You are here

Home » API reference » Shibboleth Authentication 7.4 » shib_auth.module

function shib_auth_save_authmap in Shibboleth Authentication 7.4

Same name and namespace in other branches
  1. 6.4 shib_auth.module \shib_auth_save_authmap()

Saves an entry into shib_authmap and also saves mail if changed.

A row in the authmap contains the Drupal user id, the targeted id from Shibboleth, the IdP name, the date the user was created, and user consent version number.

Parameters

string $uname: The username got from IdP.

string $custom_uname: The customized username.

string $umail_single: The first email address of the user from the IdP.

4 calls to shib_auth_save_authmap()
shib_auth_custom_form in ./shib_auth.module
Displays custom form if either customization or consent options are enabled.
shib_auth_custom_mail in ./shib_auth.module
User Data Customization function - MAIL.
shib_auth_custom_username in ./shib_auth.module
User Data Customization function - USERNAME.
shib_auth_init in ./shib_auth.module
Creates a new user, if necessary, based on information from the handler.

File

./shib_auth.module, line 305
Drupal Shibboleth authentication module.

Code

function shib_auth_save_authmap($uname, $custom_uname, $umail_single) {
  global $user;
  $email_already_used = db_select('users', 'c')
    ->fields('c')
    ->condition('mail', $umail_single, '=')
    ->execute()
    ->fetchObject();

  // If the mail address is used, give an error.
  if ($email_already_used && !(!empty($_SESSION['shib_auth_account_linking']) && $email_already_used->uid == $user->uid)) {
    shib_auth_error('[shib_auth_save_authmap] Error saving user account. Email address is already used.');
  }
  else {

    // If linking an account with shib: don't login / register again.
    if (!($user->uid > 1 && !empty($_SESSION['shib_auth_account_linking']))) {
      if (user_is_blocked($custom_uname)) {

        // Register a new user with this username, and login.
        shib_auth_error('This user is blocked');
        return;
      }
      $_SESSION['shib_auth_register_in_progress'] = TRUE;
      user_external_login_register($custom_uname, 'shib_auth');
      unset($_SESSION['shib_auth_register_in_progress']);
    }
    if (!user_get_authmaps($user->name)) {
      user_set_authmaps($user, array(
        'auth_shib_auth' => $user->name,
      ));
    }
    $_SESSION['shib_auth_authentication'] = 'shib_auth';
    if (!$user) {

      // Something really bad happened.
      shib_auth_error('Fatal error while saving mail address');
      return;
    }
    $idp = shib_auth_get_idp();

    // Write an entry into shib_authmap set the current consent version.
    db_insert('shib_authmap')
      ->fields(array(
      'uid' => $user->uid,
      'targeted_id' => $uname,
      'idp' => $idp,
      'created' => time(),
      'consentver' => shib_auth_config('terms_ver'),
    ))
      ->execute();
    if (!shib_auth_config('enable_custom_mail') || empty($_SESSION['shib_auth_account_linking'])) {

      // Rewrite email address.
      $user = shib_auth_save_mail($user, $umail_single);
      if (!$user) {

        // Something really bad happened.
        shib_auth_error('[shib_auth_save_authmap] Fatal error while saving mail address');
        return;
      }
    }
    if (isset($_SESSION['shib_auth_account_linking']) && $_SESSION['shib_auth_account_linking']) {
      unset($_SESSION['shib_auth_account_linking']);
      drupal_set_message(t('Account successfully linked to new shibboleth id!'));
    }
  }
}