From bcf5bb6d57321e9fcbbdd84c009ca2729a608519 Mon Sep 17 00:00:00 2001 From: Herpaderp Aldent Date: Wed, 4 Apr 2018 21:12:30 +0200 Subject: [PATCH 1/7] * Cleanup --- .travis.yml | 44 -------------- VERSION | 1 - composer.json | 23 ++++---- gulpfile.js | 25 -------- nitpick.json | 5 -- phpunit.xml.dist | 58 ------------------- readme.md | 15 ----- src/Controllers/SsoController.php | 2 +- src/Events/Register.php | 30 ++++++++++ ...r.php => SeatDiscourseServiceProvider.php} | 22 ++++--- tests/Controllers/SsoControllerTest.php | 2 +- tests/SsoServiceProviderTest.php | 6 +- 12 files changed, 62 insertions(+), 171 deletions(-) delete mode 100644 .travis.yml delete mode 100644 VERSION delete mode 100644 gulpfile.js delete mode 100644 nitpick.json delete mode 100644 phpunit.xml.dist create mode 100644 src/Events/Register.php rename src/{SsoServiceProvider.php => SeatDiscourseServiceProvider.php} (59%) diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 409b561..0000000 --- a/.travis.yml +++ /dev/null @@ -1,44 +0,0 @@ -language: php - -php: - - 5.5.9 - - 5.5 - - 5.6 - - 7.0 - - 7.1 - -env: - global: - - setup=basic - -matrix: - include: - - php: 7.0 - env: setup=lowest - - php: 7.0 - env: setup=stable - - php: 7.1 - env: setup=lowest - - php: 7.1 - env: setup=stable - -sudo: false - -cache: - directories: - - $HOME/.composer/cache - -before_install: - - echo "extension = memcached.so" >> ~/.phpenv/versions/$(phpenv version-name)/etc/php.ini - - travis_retry composer self-update - -install: - - if [[ $setup = 'basic' ]]; then travis_retry composer install --no-interaction --prefer-source; fi - - if [[ $setup = 'stable' ]]; then travis_retry composer update --prefer-source --no-interaction --prefer-stable; fi - - if [[ $setup = 'lowest' ]]; then travis_retry composer update --prefer-source --no-interaction --prefer-lowest --prefer-stable; fi - -before_script: mkdir -p build/logs - -script: vendor/bin/phpunit - -after_script: vendor/bin/coveralls -v -n diff --git a/VERSION b/VERSION deleted file mode 100644 index 26aaba0..0000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.2.0 diff --git a/composer.json b/composer.json index 7ed3572..f727e18 100644 --- a/composer.json +++ b/composer.json @@ -1,48 +1,51 @@ { - "name": "spinen/laravel-discourse-sso", - "description": "Integrate Discourse SSO into Laravel.", + "name": "herpaderpaldent/seat-discourse", + "description": "Integrate Discourse SSO and API into SeAT.", "keywords": [ "discourse", "laravel", "library", "single sign on", "spinen", - "sso" + "sso", + "seat" ], "license": "MIT", "authors": [ { - "name": "Jimmy Puckett", - "email": "jimmy.puckett@spinen.com" + "name": "Felix Huber", + "email": "huberfel@students.zhaw.ch" } ], "require": { "php": ">=5.5.9", "cviebrock/discourse-php": "^0.9.3", "illuminate/routing": "5.2.*|5.3.*|5.4.*|5.5.*", - "illuminate/support": "5.2.*|5.3.*|5.4.*|5.5.*" + "illuminate/support": "5.2.*|5.3.*|5.4.*|5.5.*", + "richp10/discourse-api-php": "^1.2" }, "require-dev": { "mockery/mockery": "^0.9.1", "phpunit/phpunit": "~4.0|~5.0", "psy/psysh": "^0.5.1", "satooshi/php-coveralls": "^0.6.1|^1", - "symfony/var-dumper": "~2.7|~3.0" + "symfony/var-dumper": "~2.7|~3.0", + "richp10/discourse-api-php": "^1.2" }, "autoload": { "psr-4": { - "Spinen\\Discourse\\": "src" + "Herpaderpaldent\\Seat\\SeatDiscourse\\": "src/" } }, "autoload-dev": { "psr-4": { - "Spinen\\Discourse\\": "tests" + "Herpaderpaldent\\Seat\\SeatDiscourse\\": "src/" } }, "extra": { "laravel": { "providers": [ - "Spinen\\Discourse\\SsoServiceProvider" + "Herpaderpaldent\\Seat\\SeatDiscourse\\SsoServiceProvider" ] } }, diff --git a/gulpfile.js b/gulpfile.js deleted file mode 100644 index 1a5893d..0000000 --- a/gulpfile.js +++ /dev/null @@ -1,25 +0,0 @@ -var gulp = require('gulp'); -var phpunit = require('gulp-phpunit'); -var