function _simplesaml_auth_user_register in simpleSAMLphp Authentication 7.3
Creates a new Drupal account for a SAML authenticated user.
Parameters
string $authname: Gets the authname attribute from the SAML assertion as provided by _simplesamlphp_auth_get_authname().
Return value
object The newly create Drupal user object.
1 call to _simplesaml_auth_user_register()
- _simplesaml_auth_login_register in ./
simplesamlphp_auth.inc - Performs login and/or register actions for SAML authenticated users.
File
- ./
simplesamlphp_auth.inc, line 89 - Contains non-hook implementations.
Code
function _simplesaml_auth_user_register($authname) {
global $user;
global $_simplesamlphp_auth_as;
// First we check the admin settings for simpleSAMLphp and find out if we are
// allowed to register users.
if (variable_get('simplesamlphp_auth_registerusers', TRUE)) {
// We are allowed to register new users.
if (variable_get('simplesamlphp_auth_debug', 0)) {
watchdog('simplesamlphp_auth', 'Register [%authname]', array(
'%authname' => $authname,
), WATCHDOG_DEBUG);
}
// It's possible that a user with this name already exists, but is not
// permitted to login to Drupal via SAML. If so, log out of SAML and
// redirect to the front page.
$account = user_load_by_name($authname);
if ($account) {
if (variable_get('simplesamlphp_auth_debug', 0)) {
watchdog('simplesamlphp_auth', 'User [%authname] could not be registered because that username already exists and is not SAML enabled.', array(
'%authname' => $authname,
), WATCHDOG_DEBUG);
}
drupal_set_message(t('We are sorry, your user account is not SAML enabled.'));
$_simplesamlphp_auth_as
->logout(base_path());
return FALSE;
}
// Register the new user.
user_external_login_register($authname, 'simplesamlphp_auth');
if (variable_get('simplesamlphp_auth_debug', 0)) {
watchdog('simplesamlphp_auth', 'Registered [%authname] with uid @uid', array(
'%authname' => $authname,
'@uid' => $user->uid,
), WATCHDOG_DEBUG);
}
if (!empty($user->uid)) {
// Populate roles based on configuration setting.
$roles = _simplesamlphp_auth_rolepopulation(variable_get('simplesamlphp_auth_rolepopulation', ''));
$userinfo = array(
'roles' => $roles,
);
$user = user_save($user, $userinfo);
return $user;
}
else {
// We were unable to register this new user on the site.
// We let the user know about this, log an error, and redirect to the home
// page.
drupal_set_message(t("We are sorry. While you have successfully authenticated, we were unable to create an account for you on this site. Please ask the site administrator to provision access for you."));
watchdog('simplesamlphp_auth', 'Unable to register %authname using simplesamlphp_auth', array(
'%authname' => $authname,
), WATCHDOG_ERROR);
$_simplesamlphp_auth_as
->logout(base_path());
}
}
else {
// We are not allowed to register new users on the site through simpleSAML.
// We let the user know about this and redirect to the user/login page.
drupal_set_message(t("We are sorry. Although you have successfully authenticated, you are not yet entitled to access this site. Please ask the site administrator to provide access for you."));
$_simplesamlphp_auth_as
->logout(base_path());
}
}