[FEATURE] Add hooks for OpenID login process 62/21662/8
authorChristian Weiske <cweiske@cweiske.de>
Wed, 26 Jun 2013 14:00:29 +0000 (16:00 +0200)
committerMarkus Klein <markus.klein@typo3.org>
Sun, 4 Oct 2015 17:05:46 +0000 (19:05 +0200)
Two hooks for the OpenID process:
* "authRequest" to modify the OpenID authentication process,
  e.g. to request data like nickname and email address.
* "getUserRecord" is called when the claimed ID is translated into
  a user record. At this stage it is possible to register a new user.

Resolves: #44127
Releases: master
Change-Id: Ice63e6d3f567a09b652b308e50920332f3be485c
Reviewed-on: http://review.typo3.org/21662
Reviewed-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Tested-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
typo3/sysext/core/Documentation/Changelog/master/Feature-44127-HooksForOpenIdToAutomaticallyCreateUserAccounts.rst [new file with mode: 0644]
typo3/sysext/openid/Classes/OpenidService.php

diff --git a/typo3/sysext/core/Documentation/Changelog/master/Feature-44127-HooksForOpenIdToAutomaticallyCreateUserAccounts.rst b/typo3/sysext/core/Documentation/Changelog/master/Feature-44127-HooksForOpenIdToAutomaticallyCreateUserAccounts.rst
new file mode 100644 (file)
index 0000000..cdd67ee
--- /dev/null
@@ -0,0 +1,26 @@
+=====================================================
+Feature: #44127 - Introduced two new Hooks for OpenID
+=====================================================
+
+Description
+===========
+
+Two hooks were added to the OpenIdService. They make it possible to modify the request sent to the OpenID Server,
+or to modify/create backend users on the fly during OpenID login.
+
+
+Hooks
+=====
+
+The following hooks were introduced:
+
+- $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['getUserRecord']
+       Modifies the userRecord after it has been fetched (or none was found).
+       Can be used to e.g. create a new record if none was found or update an existing one.
+       The following parameters are handed to the hook: 'record', 'response', 'authInfo'
+
+- $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['authRequest']
+       Modifies the Authentication Request, before it's sent.
+       Can be used to e.g. request additional attributes like a nickname from the OpenID Server.
+       The following parameters are handed to the hook: 'authRequest', 'authInfo'
+
index 64c6c72..2871fbb 100644 (file)
@@ -317,6 +317,19 @@ class OpenidService extends AbstractService {
                        // We just log it and do not return any records.
                        $this->writeLog($e->getMessage());
                }
+
+               // Hook to modify the user record, e.g. to register a new user
+               if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['getUserRecord']) && is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['getUserRecord'])) {
+                       $_params = array(
+                               'record' => &$record,
+                               'response' => $this->openIDResponse,
+                               'authInfo' => $this->authenticationInformation
+                       );
+                       foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['getUserRecord'] as $funcName) {
+                               GeneralUtility::callUserFunction($funcName, $_params, $this);
+                       }
+               }
+
                return $record;
        }
 
@@ -360,6 +373,18 @@ class OpenidService extends AbstractService {
                        $this->writeLog('Could not create authentication request for OpenID identifier \'%s\'', $openIDIdentifier);
                        return;
                }
+
+               // Hook to modify the auth request object, e.g. to request additional attributes
+               if (isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['authRequest']) && is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['authRequest'])) {
+                       $_params = array(
+                               'authRequest' => $authenticationRequest,
+                               'authInfo' => $this->authenticationInformation
+                       );
+                       foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['openid']['authRequest'] as $funcName) {
+                               GeneralUtility::callUserFunction($funcName, $_params, $this);
+                       }
+               }
+
                // Redirect the user to the OpenID server for authentication.
                // Store the token for this authentication so we can verify the
                // response.