notify = require('gulp-notify') - -var paths = { - tests: ['tests/**/*Test.php'], -}; - -// Lint the shell code -gulp.task('phpunit', function () { - return gulp.src(paths.tests, {read: false}) - .pipe(phpunit()) - .pipe(notify(function (file) { - // TODO: Give alert of pass/fail - return file.path - })) -}) - -// Rerun the task when a file changes -gulp.task('watch', function() { - gulp.watch(paths.tests, ['phpunit']); -}); - -// The default task (called when you run `gulp` from cli) -gulp.task('default', ['phpunit']); diff --git a/nitpick.json b/nitpick.json deleted file mode 100644 index 3881d8d..0000000 --- a/nitpick.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "ignore": [ - "tests/*" - ] -} diff --git a/phpunit.xml.dist b/phpunit.xml.dist deleted file mode 100644 index a698d71..0000000 --- a/phpunit.xml.dist +++ /dev/null @@ -1,58 +0,0 @@ - - - - - - - - - ./tests/ - - - - - - - - - - src/ - - - src/config - - - - - - - - - - - diff --git a/readme.md b/readme.md index 9f7ce67..bed64b7 100644 --- a/readme.md +++ b/readme.md @@ -1,20 +1,5 @@ # SPINEN's Discourse SSO for Laravel -[![Latest Stable Version](https://poser.pugx.org/spinen/laravel-discourse-sso/v/stable)](https://packagist.org/packages/spinen/laravel-discourse-sso) -[![Total Downloads](https://poser.pugx.org/spinen/laravel-discourse-sso/downloads)](https://packagist.org/packages/spinen/laravel-discourse-sso) -[![Latest Unstable Version](https://poser.pugx.org/spinen/laravel-discourse-sso/v/unstable)](https://packagist.org/packages/spinen/laravel-discourse-sso) -[![Dependency Status](https://www.versioneye.com/php/spinen:laravel-discourse-sso/0.1.1/badge.svg)](https://www.versioneye.com/php/spinen:laravel-discourse-sso/0.1.1) -[![License](https://poser.pugx.org/spinen/laravel-discourse-sso/license)](https://packagist.org/packages/spinen/laravel-discourse-sso) - -[Discourse](https://www.discourse.org) is a great online forum software that supports Single Sign On ([SSO](https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045)). There is a great PHP library that handles all of the heavy lifting to make the SSO work called [cviebrock/discourse-php](https://github.com/cviebrock/discourse-php), which this package uses. This package is loosely based on the work done by [jaewun/discourse-sso-laravel](https://github.com/jaewun/discourse-sso-laravel). - -## Build Status - -| Branch | Status | Coverage | Code Quality | -| ------ | :----: | :------: | :----------: | -| Develop | [![Build Status](https://travis-ci.org/spinen/laravel-discourse-sso.svg?branch=develop)](https://travis-ci.org/spinen/laravel-discourse-sso) | [![Coverage Status](https://coveralls.io/repos/spinen/laravel-discourse-sso/badge.svg?branch=develop&service=github)](https://coveralls.io/github/spinen/laravel-discourse-sso?branch=develop) | [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/spinen/laravel-discourse-sso/badges/quality-score.png?b=develop)](https://scrutinizer-ci.com/g/spinen/laravel-discourse-sso/?branch=develop) | -| Master | [![Build Status](https://travis-ci.org/spinen/laravel-discourse-sso.svg?branch=master)](https://travis-ci.org/spinen/laravel-discourse-sso) | [![Coverage Status](https://coveralls.io/repos/spinen/laravel-discourse-sso/badge.svg?branch=master&service=github)](https://coveralls.io/github/spinen/laravel-discourse-sso?branch=master) | [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/spinen/laravel-discourse-sso/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/spinen/laravel-discourse-sso/?branch=master) | - ## Prerequisite Aside from Laravel >= 5.2, there is 1 package that is required. NOTE: There are limitations in the way that 5.1 deals with collections, so I am taking the easy way & just not supporting it. If you need this in 5.1, then please