From 63142b4779106c30141a8610091dc98ba3f2f109 Mon Sep 17 00:00:00 2001 From: lancer Date: Sun, 10 May 2009 11:04:45 +0000 Subject: [PATCH] Rename UserID to Anchor --- ChangeLog | 3 ++ UPDATE | 7 +++ code/ExternalAuthenticatedRole.php | 18 +++---- code/ExternalAuthenticator.php | 46 ++++++++--------- code/ExternalLoginForm.php | 14 +++--- code/drivers/FAKE.php | 2 +- code/drivers/LDAP.php | 76 ++++++++++++++--------------- doc/_config.fake | 2 +- doc/_config.ftp | 2 +- doc/_config.httpbasic | 2 +- doc/_config.imap | 2 +- doc/_config.ldap | 2 +- doc/_config.sstripe | 2 +- tests/AuthExternal.yml | 4 +- tests/ExternalAuthenticatorTest.php | 4 +- 15 files changed, 98 insertions(+), 88 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1abd8d7..a339ecc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ External Authenticator Changelog -------------------------------- +0.4 +- [MISC] Rename (External_)UserID to Anchor + 0.3.1 - [BUGFIX] Ticket #3649 - Syntax issue in LDAP driver - [BUGFIX] Ticket #3568 - Variable Typo in SSTRIPE_Authenticator Authenticate() diff --git a/UPDATE b/UPDATE index c766c2e..da32530 100644 --- a/UPDATE +++ b/UPDATE @@ -1,3 +1,10 @@ +Update instructions to go from 0.3 to 0.4 +----------------------------------------- + +Logon to the database as administrator +alter table Member change column External_UserID External_Anchor VarChar(255); + + Update instructions to go from 0.1 to 0.2/0.3 --------------------------------------------- diff --git a/code/ExternalAuthenticatedRole.php b/code/ExternalAuthenticatedRole.php index 03f1f60..a318ab2 100644 --- a/code/ExternalAuthenticatedRole.php +++ b/code/ExternalAuthenticatedRole.php @@ -26,12 +26,12 @@ class ExternalAuthenticatedRole extends DataObjectDecorator { */ function extraStatics() { return array( - 'db' => array('External_UserID' => 'Varchar(255)', + 'db' => array('External_Anchor' => 'Varchar(255)', 'External_SourceID' => 'Varchar(50)'), 'has_one' => array(), - 'defaults' => array('External_UserID' => null, + 'defaults' => array('External_Anchor' => null, 'External_SourceID' => null), - 'indexes' => array('External_UserID' => 'index (External_UserID)') + 'indexes' => array('External_Anchor' => 'index (External_Anchor)') ); } @@ -76,7 +76,7 @@ function updateCMSFields(FieldSet &$fields) { new DropdownField('External_SourceID', _t('ExternalAuthenticator.Sources'), $sources)); $fields->addFieldToTab('Root.ExternalAuthentication', - new TextField('External_UserID', _t('ExternalAuthenticator.EnterNewId', + new TextField('External_Anchor', _t('ExternalAuthenticator.EnterNewId', 'ID to be used with this source'))); } @@ -121,14 +121,14 @@ class ExternalAuthenticatedRole_Validator extends Extension { * FALSE. */ function updatePHP(array $data, Form &$form) { - if (!isset($data['External_UserID']) || strlen(trim($data['External_UserID'])) == 0 || + if (!isset($data['External_Anchor']) || strlen(trim($data['External_Anchor'])) == 0 || !isset($data['External_SourceID']) || strlen($data['External_SourceID']) == 0) return true; $member = DataObject::get_one('Member', - 'External_UserID = \''. - Convert::raw2sql($data['External_UserID']) . - '\' AND External_SourceID = \'' . + 'External_Anchor = \''. + Convert::raw2sql($data['External_Anchor']) . + '\' AND External_Source = \'' . Convert::raw2sql($data['External_SourceID']) .'\''); // if we are in a complex table field popup, use ctf[childID], else use @@ -141,7 +141,7 @@ function updatePHP(array $data, Form &$form) { } if(is_object($member) && $member->ID != $id) { - $field = $form->dataFieldByName('External_UserID'); + $field = $form->dataFieldByName('External_Anchor'); $this->owner->validationError($field->id(), _t('ExternalAuthenticator.UserExists', 'There already exists a member with this account name'), 'required'); diff --git a/code/ExternalAuthenticator.php b/code/ExternalAuthenticator.php index 20b38e2..9a51a5a 100644 --- a/code/ExternalAuthenticator.php +++ b/code/ExternalAuthenticator.php @@ -20,7 +20,7 @@ class ExternalAuthenticator extends Authenticator { * Description of user id * This description is used for all sources defined */ - protected static $useriddesc = 'User ID'; + protected static $anchordesc = 'User ID'; /** * Message that results from authenticating @@ -65,7 +65,7 @@ public static function createSource($sourceid, $authtype, $nicename) { 'authserver' => 'localhost', //IP or DNS name of server 'authport' => null, //IP port to use 'authsslock' => true, //Check SStripes locking mechanism - 'useriddesc' => 'User ID', //How do we refer to a user id + 'anchordesc' => 'User ID', //How do we refer to a user id 'encryption' => null, //Enable SSL or TLS encryption 'autoadd' => false, //Automatically add users? 