|
| 1 | +<?php |
| 2 | + |
| 3 | +/** |
| 4 | + * AttributeFromRestApi authproc filter. |
| 5 | + * |
| 6 | + * This class is the authproc filter to get attributes from rest api |
| 7 | + * |
| 8 | + * Example configuration in the config/config.php |
| 9 | + * |
| 10 | + * authproc.aa = array( |
| 11 | + * ... |
| 12 | + * '60' => array( |
| 13 | + * 'class' => 'attributefromrestapi:AttributeFromRestApi', |
| 14 | + * 'nameId_attribute_name' => 'subject_nameid', // look at the aa authsource config |
| 15 | + * 'api_url' => 'https://www.example.com/app.php/api', |
| 16 | + * ), |
| 17 | + * |
| 18 | + * @author Gyula Szabó <gyufi@niif.hu> |
| 19 | + */ |
| 20 | +class sspmod_attributefromrestapi_Auth_Process_AttributeFromRestApi extends SimpleSAML_Auth_ProcessingFilter |
| 21 | +{ |
| 22 | + private $config; |
| 23 | + private $as_config; |
| 24 | + |
| 25 | + public function __construct($config, $reserved) |
| 26 | + { |
| 27 | + parent::__construct($config, $reserved); |
| 28 | + $params = array('api_url', 'nameId_attribute_name'); |
| 29 | + foreach ($params as $param) { |
| 30 | + if (!array_key_exists($param, $config)) { |
| 31 | + throw new SimpleSAML_Error_Exception('Missing required attribute: '.$param); |
| 32 | + } |
| 33 | + $this->as_config[$param] = $config[$param]; |
| 34 | + } |
| 35 | + } |
| 36 | + |
| 37 | + public function process(&$state) |
| 38 | + { |
| 39 | + assert('is_array($state)'); |
| 40 | + $nameId = $state['Attributes'][$this->as_config['nameId_attribute_name']][0]; |
| 41 | + $this->config = SimpleSAML_Configuration::getInstance(); |
| 42 | + array_push($state['Attributes'], $this->getAttributes($nameId)); |
| 43 | + } |
| 44 | + |
| 45 | + public function getAttributes($nameId, $attributes = array()) |
| 46 | + { |
| 47 | + |
| 48 | + // Set up config |
| 49 | + $config = $this->config; |
| 50 | + $retarray = array(); |
| 51 | + |
| 52 | + // Make the call |
| 53 | + |
| 54 | + // Setup cURL |
| 55 | + $url = $this->as_config['api_url'].'/'.$nameId; |
| 56 | + $ch = curl_init($url); |
| 57 | + curl_setopt_array($ch, |
| 58 | + array( |
| 59 | + CURLOPT_CUSTOMREQUEST => 'GET', |
| 60 | + CURLOPT_RETURNTRANSFER => true, |
| 61 | + CURLOPT_HTTPHEADER => array('Content-Type: application/json'), |
| 62 | + ) |
| 63 | + ); |
| 64 | + |
| 65 | + // Send the request |
| 66 | + $response = curl_exec($ch); |
| 67 | + $http_response = curl_getinfo($ch, CURLINFO_HTTP_CODE); |
| 68 | + |
| 69 | + // Check for error; not even redirects are allowed here |
| 70 | + if ($response === false || !($http_response >= 200 && $http_response < 300)) { |
| 71 | + SimpleSAML_Logger::error('[afra] API query failed: HTTP response code: '.$http_response.', curl error: "'.curl_error($ch)).'"'; |
| 72 | + SimpleSAML_Logger::debug('[afra] API query failed: curl info: '.var_export(curl_getinfo($ch), 1)); |
| 73 | + SimpleSAML_Logger::debug('[afra] API query failed: HTTP response: '.var_export($response, 1)); |
| 74 | + $data = array(); |
| 75 | + var_dump($http_response, $response);exit; |
| 76 | + } elseif (false) { |
| 77 | + # egyéb hibaüzenetek |
| 78 | + } else { |
| 79 | + $data = json_decode($response, true); |
| 80 | + SimpleSAML_Logger::info('[afra] got reply from API'); |
| 81 | + SimpleSAML_Logger::debug('[afra] API query url: '.var_export($url, true)); |
| 82 | + SimpleSAML_Logger::debug('[afra] API query result: '.var_export($data, true)); |
| 83 | + } |
| 84 | + $attributes = $data['data']; |
| 85 | + return $attributes; |
| 86 | + } |
| 87 | +} |
0 commit comments