New authentication source: authmyspace

Thanks to Brook Schofield for implementing this. git-svn-id: http://simplesamlphp.googlecode.com/svn/trunk@2735 44740490-163a-0410-bde0-09ae8108e29a
2011-02-08 13:51:10 +00:00 · 2011-02-08 13:51:10 +00:00 · e239600e03
parent 8b91feba9c
commit e239600e03
6 changed files with 254 additions and 0 deletions
--- a/attributemap/myspace2name.php
+++ b/attributemap/myspace2name.php
@ -0,0 +1,18 @@
+<?php
+$attributemap = array(
+
+	// See http://developerwiki.myspace.com/index.php?title=People_API for attributes
+
+	// Generated MySpace Attributes
+	'myspace_user'			=>	'eduPersonPrincipalName', // username OR uid @ myspace.com
+	'myspace_targetedID'		=>	'eduPersonTargetedID', // http://myspace.com!uid
+	'myspace_username'		=>	'uid', // myspace username (maybe numeric uid)
+	//'myspace_uid'			=>	'uid', // numeric myspace user id
+
+	// Attributes Returned by MySpace
+	'myspace.name.givenName'	=>	'givenName',
+	'myspace.name.familyName'	=>	'sn',
+	'myspace.displayName'		=>	'displayName',
+	//'myspace.thumbnailUrl'	=>	'jpegPhoto', // URL not image data
+	'myspace.profileUrl'		=>	'labeledURI',
+);
--- a/config-templates/authsources.php
+++ b/config-templates/authsources.php
@ -145,6 +145,28 @@ $config = array(
 	),
 	*/

+	/*
+	// MySpace OAuth Authentication API.
+	// Register your application to get an API key here:
+	//  http://developer.myspace.com/
+	'myspace' => array(
+		'authmyspace:MySpace',
+		'key' => 'xxxxxxxxxxxxxxxx',
+		'secret' => 'xxxxxxxxxxxxxxxx',
+	),
+	*/
+
+	/*
+	// Windows Live ID Authentication API.
+	// Register your application to get an API key here:
+	//  https://manage.dev.live.com
+	'windowslive' => array(
+		'authwindowslive:LiveID',
+		'key' => 'xxxxxxxxxxxxxxxx',
+		'secret' => 'xxxxxxxxxxxxxxxx',
+	),
+	*/
+
 	/*
 	// Example of a LDAP authentication source.
 	'example-ldap' => array(
--- a/modules/authmyspace/default-disable
+++ b/modules/authmyspace/default-disable
@ -0,0 +1,3 @@
+This file indicates that the default state of this module
+is disabled. To enable, create a file named enable in the
+same directory as this file.
--- a/modules/authmyspace/docs/oauthmyspace.txt
+++ b/modules/authmyspace/docs/oauthmyspace.txt
@ -0,0 +1,25 @@
+Using the MySpace authentication source with simpleSAMLphp
+==========================================================
+
+Remember to configure `authsources.php`, with both your Client ID and Secret key.
+
+To get an API key and a secret, register the application at:
+
+ * <http://developer.myspace.com/Modules/Apps/Pages/CreateAppAccount.aspx>
+
+Create a MySpace ID App and set the callback evaluation URL to be:
+
+ * `http://sp.example.org/`
+
+Replace `sp.example.org` with your hostname.
+
+## Testing authentication
+
+On the SimpleSAMLphp frontpage, go to the *Authentication* tab, and use the link:
+
+  * *Test configured authentication sources*
+
+Then choose the *myspace* authentication source.
+
+Expected behaviour would then be that you are sent to MySpace, and asked to login.
+There is no consent screen for attribute release.
--- a/modules/authmyspace/lib/Auth/Source/MySpace.php
+++ b/modules/authmyspace/lib/Auth/Source/MySpace.php
@ -0,0 +1,141 @@
+<?php
+
+require_once(dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '/oauth/libextinc/OAuth.php');
+
+/**
+ * Authenticate using MySpace.
+ *
+ * @author Brook Schofield, TERENA.
+ * @package simpleSAMLphp
+ * @version $Id$
+ */
+class sspmod_authmyspace_Auth_Source_MySpace extends SimpleSAML_Auth_Source {
+
+	/**
+	 * The string used to identify our states.
+	 */
+	const STAGE_INIT = 'authmyspace:init';
+
+	/**
+	 * The key of the AuthId field in the state.
+	 */
+	const AUTHID = 'authmyspace:AuthId';
+
+	private $key;
+	private $secret;
+
+
+	/**
+	 * Constructor for this authentication source.
+	 *
+	 * @param array $info  Information about this authentication source.
+	 * @param array $config  Configuration.
+	 */
+	public function __construct($info, $config) {
+		assert('is_array($info)');
+		assert('is_array($config)');
+
+		/* Call the parent constructor first, as required by the interface. */
+		parent::__construct($info, $config);
+
+		if (!array_key_exists('key', $config))
+			throw new Exception('MySpace authentication source is not properly configured: missing [key]');
+
+		$this->key = $config['key'];
+
+		if (!array_key_exists('secret', $config))
+			throw new Exception('MySpace authentication source is not properly configured: missing [secret]');
+
+		$this->secret = $config['secret'];
+	}
+
+
+	/**
+	 * Log-in using MySpace platform
+	 *
+	 * @param array &$state  Information about the current authentication.
