From 269f463f1612f9dd8fc22bb329993604f29fe139 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 25 Jun 2020 12:57:57 +0200 Subject: Make surname and eppn configurable --- inc/user.inc.php | 8 ++++---- shib/api.php | 19 +++++++++---------- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/inc/user.inc.php b/inc/user.inc.php index 6e3c06d..e2523f9 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -181,8 +181,8 @@ class User Util::redirect('?do=Main&force-cookie=true.dat'); } self::$isShib = true; - if (!isset($_SERVER['sn'])) - $_SERVER['sn'] = ''; + if (!isset($_SERVER[CONFIG_SURNAME])) + $_SERVER[CONFIG_SURNAME] = ''; if (!isset($_SERVER['givenName'])) $_SERVER['givenName'] = ''; if (!isset($_SERVER['mail'])) @@ -192,7 +192,7 @@ class User 'userid' => NULL, 'shibid' => $shibId, 'firstname' => $_SERVER['givenName'], - 'lastname' => $_SERVER['sn'], + 'lastname' => $_SERVER[CONFIG_SURNAME], 'email' => $_SERVER['mail'], ); // Figure out whether the user should be considered a tutor @@ -205,7 +205,7 @@ class User else self::$user['role'] = 'STUDENT'; // Try to figure out organization - if (isset($_SERVER['eppn']) && preg_match('/@([0-9a-zA-Z\-\._]+)$/', $_SERVER['eppn'], $out)) { + if (isset($_SERVER[CONFIG_EPPN]) && preg_match('/@([0-9a-zA-Z\-\._]+)$/', $_SERVER[CONFIG_EPPN], $out)) { self::$user['organization'] = $out[1]; } if (!isset(self::$user['organization']) && isset($_SERVER['affiliation']) && preg_match('/@([0-9a-zA-Z\-\._]+)(;|$)/', $_SERVER['affiliation'], $out)) { diff --git a/shib/api.php b/shib/api.php index 4bfee68..2c80f37 100644 --- a/shib/api.php +++ b/shib/api.php @@ -20,14 +20,13 @@ function slxAutoloader($class) } spl_autoload_register('slxAutoloader'); - $response = array(); if (empty($_SERVER['persistent-id'])) { // No persistent id given, should not happen! $response['status'] = 'error'; $response['error'] = 'Shibboleth meta data missing!'; - @file_put_contents('/tmp/shib-nopid-' . time() . '-' . $_SERVER['REMOTE_ADDR'] . '.txt', print_r($_SERVER, true)); + file_put_contents('/tmp/shib-nopid-' . time() . '-' . $_SERVER['REMOTE_ADDR'] . '.txt', print_r($_SERVER, true)); } else { // Query database for user $shibId = md5($_SERVER['persistent-id']); @@ -43,7 +42,7 @@ if (empty($_SERVER['persistent-id'])) { || strpos(";{$_SERVER['affiliation']};", ';faculty@') !== false) { $role = 'TUTOR'; } else { - @file_put_contents('/tmp/shib-student-' . time() . '-' . $_SERVER['REMOTE_ADDR'] . '.txt', print_r($_SERVER, true)); + file_put_contents('/tmp/shib-student-' . time() . '-' . $_SERVER['REMOTE_ADDR'] . '.txt', print_r($_SERVER, true)); $role = 'STUDENT'; // NEW: Ignore students for now $response = array( @@ -65,16 +64,16 @@ if (empty($_SERVER['persistent-id'])) { if (isset($_SERVER['givenName'])) { $response['firstName'] = $_SERVER['givenName']; } - if (isset($_SERVER['sn'])) { - $response['lastName'] = $_SERVER['sn']; + if (isset($_SERVER[CONFIG_SURNAME])) { + $response['lastName'] = $_SERVER[CONFIG_SURNAME]; } if (isset($_SERVER['mail'])) { $response['mail'] = $_SERVER['mail']; } $response['userId'] = $shibId; // Try to figure out orgId - if (!isset($response['organizationId']) && isset($_SERVER['eppn'])) { - if (preg_match('/@(.+)$/', $_SERVER['eppn'], $out)) { + if (!isset($response['organizationId']) && isset($_SERVER[CONFIG_EPPN])) { + if (preg_match('/@(.+)$/', $_SERVER[CONFIG_EPPN], $out)) { $out = Database::queryFirst("SELECT organizationid FROM organization_suffix WHERE suffix = :suffix", array( 'suffix' => $out[1] )); @@ -107,7 +106,7 @@ if (empty($_SERVER['persistent-id'])) { } $response['id'] = $shibId; $response['url'] = CONFIG_MASTERWEBIF; - @file_put_contents('/tmp/shib-unreg-' . time() . '-' . $_SERVER['REMOTE_ADDR'] . '.txt', print_r($_SERVER, true)); + file_put_contents('/tmp/shib-unreg-' . time() . '-' . $_SERVER['REMOTE_ADDR'] . '.txt', print_r($_SERVER, true)); } else { // Found, see if we got personal information, either temporarily through metadata, or from database $firstName = $user['firstname']; @@ -115,8 +114,8 @@ if (empty($_SERVER['persistent-id'])) { $mail = $user['email']; if (empty($firstName) && isset($_SERVER['givenName'])) $firstName = trim($_SERVER['givenName']); - if (empty($lastName) && isset($_SERVER['sn'])) - $lastName = trim($_SERVER['sn']); + if (empty($lastName) && isset($_SERVER[CONFIG_SURNAME])) + $lastName = trim($_SERVER[CONFIG_SURNAME]); if (empty($mail) && isset($_SERVER['mail'])) $mail = trim($_SERVER['mail']); // -- cgit v1.2.3-55-g7522