Getting more infos about cas authenticatd users possible ?
-
Hello,
I wonder if it is possible to get more infos about the users using CAS authentification. For the moment, the addon get the email, user id, name, first name.
Thanks in advance for your answer.
-
I had a look to the authorizer.php file. On line 884 we have this code:
$cas_attributes = phpCAS::getAttributes();
This array could be used to fetch any attribute. But how should I do this when I want to get it in one of my theme files?
For information, I would like to get this element of the array:
$cas_attributes['eduPersonPrimaryAffiliation']
I should be able to get into the authentication process to store this data into a session variable for instance. Should thi be possible by adding some filter or action in my functions.php file?I really need the eduPersonPrimaryAffiliation attribute so I changed the core of authorizer.php to store it in a session variable I can access any time I want in my theme files (I’m starting a session in the functions.php file). The line I added to authorizer:
AFTER:// Retrieve the user attributes (e.g., email address, first name, last name) from the CAS server. $cas_attributes = phpCAS::getAttributes();
ADD:
$_SESSION[‘cas_attributes’] = $cas_attributes;This is a temporary solution as it won’t be preserved after plugin update. But I would appreciate if you could implement in authorizer something that could be used to get the attributes in th theme templates.
Thanks in advance.
I added a filter hook where you can inspect the attributes returned from CAS. You can return false in your filter to block access to a user, if needed. You can also add your $_SESSION code here, like:
$_SESSION['cas_attributes'] = $user_data['cas_attributes'];
Here’s a full example:
/** * Filter whether to block the currently logging in user based on any of their * user attributes. * * @param bool $allow_login Whether to block the currently logging in user. * @param array $user_data User data returned from external service. */ function check_cas_attributes( $allow_login, $user_data ) { // Block access to CAS logins from library guests. if ( isset( $user_data['cas_attributes']['eduPersonPrimaryAffiliation'] ) && 'library-walk-in' === $user_data['cas_attributes']['eduPersonPrimaryAffiliation'] ) { $allow_login = false; } return $allow_login; } add_filter( 'authorizer_allow_login', 'check_cas_attributes', 10, 2 );
This will be included in the next release.
https://github.com/uhm-coe/authorizer/commit/20a5e86d3191a8fde88a68b1bdd53f2fc079b0b8Hey, great!
Thanks a lot! 🙂I would like to give the current version on github a try. Could you please tell me wich version number you will use for the next version (I guess 2.4.1). I’m asking because I would like to set the version I will install form github to a lower level (let’s say 2.4.0.1) just to be sure it will be updated when you release the official version 😉
Thanks in advance.Next version will probably be 2.5.0 because I’m lumping together a bunch of updates.
You should be able to use the github version without editing any version numbers. I leave the version number at the previous version until I’m ready to release a new version on wordpress.org. You’ll still be able to use the built-in WordPress plugin updater when the new version gets released (it will just delete the github version and replace it with the newer version from wordpress.org).
For example, I test the github version on several of my production instances before releasing the new version, so I do:
$ cd /var/www/wp-content/plugins $ sudo -u www-data git clone https://github.com/uhm-coe/authorizer.git authorizer_github $ sudo mv authorizer /tmp && sudo mv authorizer_github authorizer
That just clones the github version into a temporary directory, then moves the old official version into /tmp and puts the newer github version in its place.
Thanks for clarifying that.
I will let the version number as is.
Keep going forward on this good plugin. By the way, will this 2.5.0 version be localized?That’s the plan! I’m trying to incorporate the translations from you and Eduardo sometime this week. Will keep you posted.
- The topic ‘Getting more infos about cas authenticatd users possible ?’ is closed to new replies.