+	 */
+	public function authenticate(&$state) {
+		assert('is_array($state)');
+
+		/* We are going to need the authId in order to retrieve this authentication source later. */
+		$state[self::AUTHID] = $this->authId;
+
+		$consumer = new sspmod_oauth_Consumer($this->key, $this->secret);
+
+		// Get the request token
+		$requestToken = $consumer->getRequestToken('http://api.myspace.com/request_token');
+		SimpleSAML_Logger::debug("Got a request token from the OAuth service provider [" .
+			$requestToken->key . "] with the secret [" . $requestToken->secret . "]");
+
+		$state['authmyspace:requestToken'] = $requestToken;
+
+		$stateID = SimpleSAML_Auth_State::saveState($state, self::STAGE_INIT);
+		SimpleSAML_Logger::debug('authmyspace auth state id = ' . $stateID);
+
+		// Authorize the request token
+		$consumer->getAuthorizeRequest('http://api.myspace.com/authorize', $requestToken, TRUE, SimpleSAML_Module::getModuleUrl('authmyspace') . '/linkback.php?stateid=' . $stateID);
+
+	}
+
+
+
+	public function finalStep(&$state) {
+
+		$requestToken = $state['authmyspace:requestToken'];
+
+		$consumer = new sspmod_oauth_Consumer($this->key, $this->secret);
+
+		SimpleSAML_Logger::debug("oauth: Using this request token [" .
+			$requestToken->key . "] with the secret [" . $requestToken->secret . "]");
+
+		// Replace the request token with an access token
+		$accessToken = $consumer->getAccessToken('http://api.myspace.com/access_token', $requestToken);
+		SimpleSAML_Logger::debug("Got an access token from the OAuth service provider [" .
+			$accessToken->key . "] with the secret [" . $accessToken->secret . "]");
+
+		// API depricated on 20th September 2010
+		//$userdata = $consumer->getUserInfo('http://api.myspace.com/v1/user.json', $accessToken);
+
+		// People API -  http://developerwiki.myspace.com/index.php?title=People_API
+		$userdata = $consumer->getUserInfo('http://api.myspace.com/1.0/people/@me/@self?fields=@all', $accessToken);
+
+		$attributes = array();
+
+		if (is_array($userdata['person'])) {
+			foreach($userdata['person'] AS $key => $value) {
+				if (is_string($value) || is_int($value))
+					$attributes['myspace.' . $key] = array((string)$value);
+
+				if (is_array($value)) {
+					foreach($value AS $key2 => $value2) {
+						if (is_string($value2) || is_int($value2))
+							$attributes['myspace.' . $key . '.' . $key2] = array((string)$value2);
+					}
+				}
+			}
+
+			if (array_key_exists('id', $userdata['person']) ) {
+
+				// person-id in the format of myspace.com.person.1234567890
+				if (preg_match('/(\d+)$/',$userdata['person']['id'],$matches)) {
+					$attributes['myspace_targetedID'] = array('http://myspace.com!' . $matches[1]);
+					$attributes['myspace_uid'] = array($matches[1]);
+					$attributes['myspace_user'] = array($matches[1] . '@myspace.com');
+				}
+			}
+
+			// profileUrl in the format http://www.myspace.com/username
+			if (array_key_exists('profileUrl', $userdata['person']) ) {
+				if (preg_match('@/([^/]+)$@',$userdata['person']['profileUrl'],$matches)) {
+					$attributes['myspace_username'] = array($matches[1]);
+					$attributes['myspace_user'] = array($matches[1] . '@myspace.com');
+				}
+			}
+		}
+
+		SimpleSAML_Logger::debug('MySpace Returned Attributes: '. implode(", ",array_keys($attributes)));
+
+		$state['Attributes'] = $attributes;
+	}
+}
--- a/modules/authmyspace/www/linkback.php
+++ b/modules/authmyspace/www/linkback.php
@ -0,0 +1,45 @@
+<?php
+
+/**
+ * Handle linkback() response from MySpace.
+ */
+
+if (array_key_exists('stateid', $_REQUEST)) {
+	$stateId = $_REQUEST['stateid'];
+} else {
+	throw new Exception('State Lost - not returned by MySpace Auth');
+}
+
+$state = SimpleSAML_Auth_State::loadState($stateId, sspmod_authmyspace_Auth_Source_MySpace::STAGE_INIT);
+
+if (array_key_exists('oauth_problem', $_REQUEST)) {
+	// oauth_problem of 'user_refused' means user chose not to login with MySpace
+	if (strcmp($_REQUEST['oauth_problem'],'user_refused') == 0) {
+		$e = new SimpleSAML_Error_UserAborted('User aborted authentication.');
+		SimpleSAML_Auth_State::throwException($state, $e);
+	}
+
+	// Error
+	$e = new SimpleSAML_Error_Error('Authentication failed: ' . $_REQUEST['oauth_problem']);
+	SimpleSAML_Auth_State::throwException($state, $e);
+}
+
+if (array_key_exists('oauth_verifier', $_REQUEST)) {
+	$state['authmyspace:oauth_verifier'] = $_REQUEST['oauth_verifier'];
+} else {
+	throw new Exception('OAuth verifier not returned.');;
+}
+
+/* Find authentication source. */
+assert('array_key_exists(sspmod_authmyspace_Auth_Source_MySpace::AUTHID, $state)');
+$sourceId = $state[sspmod_authmyspace_Auth_Source_MySpace::AUTHID];
+
+$source = SimpleSAML_Auth_Source::getById($sourceId);
+if ($source === NULL) {
+	throw new Exception('Could not find authentication source with id ' . $sourceId);
+}
+
+$source->finalStep($state);
+
+SimpleSAML_Auth_Source::completeAuth($state);
+