'defaultdomain' => null, //Default mail domain for auto @@ -257,19 +257,19 @@ public static function getAutoAdd($sourceid) { /** * Set the name of the user id * - * @param string $useriddesc Description of user id + * @param string $anchordesc Description of user id */ - public static function setIdDesc($useriddesc) { - self::$useriddesc = $useriddesc; + public static function setAnchorDesc($anchordesc) { + self::$anchordesc = $anchordesc; } /** * Get the user id description * - * @return string useriddesc Description + * @return string anchordesc Description */ - public static function getIdDesc() { - return self::$useriddesc; + public static function getAnchorDesc() { + return self::$anchordesc; } /** @@ -398,13 +398,13 @@ public static function AuthLog($message) { * Writes a message to the audit log * * @param object $member The member if found in the database - * @param string $user_id The login name if the user + * @param string $anchor The login name if the user * @param string $action_type What was tried? * @param string $because Reason for success * @param boolean $success Did we succeed * @param string $source_id For which source **/ - public static function AuditLog($member, $user_id, $action_type, $because, $success, $source_id) { + public static function AuditLog($member, $anchor, $action_type, $because, $success, $source_id) { if (self::getAuditLogSStripe()) { //Use built-in mechanism $attempt = new LoginAttempt(); @@ -422,14 +422,14 @@ public static function AuditLog($member, $user_id, $action_type, $because, $succ } $attempt->IP = Controller::curr()->getRequest()->getIP(); - $attempt->Email = $user_id . '@' . $source_id; + $attempt->Email = $anchor . '@' . $source_id; $attempt->write(); } if (!is_bool(self::getAuditLogFile())) { $logmessage = date(DATE_RFC822). ' - '; if ($success) $logmessage .= '[SUCCESS] '; else $logmessage .= '[FAILURE] '; - $logmessage .= 'action ' . $action_type . ' for user ' . $user_id . ' at ' . + $logmessage .= 'action ' . $action_type . ' for user ' . $anchor . ' at ' . Controller::curr()->getRequest()->getIP() . ' from source ' . $source_id; if (!is_null($because)) $logmessage .= ' because ' . $because; @@ -473,7 +473,7 @@ public static function authenticate($RAW_data, Form $form = null) { } else { $A_sources = array($RAW_data['External_SourceID']); } - $RAW_external_uid = trim($RAW_data['External_UserID']); + $RAW_external_anchor = trim($RAW_data['External_Anchor']); $RAW_external_passwd = $RAW_data['Password']; $userexists = false; //Does the user exist within SilverStripe? $authsuccess = false; //Initialization of variable @@ -484,13 +484,13 @@ public static function authenticate($RAW_data, Form $form = null) { // User ID should not be empty // Password should not be empty as well, but we check this in the // external authentication method itself. - if (strlen($RAW_external_uid) == 0) { + if (strlen($RAW_external_anchor) == 0) { if (!is_null($form)) { - $form->sessionMessage(sprintf(_t('ExternalAuthenticator.EnterUID', 'Please enter a %s') ,self::$useriddesc), 'bad'); + $form->sessionMessage(sprintf(_t('ExternalAuthenticator.EnterUID', 'Please enter a %s') ,self::$anchordesc), 'bad'); } return false; } - $SQL_identity = Convert::raw2sql($RAW_external_uid); + $SQL_identity = Convert::raw2sql($RAW_external_anchor); self::AuthLog('Starting process for user ' . $SQL_identity); @@ -498,7 +498,7 @@ public static function authenticate($RAW_data, Form $form = null) { // array, until we succeed or utterly fail foreach ($A_sources as $RAW_source) { $SQL_source = Convert::raw2sql($RAW_source); - if (($member = DataObject::get_one('Member',"Member.External_UserID = '$SQL_identity'". + if (($member = DataObject::get_one('Member',"Member.External_Anchor = '$SQL_identity'". " AND Member.External_SourceID = '$SQL_source'"))) { $userexists = true; self::AuthLog($SQL_identity . ' - User with source ' . $RAW_source . ' found in database'); @@ -513,7 +513,7 @@ public static function authenticate($RAW_data, Form $form = null) { self::AuthLog($SQL_identity . ' - This attempt is also logged in the database'); $form->sessionMessage(_t('ExternalAuthenticator.Failed'),'bad'); - self::AuditLog($member, $RAW_external_uid, 'logon', 'account is locked' , false, $RAW_source); + self::AuditLog($member, $RAW_external_anchor, 'logon', 'account is locked' , false, $RAW_source); return false; } else { self::AuthLog($SQL_identity . ' - User is not locked'); @@ -535,7 +535,7 @@ public static function authenticate($RAW_data, Form $form = null) { $myauthenticator = new $myauthenticator(); self::AuthLog($SQL_identity . ' - executing authentication driver'); - $RAW_result = $myauthenticator->Authenticate($RAW_source, $RAW_external_uid, + $RAW_result = $myauthenticator->Authenticate($RAW_source, $RAW_external_anchor, $RAW_external_passwd); if ($RAW_result) { @@ -559,7 +559,7 @@ public static function authenticate($RAW_data, Form $form = null) { // An external source verified our existence if ($authsuccess && !$userexists && self::getAutoAdd($RAW_source)) { // But SilverStripe denies our existence, so we add ourselves - $SQL_memberdata['External_UserID'] = $SQL_identity; + $SQL_memberdata['External_Anchor'] = $SQL_identity; $SQL_memberdata['External_SourceID'] = $SQL_source; if(isset($RAW_result['firstname'])) { $SQL_memberdata['FirstName'] = Convert::raw2sql($RAW_result['firstname']); @@ -600,7 +600,7 @@ public static function authenticate($RAW_data, Form $form = null) { self::AuthLog($SQL_identity . ' - start adding user to database'); Group::addToGroupByName($member, $group->Code); self::AuthLog($SQL_identity . ' - finished adding user to database'); - self::AuditLog($member, $RAW_external_uid, 'creation', NULL , true, $RAW_source); + self::AuditLog($member, $RAW_external_anchor, 'creation', NULL , true, $RAW_source); } } else { self::AuthLog($SQL_identity . ' - The group to add the user to did not exist'); @@ -616,14 +616,14 @@ public static function authenticate($RAW_data, Form $form = null) { Session::set('Security.Message.message', self::$authmessage); Session::set('Security.Message.type', 'good'); - self::AuditLog($member, $RAW_external_uid, 'logon', NULL , true, $RAW_source); + self::AuditLog($member, $RAW_external_anchor, 'logon', NULL , true, $RAW_source); return $member; } else { if(!is_null($form)) { $form->sessionMessage(self::$authmessage,'bad'); } - self::AuditLog($member, $RAW_external_uid, 'logon', NULL , false, $RAW_source); + self::AuditLog($member, $RAW_external_anchor, 'logon', NULL , false, $RAW_source); return false; } diff --git a/code/ExternalLoginForm.php b/code/ExternalLoginForm.php index 3e01efa..e9c5cbd 100644 --- a/code/ExternalLoginForm.php +++ b/code/ExternalLoginForm.php @@ -46,13 +46,13 @@ function __construct($controller, $name, $fields = null, $actions = null, new HiddenField('AuthenticationMethod', null, $this->authenticator_class, $this)); } else { if(!$fields) { - $userdesc = ExternalAuthenticator::getIdDesc(); + $userdesc = ExternalAuthenticator::getAnchorDesc(); if ( ExternalAuthenticator::getAuthSequential() ) { $fields = new FieldSet( new HiddenField('AuthenticationMethod', null, $this->authenticator_class, $this), new HiddenField('External_SourceID', 'External_SourceID', 'empty'), - new TextField('External_UserID', $userdesc, - Session::get('SessionForms.ExternalLoginForm.External_UserID')), + new TextField('External_Anchor', $userdesc, + Session::get('SessionForms.ExternalLoginForm.External_Anchor')), new PasswordField('Password', _t('ExternalAuthenticator.Password','Password')) ); } else { @@ -61,8 +61,8 @@ function __construct($controller, $name, $fields = null, $actions = null, new HiddenField('AuthenticationMethod', null, $this->authenticator_class, $this), new DropdownField('External_SourceID', _t('ExternalAuthenticator.Sources','Authentication sources'), $sources, Session::get('SessionForms.ExternalLoginForm.External_SourceID')), - new TextField('External_UserID', $userdesc, - Session::get('SessionForms.ExternalLoginForm.External_UserID')), + new TextField('External_Anchor', $userdesc, + Session::get('SessionForms.ExternalLoginForm.External_Anchor')), new