You are here

Home » API reference » Shibboleth Authentication 6.4 » shib_auth.module

function shib_auth_save_authmap in Shibboleth Authentication 6.4

Same name and namespace in other branches
  1. 7.4 shib_auth.module \shib_auth_save_authmap()

Saves an entry into shib_authmap and also saves mail if changed A row in the authmap contains the drupal user id, the targeted id from Shibboleth, the IdP name, the date the user was created, and user consent version number. @uname the username got from IdP @custom_uname the customized username @umail_single the e-mail address

4 calls to shib_auth_save_authmap()
shib_auth_custom_form in ./shib_auth.module
If any customization or consent option is enabled, the custom form will show up before registering and forces the user to accept user consent and define username and/or e-mail address (prefilling fields with the data coming from the…
shib_auth_custom_mail in ./shib_auth.module
User Data Customization function - MAIL This function handles the mail customization process @uname the username got from IdP @custom_uname the customized username @custom_mail the costumized e-mail address
shib_auth_custom_username in ./shib_auth.module
User Data Customization function - USERNAME This function handles the username customization process @uname the username got from IdP @custom_uname the customized username @umail_single the e-mail address received from IdP
shib_auth_init in ./shib_auth.module
Create a new user based on informations from the Shibboleth handler if it's necessary or log in.

File

./shib_auth.module, line 275
Drupal Shibboleth authentication module.

Code

function shib_auth_save_authmap($uname, $custom_uname, $umail_single) {
  global $user;
  $email_already_used_query = db_query("SELECT uid FROM {users} WHERE mail='%s'", $umail_single);
  $email_already_used = db_fetch_object($email_already_used_query);

  // If the mail address is used, give an error
  if ($email_already_used && !(!empty($_SESSION['shib_auth_account_linking']) && $email_already_used->uid == $user->uid)) {
    shib_auth_error('[shib_save_authmap] Error saving user account. E-mail address is already used.');
  }
  else {

    //if linking an account with shib: don't login / register again
    if (!($user->uid > 1 && !empty($_SESSION['shib_auth_account_linking']))) {
      if (user_is_blocked($custom_uname)) {

        //register a new user with this username, and login
        shib_auth_error('This user is blocked');
        return;
      }
      user_external_login_register($custom_uname, 'shib_auth');
      if ($user->uid) {
        $null = array();
        user_authenticate_finalize($null);
      }
    }
    if (!user_get_authmaps($user->name)) {
      user_set_authmaps($user, array(
        'auth_shib_auth' => $user->name,
      ));
    }
    $_SESSION['shib_auth_authentication'] = 'shib_auth';
    if (!$user) {

      // Something really bad happened
      shib_auth_error('Fatal error while saving mail address');
      return;
    }
    $idp = shib_auth_get_idp();

    //write an entry into shib_authmap set the current consent version
    $sql = "INSERT INTO {shib_authmap} (uid, targeted_id, idp, created, consentver) VALUES  ('%s', '%s', '%s', '%s', '%s')";
    $result = db_query($sql, $user->uid, $uname, $idp, date('Y-m-d H:i:s'), shib_auth_config('terms_ver'));
    if (!shib_auth_config('enable_custom_mail') || empty($_SESSION['shib_auth_account_linking'])) {

      //rewrite e-mail address
      $user = shib_auth_save_mail($user, $umail_single);
      if (!$user) {

        // Something really bad happened
        shib_auth_error('[shib_auth_save_authmap] Fatal error while saving mail address');
        return;
      }
    }
    if (isset($_SESSION['shib_auth_account_linking']) && $_SESSION['shib_auth_account_linking']) {
      unset($_SESSION['shib_auth_account_linking']);
      drupal_set_message('Account successfully linked to new shibboleth id!');
    }
  }
}