Commit 4221a15c authored by Νίκος Κατσαούνος's avatar Νίκος Κατσαούνος

Merge branch 'develop' of https://git.minedu.gov.gr/itminedu/e-epal into component_updates

parents e598a7e2 5933a60e
...@@ -99,15 +99,13 @@ class CASLogin extends ControllerBase ...@@ -99,15 +99,13 @@ class CASLogin extends ControllerBase
// Enable verbose error messages. Disable in production! // Enable verbose error messages. Disable in production!
//phpCAS::setVerbose(true); //phpCAS::setVerbose(true);
phpCAS::client($this->serverVersion, phpCAS::client(
$this->serverVersion,
$this->serverHostname, $this->serverHostname,
intval($this->serverPort), intval($this->serverPort),
$this->serverUri, $this->serverUri,
boolval($this->changeSessionId)); boolval($this->changeSessionId)
);
// \phpCAS::setServerLoginURL('http://sso-test.sch.gr/login');
// \phpCAS::setServerServiceValidateURL('http://sso-test.sch.gr/cas/samlValidate');
if ($this->CASServerCACert) { if ($this->CASServerCACert) {
if ($this->CASServerCNValidate) { if ($this->CASServerCNValidate) {
...@@ -124,12 +122,9 @@ class CASLogin extends ControllerBase ...@@ -124,12 +122,9 @@ class CASLogin extends ControllerBase
return $this->redirectForbidden($configRowName, '5001'); return $this->redirectForbidden($configRowName, '5001');
} }
$attributes = phpCAS::getAttributes(); $attributes = phpCAS::getAttributes();
/* foreach ($attributes as $attr_key => $attr_value) {
$this->logger->warning($attr_key);
$this->logger->warning(phpCAS::getAttribute($attr_key));
} */
/* $isAllowed = true; /*
$isAllowed = true;
$att1 = $attributes[$this->allowed1]; $att1 = $attributes[$this->allowed1];
$att2 = $attributes[$this->allowed2]; $att2 = $attributes[$this->allowed2];
if (!isset($att1) || !isset($att2)) { if (!isset($att1) || !isset($att2)) {
...@@ -155,15 +150,17 @@ class CASLogin extends ControllerBase ...@@ -155,15 +150,17 @@ class CASLogin extends ControllerBase
} }
if (!$found1 || !$found2) { if (!$found1 || !$found2) {
$isAllowed = false; $isAllowed = false;
} */ }
/* if (!$isAllowed) { if (!$isAllowed) {
$response = new Response(); $response = new Response();
$response->setContent(t('Access is allowed only to official school accounts')); $response->setContent(t('Access is allowed only to official school accounts'));
$response->setStatusCode(Response::HTTP_FORBIDDEN); $response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json;charset=UTF-8'); $response->headers->set('Content-Type', 'application/json;charset=UTF-8');
return $response; return $response;
} */ }
*/
$CASUser = phpCAS::getUser(); $CASUser = phpCAS::getUser();
$this->logger->warning($CASUser); $this->logger->warning($CASUser);
...@@ -179,14 +176,15 @@ class CASLogin extends ControllerBase ...@@ -179,14 +176,15 @@ class CASLogin extends ControllerBase
$physicaldeliveryofficename = $filterAttribute("physicaldeliveryofficename"); $physicaldeliveryofficename = $filterAttribute("physicaldeliveryofficename");
/****** the following is for production ***************************/ /****** the following is for production : Χρήση μόνο από ΕΠΙΣΗΜΟΥΣ ΛΟΓΑΡΙΑΣΜΟΥΣ ***************************/
/*
/* if (!$umdobject || $umdobject !== "Account") { if (!$umdobject || $umdobject !== "Account") {
return $this->redirectForbidden($configRowName, '5002'); return $this->redirectForbidden($configRowName, '5002');
} }
if (!$physicaldeliveryofficename || preg_replace('/\s+/', '', $physicaldeliveryofficename) !== 'ΕΠΙΣΗΜΟΣΛΟΓΑΡΙΑΣΜΟΣ') { if (!$physicaldeliveryofficename || preg_replace('/\s+/', '', $physicaldeliveryofficename) !== 'ΕΠΙΣΗΜΟΣΛΟΓΑΡΙΑΣΜΟΣ') {
return $this->redirectForbidden($configRowName, '5003'); return $this->redirectForbidden($configRowName, '5003');
} */ }
*/
phpCAS::trace($umdobject); phpCAS::trace($umdobject);
phpCAS::trace($physicaldeliveryofficename); phpCAS::trace($physicaldeliveryofficename);
...@@ -198,20 +196,14 @@ class CASLogin extends ControllerBase ...@@ -198,20 +196,14 @@ class CASLogin extends ControllerBase
return $this->redirectForbidden($configRowName, '5004'); return $this->redirectForbidden($configRowName, '5004');
} }
// $this->logger->warning('redirecturl=' . $this->redirectUrl);
$epalToken = $this->authenticatePhase2($request, $CASUser, $userAssigned, $filterAttribute('cn')); $epalToken = $this->authenticatePhase2($request, $CASUser, $userAssigned, $filterAttribute('cn'));
if ($epalToken) { if ($epalToken) {
if ('casost_sch_sso_config' === $configRowName) { if ('casost_sch_sso_config' === $configRowName) {
/* $cookie = new Cookie('auth_token', $epalToken, 0, '/', null, false, false);
$cookie2 = new Cookie('auth_role', $exposedRole, 0, '/', null, false, false); */
return new RedirectResponse($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []); return new RedirectResponse($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []);
} else { } else {
\Drupal::service('page_cache_kill_switch')->trigger(); \Drupal::service('page_cache_kill_switch')->trigger();
return new RedirectResponseWithCookieExt($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []); return new RedirectResponseWithCookieExt($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []);
} }
// $headers = array("auth_token" => $epalToken, "auth_role" => "director");
// return new RedirectResponse($this->redirectUrl, 302, $headers);
} else { } else {
return $this->redirectForbidden($configRowName, '5005'); return $this->redirectForbidden($configRowName, '5005');
} }
......
