this->setZfcUserOptions($this->getServiceManager()->get('zfcuser_module_options')); - } - return $this->zfcUserOptions; + $this->eventManager = $eventManager; + return $this; } - } \ No newline at end of file diff --git a/src/UnicaenAuth/Authentication/Service/StrategyService.php b/src/UnicaenAuth/Authentication/Service/StrategyService.php new file mode 100644 index 0000000000000000000000000000000000000000..91707e015f8de2733c94559dba800820ff5ab5d0 --- /dev/null +++ b/src/UnicaenAuth/Authentication/Service/StrategyService.php @@ -0,0 +1,121 @@ +<?php +namespace UnicaenAuth\Authentication\Service; + +use UnicaenAuth\Authentication\Strategy\StrategyInterface; +use Zend\EventManager\EventManager; +use Zend\EventManager\EventManagerAwareInterface; +use Zend\EventManager\EventManagerInterface; +use Zend\ServiceManager\ServiceManager; +use Zend\ServiceManager\ServiceManagerAwareInterface; +use ZfcUser\Authentication\Adapter\AbstractAdapter; +use ZfcUser\Authentication\Adapter\AdapterChainEvent; + +/** + * + * + * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr> + */ +class StrategyService extends AbstractAdapter implements ServiceManagerAwareInterface, EventManagerAwareInterface +{ + /** + * @var StrategyInterface + */ + protected $strategy; + + /** + * @var ServiceManager + */ + protected $serviceManager; + + /** + * @var EventManager + */ + protected $eventManager; + + /** + * + * @param StrategyInterface $strategy + */ + public function __construct(StrategyInterface $strategy = null) + { + $this->setStrategy($strategy); + } + + /** + * + * @param AdapterChainEvent $e + * @return boolean + */ + public function authenticate(AdapterChainEvent $e) + { + $casAdapter->getEventManager()->attach('userAuthenticated', array($userService, 'userAuthenticated'), 1); + $this->getStrategy()->authenticate($e); + die(__METHOD__); + } + + /** + * + * + * @return StrategyInterface + */ + public function getStrategy() + { + return $this->strategy; + } + + /** + * + * + * @param StrategyInterface $strategy + * @return StrategyService + */ + public function setStrategy(StrategyInterface $strategy) + { + $this->strategy = $strategy; + return $this; + } + + /** + * Retrieve service manager instance + * + * @return ServiceManager + */ + public function getServiceManager() + { + return $this->serviceManager; + } + + /** + * Set service manager + * + * @param ServiceManager $serviceManager + * @return StrategyService + */ + public function setServiceManager(ServiceManager $serviceManager) + { + $this->serviceManager = $serviceManager; + return $this; + } + + /** + * Retrieve EventManager instance + * + * @return EventManagerInterface + */ + public function getEventManager() + { + return $this->eventManager; + } + + /** + * Inject an EventManager instance + * + * @param EventManagerInterface $eventManager + * @return StrategyService + */ + public function setEventManager(EventManagerInterface $eventManager) + { + $this->eventManager = $eventManager; + return $this; + } +} \ No newline at end of file diff --git a/src/UnicaenAuth/Authentication/Service/StrategyServiceFactory.php b/src/UnicaenAuth/Authentication/Service/StrategyServiceFactory.php new file mode 100644 index 0000000000000000000000000000000000000000..d6215a0848420711f20fdf6b0485f1482c06a8a4 --- /dev/null +++ b/src/UnicaenAuth/Authentication/Service/StrategyServiceFactory.php @@ -0,0 +1,25 @@ +<?php +namespace UnicaenAuth\Authentication\Service; + +use Zend\ServiceManager\FactoryInterface; +use Zend\ServiceManager\ServiceLocatorInterface; + +/** + * + * + * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr> + */ +class StrategyServiceFactory implements FactoryInterface +{ + /** + * Create service + * + * @param ServiceLocatorInterface $serviceLocator + * @return mixed + */ + public function createService(ServiceLocatorInterface $serviceLocator) + { + $strategy = $serviceLocator->get('UnicaenAuth\Authentication\Strategy\Strategy'); + return new StrategyService($strategy); + } +} \ No newline at end of file diff --git a/src/UnicaenAuth/Authentication/Storage/Db.php b/src/UnicaenAuth/Authentication/Storage/Db.php index