You are here

Home » API reference » simpleSAMLphp Authentication 8.3 » SimplesamlphpDrupalAuth.php » SimplesamlphpDrupalAuth

public function SimplesamlphpDrupalAuth::synchronizeUserAttributes in simpleSAMLphp Authentication 8.3

Synchronizes user data if enabled.

Parameters

\Drupal\Core\Session\AccountInterface $account: The Drupal account to synchronize attributes on.

bool $force: Define whether to force syncing of the user attributes, regardless of SimpleSAMLphp settings.

1 call to SimplesamlphpDrupalAuth::synchronizeUserAttributes()
SimplesamlphpDrupalAuth::externalRegister in src/Service/SimplesamlphpDrupalAuth.php
Registers a user locally as one authenticated by the SimpleSAML IdP.

File

src/Service/SimplesamlphpDrupalAuth.php, line 242

Class

SimplesamlphpDrupalAuth
Service to link SimpleSAMLphp authentication with Drupal users.

Namespace

Drupal\simplesamlphp_auth\Service

Code

public function synchronizeUserAttributes(AccountInterface $account, $force = FALSE) {
  $sync_mail = $force || $this->config
    ->get('sync.mail');
  $sync_user_name = $force || $this->config
    ->get('sync.user_name');
  if ($sync_user_name) {
    $name = $this->simplesamlAuth
      ->getDefaultName();
    if ($name) {
      $existing = FALSE;
      $account_search = $this->entityTypeManager
        ->getStorage('user')
        ->loadByProperties([
        'name' => $name,
      ]);
      if ($existing_account = reset($account_search)) {
        if ($account
          ->id() != $existing_account
          ->id()) {
          $existing = TRUE;
          $logger_params = [
            '%username' => $name,
            '%new_uid' => $this->currentUser
              ->id(),
            '%existing_uid' => $existing_account
              ->id(),
          ];
          $this->logger
            ->critical("Error on synchronizing name attribute for uid %new_uid: an account with the username %username and uid %existing_uid already exists.", $logger_params);
          $this->messenger
            ->addMessage($this
            ->t('Error synchronizing username: an account with this username already exists.'), 'error');
        }
      }
      if (!$existing) {
        $account
          ->setUsername($name);
      }
    }
    else {
      $this->logger
        ->critical("Error on synchronizing name attribute: no username available for Drupal user %id.", [
        '%id' => $account
          ->id(),
      ]);
      $this->messenger
        ->addMessage($this
        ->t('Error synchronizing username: no username is provided by SAML.'), 'error');
    }
  }
  if ($sync_mail && $this->config
    ->get('mail_attr')) {
    $mail = $this->simplesamlAuth
      ->getDefaultEmail();
    if ($mail) {
      $account
        ->setEmail($mail);
    }
    else {
      $this->logger
        ->critical("Error on synchronizing mail attribute: no email address available for Drupal user %id.", [
        '%id' => $account
          ->id(),
      ]);
      $this->messenger
        ->addMessage($this
        ->t('Error synchronizing mail: no email address is provided by SAML.'), 'error');
    }
  }
  if ($sync_mail || $sync_user_name) {
    $account
      ->save();
  }
}