...@@ -20,6 +20,7 @@ class CASLogout extends ControllerBase ...@@ -20,6 +20,7 @@ class CASLogout extends ControllerBase
protected $serverPort; protected $serverPort;
protected $serverUri; protected $serverUri;
protected $changeSessionId; protected $changeSessionId;
protected $logoutRedirectUrl;
protected $CASServerCACert; protected $CASServerCACert;
protected $CASServerCNValidate; protected $CASServerCNValidate;
protected $noCASServerValidation; protected $noCASServerValidation;
...@@ -76,6 +77,7 @@ class CASLogout extends ControllerBase ...@@ -76,6 +77,7 @@ class CASLogout extends ControllerBase
$this->serverUri = $CASOSTConfig->serveruri->value === null ? '' : $CASOSTConfig->serveruri->value; $this->serverUri = $CASOSTConfig->serveruri->value === null ? '' : $CASOSTConfig->serveruri->value;
$this->redirectUrl = $CASOSTConfig->redirecturl->value; $this->redirectUrl = $CASOSTConfig->redirecturl->value;
$this->changeSessionId = $CASOSTConfig->changesessionid->value; $this->changeSessionId = $CASOSTConfig->changesessionid->value;
$this->logoutRedirectUrl = $CASOSTConfig->logoutredirecturl->value;
$this->CASServerCACert = $CASOSTConfig->casservercacert->value; $this->CASServerCACert = $CASOSTConfig->casservercacert->value;
$this->CASServerCNValidate = $CASOSTConfig->casservercnvalidate->value; $this->CASServerCNValidate = $CASOSTConfig->casservercnvalidate->value;
$this->noCASServerValidation = $CASOSTConfig->nocasservervalidation->value; $this->noCASServerValidation = $CASOSTConfig->nocasservervalidation->value;
...@@ -93,14 +95,16 @@ class CASLogout extends ControllerBase ...@@ -93,14 +95,16 @@ class CASLogout extends ControllerBase
// Enable debugging // Enable debugging
phpCAS::setDebug("phpcas.log"); phpCAS::setDebug("phpcas.log");
// Enable verbose error messages. Disable in production! // Enable verbose error messages. Disable in production!
