Giter Club home page Giter Club logo

limesurvey-saml-authentication's People

Contributors

audiovisuel-uqam avatar

Stargazers

avatar avatar avatar avatar

Watchers

avatar

Forkers

auth-it-center audiovisuel-uqam e-ucm

limesurvey-saml-authentication's Issues

Compatibility with 4.0

Hello !

I can't get it to appear in the plugin manager on a fresh 4 install.
Did you already tried it on a 4 ?
Do you think that there is a lot of work to make it compatible ?

Thanks a lot !

Error with authentication source 'limesurvey': Unknown authentication source.

Hello,

I've configured simplesamlphp and was able to log in using the simplesaml test login but when I installed the plugin in limesurvey I get the following error:
"Error with authentication source 'limesurvey': Unknown authentication source."

Do you have any suggestions? I am having troubling trouble finding info on google about this.

My code is 99% the same as what is in the repo except I changed the path to 'C:\xampp\htdocs\simplesamlphp' and also here ' $simplesamlphp_path = $this->get('simplesamlphp_path', null, null, 'C:\xampp\htdocs\simplesamlphp');'. I suspect that this line is the issue but I don't know what to do with it. Thank you very much!

`<?php
/*

*/
class AuthSAML extends LimeSurvey\PluginManager\AuthPluginBase
{
protected $storage = 'DbStorage';
protected $ssp = null;

static protected $description = 'Core: SAML authentication';
static protected $name = 'SAML';

protected $settings = array(
    'simplesamlphp_path' => array(
        'type' => 'string',
        'label' => 'Path to the SimpleSAMLphp folder',
        'default' => 'C:\xampp\htdocs\simplesamlphp',
    ),
    'saml_authsource' => array(
        'type' => 'string',
        'label' => 'SAML authentication source',
        'default' => 'default-sp',
    ),
    'saml_uid_mapping' => array(
        'type' => 'string',
        'label' => 'SAML attributed used as username',
        'default' => 'uid',
    ),
    'saml_mail_mapping' => array(
        'type' => 'string',
        'label' => 'SAML attributed used as email',
        'default' => 'mail',
    ),
    'saml_name_mapping' => array(
        'type' => 'string',
        'label' => 'SAML attributed used as name',
        'default' => 'cn',
    ),
    'auto_update_users' => array(
        'type' => 'checkbox',
        'label' => 'Auto update users',
        'default' => true,
    ),
);

public function init() {
    
    $this->subscribe('getGlobalBasePermissions');
    $this->subscribe('beforeLogin');
    $this->subscribe('beforeLogout');
    $this->subscribe('newUserSession');
}

/**
 * Add AuthLDAP Permission to global Permission
 */
public function getGlobalBasePermissions()
{
    $this->getEvent()->append('globalBasePermissions', array(
        
        
        'auth_saml' => array(
            'create' => false,
            'update' => false,
            'delete' => false,
            'import' => false,
            'export' => false,
            'title' => gT("Use SAML authentication"),
            'description' => gT("Use SAML authentication"),
            'img' => 'usergroup'
        ),
    ));
}

public function beforeLogin() {
    
    $ssp = $this->get_saml_instance();
    $ssp->requireAuth();
    
    if ($ssp->isAuthenticated()) {
        $this->setAuthPlugin();
        $this->newUserSession();
    }
}

public function beforeLogout() {
    $ssp = $this->get_saml_instance();
    
    if ($ssp->isAuthenticated()) {
        $ssp->logout();
    }
}

public function newUserSession() {
	
    $ssp = $this->get_saml_instance();
    
    if ($ssp->isAuthenticated()) {
        
        $sUser = $this->getUserName();
        $name = $this->getUserCommonName();
        $mail = $this->getUserMail();
        $oUser = $this->api->getUserByName($sUser);
        
        if (is_null($oUser)) {
            
            // Create new user
			$oUser = new User;
            $oUser->users_name = $sUser;
            $oUser->setPassword(createPassword());
            $oUser->full_name = $name;
            $oUser->parent_id = 1;
            $oUser->email = $mail;
            
            if ($oUser->save()) {
                $permission = new Permission;
                Permission::model()->setGlobalPermission($oUser->uid, 'auth_saml');
                Permission::model()->setGlobalPermission($oUser->uid, 'surveys', array('create_p'));
				