PasswordField('Password', _t('ExternalAuthenticator.Password')) ); } @@ -112,7 +112,7 @@ protected function getMessageFromSession() { */ public function dologin($data) { if($this->performLogin($data)) { - Session::clear('SessionForms.ExternalLoginForm.External_UserID'); + Session::clear('SessionForms.ExternalLoginForm.External_Anchor'); Session::clear('SessionForms.ExternalLoginForm.External_SourceID'); Session::clear('SessionForms.ExternalLoginForm.Remember'); @@ -123,7 +123,7 @@ public function dologin($data) { Director::redirectBack(); } else { - Session::set('SessionForms.ExternalLoginForm.External_UserID', $data['External_UserID']); + Session::set('SessionForms.ExternalLoginForm.External_Anchor', $data['External_Anchor']); Session::set('SessionForms.ExternalLoginForm.External_SourceID', $data['External_SourceID']); Session::set('SessionForms.ExternalLoginForm.Remember', isset($data['Remember'])); if($badLoginURL = Session::get("BadLoginURL")) { diff --git a/code/drivers/FAKE.php b/code/drivers/FAKE.php index b56dfb3..b70b60c 100644 --- a/code/drivers/FAKE.php +++ b/code/drivers/FAKE.php @@ -22,7 +22,7 @@ class FAKE_Authenticator { * @return boolean True */ - public function Authenticate($RAW_source, $RAW_external_uid, $RAW_external_passwd) { + public function Authenticate($RAW_source, $RAW_external_anchor, $RAW_external_passwd) { return true; } } diff --git a/code/drivers/LDAP.php b/code/drivers/LDAP.php index f4bfa82..aa1f7b0 100644 --- a/code/drivers/LDAP.php +++ b/code/drivers/LDAP.php @@ -45,10 +45,10 @@ class LDAP_Authenticator { * Does an ldap connect and binds as the guest user or as the optional dn. * * @param string $source Authentication source to be used - * @param string $external_uid The ID entered by the user (for logging purposes only) + * @param string $external_anchor The ID entered by the user (for logging purposes only) * @return boolean on success, error message on fail. */ - private function Connect($source, $external_uid) { + private function Connect($source, $external_anchor) { // First we verify the setting and adapt where needed $uri = ExternalAuthenticator::getAuthServer($source); $enc = ExternalAuthenticator::getAuthEnc($source); @@ -73,9 +73,9 @@ private function Connect($source, $external_uid) { $version = self::$version; } - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Connecting to ' . $uri . ' port ' . + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Connecting to ' . $uri . ' port ' . $port . ' LDAP version ' . $version); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - If process stops here, check PHP LDAP module'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - If process stops here, check PHP LDAP module'); $bindas = ExternalAuthenticator::getOption($source, "bind_as"); $bindpw = ExternalAuthenticator::getOption($source, "bind_pw"); @@ -88,32 +88,32 @@ private function Connect($source, $external_uid) { self::$ds = @ldap_connect($uri, $port); if (!self::$ds) { Debug::loadErrorHandlers(); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Failed to connect'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Failed to connect'); return _t('LDAP_Authenticator.NotConnected','Failed to connect to LDAP server.'); } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Connect succeeded'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Connect succeeded'); } if (!ldap_set_option(self::$ds, LDAP_OPT_PROTOCOL_VERSION, $version)) { Debug::loadErrorHandlers(); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP set to prot. version ' . $version . ' failed'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP set to prot. version ' . $version . ' failed'); return sprintf(_t('LDAP_Authenticator.Version','Set LDAP protocol version to %d failed'), $version); } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP set to protocol version ' . $version); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP set to protocol version ' . $version); } if ($enc == "tls") { if (!