You are here

function hook_simplesamlphp_auth_existing_user in simpleSAMLphp Authentication 8.3

Hook to map pre-existing Drupal user based on SAML attributes.

Allows other modules to decide if there is an existing Drupal user that should be linked with the SAML-authenticated user authname, based on the supplied SAML atttributes.

E.g. When a SAML-authenticated user logs in, try to find an existing Drupal user which has the same email address as specified in the SAML attributes. In that case the existing Drupal user and SAML-authenticated user will be linked, and that Drupal user will be loaded and logged in upon successful SAML authentication.

Parameters

array $attributes: The SimpleSAMLphp attributes for this user.

Return value

\Drupal\user\UserInterface|bool The pre-existing Drupal user to be SAML-enabled, or FALSE if none found.

1 invocation of hook_simplesamlphp_auth_existing_user()
SimplesamlphpDrupalAuth::externalRegister in src/Service/SimplesamlphpDrupalAuth.php
Registers a user locally as one authenticated by the SimpleSAML IdP.

File

./simplesamlphp_auth.api.php, line 103
Hooks for simpleSAMLphp Authentication module.

Code

function hook_simplesamlphp_auth_existing_user($attributes) {
  $saml_mail = $attributes['mail'];
  $existing_users = \Drupal::entityTypeManager()
    ->getStorage('user')
    ->loadByProperties([
    'mail' => $saml_mail,
  ]);
  if ($existing_users) {
    $existing_user = is_array($existing_users) ? reset($existing_users) : FALSE;
    if ($existing_user) {
      return $existing_user;
    }
  }
  return FALSE;
}