Jifty::Plugin::Authentication::CAS::Action::CASLogin - process CAS login plugin

Jifty-Plugin-Authentication-CAS documentation Contained in the Jifty-Plugin-Authentication-CAS distribution.

Index

Code Index:

NAME

Top

Jifty::Plugin::Authentication::CAS::Action::CASLogin - process CAS login plugin

arguments

Return the ticket form field

validate_ticket ST

for ajax_validates Makes sure that the ticket submitted is legal.

take_action

Actually check the user's password. If it's right, log them in. Otherwise, throw an error.

report_success

Jifty-Plugin-Authentication-CAS documentation Contained in the Jifty-Plugin-Authentication-CAS distribution. 
use warnings;
use strict;


package Jifty::Plugin::Authentication::CAS::Action::CASLogin;
use base qw/Jifty::Action/;



sub arguments {
    return (
        {
            ticket => {
                label          => 'cas ticket',
                ajax_validates => 1,
            },

        }
    );

}


sub validate_ticket {
    my $self  = shift;
    my $ticket = shift;

    if ( $ticket && $ticket !~ /^[A-Za-z0-9-]+$/ ) {
        return $self->validation_error(
            ticket => _("That doesn't look like a valid ticket.") );
    }


    return $self->validation_ok('ticket');
}



sub take_action {
    my $self = shift;
    my $ticket = $self->argument_value('ticket');

    my ($plugin)  = Jifty->find_plugin('Jifty::Plugin::Authentication::CAS');

#    my $service_url = ($ENV{SERVER_PORT} == 443)?'https://':'http://'.
#    	$ENV{HTTP_HOST}.'/caslogin';
    
    my $service_url = Jifty->web->url.'/caslogin';
    if ( Jifty->web->request->continuation ) {
        $service_url .= '?J:C='.Jifty->web->request->continuation_id;
    };

    if (! $ticket) {
        my $login_url = $plugin->CAS->login_url( $service_url );
        Jifty->web->_redirect($login_url);
        return 1;
      }

    my $r = $plugin->CAS->service_validate($service_url,$ticket);
    my $username;
    if ($r->is_success) {
        $username = $r->user();
    }
    else {
      Jifty->log->info("CAS error: $ticket $username");
      return;
    };
     
    my ($name,$email);
    #TODO add a ldap conf to find name and email
    $email = $username.'@'.$plugin->domain() if ($plugin->domain());

    # Load up the user
    my $current_user = Jifty->app_class('CurrentUser');
    my $user = ($email) ? $current_user->new( email => $email)    # load by email to mix authentication
                        : $current_user->new( cas_id => $username );  # else load by cas_id

    # Autocreate the user if necessary
    if ( not $user->id ) {
        my $action = Jifty->web->new_action(
            class           => 'CreateUser',
            current_user    => $current_user->superuser,
            arguments       => {
                cas_id => $username
            }
        );
        $action->run;

        if ( not $action->result->success ) {
            # Should this be less "friendly"?
            $self->result->error(_("Sorry, something weird happened (we couldn't create a user for you).  Try again later."));
            return;
        }

        $user = $current_user->new( cas_id => $username );
    }

    my $u = $user->user_object;


    # Update, just in case
    $u->__set( column => 'cas_id', value => $username ) if (!$u->cas_id);
    $u->__set( column => 'name', value => $username ) if (!$u->name);
    $u->__set( column => 'name', value => $name ) if ($name);
    $u->__set( column => 'email', value => $email ) if ($email);
 
    # Actually do the signin thing.
    Jifty->web->current_user( $user );
    Jifty->web->session->set_cookie;

    # Success!
    $self->report_success;

    return 1;
};


sub report_success {
    my $self = shift;
    $self->result->message(_("Hi %1!", Jifty->web->current_user->user_object->name ));
};


1;