Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
lib
unicaen
auth
Commits
ecfc8ff5
Commit
ecfc8ff5
authored
Jan 21, 2019
by
Bertrand Gauthier
Browse files
Support de l'authentification locale.
parent
cb8ef280
Changes
12
Hide whitespace changes
Inline
Side-by-side
config/module.config.php
View file @
ecfc8ff5
...
...
@@ -6,11 +6,22 @@ use UnicaenAuth\Service\ShibService;
use
UnicaenAuth\Service\ShibServiceFactory
;
use
UnicaenAuth\Service\UserContextFactory
;
use
UnicaenAuth\View\Helper\LdapConnectViewHelperFactory
;
use
UnicaenAuth\View\Helper\LocalConnectViewHelperFactory
;
use
UnicaenAuth\View\Helper\ShibConnectViewHelperFactory
;
use
UnicaenAuth\View\Helper\UserUsurpationHelperFactory
;
$settings
=
[
/**
* Configuration de l'authentification locale.
*/
'local'
=>
[
/**
* Possibilité ou non de s'authentifier à l'aide d'un compte local.
*/
'enabled'
=>
true
,
],
/**
* Configuration de l'authentification LDAP.
*/
...
...
@@ -453,6 +464,7 @@ return [
'userProfileSelect'
=>
'UnicaenAuth\View\Helper\UserProfileSelectFactory'
,
'userProfileSelectRadioItem'
=>
'UnicaenAuth\View\Helper\UserProfileSelectRadioItemFactory'
,
'userUsurpation'
=>
UserUsurpationHelperFactory
::
class
,
'localConnect'
=>
LocalConnectViewHelperFactory
::
class
,
'ldapConnect'
=>
LdapConnectViewHelperFactory
::
class
,
'shibConnect'
=>
ShibConnectViewHelperFactory
::
class
,
],
...
...
config/unicaen-auth.global.php.dist
View file @
ecfc8ff5
...
...
@@ -7,6 +7,16 @@
*/
$settings
=
[
/**
* Configuration de l'authentification locale.
*/
'local'
=>
[
/**
* Possibilité ou non de s'authentifier à l'aide d'un compte local.
*/
'enabled'
=>
true
,
],
/**
* Configuration de l'authentification LDAP.
*/
...
...
src/UnicaenAuth/Controller/AuthController.php
View file @
ecfc8ff5
...
...
@@ -107,4 +107,26 @@ class AuthController extends AbstractActionController
throw
new
RuntimeException
(
"Impossible d'écrire dans le storage"
);
}
}
public
function
sendPasswordRenewalMailAction
()
{
// lecture email fourni
// tester email connu dans table utilisateur
// générer / enregistrer token dans table utilisateur
// envoyer mail avec lien/token
}
public
function
changePasswordAction
()
{
// lecture token fourni
// test token fourni existe dans table utilisateur
// afficher formulaire de màj
// màj password
}
}
\ No newline at end of file
src/UnicaenAuth/Options/ModuleOptions.php
View file @
ecfc8ff5
...
...
@@ -9,6 +9,13 @@ namespace UnicaenAuth\Options;
*/
class
ModuleOptions
extends
\
ZfcUser\Options\ModuleOptions
{
/**
* Paramètres concernant l'authentification locale.
*
* @var array
*/
protected
$local
=
[];
/**
* Paramètres concernant l'authentification LDAP.
*
...
...
@@ -46,6 +53,25 @@ class ModuleOptions extends \ZfcUser\Options\ModuleOptions
*/
protected
$entityManagerName
=
'doctrine.entitymanager.orm_default'
;
/**
* @return array
*/
public
function
getLocal
()
{
return
$this
->
local
;
}
/**
* @param array $local
* @return self
*/
public
function
setLocal
(
array
$local
)
{
$this
->
local
=
$local
;
return
$this
;
}
/**
* Retourne les paramètres concernant l'authentification LDAP.
*
...
...
src/UnicaenAuth/Service/ShibService.php
View file @
ecfc8ff5
...
...
@@ -327,6 +327,9 @@ EOS;
if
(
$this
->
getShibbolethSimulate
())
{
return
'/'
;
}
if
(
$this
->
getAuthenticatedUser
()
===
null
)
{
return
'/'
;
}
$logoutRelativeUrl
=
'/Shibboleth.sso/Logout?return='
;
// NB: '?return=' semble obligatoire!
...
...
src/UnicaenAuth/View/Helper/LdapConnectViewHelper.php
View file @
ecfc8ff5
...
...
