diff --git a/wayf_dk_login.admin.inc b/wayf_dk_login.admin.inc index 4cf0508..e536c14 100644 --- a/wayf_dk_login.admin.inc +++ b/wayf_dk_login.admin.inc @@ -218,6 +218,25 @@ function wayf_dk_login__settings_form() { '#group' => 'tabs', ); + $form['settings']['user'] = array( + '#type' => 'fieldset', + '#title' => t('User creating process'), + '#description' => t('Select which modules should be used to create the Drupal user after login to WAYF have succesfull completed. Note that order in which the modules are called is by system weight.'), + ); + + $options = array(); + $hook = 'wayf_dk_login_create_user'; + foreach (module_implements($hook) as $module) { + $options[$module] = $module; + } + + $form['settings']['user']['wayf_dk_login_create_user_modules'] = array( + '#type' => 'checkboxes', + '#title' => t('Modules'), + '#options' => $options, + '#default_value' => variable_get('wayf_dk_login_create_user_modules', array('wayf_dk_login' => 'wayf_dk_login')), + ); + $form['settings']['development'] = array( '#type' => 'fieldset', '#title' => t('Development'), diff --git a/wayf_dk_login.install b/wayf_dk_login.install index 0aabfef..a5d3691 100644 --- a/wayf_dk_login.install +++ b/wayf_dk_login.install @@ -33,6 +33,7 @@ function wayf_dk_login_uninstall() { 'wayf_dk_login_sp_endpoint', 'wayf_dk_login_sp_entityid', 'wayf_dk_login_sp_key', + 'wayf_dk_login_create_user_modules', 'wayf_dk_login_user_autocreate', 'wayf_dk_login_user_localscope', ); diff --git a/wayf_dk_login.module b/wayf_dk_login.module index 52a7909..9aee07e 100644 --- a/wayf_dk_login.module +++ b/wayf_dk_login.module @@ -109,11 +109,6 @@ function wayf_dk_login__endpoint() { watchdog('wayf_dk_login', 'Authentication data: %data', array('%data' => var_export($result, TRUE)), WATCHDOG_DEBUG); } - // eduPersonTargetedID is a persistent, non-reassigned, privacy-preserving - // identifier designed to provide a service provider with a unique - // identifier for a logged in person while preserving the person's privacy. - $edu_person_targeted_id = $result['attributes']['eduPersonTargetedID'][0]; - // Check if the organization is allowed here. $allowed_orgs = array_filter(variable_get('wayf_dk_login_organizations_active', array())); if (!empty($allowed_orgs)) { @@ -121,7 +116,7 @@ function wayf_dk_login__endpoint() { if (empty($allowed_orgs[$organization])) { drupal_set_message(t("Your organization have no access to this service."), 'error'); watchdog('wayf_dk_login', "Error saving user account : %name, the organization %organization is not allowed.", array( - '%name' => $edu_person_targeted_id, + '%name' => $result['attributes']['eduPersonTargetedID'][0], '%organization' => $organization, ), WATCHDOG_ERROR); drupal_goto(''); @@ -129,42 +124,59 @@ function wayf_dk_login__endpoint() { } } - user_external_login_register($edu_person_targeted_id, 'wayf_dk_login'); - - // The user should now be authenticated but lets make sure that it is so. - // An example of where that might not be the case: The user and authmap - // tables have maxlengths of 60 and 128 characters respectively for the - // username. Some examples of eduPersonTargetedID say that the value may be - // up to 256 characters long. In that case user creation will fail. - global $user; - if (!$user) { - watchdog('wayf_dk_login', "Valid WAYF user not authenticated : %name.", array('%name' => $edu_person_targeted_id), WATCHDOG_ERROR); - drupal_goto(''); - } - - // Update user information from WAYF attributes. - $userinfo = array(); - // Always set the user email to an email address in the authentication - // result if it is available. - if (!empty($result['attributes']['mail'])) { - $userinfo['mail'] = array_shift($result['attributes']['mail']); - } - // Map the remaining fields. - wayf_dk_login__map_fields($result['attributes'], $userinfo); - $account = user_save($user, $userinfo); - - if (!$account) { - // If an error occurred during user_save() the log it. The user is still - // logged in and should have a functional account so let them continue. - watchdog('wayf_dk_login', "Error saving fields on user account : %name.", array('%name' => $edu_person_targeted_id), WATCHDOG_ERROR); + // User the selected login hook (hook_wayf_dk_login_create_user) to process + // the login. + $hooks = variable_get('wayf_dk_login_create_user_modules', array('wayf_dk_login' => 'wayf_dk_login')); + foreach ($hooks as $module) { + module_invoke($module, 'wayf_dk_login_create_user', $result['attributes']); } + } + catch (\WAYF\SPortoException $exception) { + echo $exception->getMessage(); + exit; + } +} +/** + * Implements hook_wayf_dk_login_create_user(); + */ +function wayf_dk_login_wayf_dk_login_create_user($attributes) { + // eduPersonTargetedID is a persistent, non-reassigned, privacy-preserving + // identifier designed to provide a service provider with a unique + // identifier for a logged in person while preserving the person's privacy. + $edu_person_targeted_id = $attributes['eduPersonTargetedID'][0]; + + user_external_login_register($edu_person_targeted_id, 'wayf_dk_login'); + + // The user should now be authenticated but lets make sure that it is so. + // An example of where that might not be the case: The user and authmap + // tables have maxlengths of 60 and 128 characters respectively for the + // username. Some examples of eduPersonTargetedID say that the value may be + // up to 256 characters long. In that case user creation will fail. + global $user; + if (!$user) { + watchdog('wayf_dk_login', "Valid WAYF user not authenticated : %name.", array('%name' => $edu_person_targeted_id), WATCHDOG_ERROR); drupal_goto(''); } - catch (\WAYF\SPortoException $e) { - echo $e->getMessage(); - exit; + + // Update user information from WAYF attributes. + $userinfo = array(); + // Always set the user email to an email address in the authentication + // result if it is available. + if (!empty($result['attributes']['mail'])) { + $userinfo['mail'] = array_shift($attributes['mail']); } + // Map the remaining fields. + wayf_dk_login__map_fields($attributes, $userinfo); + $account = user_save($user, $userinfo); + + if (!$account) { + // If an error occurred during user_save() the log it. The user is still + // logged in and should have a functional account so let them continue. + watchdog('wayf_dk_login', "Error saving fields on user account : %name.", array('%name' => $edu_person_targeted_id), WATCHDOG_ERROR); + } + + drupal_goto(''); } /**