Google Git
Sign in
apache / vcl / refs/heads/VCL-1086_modular_web_authentication
commitaeb81d143d3ed20103c35962db614e9422d7e6ba[log] [tgz]
authorJosh Thompson <jfthomps@ncsu.edu>Fri Apr 19 16:12:50 2019 -0400
committerJosh Thompson <jfthomps@ncsu.edu>Fri Apr 19 16:12:50 2019 -0400
tree57834c1071ff5c480d1f4ea89290a23ab53ec626
parentcf065939dae37cc47e46c6b869960c3234c85614 [diff]
VCL-1086 - improve modularization of authentication

authentication.php:
-added $authFuncs['local'] array to top of file
-modified getAuthCookieData: changed argument list from ($loginid, $valid) to ($loginid, $authtype, $valid, $shibauthid); added $authtype to data that is encrypted as 4th item
-modified readAuthCookie: added more checks for cookie being invalid - if invalid, clear VCLAUTH cookie so user will be redirected back to login screen; decrypt encrypted data based on new number of parameters
-added getAuthTypeFromAuthCookie
-moved ldapLogin to authmethods/ldapauth.php
-modified localLogin: added 'local' as 2nd argument when calling getAuthCookieData
-added unauthLocal

itecsauth.php:
-added $authFuncs['itecs'] array to top of file
-added testITECSAuth
-added processITECSAuth
-added unauthITECS

ldapauth.php:
-added $authFuncs['ldap'] array to top of file
-added unauthLDAP
-moved ldapLogin from authentication.php to here

shibauth.php:
-moved login code from vcl/shibauth/index.php to here
-moved logout code from utils.php to here
-added $authFuncs['shibboleth'] array to top of file
-added testShibAuth
-added processShibAuth (mostly stuff from shibauth/index.php)
-added unauthShib (contains stuff from utils.php logout)
-added getShibauthDataByUser
-modified updateShibUser: utilize getShibVar to process data passed in
from Shibboleth
-modified updateShibGroups: added additional attempt to get id from affiliation table to use a wildcard with $shibaffil if first attempt fails
-added getShibVar

conf-default.php: removed "shibauth/" from example URL for Shibboleth authentication

utils.php: modified sendHeaders: moved shibboleth logout code to shibauth.php and updated to use $authFuncs array and $authtype from getAuthTypeFromCookie to call correct logout functions

shibauth/index.php:
-moved code to authmethods/shibauth.php
-replaced everything with a simple redirect to the main index page; this script no longer needs to be called - IdP's can redirect straight back to the main index page now
7 files changed
tree: 57834c1071ff5c480d1f4ea89290a23ab53ec626
  1. managementnode/
  2. mysql/
  3. web/
  4. CHANGELOG
  5. doap_vcl.rdf
  6. INSTALLATION
  7. LICENSE
  8. NOTICE
  9. README
  10. RELEASE_NOTES
  11. UPGRADE
  12. vcl-install.sh
  13. vcl-upgrade.sh