@@ -62,10 +62,12 @@ class LdapConnectViewHelper extends AbstractHelper
}
try
{
return
$this
->
getView
()
->
render
(
"ldap-connect"
,
[
return
$this
->
getView
()
->
render
(
"connect"
,
[
'title'
=>
null
,
'enabled'
=>
$this
->
enabled
,
'form'
=>
$this
->
form
,
'redirect'
=>
null
,
'password_reset'
=>
false
,
]);
}
catch
(
\
Exception
$e
)
{
return
'<p>'
.
$e
->
getMessage
()
.
'</p><p>'
.
$e
->
getTraceAsString
()
.
'</p>'
;
...
...
src/UnicaenAuth/View/Helper/LocalConnectViewHelper.php
0 → 100644
View file @
ecfc8ff5
<?php
namespace
UnicaenAuth\View\Helper
;
use
Zend\Form\Form
;
use
Zend\View\Helper\AbstractHelper
;
use
Zend\View\Renderer\PhpRenderer
;
use
Zend\View\Resolver\TemplatePathStack
;
/**
* Aide de vue dessinant le formulaire d'authentification locale,
* si l'authentification locale est activée.
*
* @method PhpRenderer getView()
* @author Unicaen
*/
class
LocalConnectViewHelper
extends
AbstractHelper
{
/**
* @var bool
*/
protected
$enabled
=
true
;
/**
* @var Form
*/
protected
$form
;
/**
* @param bool $enabled
* @return $this
*/
public
function
setEnabled
(
$enabled
=
true
)
{
$this
->
enabled
=
$enabled
;
return
$this
;
}
/**
* @param Form $form
* @return $this
*/
public
function
__invoke
(
Form
$form
)
{
$this
->
form
=
$form
;
$this
->
getView
()
->
resolver
()
->
attach
(
new
TemplatePathStack
([
'script_paths'
=>
[
__DIR__
.
"/partial"
]])
);
return
$this
;
}
/**
* @return string
*/
public
function
__toString
()
{
if
(
!
$this
->
enabled
)
{
return
''
;
}
try
{
return
$this
->
getView
()
->
render
(
"connect"
,
[
'title'
=>
"Avec un compte local"
,
'enabled'
=>
$this
->
enabled
,
'form'
=>
$this
->
form
,
'redirect'
=>
null
,
'password_reset'
=>
true
,
]);
}
catch
(
\
Exception
$e
)
{
return
'<p>'
.
$e
->
getMessage
()
.
'</p><p>'
.
$e
->
getTraceAsString
()
.
'</p>'
;
}
}
}
\ No newline at end of file
src/UnicaenAuth/View/Helper/LocalConnectViewHelperFactory.php
0 → 100644
View file @
ecfc8ff5
<?php
namespace
UnicaenAuth\View\Helper
;
use
UnicaenAuth\Options\ModuleOptions
;
use
Zend\View\HelperPluginManager
;
class
LocalConnectViewHelperFactory
{
/**
* @param HelperPluginManager $hpm
* @return LocalConnectViewHelper
*/
public
function
__invoke
(
HelperPluginManager
$hpm
)
{
/** @var ModuleOptions $moduleOptions */
$moduleOptions
=
$hpm
->
getServiceLocator
()
->
get
(
'unicaen-auth_module_options'
);
$config
=
$moduleOptions
->
getLocal
();
$enabled
=
isset
(
$config
[
'enabled'
])
&&
(
bool
)
$config
[
'enabled'
];
$helper
=
new
LocalConnectViewHelper
();
$helper
->
setEnabled
(
$enabled
);
return
$helper
;
}
}
\ No newline at end of file
src/UnicaenAuth/View/Helper/ShibConnectViewHelper.php
View file @
ecfc8ff5
...
...
@@ -41,7 +41,7 @@ class ShibConnectViewHelper extends AbstractHelper
$shibUrl
=
$this
->
getView
()
->
url
(
'auth/shibboleth'
,
[],
[
'query'
=>
$this
->
getView
()
->
queryParams
()],
true
);
return
<<<EOS
Se connecter via la
<h3 class="connect-title">Via la fédération d'identité</h3>
<a href="$shibUrl" class="btn btn-success btn-lg">Fédération d'identité Renater</a>
EOS;
}
...
...
src/UnicaenAuth/View/Helper/partial/
ldap-
connect.phtml
→
src/UnicaenAuth/View/Helper/partial/connect.phtml
View file @
ecfc8ff5
...
...