phpCAS::setVerbose(true); // phpCAS::setVerbose(true);
// Initialize phpCAS // Initialize phpCAS
phpCAS::client($this->serverVersion, phpCAS::client(
$this->serverVersion,
$this->serverHostname, $this->serverHostname,
intval($this->serverPort), intval($this->serverPort),
$this->serverUri, $this->serverUri,
boolval($this->changeSessionId)); boolval($this->changeSessionId)
);
$authToken = $request->headers->get('PHP_AUTH_USER'); $authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken)); $users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
...@@ -109,32 +113,22 @@ class CASLogout extends ControllerBase ...@@ -109,32 +113,22 @@ class CASLogout extends ControllerBase
if (!$user) { if (!$user) {
return $this->redirectForbidden($configRowName, '7002'); return $this->redirectForbidden($configRowName, '7002');
} }
// phpCAS::handleLogoutRequests();
// phpCAS::logoutWithRedirectService('http://eduslim2.minedu.gov.gr/dist/#/school');
// session_unset();
// session_destroy();
$user->setPassword(uniqid('pw')); $user->setPassword(uniqid('pw'));
$user->save(); $user->save();
$response = new Response(); $response = new Response();
$response->setContent('logout successful'); $response->setContent("{\"message\": \"Server logout successful\",\"next\": \"{$this->logoutRedirectUrl}\"}");
$response->setStatusCode(Response::HTTP_OK); $response->setStatusCode(Response::HTTP_OK);
$response->headers->set('Content-Type', 'application/json'); $response->headers->set('Content-Type', 'application/json');
// phpCAS::logout(array('url'=>$this->redirectUrl)); session_unset();
// phpCAS::logout(); session_destroy();
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger(); \Drupal::service('page_cache_kill_switch')->trigger();
// phpCAS::logoutWithRedirectServiceAndUrl('https://sso-test.sch.gr/logout',''); // phpCAS::logout(array('service' => 'http://eduslim2.minedu.gov.gr/dist/#/school'));
// header('Location: '.'https://sso-test.sch.gr/login?service=https%3A%2F%2Feduslim2.minedu.gov.gr%2Fdrupal%2Fcas%2Flogin%3Fconfig%3D2'); // phpCAS::logoutWithRedirectService('http://eduslim2.minedu.gov.gr/dist/#/school');
// header('Location: https://sso-test.sch.gr/logout'); // phpCAS::handleLogoutRequests();
// exit(0);
// return new RedirectResponseWithCookieExt("https://sso-test.sch.gr/logout", 302, []); session_start();
return $response; return $response;
} catch (\Exception $e) { } catch (\Exception $e) {
$this->logger->warning($e->getMessage()); $this->logger->warning($e->getMessage());
......
...@@ -60,124 +60,124 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface ...@@ -60,124 +60,124 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public static function preCreate(EntityStorageInterface $storage_controller, array &$values) public static function preCreate(EntityStorageInterface $storage_controller, array &$values)
{ {
parent::preCreate($storage_controller, $values); parent::preCreate($storage_controller, $values);
$values += array( $values += array(
'user_id' => \Drupal::currentUser()->id(), 'user_id' => \Drupal::currentUser()->id(),
); );
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getName() public function getName()
{ {
return $this->get('name')->value; return $this->get('name')->value;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setName($name) public function setName($name)
{ {
$this->set('name', $name); $this->set('name', $name);
return $this; return $this;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getCreatedTime() public function getCreatedTime()
{ {
return $this->get('created')->value; return $this->get('created')->value;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setCreatedTime($timestamp) public function setCreatedTime($timestamp)
{ {
$this->set('created', $timestamp); $this->set('created', $timestamp);
return $this; return $this;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getOwner() public function getOwner()
{ {
return $this->get('user_id')->entity; return $this->get('user_id')->entity;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getOwnerId() public function getOwnerId()
{ {
return $this->get('user_id')->target_id; return $this->get('user_id')->target_id;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setOwnerId($uid) public function setOwnerId($uid)
{ {
$this->set('user_id', $uid); $this->set('user_id', $uid);
return $this; return $this;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setOwner(UserInterface $account) public function setOwner(UserInterface $account)
{ {
$this->set('user_id', $account->id()); $this->set('user_id', $account->id());
return $this; return $this;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function isPublished() public function isPublished()
{ {
return (bool) $this->getEntityKey('status'); return (bool) $this->getEntityKey('status');
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function setPublished($published) public function setPublished($published)
{ {
$this->set('status', $published ? true : false); $this->set('status', $published ? true : false);
return $this; return $this;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public static function baseFieldDefinitions(EntityTypeInterface $entity_type) public static function baseFieldDefinitions(EntityTypeInterface $entity_type)
{ {
$fields = parent::baseFieldDefinitions($entity_type); $fields = parent::baseFieldDefinitions($entity_type);
$fields['user_id'] = BaseFieldDefinition::create('entity_reference') $fields['user_id'] = BaseFieldDefinition::create('entity_reference')
->setLabel(t('Authored by')) ->setLabel(t('Authored by'))
->setDescription(t('The user ID of author of the CASOST Config entity.')) ->setDescription(t('The user ID of author of the CASOST Config entity.'))
->setRevisionable(true) ->setRevisionable(true)
->setSetting('target_type', 'user') ->setSetting('target_type', 'user')
->setSetting('handler', 'default') ->setSetting('handler', 'default')
->setTranslatable(true) ->setTranslatable(true)
->setDisplayOptions('view', array( ->setDisplayOptions('view', array(
'label' => 'hidden', 'label' => 'hidden',
'type' => 'author', 'type' => 'author',
'weight' => 0, 'weight' => 0,
)) ))
->setDisplayOptions('form', array( ->setDisplayOptions('form', array(
'type' => 'entity_reference_autocomplete', 'type' => 'entity_reference_autocomplete',
'weight' => 5, 'weight' => 5,
'settings' => array( 'settings' => array(
...@@ -186,31 +186,31 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface ...@@ -186,31 +186,31 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface
'autocomplete_type' => 'tags', 'autocomplete_type' => 'tags',
'placeholder' => '', 'placeholder' => '',
), ),
)) ))
->setDisplayConfigurable('form', true) ->setDisplayConfigurable('form', true)
->setDisplayConfigurable('view', true); ->setDisplayConfigurable('view', true);
$fields['name'] = BaseFieldDefinition::create('string') $fields['name'] = BaseFieldDefinition::create('string')
->setLabel(t('Name')) ->setLabel(t('Name'))
->setDescription(t('The name of the CASOST Config entity.')) ->setDescription(t('The name of the CASOST Config entity.'))
->setSettings(array( ->setSettings(array(
'max_length' => 50, 'max_length' => 50,
'text_processing' => 0, 'text_processing' => 0,
)) ))
->setDefaultValue('casost_sch_sso_config') ->setDefaultValue('casost_sch_sso_config')
->setDisplayOptions('view', array( ->setDisplayOptions('view', array(
'label' => 'above', 'label' => 'above',
'type' => 'string', 'type' => 'string',
'weight' => -4, 'weight' => -100,
)) ))
->setDisplayOptions('form', array( ->setDisplayOptions('form', array(
'type' => 'string_textfield', 'type' => 'string_textfield',
'weight' => -4, 'weight' => -100,
)) ))
->setDisplayConfigurable('form', true) ->setDisplayConfigurable('form', true)
->setDisplayConfigurable('view', true); ->setDisplayConfigurable('view', true);
$fields['serverversion'] = BaseFieldDefinition::create('string') $fields['serverversion'] = BaseFieldDefinition::create('string')
->setLabel(t('Server Version')) ->setLabel(t('Server Version'))
->setDescription(t('The Server Version')) ->setDescription(t('The Server Version'))
->setSettings(array( ->setSettings(array(
...@@ -230,7 +230,7 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface ...@@ -230,7 +230,7 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface
->setDisplayConfigurable('form', true) ->setDisplayConfigurable('form', true)
->setDisplayConfigurable('view', true); ->setDisplayConfigurable('view', true);
$fields['serverhostname'] = BaseFieldDefinition::create('string') $fields['serverhostname'] = BaseFieldDefinition::create('string')
->setLabel(t('Server Hostname')) ->setLabel(t('Server Hostname'))
->setDescription(t('The Server Hostname')) ->setDescription(t('The Server Hostname'))
->setSettings(array( ->setSettings(array(
...@@ -250,7 +250,7 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface ...@@ -250,7 +250,7 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface
->setDisplayConfigurable('form', true) ->setDisplayConfigurable('form', true)
->setDisplayConfigurable('view', true); ->setDisplayConfigurable('view', true);
$fields['serverport'] = BaseFieldDefinition::create('integer') $fields['serverport'] = BaseFieldDefinition::create('integer')
->setLabel(t('User Authorization Url')) ->setLabel(t('User Authorization Url'))
->setDescription(t('The User Authorization Url')) ->setDescription(t('The User Authorization Url'))
->setSettings(array( ->setSettings(array(
...@@ -270,7 +270,7 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface ...@@ -270,7 +270,7 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface
->setDisplayConfigurable('form', true) ->setDisplayConfigurable('form', true)
->setDisplayConfigurable('view', true); ->setDisplayConfigurable('view', true);
$fields['serveruri'] = BaseFieldDefinition::create('string') $fields['serveruri'] = BaseFieldDefinition::create('string')
->setLabel(t('Server Uri')) ->setLabel(t('Server Uri'))
->setDescription(t('The Server Uri')) ->setDescription(t('The Server Uri'))
->setSettings(array( ->setSettings(array(
...@@ -313,7 +313,39 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface ...@@ -313,7 +313,39 @@ class CASOSTConfig extends ContentEntityBase implements CASOSTConfigInterface
$fields['changesessionid'] = BaseFieldDefinition::create('boolean') $fields['changesessionid'] = BaseFieldDefinition::create('boolean')
->setLabel(t('Change Session Id')) ->setLabel(t('Change Session Id'))
->setDescription(t('A boolean indicating whether we change session id.')) ->setDescription(t('A boolean indicating whether we change session id.'))
->setDefaultValue(false); ->setDefaultValue(true)
->setDisplayOptions('view', array(
'label' => 'above',
'type' => 'string',
'weight' => -5,
))
->setDisplayOptions('form', array(
'type' => 'boolean_checkbox',
'settings' => array('display_label' => true),
'weight' => -5,
))
->setDisplayConfigurable('form', true)
->setDisplayConfigurable('view', true);
$fields['logoutredirecturl'] = BaseFieldDefinition::create('string')
->setLabel(t('Logout Redirect Url'))
->setDescription(t('Logout Redirect Url used by the client application after drupal logout.'))
->setSettings(array(
'max_length' => 500,
'text_processing' => 0,