make a merge request on the `SsoController`. diff --git a/src/Controllers/SsoController.php b/src/Controllers/SsoController.php index 984d9df..084fdd4 100644 --- a/src/Controllers/SsoController.php +++ b/src/Controllers/SsoController.php @@ -1,6 +1,6 @@ user->login_history()->save(new UserLoginHistory([ + 'source' => Request::getClientIp(), + 'user_agent' => Request::header('User-Agent'), + 'action' => 'logout', + ])); + + $message = 'User logged out from ' . Request::getClientIp(); + event('security.log', [$message, 'authentication']); + + } + +} \ No newline at end of file diff --git a/src/SsoServiceProvider.php b/src/SeatDiscourseServiceProvider.php similarity index 59% rename from src/SsoServiceProvider.php rename to src/SeatDiscourseServiceProvider.php index adb7f9e..68889f5 100644 --- a/src/SsoServiceProvider.php +++ b/src/SeatDiscourseServiceProvider.php @@ -1,16 +1,13 @@ app['router']->group(["middleware" => ["web", "auth"]], function (Router $router) { $router->get($this->app['config']->get('services.discourse.route'), [ - 'uses' => 'Spinen\Discourse\Controllers\SsoController@login', + 'uses' => 'Herpaderpaldent\Seat\SeatDiscourse\Controllers\SsoController@login', 'as' => 'sso.login', ]); }); @@ -36,4 +33,13 @@ public function register() { // } + + public function add_events() + { + + // Internal Authentication Events + $this->app->events->listen(RegisterEvent::class, Register::class); + + + } } diff --git a/tests/Controllers/SsoControllerTest.php b/tests/Controllers/SsoControllerTest.php index c7f148e..427dac1 100644 --- a/tests/Controllers/SsoControllerTest.php +++ b/tests/Controllers/SsoControllerTest.php @@ -1,6 +1,6 @@ setUpMocks(); - $this->service_provider = new SsoServiceProvider($this->application_mock); + $this->service_provider = new SeatDiscourseServiceProvider($this->application_mock); } private function setUpMocks() @@ -61,7 +61,7 @@ private function setUpMocks() */ public function it_can_be_constructed() { - $this->assertInstanceOf(SsoServiceProvider::class, $this->service_provider); + $this->assertInstanceOf(SeatDiscourseServiceProvider::class, $this->service_provider); } /** From a0ba47d78c600bb99d58642168ad5629174f65b8 Mon Sep 17 00:00:00 2001 From: Herpaderp Aldent Date: Wed, 4 Apr 2018 21:15:52 +0200 Subject: [PATCH 2/7] TypeSet --- composer.json | 1 + 1 file changed, 1 insertion(+) diff --git a/composer.json b/composer.json index f727e18..b73fd96 100644 --- a/composer.json +++ b/composer.json @@ -10,6 +10,7 @@ "sso", "seat" ], + "type":"seat-plugin", "license": "MIT", "authors": [ { From 045f512d2f91ac03e83c0deb27ecd5ff97b62179 Mon Sep 17 00:00:00 2001 From: Herpaderp Aldent Date: Thu, 5 Apr 2018 16:13:40 +0200 Subject: [PATCH 3/7] cleanup 2nd try --- composer.json | 2 +- tests/Controllers/SsoControllerTest.php | 259 ------------------------ tests/SsoServiceProviderTest.php | 123 ----------- tests/TestCase.php | 92 --------- 4 files changed, 1 insertion(+), 475 deletions(-) delete mode 100644 tests/Controllers/SsoControllerTest.php delete mode 100644 tests/SsoServiceProviderTest.php delete mode 100644 tests/TestCase.php diff --git a/composer.json b/composer.json index b73fd96..577c860 100644 --- a/composer.json +++ b/composer.json @@ -46,7 +46,7 @@ "extra": { "laravel": { "providers": [ - "Herpaderpaldent\\Seat\\SeatDiscourse\\SsoServiceProvider" + "Herpaderpaldent\\Seat\\SeatDiscourse\\SeatDiscourseServiceProvider" ] } }, diff --git a/tests/Controllers/SsoControllerTest.php b/tests/Controllers/SsoControllerTest.php deleted file mode 100644 index 427dac1..0000000 --- a/tests/Controllers/SsoControllerTest.php +++ /dev/null @@ -1,259 +0,0 @@ -setUpMocks(); - } - - private function setUpMocks() - { - $this->config_mock = Mockery::mock(Config::class); - - $this->request_mock = Mockery::mock(Request::class); - - $this->sso_helper_mock = Mockery::mock(SSOHelper::class); - $this->sso_helper_mock->shouldReceive('setSecret') - ->once() - ->with('secret') - ->andReturnSelf(); - - $this->user_mock = Mockery::mock(User::class); - } - - /** - * @test - */ - public function it_can_be_constructed() - { - $this->config_mock->shouldReceive('get') - ->once() - ->with('services.discourse') - ->andReturn([ - 'secret' => 'secret', - ]); - - $controller = new SsoController($this->config_mock, $this->sso_helper_mock); - - $this->assertInstanceOf(SsoController::class, $controller); - } - - /** - * @test - * @expectedException Exception - * @expectedExceptionCode 403 - */ - public function it_aborts_if_the_payload_is_invalid() - { - $this->config_mock->shouldReceive('get') - ->once() - ->with('services.discourse') - ->andReturn([ - 'secret' => 'secret', - 'user' => [ - 'access' => null, - ], - ]); - - $this->request_mock->shouldReceive('user') - ->once() - ->withNoArgs() - ->andReturn($this->user_mock); - - $this->request_mock->shouldReceive('get') - ->once() - ->with('sso') - ->andReturn('sso'); - - $this->request_mock->shouldReceive('get') - ->once() - ->with('sig') - ->andReturn('sig'); - - $this->sso_helper_mock->shouldReceive('validatePayload') - ->once() - ->withArgs(['sso', 'sig']) - ->andReturn(false); - - $controller = new SsoController($this->config_mock, $this->sso_helper_mock); - - $controller->login($this->request_mock); - } - - /** - * @test - * @expectedException Exception - * @expectedExceptionCode 403 - */ - public function it_is_backwards_compatible_with_config_that_does_not_have_access_key() - { - $this->config_mock->shouldReceive('get') - ->once() - ->with('services.discourse') - ->andReturn([ - 'secret' => 'secret', - ]); - - $this->request_mock->shouldReceive('user') - ->once() - ->withNoArgs() - ->andReturn($this->user_mock); - - $this->request_mock->shouldReceive('get') - ->withAnyArgs() - ->andReturn('anything'); - - $this->sso_helper_mock->shouldReceive('validatePayload') - ->once() - ->withAnyArgs() - ->andReturn(false); // Stop test here, as we know that we got past the access key - - $controller = new SsoController($this->config_mock, $this->sso_helper_mock); - - $controller->login($this->request_mock); - - } - - /** - * @test - * @expectedException Exception - * @expectedExceptionCode 403 - */ - public function it_aborts_if_the_user_does_not_have_access() - { - $this->config_mock->shouldReceive('get') - ->once() - ->with('services.discourse') - ->andReturn([ - 'secret' => 'secret', - 'user' => [ - 'access' => 'forum_access', - ], - ]); - - $this->user_mock->forum_access = false; - - $this->request_mock->shouldReceive('user') - ->once() - ->withNoArgs() - ->andReturn($this->user_mock); - - $controller = new SsoController($this->config_mock, $this->sso_helper_mock); - - $controller->login($this->request_mock); - } - - /** - * @test - */ - public function it_builds_the_correct_payload() - { - $this->config_mock->shouldReceive('get') - ->once() - ->with('services.discourse') - ->andReturn([ - 'secret' => 'secret', - // Expect the '/' on the end to not double up - 'url' => 'http://discourse/', - 'user' => [ - 'external_id' => 'id', - 'email' => 'email', - // Expect this null_value to not be passed on - 'null_value' => null, - 'false_value' => false, - 'true_value' => true, - 'string_value' => 'string', - ], - ]); - - $this->user_mock->id = 1; - $this->user_mock->email = 'me@mydomain.tld'; - $this->user_mock->string = 'string_property'; - - $this->request_mock->shouldReceive('user') - ->once() - ->withNoArgs() - ->andReturn($this->user_mock); - - $this->request_mock->shouldReceive('get') - ->once() - ->with('sso') - ->andReturn('sso'); - - $this->request_mock->shouldReceive('get') - ->once() - ->with('sig') - ->andReturn('sig'); - - $this->sso_helper_mock->shouldReceive('validatePayload') - ->once() - ->withArgs(['sso', 