@ldap_start_tls(self::$ds)) { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - TLS initialization failed ' . + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - TLS initialization failed ' . ldap_errno(self::$ds) . ':' . ldap_error(self::$ds)); return sprintf(_t('LDAP_Authenticator.TLS','Start TLS failed: [%d] %s'), ldap_errno(self::$ds), ldap_error(self::$ds)); } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - TLS initialization success'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - TLS initialization success'); } } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - TLS not set'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - TLS not set'); } if (!is_null($bindas)) { @@ -126,11 +126,11 @@ private function Connect($source, $external_uid) { Debug::loadErrorHandlers(); if (!$bind) { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Bind failed ' . + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Bind failed ' . ldap_errno(self::$ds) . ':' . ldap_error(self::$ds)); return _t('LDAP_Authenticator.NoBind','Could not bind to LDAP server.'); } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Bind success'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Bind success'); } return true; @@ -226,14 +226,14 @@ private function findDN($source, $ldapattribute) { * * @param string $source Authentication source to be used * @param string $dn The dn of the user - * @param string $external_uid The ID entered by the user (for logging purposes only) + * @param string $external_anchor The ID entered by the user (for logging purposes only) * * @return array array with keys being "shadowlastchange", "shadowmin" * "shadowmax", "shadowwarning", "firstname", "surname", * and "email" and containing their * respective values. */ - private function lookupDetails($source, $dn, $external_uid) { + private function lookupDetails($source, $dn, $external_anchor) { /* Init the return array. */ $lookupdetails = array('shadowlastchange' => array('value' => false, 'attr' => 'shadowlastchange'), 'shadowmin' => array('value' => false, 'attr' => 'shadowmin'), @@ -250,29 +250,29 @@ private function lookupDetails($source, $dn, $external_uid) { ) ); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Reading details of DN ' . $dn); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Reading details of DN ' . $dn); $result = @ldap_read(self::$ds, $dn, 'objectClass=*'); if ($result) { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Lookup of details succeeded'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Lookup of details succeeded'); $information = @ldap_get_entries(self::$ds, $result); foreach ($lookupdetails as $key => $lookupdetail) { if (!is_null($lookupdetail['attr'])) { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Looking up ' . $lookupdetail['attr']); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Looking up ' . $lookupdetail['attr']); if (isset($information[0][$lookupdetail['attr']][0])) { $lookupdetails[$key]['value'] = $information[0][$lookupdetail['attr']][0]; - ExternalAuthenticator::AuthLog($external_uid.'.ldap - ' . $lookupdetail['attr'] . ' set to ' . + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - ' . $lookupdetail['attr'] . ' set to ' . $lookupdetails[$key]['value']); } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Attribute ' . + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Attribute ' . $lookupdetail['attr'] . ' not set'); } } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Dont know how to find ' . $key); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Dont know how to find ' . $key); } } } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Lookup of details failed'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Lookup of details failed'); } return $lookupdetails; @@ -285,12 +285,12 @@ private function lookupDetails($source, $dn, $external_uid) { * @access public * * @param string $source The Authentication source to be used - * @param string $external_uid The ID entered + * @param string $external_anchor The ID entered * @param string $external_passwd The password of the user * * @return mixed Account details if succesful , false if not */ - public function Authenticate($source, $external_uid, $external_passwd) { + public function Authenticate($source, $external_anchor, $external_passwd) { // A password should have some lenght. An empty password will result // in a succesfull anonymous bind. A password should not be all spaces if (strlen(trim($external_passwd)) == 0) { @@ -301,13 +301,13 @@ public function Authenticate($source, $external_uid, $external_passwd) { // Do we support password expiration? $expire = ExternalAuthenticator::getOption($source, 'passwd_expiration'); - $result = self::Connect($source, $external_uid); + $result = self::Connect($source, $external_anchor); if (is_string($result)) { ExternalAuthenticator::setAuthMessage($result); return false; } - $dn = self::findDN($source, $external_uid); + $dn = self::findDN($source, $external_anchor); if (is_bool($dn)) { @ldap_close(self::$ds); ExternalAuthenticator::setAuthMessage(_t('ExternalAuthenticator.Failed')); @@ -320,14 +320,14 @@ public function Authenticate($source, $external_uid, $external_passwd) { $success = false; //Initialize the result of the authentication - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Binding to LDAP as ' . $dn); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Binding to LDAP as ' . $dn); $bind = @ldap_bind(self::$ds, $dn, $external_passwd); if ($bind != false) { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP accepted password for ' . $dn); - $accountdetails = self::lookupDetails($source, $dn, $external_uid); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP accepted password for ' . $dn); + $accountdetails = self::lookupDetails($source, $dn, $external_anchor); if (!is_null($expire) && $expire) { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Check if password has expired'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Check if password has expired'); // Reset the SilverStripe error handler Debug::loadErrorHandlers(); @@ -343,15 +343,15 @@ public function Authenticate($source, $external_uid, $external_passwd) { $toexpire = $accountdetails['shadowlastchange']['value'] + $accountdetails['shadowmax']['value'] - $today; - ExternalAuthenticator::AuthLog($external_uid.'.ldap - ' . $toexpire . ' before password expires ' . + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - ' . $toexpire . ' before password expires ' . $towarn . ' days before warning'); // Out of luck. His password has expired. if ($toexpire < 0) { ExternalAuthenticator::setAuthMessage(_t('LDAP_Authenticator.Expired','Your password has expired')); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP Authentication FAILED due to expired password'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP Authentication FAILED due to expired password'); } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP Authentication success'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP Authentication success'); $success = array('firstname' => $accountdetails['firstname']['value'], 'surname' => $accountdetails['surname']['value'], @@ -366,19 +366,19 @@ public function Authenticate($source, $external_uid, $external_passwd) { } } } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP password expiry enabled, but attributes not set; IGNORING'); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP Authentication success'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP password expiry enabled, but attributes not set; IGNORING'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP Authentication success'); $success = array('firstname' => $accountdetails['firstname']['value'], 'surname' => $accountdetails['surname']['value'], 'email' => $accountdetails['email']['value'] ); } } else { - ExternalAuthenticator::AuthLog($external_uid.'.ldap - Password expiry not enabled'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - Password expiry not enabled'); // Reset the SilverStripe error handler Debug::loadErrorHandlers(); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP Authentication success'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP Authentication success'); $success = array('firstname' => $accountdetails['firstname']['value'], 'surname' => $accountdetails['surname']['value'], 'email' => $accountdetails['email']['value'] @@ -388,7 +388,7 @@ public function Authenticate($source, $external_uid, $external_passwd) { // Reset the SilverStripe error handler Debug::loadErrorHandlers(); - ExternalAuthenticator::AuthLog($external_uid.'.ldap - LDAP authentication for ' . $dn . ' failed'); + ExternalAuthenticator::AuthLog($external_anchor.'