You are here

Home » API reference » simpleSAMLphp Authentication 8.3 » SyncingSettingsForm.php

class SyncingSettingsForm in simpleSAMLphp Authentication 8.3

Form builder for the simplesamlphp_auth local settings form.

Hierarchy

Expanded class hierarchy of SyncingSettingsForm

1 string reference to 'SyncingSettingsForm'
simplesamlphp_auth.routing.yml in ./simplesamlphp_auth.routing.yml
simplesamlphp_auth.routing.yml

File

src/Form/SyncingSettingsForm.php, line 11

Namespace

Drupal\simplesamlphp_auth\Form
View source 
class SyncingSettingsForm extends ConfigFormBase {

  /**
   * {@inheritdoc}
   */
  public function getFormId() {
    return 'simplesamlphp_auth_syncing_settings_form';
  }

  /**
   * {@inheritdoc}
   */
  protected function getEditableConfigNames() {
    return [
      'simplesamlphp_auth.settings',
    ];
  }

  /**
   * {@inheritdoc}
   */
  public function buildForm(array $form, FormStateInterface $form_state) {
    $config = $this
      ->config('simplesamlphp_auth.settings');
    $form['user_info'] = [
      '#type' => 'fieldset',
      '#title' => $this
        ->t('User info and syncing'),
      '#collapsible' => FALSE,
    ];
    $form['user_info']['unique_id'] = [
      '#type' => 'textfield',
      '#title' => $this
        ->t('SimpleSAMLphp attribute to be used as unique identifier for the user'),
      '#default_value' => $config
        ->get('unique_id'),
      '#description' => $this
        ->t('Example: <i>eduPersonPrincipalName</i> or <i>eduPersonTargetedID</i><br />If the attribute is multivalued, the first value will be used.'),
      '#required' => TRUE,
    ];
    $form['user_info']['user_name'] = [
      '#type' => 'textfield',
      '#title' => $this
        ->t('SimpleSAMLphp attribute to be used as username for the user'),
      '#default_value' => $config
        ->get('user_name'),
      '#description' => $this
        ->t('Example: <i>eduPersonPrincipalName</i> or <i>displayName</i><br />If the attribute is multivalued, the first value will be used.<br />WARNING: Drupal requires usernames to be unique!'),
      '#required' => TRUE,
    ];
    $form['user_info']['user_name_sync'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Synchronize user name on every login'),
      '#default_value' => $config
        ->get('sync.user_name'),
      '#description' => $this
        ->t('Check if user name should be synchronized every time a user logs in.'),
      '#required' => FALSE,
    ];
    $form['user_info']['mail_attr'] = [
      '#type' => 'textfield',
      '#title' => $this
        ->t('SimpleSAMLphp attribute to be used as email address for the user'),
      '#default_value' => $config
        ->get('mail_attr'),
      '#description' => $this
        ->t('Example: <i>mail</i><br />If the user attribute is multivalued, the first value will be used.'),
    ];
    $form['user_info']['mail_attr_sync'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Synchronize email address on every login'),
      '#default_value' => $config
        ->get('sync.mail'),
      '#description' => $this
        ->t('Check if email address should be synchronized every time a user logs in.'),
      '#required' => FALSE,
    ];
    $form['user_info']['role_population'] = [
      '#type' => 'textarea',
      '#title' => $this
        ->t('Automatic role population from simpleSAMLphp attributes'),
      '#default_value' => $config
        ->get('role.population'),
      '#description' => $this
        ->t('A pipe separated list of rules. Each rule consists of a Drupal role id, a SimpleSAML attribute name, an operation and a value to match. <i>e.g. role_id1:attribute_name,operation,value|role_id2:attribute_name2,operation,value... etc</i><br /><br />Each operation may be either "@", "@=" or "~=". <ul><li>"=" requires the value exactly matches the attribute;</li><li>"@=" requires the portion after a "@" in the attribute to match the value;</li><li>"~=" allows the value to match any part of any element in the attribute array.</li></ul>For instance:<br /><i>staff:eduPersonPrincipalName,@=,uninett.no;affiliation,=,employee|admin:mail,=,andreas@uninett.no</i><br />would ensure any user with an eduPersonPrinciplaName SAML attribute matching .*@uninett.no would be assigned a staff role and the user with the mail attribute exactly matching andreas@uninett.no would assume the admin role.'),
    ];
    $form['user_info']['role_eval_every_time'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Reevaluate roles every time the user logs in'),
      '#default_value' => $config
        ->get('role.eval_every_time'),
      '#description' => $this
        ->t('NOTE: This means users could lose any roles that have been assigned manually in Drupal.'),
    ];
    $form['user_info']['autoenablesaml'] = [
      '#type' => 'checkbox',
      '#title' => $this
        ->t('Automatically enable SAML authentication for existing users upon successful login'),
      '#default_value' => $config
        ->get('autoenablesaml'),
      '#description' => $this
        ->t('Upon federated login, check if a local, pre-existing Drupal user is present that can be linked to the SAML authname (by default Drupal username is checked). If so, enable SAML authentication for this existing user.<br />WARNING: make sure there is an actual link between the SAML authname and pre-existing Drupal usernames, otherwise the Drupal user could be taken over by someone else authenticating with a SAML authname that happens to be the same.<br />NOTE: When enabled, the pre-existing user can be modified (e.g. get other username, email address, roles, ... based on SAML attributes).'),
    ];
    return parent::buildForm($form, $form_state);
  }

