--- /dev/null
+package OpenILS::Application::AuthProxy::CAS_Auth_Conifer;
+use strict;
+use warnings;
+use base 'OpenILS::Application::AuthProxy::AuthBase';
+use OpenILS::Event;
+use OpenSRF::Utils::SettingsClient;
+use OpenSRF::Utils::Logger qw(:logger);
+use LWP::UserAgent;
+
+sub authenticate {
+ my ( $self, $args ) = @_;
+
+ my $ticket = $args->{'ticket'};
+ my $cas_validate_url = $self->{'cas_validate_url'};
+ my $cas_service = $self->{'cas_service'};
+ my $cas_suffix = $self->{'cas_suffix'};
+ my $login_succeeded = 0;
+
+ if ($ticket && $cas_validate_url && $cas_service) {
+ my $ua = LWP::UserAgent->new;
+
+ # We can now go to the service with this ticket.
+ my $response = $ua->get( $cas_validate_url . '?ticket=' . $ticket . '&service=' . $cas_service);
+
+ if ($response->is_success) {
+ my $content_str = $response->as_string;
+ # Does this ever vary? Every example seems to use this namespace
+ $content_str =~ /<cas:user>(.*)<\/cas:user>/;
+ my $username = $1;
+ if ($username) {
+ # The suffix is typically for e-mail
+ if ($cas_suffix) {
+ $username = $username . $cas_suffix;
+ }
+ # We now set the username
+ $args->{username} = $username;
+ # and add a flag for this type of authentication
+ $login_succeeded = 1;
+ }
+ }
+ }
+
+ if ( $login_succeeded ) {
+ return OpenILS::Event->new('SUCCESS');
+ } elsif ( !$ticket ) {
+ $logger->debug("CAS User login failed: Missing ticket");
+ return OpenILS::Event->new( 'LOGIN_FAILED' );
+ } elsif ( !$cas_validate_url || !$cas_service) {
+ $logger->debug("CAS User login failed: The CAS configuration is not complete");
+ return OpenILS::Event->new( 'LOGIN_FAILED' );
+ } else {
+ $logger->debug("CAS User login failed: invalid username or CAS ticket");
+ return OpenILS::Event->new( 'LOGIN_FAILED' );
+ }
+}
+
+1;
return $self->load_cache_clear if $path =~ m|opac/cache/clear|;
return $self->load_temp_warn_post if $path =~ m|opac/temp_warn/post|;
return $self->load_temp_warn if $path =~ m|opac/temp_warn|;
+ # added for CAS support - we probably want a place to explain why someone is being
+ # redirected to a third party site
+ return $self->load_cas_intro if $path =~ m|opac/cas_intro|;
+
# ----------------------------------------------------------------
# Everything below here requires SSL
return Apache2::Const::OK;
}
+sub load_cas_intro {
+ my $self = shift;
+ $self->ctx->{'redirect_to'} = $self->cgi->param('redirect_to');
+ return Apache2::Const::OK;
+}
+
1;
--- /dev/null
+[% PROCESS "opac/parts/header.tt2";
+ PROCESS "opac/parts/misc_util.tt2";
+ WRAPPER "opac/parts/base.tt2";
+ INCLUDE "opac/parts/topnav.tt2";
+
+ cas_alert = l('You have selected CAS Authentication. This will use your campus userid (also known as login or user name).');
+ ctx.page_title = l("CAS Information") -%]
+ <div id="content-wrapper">
+ <div id="main-content">
+ <div style="height:20px;"></div>
+ <table cellpadding="0" cellspacing="0" border="0">
+ <tr>
+ <td valign="top" width="676" class="login_boxes left_brain">
+ <table cellpadding="10" cellspacing="0" border="0"
+ width="100%">
+ <tr>
+ <td colspan="2" style="padding-bottom: 10px;">
+ <h1>[% cas_alert %]</h1>
+ <br /><br />
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" style="padding-bottom: 10px;">
+ <a href="[% ctx.cas.url %]"
+ class="opac-button opac-button-header" id="home_myopac_link">
+ [% l('Continue to Your Account with Your CAS ID') %]
+ </a>
+ <br /><br />
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+ <div style="height:20px;"></div>
+ </div>
+ </div>
+[% END %]
# ctx.refworks.url = 'http://librweb.laurentian.ca/login?url=http://refworks.scholarsportal.info';
##############################################################################
+# CAS support
+##############################################################################
+# Specify CAS URL for Login
+# ctx.cas.url = 'https://myorg.org/cas/login?service=https://mylibrary.org/eg/opac/login';
+# Specify CAS URL for Logout
+# ctx.cas.logout = 'https://myorg.org/cas/logout';
+
+##############################################################################
# OpenURL resolution
##############################################################################
# Evergreen provides the ability to point at an OpenURL resolver to find
--- /dev/null
+[% PROCESS "opac/parts/header.tt2";
+ PROCESS "opac/parts/misc_util.tt2";
+ WRAPPER "opac/parts/base.tt2";
+ INCLUDE "opac/parts/topnav.tt2";
+ ctx.page_title = l("CAS Information") %]
+ <div id="content-wrapper">
+ <div id="main-content">
+ <div style="height:20px;"></div>
+ <table cellpadding="0" cellspacing="0" border="0">
+ <tr>
+ <td valign="top" width="676" class="login_boxes left_brain">
+ <table cellpadding="10" cellspacing="0" border="0"
+ width="100%">
+ <tr>
+ <td colspan="2" style="padding-bottom: 10px;">
+ <h1>
+ [%
+ l('You have selected UWin ID Authentication. This will use your ');
+ l('University of Windsor userid (also known as login or user name). ');
+ l('It appears on the front of the ');
+ %] <strong>@</strong> [%
+ l('sign in your University of Windsor e-mail address and it is being ');
+ l('used as login name for most University computer systems.');
+ %]
+ </h1>
+ <br /><br />
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2" style="padding-bottom: 10px;">
+ <a href="[% ctx.cas.url %]"
+ class="opac-button opac-button-header" id="home_myopac_link">
+ [% l('Continue to Your Account with Your UWind ID') %]
+ </a>
+ <br /><br />
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+ <div style="height:20px;"></div>
+ </div>
+ </div>
+[% END %]
projects / contrib / Conifer.git / commitdiff