5 * Documentation for CAS Fields Server API.
9 * Return additional CAS attributes when acting as a CAS server.
11 * This hook allows modules to add additional CAS attributes to the basic
12 * response by the CAS Server module.
15 * The user being logged in.
17 * The service URL of the site the user is logging in to.
19 * The login ticket the user provided.
22 * An associative array of CAS attributes for the user.
26 * Does whitelist checking.
27 * Sets the data that will be transfered to cas_fields_client.
29 function cas_fields_server_cas_server_user_attributes($account, $service, $ticket) {
30 $whitelist = variable_get('cas_server_whitelist');
33 preg_match('@^(?:http://)?([^/]+)@i', $service, $matches);
36 // Get last two segments of host name.
37 preg_match('/[^.]+\.[^.]+$/', $host, $matches);
38 $domain = $matches[0];
40 // Check the whitelist if it's empty or if it includes the domain name.
41 if ((count($whitelist) == 1) || (in_array($domain, $whitelist))) {
48 // Set user attributes if the domain has passed the clearence.
50 $attributes = array();
52 $user_fields = user_load($account->uid);
53 $attributes['user_fields'] = json_encode($user_fields);
55 // Attributes can be single valued or multi-valued.
56 $attributes['service'] = $service;
57 $attributes['domain'] = $host;
58 $attributes['whitelist'] = 'passed whitelist check';
59 $attributes['ticket'] = $ticket;
60 $attributes['account'] = $account->uid;
61 $attributes['picture'] = file_create_url($account->picture->uri);
65 // Domain has not passed security check, logout the user.
72 * Implements hook_menu().
74 function cas_fields_server_menu() {
77 $items['admin/config/people/cas/cas_server'] = array(
78 'title' => 'CAS Server Config',
79 'description' => 'Configuration for CAS Server module',
80 'page callback' => 'drupal_get_form',
81 'page arguments' => array('cas_fields_server_config_form'),
82 'access arguments' => array('access administration pages'),
83 'type' => MENU_NORMAL_ITEM,
90 * Building the cas server configuration form.
92 function cas_fields_server_config_form($form, &$form_state) {
95 foreach (array_filter(variable_get('cas_server_whitelist')) as $key => $value) {
96 $list .= $value . ", \n";
99 $form['cas_fields_server_config_form'] = array(
100 '#title' => t('CAS Clients top level domains that can access the server: '),
101 '#description' => t('Format : domain.com<br/> Separator: use commas<br/><br/>Note: do not add wildcard (*.domain.com) as all subdomains of the listed domains are cleared by the security check.<br/><br/> Note: All incoming requests pass if there is no domain set in the textfield above'),
102 '#type' => 'textarea',
103 '#default_value' => $list ,
106 $form['#submit'][] = 'cas_fields_server_config_form_submit';
108 return system_settings_form($form);
112 * Set the whitelist variable value.
114 function cas_fields_server_config_form_submit($form, &$form_state) {
115 $whitelist = array_map('trim', explode(",", $form['cas_fields_server_config_form']['#value']));
116 variable_set('cas_server_whitelist', $whitelist);