.ldap - LDAP authentication for ' . $dn . ' failed'); ExternalAuthenticator::setAuthMessage(_t('ExternalAuthenticator.Failed')); $success = false; } diff --git a/doc/_config.fake b/doc/_config.fake index 434f0e9..aac3dfc 100644 --- a/doc/_config.fake +++ b/doc/_config.fake @@ -70,7 +70,7 @@ ExternalAuthenticator::setAuthSequential(false); * How do we call a user ID? * This string is informational and will appear on the login page */ -ExternalAuthenticator::setIdDesc('Whatever'); +ExternalAuthenticator::setAnchorDesc('Whatever'); /** * You have to possibility to auto create non existing users. diff --git a/doc/_config.ftp b/doc/_config.ftp index 1be20a0..57782a3 100644 --- a/doc/_config.ftp +++ b/doc/_config.ftp @@ -84,7 +84,7 @@ ExternalAuthenticator::setAuthSequential(false); * How do we call a user ID? * This string is informational and will appear on the login page */ -ExternalAuthenticator::setIdDesc('User ID'); +ExternalAuthenticator::setAnchorDesc('User ID'); /** * If the authentication source does not have a mechanism to prevent password diff --git a/doc/_config.httpbasic b/doc/_config.httpbasic index a9761a4..52e6076 100644 --- a/doc/_config.httpbasic +++ b/doc/_config.httpbasic @@ -93,7 +93,7 @@ ExternalAuthenticator::setAuthSequential(false); * How do we call a user ID? * This string is informational and will appear on the login page */ -ExternalAuthenticator::setIdDesc('User ID'); +ExternalAuthenticator::setAnchorDesc('User ID'); /** * If the authentication source does not have a mechanism to prevent password diff --git a/doc/_config.imap b/doc/_config.imap index ce0bde5..b5f624a 100644 --- a/doc/_config.imap +++ b/doc/_config.imap @@ -83,7 +83,7 @@ ExternalAuthenticator::setAuthSequential(false); * How do we call a user ID? * This string is informational and will appear on the login page */ -ExternalAuthenticator::setIdDesc('User ID'); +ExternalAuthenticator::setAnchorDesc('User ID'); /** * If the authentication source does not have a mechanism to prevent password diff --git a/doc/_config.ldap b/doc/_config.ldap index 8b15faa..6ce2212 100644 --- a/doc/_config.ldap +++ b/doc/_config.ldap @@ -111,7 +111,7 @@ ExternalAuthenticator::setAuthSequential(false); * How do we call a user ID? * This string is informational and will appear on the login page */ -ExternalAuthenticator::setIdDesc('User ID'); +ExternalAuthenticator::setAnchorDesc('User ID'); /** * If the authentication source does not have a mechanism to prevent password diff --git a/doc/_config.sstripe b/doc/_config.sstripe index 912706c..4f3d95a 100755 --- a/doc/_config.sstripe +++ b/doc/_config.sstripe @@ -86,7 +86,7 @@ ExternalAuthenticator::setAuthSequential(false); * How do we call a user ID? * This string is informational and will appear on the login page */ -ExternalAuthenticator::setIdDesc('Email'); +ExternalAuthenticator::setAnchorDesc('Email'); /** * If the authentication source does not have a mechanism to prevent password diff --git a/tests/AuthExternal.yml b/tests/AuthExternal.yml index 0994605..aaea448 100644 --- a/tests/AuthExternal.yml +++ b/tests/AuthExternal.yml @@ -7,7 +7,7 @@ Member: FirstName: Test Surname: User Email: test@silverstripe.com - External_UserID: testing + External_Anchor: testing External_SourceID: sstripe_unittest Password: test1 Groups: =>Group.mygroup @@ -15,7 +15,7 @@ Member: FirstName: Test Surname: User Email: anothertest@silverstripe.com - External_UserID: anothertest + External_Anchor: anothertest External_SourceID: sstripe_unittest password test2 Groups: =>Group.mygroup \ No newline at end of file diff --git a/tests/ExternalAuthenticatorTest.php b/tests/ExternalAuthenticatorTest.php index 2ff2974..dafb390 100644 --- a/tests/ExternalAuthenticatorTest.php +++ b/tests/ExternalAuthenticatorTest.php @@ -170,7 +170,7 @@ function testAutoCreateAccount() { * Execute a log-in form using Director::test(). * Helper method for the tests above */ - function doTestLoginForm($userid, $password) { + function doTestLoginForm($anchor, $password) { $this->session()->inst_set('BackURL', 'test/link'); $this->get('Security/login'); @@ -178,7 +178,7 @@ function doTestLoginForm($userid, $password) { "ExternalLoginForm_LoginForm", null, array( - 'External_UserID' => $userid, + 'External_Anchor' => $anchor, 'Password' => $password, 'AuthenticationMethod' => 'ExternalAuthenticator', 'action_dologin' => 1,