  /**
   * {@inheritdoc}
   */
  public function submitForm(array &$form, FormStateInterface $form_state) {
    parent::submitForm($form, $form_state);
    $config = $this
      ->config('simplesamlphp_auth.settings');
    $config
      ->set('unique_id', $form_state
      ->getValue('unique_id'));
    $config
      ->set('user_name', $form_state
      ->getValue('user_name'));
    $config
      ->set('sync.user_name', $form_state
      ->getValue('user_name_sync'));
    $config
      ->set('mail_attr', $form_state
      ->getValue('mail_attr'));
    $config
      ->set('sync.mail', $form_state
      ->getValue('mail_attr_sync'));
    $config
      ->set('role.population', $form_state
      ->getValue('role_population'));
    $config
      ->set('role.eval_every_time', $form_state
      ->getValue('role_eval_every_time'));
    $config
      ->set('autoenablesaml', $form_state
      ->getValue('autoenablesaml'));
    $config
      ->save();
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ConfigFormBase::create public static function Instantiates a new instance of this class. Overrides FormBase::create 13
ConfigFormBase::__construct public function Constructs a \Drupal\system\ConfigFormBase object. 11
ConfigFormBaseTrait::config protected function Retrieves a configuration object.
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
FormBase::$configFactory protected property The config factory. 1
FormBase::$requestStack protected property The request stack. 1
FormBase::$routeMatch protected property The route match.
FormBase::configFactory protected function Gets the config factory for this form. 1
FormBase::container private function Returns the service container.
FormBase::currentUser protected function Gets the current user.
FormBase::getRequest protected function Gets the request object.
FormBase::getRouteMatch protected function Gets the route match.
FormBase::logger protected function Gets the logger for a specific channel.
FormBase::redirect protected function Returns a redirect response object for the specified route. Overrides UrlGeneratorTrait::redirect
FormBase::resetConfigFactory public function Resets the configuration factory.
FormBase::setConfigFactory public function Sets the config factory for this form.
FormBase::setRequestStack public function Sets the request stack object to use.
FormBase::validateForm public function Form validation handler. Overrides FormInterface::validateForm 62
LinkGeneratorTrait::$linkGenerator protected property The link generator. 1
LinkGeneratorTrait::getLinkGenerator Deprecated protected function Returns the link generator.
LinkGeneratorTrait::l Deprecated protected function Renders a link to a route given a route name and its parameters.
LinkGeneratorTrait::setLinkGenerator Deprecated public function Sets the link generator service.
LoggerChannelTrait::$loggerFactory protected property The logger channel factory service.
LoggerChannelTrait::getLogger protected function Gets the logger for a specific channel.
LoggerChannelTrait::setLoggerFactory public function Injects the logger channel factory.
MessengerTrait::$messenger protected property The messenger. 29
MessengerTrait::messenger public function Gets the messenger. 29
MessengerTrait::setMessenger public function Sets the messenger.
RedirectDestinationTrait::$redirectDestination protected property The redirect destination service. 1
RedirectDestinationTrait::getDestinationArray protected function Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url.
RedirectDestinationTrait::getRedirectDestination protected function Returns the redirect destination service.
RedirectDestinationTrait::setRedirectDestination public function Sets the redirect destination service.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
SyncingSettingsForm::buildForm public function Form constructor. Overrides ConfigFormBase::buildForm
SyncingSettingsForm::getEditableConfigNames protected function Gets the configuration names that will be editable. Overrides ConfigFormBaseTrait::getEditableConfigNames
SyncingSettingsForm::getFormId public function Returns a unique string identifying the form. Overrides FormInterface::getFormId
SyncingSettingsForm::submitForm public function Form submission handler. Overrides ConfigFormBase::submitForm
UrlGeneratorTrait::$urlGenerator protected property The url generator.
UrlGeneratorTrait::getUrlGenerator Deprecated protected function Returns the URL generator service.
UrlGeneratorTrait::setUrlGenerator Deprecated public function Sets the URL generator service.
UrlGeneratorTrait::url Deprecated protected function Generates a URL or path for a specific route based on the given parameters.