'sig']) - ->andReturn(true); - - $this->sso_helper_mock->shouldReceive('getNonce') - ->once() - ->with('sso') - ->andReturn('nonce'); - - $this->sso_helper_mock->shouldReceive('getSignInString') - ->once() - ->withArgs([ - 'nonce', - 1, - 'me@mydomain.tld', - [ - 'false_value' => 'false', - 'true_value' => 'true', - 'string_value' => 'string_property', - ], - ]) - ->andReturn('query'); - - $controller = new SsoController($this->config_mock, $this->sso_helper_mock); - - $this->assertEquals('http://discourse/session/sso_login?query', $controller->login($this->request_mock)); - } -} - -function abort($code) -{ - throw new Exception("Some error message", $code); -} - -function redirect($path) -{ - return $path; -} diff --git a/tests/SsoServiceProviderTest.php b/tests/SsoServiceProviderTest.php deleted file mode 100644 index d7b6c47..0000000 --- a/tests/SsoServiceProviderTest.php +++ /dev/null @@ -1,123 +0,0 @@ -setUpMocks(); - - $this->service_provider = new SeatDiscourseServiceProvider($this->application_mock); - } - - private function setUpMocks() - { - $this->application_mock = Mockery::mock(Application::class); - $this->config_mock = Mockery::mock(Config::class); - $this->router_mock = Mockery::mock(Router::class); - } - - /** - * @test - */ - public function it_can_be_constructed() - { - $this->assertInstanceOf(SeatDiscourseServiceProvider::class, $this->service_provider); - } - - /** - * @test - */ - public function it_boots_the_service() - { - $this->application_mock->shouldReceive('offsetGet') - ->once() - ->with('router') - ->andReturn($this->router_mock); - - $this->application_mock->shouldReceive('offsetGet') - ->once() - ->with('config') - ->andReturn($this->config_mock); - - $this->config_mock->shouldReceive('get') - ->with('services.discourse.route') - ->once() - ->andReturn('route'); - - $this->router_mock->shouldReceive('get') - ->withArgs( - [ - 'route', - [ - 'uses' => 'Spinen\Discourse\Controllers\SsoController@login', - 'as' => 'sso.login', - ], - ] - ) - ->once() - ->andReturnNull(); - - $route_closure = Mockery::on( - function ($closure) { - - $closure($this->router_mock); - - return true; - } - ); - - $this->router_mock->shouldReceive('group') - ->once() - ->withArgs([["middleware" => ["web", "auth"]], $route_closure]); - - $this->assertNull($this->service_provider->boot()); - } - - /** - * @test - */ - public function it_does_nothing_when_registering() - { - $this->service_provider->register(); - } -} diff --git a/tests/TestCase.php b/tests/TestCase.php deleted file mode 100644 index 227e520..0000000 --- a/tests/TestCase.php +++ /dev/null @@ -1,92 +0,0 @@ - $val) { - $mock->shouldReceive('offsetGet') - ->with($key) - ->andReturn($val); - - $mock->shouldReceive('offsetExists') - ->with($key) - ->andReturn(true); - } - - $mock->shouldReceive('offsetExists') - ->andReturn(false); - } - - if ($mock instanceof Iterator) { - $counter = 0; - - $mock->shouldReceive('rewind') - ->andReturnUsing(function () use (& $counter) { - $counter = 0; - }); - - $vals = array_values($items); - $keys = array_values(array_keys($items)); - - $mock->shouldReceive('valid') - ->andReturnUsing(function () use (& $counter, $vals) { - return isset($vals[$counter]); - }); - - $mock->shouldReceive('current') - ->andReturnUsing(function () use (& $counter, $vals) { - return $vals[$counter]; - }); - - $mock->shouldReceive('key') - ->andReturnUsing(function () use (& $counter, $keys) { - return $keys[$counter]; - }); - - $mock->shouldReceive('next') - ->andReturnUsing(function () use (& $counter) { - ++ $counter; - }); - } - - if ($mock instanceof Countable) { - $mock->shouldReceive('count') - ->andReturn(count($items)); - } - } -} From 11b21829e160b0d1f8be470d5d5446cee8ca0c6f Mon Sep 