From: Art Rhyno Date: Tue, 14 May 2013 03:12:42 +0000 (-0400) Subject: Fix up some missing CAS components X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=refs%2Fheads%2Fuser%2Fartunit%2Fadd_back_cas_2_4;p=contrib%2FConifer.git Fix up some missing CAS components Not sure what happened here, but the original CAS commit might not have been to Conifer. Making this a working branch for now to sort out test environment. Signed-off-by: Art Rhyno --- diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy/CAS_Auth_Conifer.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy/CAS_Auth_Conifer.pm new file mode 100644 index 0000000000..4ba3d0d6f9 --- /dev/null +++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy/CAS_Auth_Conifer.pm @@ -0,0 +1,57 @@ +package OpenILS::Application::AuthProxy::CAS_Auth_Conifer; +use strict; +use warnings; +use base 'OpenILS::Application::AuthProxy::AuthBase'; +use OpenILS::Event; +use OpenSRF::Utils::SettingsClient; +use OpenSRF::Utils::Logger qw(:logger); +use LWP::UserAgent; + +sub authenticate { + my ( $self, $args ) = @_; + + my $ticket = $args->{'ticket'}; + my $cas_validate_url = $self->{'cas_validate_url'}; + my $cas_service = $self->{'cas_service'}; + my $cas_suffix = $self->{'cas_suffix'}; + my $login_succeeded = 0; + + if ($ticket && $cas_validate_url && $cas_service) { + my $ua = LWP::UserAgent->new; + + # We can now go to the service with this ticket. + my $response = $ua->get( $cas_validate_url . '?ticket=' . $ticket . '&service=' . $cas_service); + + if ($response->is_success) { + my $content_str = $response->as_string; + # Does this ever vary? Every example seems to use this namespace + $content_str =~ /(.*)<\/cas:user>/; + my $username = $1; + if ($username) { + # The suffix is typically for e-mail + if ($cas_suffix) { + $username = $username . $cas_suffix; + } + # We now set the username + $args->{username} = $username; + # and add a flag for this type of authentication + $login_succeeded = 1; + } + } + } + + if ( $login_succeeded ) { + return OpenILS::Event->new('SUCCESS'); + } elsif ( !$ticket ) { + $logger->debug("CAS User login failed: Missing ticket"); + return OpenILS::Event->new( 'LOGIN_FAILED' ); + } elsif ( !$cas_validate_url || !$cas_service) { + $logger->debug("CAS User login failed: The CAS configuration is not complete"); + return OpenILS::Event->new( 'LOGIN_FAILED' ); + } else { + $logger->debug("CAS User login failed: invalid username or CAS ticket"); + return OpenILS::Event->new( 'LOGIN_FAILED' ); + } +} + +1; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm index 74c0700da2..5ffc5e9760 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm @@ -133,6 +133,10 @@ sub load { return $self->load_cache_clear if $path =~ m|opac/cache/clear|; return $self->load_temp_warn_post if $path =~ m|opac/temp_warn/post|; return $self->load_temp_warn if $path =~ m|opac/temp_warn|; + # added for CAS support - we probably want a place to explain why someone is being + # redirected to a third party site + return $self->load_cas_intro if $path =~ m|opac/cas_intro|; + # ---------------------------------------------------------------- # Everything below here requires SSL diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Container.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Container.pm index b61ac06df0..376a0b29eb 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Container.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Container.pm @@ -245,4 +245,10 @@ sub load_temp_warn { return Apache2::Const::OK; } +sub load_cas_intro { + my $self = shift; + $self->ctx->{'redirect_to'} = $self->cgi->param('redirect_to'); + return Apache2::Const::OK; +} + 1; diff --git a/Open-ILS/src/templates/opac/cas_intro.tt2 b/Open-ILS/src/templates/opac/cas_intro.tt2 new file mode 100644 index 0000000000..dd921ad853 --- /dev/null +++ b/Open-ILS/src/templates/opac/cas_intro.tt2 @@ -0,0 +1,38 @@ +[% PROCESS "opac/parts/header.tt2"; + PROCESS "opac/parts/misc_util.tt2"; + WRAPPER "opac/parts/base.tt2"; + INCLUDE "opac/parts/topnav.tt2"; + + cas_alert = l('You have selected CAS Authentication. This will use your campus userid (also known as login or user name).'); + ctx.page_title = l("CAS Information") -%] +
+
+
+ + + + +
+
+
+
+[% END %] diff --git a/Open-ILS/src/templates/opac/parts/config.tt2 b/Open-ILS/src/templates/opac/parts/config.tt2 index 718083ecf7..3f28ccad7a 100644 --- a/Open-ILS/src/templates/opac/parts/config.tt2 +++ b/Open-ILS/src/templates/opac/parts/config.tt2 @@ -28,6 +28,14 @@ ctx.refworks.url = 'http://www.refworks.com'; # ctx.refworks.url = 'http://librweb.laurentian.ca/login?url=http://refworks.scholarsportal.info'; ############################################################################## +# CAS support +############################################################################## +# Specify CAS URL for Login +# ctx.cas.url = 'https://myorg.org/cas/login?service=https://mylibrary.org/eg/opac/login'; +# Specify CAS URL for Logout +# ctx.cas.logout = 'https://myorg.org/cas/logout'; + +############################################################################## # OpenURL resolution ############################################################################## # Evergreen provides the ability to point at an OpenURL resolver to find diff --git a/Open-ILS/src/templates_windsor/opac/cas_intro.tt2 b/Open-ILS/src/templates_windsor/opac/cas_intro.tt2 new file mode 100644 index 0000000000..26e87bfbb0 --- /dev/null +++ b/Open-ILS/src/templates_windsor/opac/cas_intro.tt2 @@ -0,0 +1,45 @@ +[% PROCESS "opac/parts/header.tt2"; + PROCESS "opac/parts/misc_util.tt2"; + WRAPPER "opac/parts/base.tt2"; + INCLUDE "opac/parts/topnav.tt2"; + ctx.page_title = l("CAS Information") %] +
+
+
+ + + + +
+
+
+
+[% END %]