Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

Shibboleth / AAI Authentication Plugin

  • mferraz
  • mferraz's Avatar Topic Author
  • Offline
  • Premium Member
  • Premium Member
More
1 year 5 months ago #244278 by mferraz
Please help us help you and fill where relevant:
Your LimeSurvey version: 6.1.3+230612 
Own server or LimeSurvey hosting:
Survey theme/template:
==================
Hi

I'm trying to implement the following code to Authenticate users using Shibboleth like we used to do on version 3, but I'm getting the following error when I've tried to test the shibd user variable:PHP warningUndefined array key "eppn"/opt/limesurvey/plugins/AuthAAI/AuthAAI.php(20)08 public $allowedPublicMethods = array();
09
10 public function init()
11 {
12 // Registra os eventos que o plugin vai escutar
13 $this->subscribe('beforeLogin');
14 $this->subscribe('newUserSession');
15
16 }
17
18 public function beforeLogin()
19 {
20 echo $_SERVER;
21 // Verifica se a variável $_SERVER existe
22 if (isset($_SERVER)) {
23 // Usa a variável como username
24 $username = $_SERVER;
25 // Tenta encontrar o utilizador no banco de dados
26 $user = $this->api->getUserByName($username);
27 if ($user === null) {
28 // Se o utilizador não existe, cria um novo com permissão de participante
29 $user = new User;
30 $user->users_name = $username;
31 $user->password = hash('sha256', createPassword());
32 $user->full_name = $_SERVER;
Stack Trace#0 unknown(0): AuthAAI->beforeLogin()#1–
  /opt/limesurvey/application/libraries/PluginManager/PluginManager.php(269): call_user_func(array(AuthAAI, "beforeLogin"))264 if (
265 !$event->isStopped()
266 && (empty($target) || in_array(get_class($subscription[0]), $target))
267 ) {
268 $subscription[0]->setEvent($event);
269 call_user_func($subscription);
270 }
271 }
272 }
273
274 return $event;
#2–
  /opt/limesurvey/application/controllers/admin/Authentication.php(111): LimeSurvey\PluginManager\PluginManager->dispatchEvent(PluginEvent)106 // In Authdb, the plugin event "beforeLogin" checks if the url param "onepass" is set
107 // if yes, it will call AuthPluginBase::setAuthPlugin to set to true the plugin private parameter "_stop", so the form will not be displayed
108 // @see: application/core/plugins/Authdb/Authdb.php: function beforeLogin()
109 $beforeLogin = new PluginEvent('beforeLogin');
110 $beforeLogin->set('identity', new LSUserIdentity('', ''));
111 App()->getPluginManager()->dispatchEvent($beforeLogin);
112
113 /* @var $identity LSUserIdentity */
114 $identity = $beforeLogin->get('identity'); // Why here?
115
116 // If the plugin private parameter "_stop" is false and the login form has not been submitted: render the login form
#3–
  /opt/limesurvey/application/controllers/admin/Authentication.php(47): Authentication::prepareLogin()42 }
43 // The page should be shown only for non logged in users
44 $this->redirectIfLoggedIn();
45
46 // Result can be success, fail or data for template
47 $result = self::prepareLogin();
48
49 $isAjax = isset($_GET) && $_GET == 1;
50 $succeeded = isset($result[0]) && $result[0] == 'success';
51 $failed = isset($result[0]) && $result[0] == 'failed';
52
#4 unknown(0): Authentication->index()#5+
  /opt/limesurvey/vendor/yiisoft/yii/framework/web/actions/CAction.php(115): ReflectionMethod->invokeArgs(Authentication, array())#6+
  /opt/limesurvey/application/core/SurveyCommonAction.php(83): CAction->runWithParamsInternal(Authentication, ReflectionMethod, array("sa" => "login"))#7+
  /opt/limesurvey/vendor/yiisoft/yii/framework/web/CController.php(308): SurveyCommonAction->runWithParams(array("sa" => "login"))#8+
  /opt/limesurvey/vendor/yiisoft/yii/framework/web/CController.php(286): CController->runAction(Authentication)#9+
  /opt/limesurvey/vendor/yiisoft/yii/framework/web/CController.php(265): CController->runActionWithFilters(Authentication, array())#10+
  /opt/limesurvey/application/controllers/AdminController.php(202): CController->run("authentication")#11+
  /opt/limesurvey/vendor/yiisoft/yii/framework/web/CWebApplication.php(282): AdminController->run("authentication")#12+
  /opt/limesurvey/vendor/yiisoft/yii/framework/web/CWebApplication.php(141): CWebApplication->runController("admin/authentication/sa/login")#13+
  /opt/limesurvey/vendor/yiisoft/yii/framework/base/CApplication.php(185): CWebApplication->processRequest()#14+
  /opt/limesurvey/index.php(161): CApplication->run()
This is the code:
<?php
// Plugin para autenticação federada shibboleth para o limesurvey
class AuthAAI extends AuthPluginBase
{
    protected $storage = 'DbStorage';
    static protected $description = 'Autenticação federada shibboleth';
    static protected $name = 'AuthAAI';
    public function init()
    {
        // Registra os eventos que o plugin vai escutar
        $this->subscribe('beforeLogin');
        $this->subscribe('newUserSession');