17 00:00:00 2001 From: Herpaderp Aldent Date: Thu, 5 Apr 2018 18:45:47 +0200 Subject: [PATCH 4/7] Update composer.json --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 577c860..db8cd24 100644 --- a/composer.json +++ b/composer.json @@ -15,7 +15,7 @@ "authors": [ { "name": "Felix Huber", - "email": "huberfel@students.zhaw.ch" + "email": "felix.a.huber@gmx.net" } ], "require": { From e787e5526c23e1a538ee3f63ca6a01a46bb70b4a Mon Sep 17 00:00:00 2001 From: Herpaderp Aldent Date: Fri, 6 Apr 2018 00:46:07 +0200 Subject: [PATCH 5/7] Initial Commit --- .gitattributes | 10 ----- .gitignore | 5 --- composer.json | 2 +- src/Controllers/SsoController.php | 64 ++++++++++++++++++++++++---- src/Events/Register.php | 39 ++++++++++++++++- src/SeatDiscourseServiceProvider.php | 14 +++++- 6 files changed, 107 insertions(+), 27 deletions(-) delete mode 100644 .gitattributes delete mode 100644 .gitignore diff --git a/.gitattributes b/.gitattributes deleted file mode 100644 index 42ac8b2..0000000 --- a/.gitattributes +++ /dev/null @@ -1,10 +0,0 @@ -* text=auto - -/build export-ignore -/tests export-ignore -.gitattributes export-ignore -.gitignore export-ignore -.travis.yml export-ignore -gulpfile.js -nitpick.json export-ignore -phpunit.xml.dist export-ignore diff --git a/.gitignore b/.gitignore deleted file mode 100644 index a6d68db..0000000 --- a/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -/vendor -/node_modules -phpunit.xml -/build -composer.lock diff --git a/composer.json b/composer.json index db8cd24..577c860 100644 --- a/composer.json +++ b/composer.json @@ -15,7 +15,7 @@ "authors": [ { "name": "Felix Huber", - "email": "felix.a.huber@gmx.net" + "email": "huberfel@students.zhaw.ch" } ], "require": { diff --git a/src/Controllers/SsoController.php b/src/Controllers/SsoController.php index 084fdd4..19d32b4 100644 --- a/src/Controllers/SsoController.php +++ b/src/Controllers/SsoController.php @@ -47,13 +47,18 @@ class SsoController extends Controller * @param Config $config * @param SSOHelper $sso */ - public function __construct(Config $config, SSOHelper $sso) + /*public function __construct(Config $config, SSOHelper $sso) { $this->loadConfigs($config); $this->sso = $sso->setSecret($this->config->get('secret')); + }*/ + public function __construct(SSOHelper $sso) + { + $this->sso = $sso->setSecret(getenv('DISCOURSE_SECRET')); } + /** * Build out the extra parameters to send to Discourse * @@ -61,12 +66,51 @@ public function __construct(Config $config, SSOHelper $sso) */ protected function buildExtraParameters() { - return $this->config->get('user') + /*return $this->config->get('user') ->except(['access', 'email', 'external_id']) ->reject([$this, 'nullProperty']) ->map([$this, 'parseUserValue']) ->map([$this, 'castBooleansToString']) ->toArray(); + */ + return [ + + // Groups to make sure that the user is part of in a comma-separated string + // NOTE: Groups cannot have spaces in their names & must already exist in Discourse + 'add_groups' => null, + + // Boolean for user a Discourse admin, leave null to ignore + //'admin' => null, + + // Full path to user's avatar image + 'avatar_url' => img('Character',$this->user->id,128,null,false), + + // The avatar is cached, so this triggers an update + 'avatar_force_update' => false, + + // Content of the user's bio + //'bio' => null, + + // Boolean for user a Discourse admin, leave null to ignore + //'moderator' => null, + + // Full name on Discourse if the user is new or + // if SiteSetting.sso_overrides_name is set + 'name' => $this->user->name, + + // Groups to make sure that the user is *NOT* part of in a comma-separated string + // NOTE: Groups cannot have spaces in their names & must already exist in Discourse + // There is not a way to specify the exact list of groups that a user is in, so + // you