In den nächsten Tagen folgen noch die Adapter für tine20.org und Roundcube.
Code, damit das aktuelle Mediawiki mit dem SingleSignOn für TYPO3 funktioniert.
<?php
/*
* Signature-Based Single Sign-On Framework
* TPA Adapter for
* Mediawiki ( http://wikipedia.sourceforge.net )
*
* Version : 0.4
* Last update : 29.12.2009
* License : GPL
*
* (c) Kay Strobach, Bannewitz, Germany
* http://www.kay-strobach.de
*/
//tell mediawiki, that it's startet properly
define( 'MEDIAWIKI', true );
//disable transactions -> there where problems with them ...
define('DBO_TRX' , false);
//include libs
$IP = dirname(__FILE__);
include_once(dirname(__FILE__).'/includes/WebStart.php');
//load db
$wgDatabase = Database::newFromParams( $wgDBserver, $wgDBuser , $wgDBpassword, $wgDBname, 1 );
/**
* function which is called after including this file in the SSO-Agent.
*
* @param
* User_Name string Username the Session will be created for
* remote_addr string Remoteaddress of the users system
* agent string Browser
* sso_url string Url where the user will be redirected after establishing a session for him
*
* @return string return the session data
*
* Leave stubs if you dont need all four params.
*/
function sso($User_Name,$remote_addr,$agent,$sso_url,$sso_version="",$sso_action="",$sso_userdata="") {
//do basic check
if ($sso_version == "") return array("Error"=>"sso version out of date");
//unpack userdata
$sso_userdata = process_userdata($sso_userdata);
//init global vars
global $wgDefaultUserOptionsEn;
global $wgNamespacesToBeSearchedDefault;
global $wgDeferredUpdateList;
global $wgAuth;
global $wgUser;
global $wgLang;
global $wgTitle;
global $wgMemc;
global $wgDBserver,$wgDBname,$wgDBuser,$wgDBpassword;
global $wgCookieExpiration, $wgCookiePath, $wgCookieDomain;
global $trans;
global $wgInputEncoding;
global $wgCapitalLinks;
global $wgUseLatin1, $IP;
global $wgDefaultUserOptions;
global $wgLoadBalancer;
global $wgContLang;
global $wgVersion;
global $wgRequest;
global $wgDatabase;
global $wgCommandLineMode;
global $wgPostCommitUpdateList;
// load configuration
#include_once(dirname(__FILE__).'/index.php');
// Memcached support; for the session setup, use the fake one
//Language::loadLocalisation('en',true);
//init auth plugin
$wgAuth = new AuthPlugin();
// Initialize MediaWiki base class
$wgRequest = new WebRequest();
$action = $wgRequest->getVal( 'action', 'view' );
$title = $wgRequest->getVal( 'title' );
//react on action
$User_Name = USER::getCanonicalName($User_Name,false);
switch($sso_action){
case 'create_modify':
$wgUser = User::newFromName( $User_Name );
if( is_null( $wgUser ) ) {
return;
}
if($wgUser->idForName()==0) {
$wgUser->addToDatabase();
}
//setup user credentials
$wgUser->setName($User_Name);
$wgUser->setEmail($sso_userdata['email']);
$wgUser->setRealName($sso_userdata['name']);
$wgUser->setPassword( md5(microtime(true)) );
//trust the tpa email
$wgUser->confirmEmail();
//check wether user isAdmin -> if yes add to group admin
//save user data
$wgUser->saveSettings();
break;
// perform logon for given $User_Name
case 'logon':
//getUserId
$wgUser = User::newFromName( $User_Name );
if( is_null( $wgUser ) ) {
return array("Error"=>"no account for this user - object not initiated");
}
$id = $wgUser->idForName();
// check if user exists in db
if ($id=="0") {
// no user found, return error
$error=array("Error" => "no account for this user - id==0");
return $error;
}
else {
$wgUser->setId( $id );
$wgUser->loadFromDatabase();
wfSetupSession();
$wgUser->saveSettings();
// valid username, start the session
$wgUser->setOption( "rememberpassword", "0" );
$wgUser->setCookies();
// prepare sessiondata return-values
// Sessiondata is stored in this Format :
// Array(
// [redirecturl] => $redirecturl
// [0] => Array(
// "CookieName" => $cookiename
// "CookieValue" => $cookievalue
// "CookieExpires" => $expires
// )
// [1] => Array(
// "Cookiename" => $cookiename
// ... and so on
// )
// [1] if you need to pass more than one cookie
//
$return_val[0] = array();
$return_val += array( "redirecturl" => $sso_url.'?'.session_name().'='.session_id());
#print_r($return_val);
// pass session data to the SSO-Agent
#die('<a href="'.$return_val['redirecturl'].'">link</a>');
return $return_val;
}
break;
}
}
/*
* return the protocol version
*/
function get_version(){
return "2.0";
}
/*
* process the userdata string and return an associative array
*
* @param string $sso_userdata: the data from fe_users (pipe-separated)
* @return array $data: the userdata
*/
function process_userdata($sso_userdata){
$sso_userdata = split("\|",$sso_userdata);
for ($i=0;$i<count($sso_userdata);$i++) {
$sso_userdata[$i]=split("=",$sso_userdata[$i]);
$data[$sso_userdata[$i][0]]=$sso_userdata[$i][1];
}
unset ($sso_userdata);
return $data;
}
?>