ext/authx/settings/authx.setting.php

   1 <?php
   2 /*
   3  +--------------------------------------------------------------------+
   4  | Copyright CiviCRM LLC. All rights reserved.                        |
   5  |                                                                    |
   6  | This work is published under the GNU AGPLv3 license with some      |
   7  | permitted exceptions and without any warranty. For full license    |
   8  | and copyright information, see https://civicrm.org/licensing       |
   9  +--------------------------------------------------------------------+
  10  */
  11
  12 use CRM_Authx_ExtensionUtil as E;
  13
  14 /**
  15  *
  16  * @package CRM
  17  * @copyright CiviCRM LLC https://civicrm.org/licensing
  18  */
  19 $_authx_settings = function() {
  20   $flows = ['param', 'header', 'xheader', 'login', 'auto'];
  21   $basic = [
  22     'group_name' => 'CiviCRM Preferences',
  23     'group' => 'authx',
  24     'is_domain' => 1,
  25     'is_contact' => 0,
  26     'add' => '5.36',
  27   ];
  28
  29   $s = [];
  30   $s["authx_guards"] = $basic + [
  31     'name' => 'authx_guards',
  32     'type' => 'Array',
  33     'quick_form_type' => 'Select',
  34     'html_type' => 'Select',
  35     'html_attributes' => [
  36       'multiple' => 1,
  37       'class' => 'crm-select2',
  38     ],
  39     'default' => ['site_key', 'perm'],
  40     'title' => ts('Authentication guard'),
  41     'help_text' => ts('Enable an authentication guard if you want to limit which users may authenticate via authx. The permission-based guard is satisfied by checking user permissions. The key-based guard is satisfied by checking the secret site-key. The JWT guard is satisfied if the user presents a signed token. If there are no guards, then any user can authenticate.'),
  42     'pseudoconstant' => [
  43       'callback' => ['\Civi\Authx\Meta', 'getGuardTypes'],
  44     ],
  45   ];
  46   foreach ($flows as $flow) {
  47     $s["authx_{$flow}_cred"] = $basic + [
  48       'name' => "authx_{$flow}_cred",
  49       'type' => 'Array',
  50       'quick_form_type' => 'Select',
  51       'html_type' => 'Select',
  52       'html_attributes' => [
  53         'multiple' => 1,
  54         'class' => 'crm-select2',
  55       ],
  56       'default' => ['jwt'],
  57       'title' => ts('Acceptable credentials (%1)', [1 => $flow]),
  58       'help_text' => NULL,
  59       'pseudoconstant' => [
  60         'callback' => ['\Civi\Authx\Meta', 'getCredentialTypes'],
  61       ],
  62     ];
  63     $s["authx_{$flow}_user"] = $basic + [
  64       'name' => "authx_{$flow}_user",
  65       'type' => 'String',
  66       'quick_form_type' => 'Select',
  67       'html_type' => 'Select',
  68       'html_attributes' => [
  69         'class' => 'crm-select2',
  70       ],
  71       'default' => 'optional',
  72       'title' => ts('User account requirements (%1)', [1 => $flow]),
  73       'help_text' => NULL,
  74       'pseudoconstant' => [
  75         'callback' => ['\Civi\Authx\Meta', 'getUserModes'],
  76       ],
  77     ];
  78   }
  79
  80   $s['authx_param_cred']['default'] = ['jwt', 'api_key'];
  81   $s['authx_header_cred']['default'] = ['jwt', 'api_key'];
  82   $s['authx_xheader_cred']['default'] = ['jwt', 'api_key'];
  83
  84   return $s;
  85 };
  86
  87 /**
  88  * Settings metadata file
  89  */
  90 return $_authx_settings();