                $oUser = $this->api->getUserByName($sUser);
                $this->pluginManager->dispatchEvent(new PluginEvent('newUserLogin', $this));
                $this->setAuthSuccess($oUser);
                return;
    		}

        	else {
            	$this->setAuthFailure(self::ERROR_USERNAME_INVALID);
        	}	            
        }
        
        else {
	            
	        // *** Update user ***
            $auto_update_users = $this->get('auto_update_users', null, null, true);
            
            if ($auto_update_users) {
                $changes = array (
                    'full_name' => $name, 
                    'email' => $mail,
                );
                
                User::model()->updateByPk($oUser->uid, $changes);
                $oUser = $this->api->getUserByName($sUser);
            }
	        $this->setAuthSuccess($oUser);     
        }
    }
}

/**
 * Initialize SAML authentication
 * @return void
 */
protected function get_saml_instance() {
    
    if ($this->ssp == null) {
        
        $simplesamlphp_path = $this->get('simplesamlphp_path', null, null, 'C:\xampp\htdocs\simplesamlphp');
        
        require_once($simplesamlphp_path.'/lib/_autoload.php');
        
        $saml_authsource = $this->get('saml_authsource', null, null, 'limesurvey');
        
        $this->ssp = new \SimpleSAML\Auth\Simple($saml_authsource);
    }
    
    return $this->ssp;
}

/**
 * Get Userdata from SAML Attributes
 * @return void
 */
public function getUserName() {
    
    if ($this->_username == null) {
        $ssp = $this->get_saml_instance();
        $attributes = $this->ssp->getAttributes();
        if (!empty($attributes)) {
            $saml_uid_mapping = $this->get('saml_uid_mapping', null, null, 'uid');
            if (array_key_exists($saml_uid_mapping , $attributes) && !empty($attributes[$saml_uid_mapping])) {
                $username = $attributes[$saml_uid_mapping][0];
                $this->setUsername($username);
            }
        }
    }
    
    return $this->_username;
}

public function getUserCommonName() {
    
    $name = '';
    $ssp = $this->get_saml_instance();
    $attributes = $this->ssp->getAttributes();
    if (!empty($attributes)) {
        $saml_name_mapping = $this->get('saml_name_mapping', null, null, 'cn');
        if (array_key_exists($saml_name_mapping , $attributes) && !empty($attributes[$saml_name_mapping])) {
            $name = $attributes[$saml_name_mapping][0];
        }
    }
    
    return $name;
}

public function getUserMail() {
    
    $mail = '';
    $ssp = $this->get_saml_instance();
    $attributes = $this->ssp->getAttributes();
    if (!empty($attributes)) {
        $saml_mail_mapping = $this->get('saml_mail_mapping', null, null, 'mail');
        if (array_key_exists($saml_mail_mapping , $attributes) && !empty($attributes[$saml_mail_mapping])) {
            $mail = $attributes[$saml_mail_mapping][0];
        }
    }
    
    return $mail;
}

}`

Too many redirects after corect SAML login

I try to use your plugin with LS Version 3.19.3+191023.
I installed simplesamlPHP as SP inside LS (https://survey.occitanie-en-scene.fr/simplesaml). This SP works well and correctly connects with our IDP. With a direct connect on simplsaml SP page I obtain all my attributes.
After that I installed and activated your login, after changing the path of my SP with the correct path.
SAML connection with our IDP seems to work, and user is created on Limesurvey table.
But it's impossible to access to the back office, with a problem like "too many redirects".
Any idea to solve this issue ?
And many thanks for your work !

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.