    }

    public function beforeLogin()
    {
    echo $_SERVER; //for testing
        // Verifica se a variável $_SERVER existe
        if (isset($_SERVER)) {
            // Usa a variável como username
            $username = $_SERVER;
            // Tenta encontrar o utilizador no banco de dados
            $user = $this->api->getUserByName($username);
            if ($user === null) {
                // Se o utilizador não existe, cria um novo com permissão de participante
                $user = new User;
                $user->users_name = $username;
                $user->password = hash('sha256', createPassword());
                $user->full_name = $_SERVER;
                $user->parent_id = 1;
                $user->lang = 'pt-PT';
                $user->email = $_SERVER;
                if ($user->save()) {
                    // Atribui a permissão de participante ao utilizador
                    Permission::model()->setGlobalPermission($user->uid, 'surveys', array('create_p'));
                    // Dispara o evento de novo utilizador
                    $this->getEvent()->set('newUser', true);
                } else {
                    // Se houver algum erro ao salvar o utilizador, mostra uma mensagem de erro
                    $this->getEvent()->set('error', 'Não foi possível criar o utilizador.');
                }
            }
            // Se o utilizador existe, autentica
            if ($user !== null) {
                // Dispara o evento de nova sessão de utilizador
        $this->setUsername($user);
                $this->setAuthSuccess($user);
            $this->setAuthPlugin(); // This plugin will handle authentication and skips the login form
            }
        } else {
            // Se a variável não existe, mostra uma mensagem de erro
            $this->getEvent()->set('error', 'Não foi possível obter a variável $_SERVER[\'eppn\'].');
        }
    }

    public function newUserSession()
    {
        // Obtém o utilizador autenticado
        $user = $this->getEvent()->get('user');
        if ($user !== null) {
            // Atualiza a última data de login do utilizador
            $user->setAttributes(array('last_login' => date('Y-m-d H:i:s')));
            $user->save();
        }
    }
}

I've tried the same echo, even with a function on the same Limesurvey parent directory, and I'm getting the variable just fine.

Thank you in advance.

Please Log in to join the conversation.

  • mferraz
  • mferraz's Avatar Topic Author
  • Offline
  • Premium Member
  • Premium Member
More
1 year 5 months ago #244299 by mferraz
Replied by mferraz on topic Shibboleth / AAI Authentication Plugin
Hi.

Ok, I've realized that the $_SERVER vars are stripped out if using the index.php. If I copy the file to another name, it's possible to use those vars. 

Please Log in to join the conversation.

Moderators: holchtpartner

Lime-years ahead

Online-surveys for every purse and purpose