login_saml: unique id is email and not uid

This commit is contained in:
Jérôme Schneider 2013-06-11 09:47:08 +02:00
parent 554b3d9748
commit f822bd5cc5
2 changed files with 16 additions and 12 deletions

View File

@ -71,20 +71,18 @@ function login_saml_successfull()
$email = $attributes['email'][0];
$display_name = $first_name . ' ' . $last_name;
spip_log("[auth_saml] authentification reussi pour l'utilisateur =".$login);
spip_log("[auth_saml] authentification reussi pour l'utilisateur =".$email);
// Si l'utilisateur figure deja dans la base, y recuperer les infos
$result = spip_query("SELECT * FROM spip_auteurs WHERE login=" ._q($login). " AND statut<>'5poubelle'" );
$result = spip_query("SELECT * FROM spip_auteurs WHERE email=" ._q($email). " AND statut<>'6form'" );
$row_auteur = spip_fetch_array($result);
spip_log("[auth_saml] attribus utilisateur =".$row_auteur['login']);
if ($row_auteur) {
$GLOBALS['auteur_session'] = $row_auteur;
spip_log("[auth_saml] updating user [" . $login . "]");
spip_log("[auth_saml] display name : $display_name and email : $email");
spip_query("UPDATE spip_auteurs SET nom=" . _q($display_name) . ", email=" . _q($email) . " WHERE login="._q($login));
spip_log("[auth_saml] updating user [" . $email . "]");
spip_log("[auth_saml] display name : $display_name and login : $login");
spip_query("UPDATE spip_auteurs SET nom=" . _q($display_name) . ", login=" . _q($login) . " WHERE email="._q($email));
}
else
@ -92,15 +90,21 @@ function login_saml_successfull()
spip_log("[auth_saml] creating user [" . $login . "]");
spip_log("[auth_saml] display name : $display_name and email : $email");
$pass = generate_password();
spip_query("INSERT INTO spip_auteurs (nom, login, email, pass, statut) VALUES ('$display_name', '$login', '$email', '$pass', '1comite')");
// Si l'utilisateur figure deja dans la base, y recuperer les infos
$result = spip_query("SELECT * FROM spip_auteurs WHERE login=" ._q($login). " AND statut<>'5poubelle'" );
spip_query("INSERT INTO spip_auteurs (nom, login, email, pass, statut) VALUES ('$display_name', '$login', '$email', '$pass', '6forum')");
// On recupere l('utilisateur
$result = spip_query("SELECT * FROM spip_auteurs WHERE email=" ._q($email). " AND statut<>'6forum'" );
$row_auteur = spip_fetch_array($result);
}
// chargement de l'utilisateur en session
$GLOBALS['auteur_session'] = $row_auteur;
$session = charger_fonction('session', 'inc');
$cookie_session = $session($row_auteur);
spip_setcookie('spip_session', $cookie_session);
$redirect = _DIR_RESTREINT_ABS. "?bonjour=oui";
if ($row_auteur['statut'][0] < 6)
$redirect = _DIR_RESTREINT_ABS. "?bonjour=oui";
else
$redirect = '/';
spip_log('[auth_saml] redirect ' . $redirect);
redirige_par_entete($redirect);
}

View File

@ -22,7 +22,7 @@ $config = array(
// The entity ID of the IdP this should SP should contact.
// Can be NULL/unset, in which case the user will be shown a list of available IdPs.
'idp' => NULL,
'idp' => 'http://mon.meyzieu.dev.entrouvert.org/idp/saml2/metadata',
// The URL to the discovery service.
// Can be NULL/unset, in which case a builtin discovery service will be used.