}
else { # if this is an anonymous session, setup to display public lists...
- # If shibboleth is enabled, and we're in an anonymous session, we should allow
+ # If shibboleth is enabled, and we're in an anonymous session, we should allow
# the user to attemp login via shibboleth.
- if ( $shib ) {
- $template->param( shibbolethAuthentication => $shib,
+ if ( $shib ) {
+ $template->param( shibbolethAuthentication => $shib,
shibbolethLoginUrl => login_shib_url($in->{'query'}),
);
# If shibboleth is enabled and we have a shibboleth login attribute,
}
elsif ($logout) {
# voluntary logout the user
- # check wether the user was using their shibboleth session or a local one
+ # check wether the user was using their shibboleth session or a local one
my $shibSuccess = C4::Context->userenv->{'shibboleth'};
$session->delete();
$session->flush;
|| $persona )
{
my $password = $query->param('password');
- my $shibSuccess = 0;
+ my $shibSuccess = 0;
my ( $return, $cardnumber );
- # If shib is enabled and we have a shib login, does the login match a valid koha user
+ # If shib is enabled and we have a shib login, does the login match a valid koha user
if ( $shib && $shib_login && $type eq 'opac' ) {
my $retuserid;
- # Do not pass password here, else shib will not be checked in checkpw.
+ # Do not pass password here, else shib will not be checked in checkpw.
( $return, $cardnumber, $retuserid ) = checkpw( $dbh, $userid, undef, $query );
$userid = $retuserid;
- $shibSuccess = $return;
+ $shibSuccess = $return;
$info{'invalidShibLogin'} = 1 unless ($return);
}
- # If shib login and match were successfull, skip further login methods
- unless ( $shibSuccess ) {
- if ( $cas && $query->param('ticket') ) {
+ # If shib login and match were successfull, skip further login methods
+ unless ( $shibSuccess ) {
+ if ( $cas && $query->param('ticket') ) {
my $retuserid;
( $return, $cardnumber, $retuserid ) =
checkpw( $dbh, $userid, $password, $query );
( $return, $cardnumber, $retuserid ) =
checkpw( $dbh, $userid, $password, $query );
$userid = $retuserid if ( $retuserid );
- $info{'invalid_username_or_password'} = 1 unless ($return);
+ $info{'invalid_username_or_password'} = 1 unless ($return);
} }
if ($return) {
#_session_log(sprintf "%20s from %16s logged in at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime));
$session->param('emailaddress',$emailaddress);
$session->param('ip',$session->remote_addr());
$session->param('lasttime',time());
- $session->param('shibboleth',$shibSuccess);
+ $session->param('shibboleth',$shibSuccess);
$debug and printf STDERR "AUTH_4: (%s)\t%s %s - %s\n", map {$session->param($_)} qw(cardnumber firstname surname branch) ;
}
elsif ( $return == 2 ) {
package C4::Auth_with_shibboleth;
-# Copyright 2011 BibLibre
+# Copyright 2014 PTFS Europe
#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use strict;
use warnings;
BEGIN {
require Exporter;
- $VERSION = 3.03; # set the version for version checking
+ $VERSION = 3.03; # set the version for version checking
$debug = $ENV{DEBUG};
@ISA = qw(Exporter);
- @EXPORT = qw(shib_ok logout_shib login_shib_url checkpw_shib get_login_shib);
+ @EXPORT =
+ qw(shib_ok logout_shib login_shib_url checkpw_shib get_login_shib);
}
# Check that shib config is not malformed
sub shib_ok {
my $config = _get_shib_config();
- if ( $config ) {
+ if ($config) {
return 1;
}
# Returns shibboleth user login
sub get_login_shib {
- # In case of a Shibboleth authentication, we expect a shibboleth user attribute
- # to contain the login match point of the shibboleth-authenticated user. This match
- # point is configured in koha-conf.xml
+# In case of a Shibboleth authentication, we expect a shibboleth user attribute
+# to contain the login match point of the shibboleth-authenticated user. This match
+# point is configured in koha-conf.xml
- # Shibboleth attributes are mapped into http environmement variables, so we're getting
- # the match point of the user this way
+# Shibboleth attributes are mapped into http environmement variables, so we're getting
+# the match point of the user this way
# Get shibboleth config
my $config = _get_shib_config();
my $matchAttribute = $config->{mapping}->{ $config->{matchpoint} }->{is};
- $debug and warn $matchAttribute . " value: " . $ENV{ $matchAttribute };
+ $debug and warn $matchAttribute . " value: " . $ENV{$matchAttribute};
- return $ENV{ $matchAttribute } || '';
+ return $ENV{$matchAttribute} || '';
}
# Checks for password correctness
my $config = _get_shib_config();
$debug and warn "User Shibboleth-authenticated as: $match";
- # Does the given shibboleth attribute value ($match) match a valid koha user ?
- my $sth = $dbh->prepare("select cardnumber, userid from borrowers where $config->{matchpoint}=?");
+ # Does the given shibboleth attribute value ($match) match a valid koha user ?
+ my $sth = $dbh->prepare(
+ "select cardnumber, userid from borrowers where $config->{matchpoint}=?"
+ );
$sth->execute($match);
if ( $sth->rows ) {
my @retvals = $sth->fetchrow;
$retnumber = $retvals[0];
- $userid = $retvals[1];
+ $userid = $retvals[1];
return ( 1, $retnumber, $userid );
}
# If we reach this point, the user is not a valid koha user
- $debug and warn "User with $config->{matchpoint} of $match is not a valid Koha user";
+ $debug
+ and warn
+ "User with $config->{matchpoint} of $match is not a valid Koha user";
return 0;
}