@@ -5,22 +5,30 @@ use Zend\Form\Form;
/**
* @var bool $enabled
* @var Form $form
* @var string $title
* @var string $redirect
*/
?>
<?php
if
(
$title
)
:
?>
<h3
class=
"connect-title"
>
<?php
echo
$title
?>
</h3>
<?php
endif
?>
<?php
echo
$this
->
form
()
->
openTag
(
$form
)
?>
<?php
if
((
$errors
=
$this
->
formErrors
(
$form
)))
:
?>
<p>
<?php
echo
$errors
?>
</p>
<?php
endif
?>
<p>
<p
class=
"connect-identity"
>
<?php
$identity
=
$form
->
get
(
$name
=
'identity'
)
->
setAttributes
([
'id'
=>
$name
,
'class'
=>
'form-control'
]);
echo
$this
->
formLabel
(
$identity
);
echo
$this
->
formInput
(
$identity
);
?>
</p>
<p>
<p
class=
"connect-credentials"
>
<?php
$identity
=
$form
->
get
(
$name
=
'credential'
)
->
setAttributes
([
'id'
=>
$name
,
'class'
=>
'form-control'
]);
echo
$this
->
formLabel
(
$identity
);
...
...
@@ -30,7 +38,9 @@ use Zend\Form\Form;
<?php
if
(
$redirect
)
:
?>
<input
type=
"hidden"
name=
"redirect"
value=
"
<?php
echo
$redirect
?>
"
/>
<?php
endif
?>
<p>
<p
class=
"connect-submit"
>
<?php
echo
$this
->
formButton
(
$form
->
get
(
'submit'
)
->
setAttribute
(
'class'
,
'btn btn-primary'
))
?>
</p>
<?php
echo
$this
->
form
()
->
closeTag
()
?>
src/UnicaenAuth/View/Helper/partial/reset-password.phtml
0 → 100644
View file @
ecfc8ff5
<?php
use
Zend\Form\Form
;
/**
* @var bool $enabled
* @var Form $form
* @var string $title
* @var string $redirect
*/
?>
<?php
if
(
$title
)
:
?>
<h3
class=
"password-reset-title"
>
<?php
echo
$title
?>
</h3>
<?php
endif
?>
<?php
echo
$this
->
form
()
->
openTag
(
$form
)
?>
<?php
if
((
$errors
=
$this
->
formErrors
(
$form
)))
:
?>
<p>
<?php
echo
$errors
?>
</p>
<?php
endif
?>
<p
class=
"password-reset-identity"
>
<?php
$identity
=
$form
->
get
(
$name
=
'identity'
)
->
setAttributes
([
'id'
=>
$name
,
'class'
=>
'form-control'
]);
echo
$this
->
formLabel
(
$identity
);
echo
$this
->
formInput
(
$identity
);
?>
</p>
<?php
if
(
$redirect
)
:
?>
<input
type=
"hidden"
name=
"redirect"
value=
"
<?php
echo
$redirect
?>
"
/>
<?php
endif
?>
<p
class=
"password-reset-submit"
>
<?php
echo
$this
->
formButton
(
$form
->
get
(
'submit'
)
->
setAttribute
(
'class'
,
'btn btn-primary'
))
?>
</p>
<?php
echo
$this
->
form
()
->
closeTag
()
?>
view/zfc-user/user/login.phtml
View file @
ecfc8ff5
<?php
$this
->
headTitle
(
"Connexion"
)
?>
<?php
/**
* @var PhpRenderer $this
*
* @method LocalConnectViewHelper localConnect()
* @method LdapConnectViewHelper ldapConnect()
* @method ShibConnectViewHelper shibConnect()
*/
use
UnicaenAuth\View\Helper\LdapConnectViewHelper
;
use
UnicaenAuth\View\Helper\LocalConnectViewHelper
;
use
UnicaenAuth\View\Helper\ShibConnectViewHelper
;
use
Zend\Form\Form
;
use
Zend\View\Renderer\PhpRenderer
;
$this
->
headTitle
(
"Connexion"
)
?>
<?php
/** @var Form $form */
$form
=
$this
->
loginForm
;
$form
->
prepare
();
$form
->
setAttributes
([
...
...
@@ -25,9 +41,10 @@ $form->setAttributes([
<div
class=
"panel-body"
>
<?php
$ldapAuthHtml
=
(
string
)
$this
->
ldapConnect
(
$form
);
$shibAuthHtml
=
(
string
)
$this
->
shibConnect
(
$form
);
echo
implode
(
'<hr>'
,
array_filter
([
$ldapAuthHtml
,
$shibAuthHtml
]));
$localAuthHtml
=
(
string
)
$this
->
localConnect
(
$form
);
$ldapAuthHtml
=
(
string
)
$this
->
ldapConnect
(
$form
);
$shibAuthHtml
=
(
string
)
$this
->
shibConnect
(
$form
);
echo
implode
(
'<hr>'
,
array_filter
([
$ldapAuthHtml
,
$shibAuthHtml
,
$localAuthHtml
]));
?>
</div>
</div>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment