$borrowernumber = getborrowernumber($user) if defined($user);
my ( $borr ) = GetMemberDetails( $borrowernumber );
-
- if ( ! $borr ) {
- # create new user from SAML data
- if ( my $token = $in->{query}->cookie('AuthMemCookie') ) {
-
-
- my $memd = new Cache::Memcached { 'servers' => [ '127.0.0.1:11211' ] };
- if ( my $data = $memd->get($token) ) {
-
- my $saml;
- foreach ( split(/[\n\r]+/,$data) ) {
- my ($n,$v) = split /=/, $_;
- $saml->{$n} = $v;
- }
-
- my $categorycode =
- $saml->{ATTR_code} =~ m/^\d{10}$/ ? 'S' : # JMBAG
- $saml->{ATTR_code} =~ m/^\w\w\d+/ ? 'D' :
- 'O';
-
- if ( $borrowernumber = getborrowernumber($saml->{ATTR_nick}) ) {
- warn "SAML login OK $borrowernumber";
- } else {
- my $borrower = {
- cardnumber => $categorycode . $saml->{ATTR_code},
- categorycode => $categorycode,
-
- userid => $saml->{ATTR_nick},
- firstname => $saml->{ATTR_first_name},
- surname => $saml->{ATTR_last_name},
- branchcode => 'SRE', # FIXME
- email => $saml->{ATTR_email},
- dateexpiry => '2020-12-13',
- password => $token, # required so AddMember won't erase userid
- };
-
- AddMember( %$borrower );
-
- warn "ADDED $data";
-
- $borrowernumber = getborrowernumber($borrower->{userid}); # || die "can't find borrower number for $borrower->{userid}";
- }
-
- $borr = GetMemberDetails( $borrowernumber ); # || die "can't find borrower $borrowernumber";
- } else {
- die "Can't find SAML token $token for user $user\n";
- }
- } else {
- die "Can't find SAML token for user $user\n" unless $borr;
- }
- }
-
my @bordat;
$bordat[0] = $borr;
$template->param( "USER_INFO" => \@bordat );
my $logout = $query->param('logout.x');
$userid = $ENV{'REMOTE_USER'};
- if ( $userid && $userid ne '_everyone' ) { # anonymous SAML user
- # Using Basic Authentication, no cookies required
- $cookie = $query->cookie(
- -name => 'CGISESSID',
- -value => '',
- -expires => ''
- );
- $loggedin = 1;
+ $sessionID = $query->cookie("CGISESSID");
+
+ if ( $sessionID && $userid ) {
+ my $s = get_session($sessionID);
+ if ( $s->param('sessiontype') eq 'anon' ) {
+ undef $sessionID; # remove anonymous session if we have SAML user
+ }
+ }
+
+ if ( ! $sessionID && $userid && $userid ne '_everyone' ) { # anonymous SAML user
warn "# userid: $userid";
+
+ # create new user from SAML data
+ if ( my $token = $query->cookie('AuthMemCookie') ) {
+
+ my $memd = new Cache::Memcached { 'servers' => [ '127.0.0.1:11211' ] };
+ if ( my $data = $memd->get($token) ) {
+
+ my $saml;
+ foreach ( split(/[\n\r]+/,$data) ) {
+ my ($n,$v) = split /=/, $_;
+ $saml->{$n} = $v;
+ }
+
+ my $categorycode =
+ $saml->{ATTR_code} =~ m/^\d{10}$/ ? 'S' : # JMBAG
+ $saml->{ATTR_code} =~ m/^\w\w\d+/ ? 'D' :
+ 'O';
+
+ if ( my $borrowernumber = getborrowernumber($saml->{ATTR_nick}) ) {
+ warn "SAML login OK $borrowernumber";
+ } else {
+ my $borrower = {
+ cardnumber => $categorycode . $saml->{ATTR_code},
+ categorycode => $categorycode,
+
+ userid => $saml->{ATTR_nick},
+ firstname => $saml->{ATTR_first_name},
+ surname => $saml->{ATTR_last_name},
+ branchcode => 'SRE', # FIXME
+ email => $saml->{ATTR_email},
+ dateexpiry => '2020-12-13',
+ password => $token, # required so AddMember won't erase userid
+ };
+
+ AddMember( %$borrower );
+
+ warn "ADDED $data";
+
+ }
+
+ # Create session for SAML user
+
+ my $sql = qq{
+ SELECT
+ borrowernumber as number,
+ userid as id,
+ cardnumber,
+ firstname,
+ surname,
+ borrowers.branchcode as branch,
+ branches.branchname as branchname,
+ flags,
+ email as emailaddress
+ FROM borrowers
+ LEFT JOIN branches on borrowers.branchcode=branches.branchcode
+ where userid=?
+ };
+ my $sth = $dbh->prepare($sql);
+ $sth->execute( $userid );
+ die "can't find $userid" unless $sth->rows;
+
+ my $session = get_session('') or die "can't create session";
+ my $sessionID = $session->id;
+ C4::Context->_new_userenv($sessionID);
+ $cookie = $query->cookie(CGISESSID => $sessionID);
+
+ my $row = $sth->fetchrow_hashref;
+
+ $session->param( $_ => $row->{$_} ) foreach keys %$row;
+
+ $session->param('ip', $ENV{'REMOTE_ADDR'});
+ $session->param('lasttime',time());
+
+ C4::Context::set_userenv(
+ $session->param('number'), $session->param('id'),
+ $session->param('cardnumber'), $session->param('firstname'),
+ $session->param('surname'), $session->param('branch'),
+ $session->param('branchname'), $session->param('flags'),
+ $session->param('emailaddress'), $session->param('branchprinter')
+ );
+
+ my $row_count = 10; # FIXME:This probably should be a syspref
+ my ($total, $totshelves, $barshelves, $pubshelves);
+ ($barshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(1, $row_count, $session->param('number'));
+ $total->{'bartotal'} = $totshelves;
+ ($pubshelves, $totshelves) = C4::VirtualShelves::GetRecentShelves(2, $row_count, undef);
+ $total->{'pubtotal'} = $totshelves;
+ $session->param('barshelves', $barshelves);
+ $session->param('pubshelves', $pubshelves);
+ $session->param('totshelves', $total);
+
+ C4::Context::set_shelves_userenv('bar',$barshelves);
+ C4::Context::set_shelves_userenv('pub',$pubshelves);
+ C4::Context::set_shelves_userenv('tot',$total);
+
+ $loggedin = 1;
+
+ } else {
+ die "Can't find SAML token $token for user $userid\n";
+ }
+ } else {
+ die "Can't find SAML token for user $userid\n";
+ }
+
}
elsif ( $sessionID = $query->cookie("CGISESSID")) { # assignment, not comparison
my $session = get_session($sessionID);