ba6046bec0169bd18ad5c6732bdc9e8d794a1694..153c69d9a46da6e2188839cc455e5ee7e0b31248 100644 --- a/src/UnicaenAuth/Authentication/Storage/Db.php +++ b/src/UnicaenAuth/Authentication/Storage/Db.php @@ -27,10 +27,10 @@ class Db extends \ZfcUser\Authentication\Storage\Db $identity = parent::read(); } catch (\PDOException $pdoe) { - throw new \UnicaenApp\Exception( - "Erreur lors de la recherche de l'utilisateur $id dans la base de données : " . $pdoe->getMessage(), - null, - $pdoe); + // throw new \UnicaenApp\Exception( + // "Erreur lors de la recherche de l'utilisateur $id dans la base de données : " . $pdoe->getMessage(), + // null, + // $pdoe); $identity = null; } if ($identity && !is_scalar($identity)) { @@ -44,10 +44,10 @@ class Db extends \ZfcUser\Authentication\Storage\Db $identity = $this->getMapper()->findByUsername($username); } catch (\PDOException $pdoe) { - throw new \UnicaenApp\Exception( - "Erreur lors de la recherche de l'utilisateur '$username' dans la base de données : " . $pdoe->getMessage(), - null, - $pdoe); + // throw new \UnicaenApp\Exception( + // "Erreur lors de la recherche de l'utilisateur '$username' dans la base de données : " . $pdoe->getMessage(), + // null, + // $pdoe); $identity = null; } } diff --git a/src/UnicaenAuth/Authentication/Storage/Mixed.php b/src/UnicaenAuth/Authentication/Storage/LdapDb.php similarity index 91% rename from src/UnicaenAuth/Authentication/Storage/Mixed.php rename to src/UnicaenAuth/Authentication/Storage/LdapDb.php index 46f06408c78311f24857803419703da20f10159b..ccd4cd44a409e6767df420696c58be11debd4be1 100644 --- a/src/UnicaenAuth/Authentication/Storage/Mixed.php +++ b/src/UnicaenAuth/Authentication/Storage/LdapDb.php @@ -15,7 +15,7 @@ use Zend\ServiceManager\ServiceManagerAwareInterface; * @see Db * @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr> */ -class Mixed implements Storage\StorageInterface, ServiceManagerAwareInterface +class LdapDb implements Storage\StorageInterface, ServiceManagerAwareInterface { /** * @var ServiceManager @@ -117,7 +117,7 @@ class Mixed implements Storage\StorageInterface, ServiceManagerAwareInterface * Set service manager * * @param ServiceManager $serviceManager - * @return Ldap + * @return LdapDb */ public function setServiceManager(ServiceManager $serviceManager) { @@ -140,7 +140,7 @@ class Mixed implements Storage\StorageInterface, ServiceManagerAwareInterface * * @param Db $storage * @access public - * @return Mixed + * @return LdapDb */ public function setDbStorage(Db $storage) { @@ -163,7 +163,7 @@ class Mixed implements Storage\StorageInterface, ServiceManagerAwareInterface * * @param Ldap $storage * @access public - * @return Mixed + * @return LdapDb */ public function setLdapStorage(Ldap $storage) { @@ -172,19 +172,21 @@ class Mixed implements Storage\StorageInterface, ServiceManagerAwareInterface } /** - * @param AuthenticationOptionsInterface $options + * @param ModuleOptions $options + * @return LdapDb */ - public function setOptions(AuthenticationOptionsInterface $options) + public function setOptions(ModuleOptions $options) { $this->options = $options; + return $this; } /** - * @return AuthenticationOptionsInterface + * @return ModuleOptions */ public function getOptions() { - if (!$this->options instanceof AuthenticationOptionsInterface) { + if (null === $this->options) { $this->setOptions($this->getServiceManager()->get('unicaen-auth_module_options')); } return $this->options; diff --git a/src/UnicaenAuth/Entity/Ldap/PeopleAdapter.php b/src/UnicaenAuth/Entity/Ldap/PeopleAdapter.php index 88fc96fb3b06ec10bfa4f47ae6a71aa6fd00774a..f9febf5434e492f42ba1340dee286beeffb51cc8 100644 --- a/src/UnicaenAuth/Entity/Ldap/PeopleAdapter.php +++ b/src/UnicaenAuth/Entity/Ldap/PeopleAdapter.php @@ -131,5 +131,4 @@ class PeopleAdapter extends \UnicaenApp\Entity\Ldap\People implements \ZfcUser\E { throw new \BadMethodCallException("Forbidden!"); } - -} +} \ No newline at end of file diff --git a/src/UnicaenAuth/Options/ModuleOptions.php b/src/UnicaenAuth/Options/ModuleOptions.php index 415e0e8350e77ce2e5203b37a75d0f8a6971a43d..d96fcd1e12de3c41c4bfe6e78663ff58fa6d9b2c 100644 --- a/src/UnicaenAuth/Options/ModuleOptions.php +++ b/src/UnicaenAuth/Options/ModuleOptions.php @@ -1,23 +1,15 @@ <?php namespace UnicaenAuth\Options; -use UnicaenAuth\Options\ModuleOptions; -use Zend\Stdlib\AbstractOptions; - /** * Classe encapsulant les options de fonctionnement du module. * * @author Bertrand GAUTHIER <bertrand.gauthier@unicaen.fr> */ -class ModuleOptions extends AbstractOptions implements AuthenticationOptionsInterface +class ModuleOptions extends \ZfcUser\Options\ModuleOptions// implements AuthenticationOptionsInterface { /** - * Turn off strict options mode - */ - protected $__strictMode__ = false; - - /** - * @var int + * @var string */ protected $sesamePassword; @@ -29,12 +21,7 @@ class ModuleOptions extends AbstractOptions implements AuthenticationOptionsInte /** * @var array */ - protected $casConnectionInfos; - - /** - * @var bool - */ - protected $casAuthenticationActivated = false; + protected $cas = array(); /** * set sesame password @@ -42,7 +29,7 @@ class ModuleOptions extends AbstractOptions implements AuthenticationOptionsInte * @param string $sesamePassword * @return ModuleOptions */ - public function setSesamePassword($sesamePassword) + public function setSesamePassword($sesamePassword = null) { $this->sesamePassword = $sesamePassword; return $this; @@ -67,7 +54,7 @@ class ModuleOptions extends AbstractOptions implements AuthenticationOptionsInte */ public function setSaveLdapUserInDatabase($flag = true) { - $this->saveLdapUserInDatabase = $flag; + $this->saveLdapUserInDatabase = (bool) $flag; return $this; } @@ -81,49 +68,26 @@ class ModuleOptions extends AbstractOptions implements AuthenticationOptionsInte { return $this->saveLdapUserInDatabase; } - - /** - * set cas auth activation flag - * - * @param bool $activated - * @return ModuleOptions - */ - public function setCasAuthenticationActivated($activated = true) - { - $this->casAuthenticationActivated = $activated; - return $this; - } - - /** - * set cas auth activation flag - * - * @return bool - */ - public function getCasAuthenticationActivated() - { - return $this->casAuthenticationActivated; - } /** - * set cas connection informations + * set cas connection params * - * @param array $casConnectionInfos + * @param array $cas * @return ModuleOptions */ - public function setCasConnectionInfos($casConnectionInfos) + public function setCas(array $cas = array()) { - $this->casConnectionInfos = $casConnectionInfos; + $this->cas = $cas; return $this; } /** - * get cas connection informations + * get cas connection params * * @return array */ - public function getCasConnectionInfos() + public function getCas() { - return $this->casConnectionInfos; + return $this->cas; } - -} +} \ No newline at end of file diff --git a/src/UnicaenAuth/View/Helper/UserCurrent.php b/src/UnicaenAuth/View/Helper/UserCurrent.php index 5330c0ccaf5cbf3f5406bf69d62d2d55e13e5096..dcbcec9058ef76a032e3589110adb8b8e1278b81 100644 --- a/src/UnicaenAuth/View/Helper/UserCurrent.php +++ b/src/UnicaenAuth/View/Helper/UserCurrent.php @@ -45,20 +45,31 @@ class UserCurrent extends UserAbstract { try { if ($this->getIdentity()) { - $out = sprintf('<a id="info" class="infobulle">%s%s<em><span>%s%s</span></em></a>', - $this->getLegende(), - $this->getView()->userStatus(false), - $this->getView()->userProfile(), - $this->getView()->userInfo($this->getAffectationFineSiDispo())); + $id = 'user-current-info'; + $status = $this->getView()->userStatus(false); + $content = $this->getView()->userProfile() . $this->getView()->userInfo($this->getAffectationFineSiDispo()); + $content = preg_replace('/\r\n|\n|\r/', '', $content); + $out = <<<EOS +<a class="navbar-link" id="$id" title="Utilisateur connecté" data-placement="bottom" data-toggle="popover" data-content="$content" href="#">$status</a> +EOS; + $out .= <<<EOS +<script type="text/javascript"> + $(function() { + $("#$id").popover({ html: true }); + }); +</script> +EOS; } else { $out = "" . $this->getView()->userStatus(false); } - } catch (\Exception $e) { + } + catch (\Exception $e) { var_dump($e); $out = '<p>' . $e->getMessage() . '</p><p>' . $e->getTraceAsString() . '</p>'; } + return $out; }