may want to send the inverse of the 'add_groups' + 'remove_groups' => null, + + // If the email has not been verified, set this to true + 'require_activation' => false, + + // username on Discourse if the user is new or + // if SiteSetting.sso_overrides_username is set + 'username' => $this->user->name, + ]; } /** @@ -95,11 +139,11 @@ public function castBooleansToString($property) * * @param Config $config */ - protected function loadConfigs(Config $config) + /*protected function loadConfigs(Config $config) { $this->config = collect($config->get('services.discourse')); $this->config->put('user', collect($this->config->get('user'))); - } + }*/ /** * Process the SSO login request from Discourse @@ -111,12 +155,12 @@ protected function loadConfigs(Config $config) public function login(Request $request) { $this->user = $request->user(); - $access = $this->config->get('user') + /*$access = $this->config->get('user') ->get('access', null); if (! is_null($access) && ! $this->parseUserValue($access)) { abort(403); //Forbidden - } + }*/ if (! ($this->sso->validatePayload($payload = $request->get('sso'), $request->get('sig')))) { abort(403); //Forbidden @@ -124,14 +168,16 @@ public function login(Request $request) $query = $this->sso->getSignInString( $this->sso->getNonce($payload), - $this->parseUserValue($this->config->get('user') + $this->user->id, + $this->user->email, + /*$this->parseUserValue($this->config->get('user') ->get('external_id')), $this->parseUserValue($this->config->get('user') - ->get('email')), + ->get('email')),*/ $this->buildExtraParameters() ); - return redirect(str_finish($this->config->get('url'), '/').'session/sso_login?'.$query); + return redirect(str_finish(getenv('DISCOURSE_URL'), '/').'session/sso_login?'.$query); } /** diff --git a/src/Events/Register.php b/src/Events/Register.php index a796016..ea6f2bf 100644 --- a/src/Events/Register.php +++ b/src/Events/Register.php @@ -9,13 +9,48 @@ namespace Herpaderpaldent\Seat\SeatDiscourse\Events; use Illuminate\Auth\Events\Registered as RegisterEvent; +use richp10\discourseAPI\DiscourseAPI; + +require_once DiscourseAPI; class Register { + + + public static function handle(RegisterEvent $event) { + //First Update Roles + //Secound Create User + + $api = new DiscourseAPI(parse_url( + getenv('DISCOURSE_URL'),PHP_URL_HOST), + getenv('DISCOURSE_API_KEY'), + parse_url(getenv('DISCOURSE_URL'),PHP_URL_SCHEME)); + + // create user + $r = $api->createUser( + $event->user->name, + $event->user->name, + $event->user->email, + $event->user->character_owner_hash + ); + print_r($r); + + // in order to activate we need the id + $r = $api->getUserByUsername($event->user->name); + print_r($r); + + // activate the user + $r = $api->activateUser($r->apiresult->user->id); + print_r($r); + + + + /* + $event->user->login_history()->save(new UserLoginHistory([ 'source' => Request::getClientIp(), 'user_agent' => Request::header('User-Agent'), @@ -24,7 +59,9 @@ public static function handle(RegisterEvent $event) $message = 'User logged out from ' . Request::getClientIp(); event('security.log', [$message, 'authentication']); - + */ } + + } \ No newline at end of file diff --git a/src/SeatDiscourseServiceProvider.php b/src/SeatDiscourseServiceProvider.php index 68889f5..192db67 100644 --- a/src/SeatDiscourseServiceProvider.php +++ b/src/SeatDiscourseServiceProvider.php @@ -2,6 +2,7 @@ namespace Herpaderpaldent\Seat\SeatDiscourse; +use Herpaderpaldent\Seat\SeatDiscourse\Events\Register; use Illuminate\Support\ServiceProvider; use Illuminate\Contracts\Routing\Registrar as Router; use Illuminate\Auth\Events\Registered as RegisterEvent; @@ -16,6 +17,9 @@ class SeatDiscourseServiceProvider extends ServiceProvider */ public function boot() { + $this->addCommands(); + $this->addEvents(); + $this->app['router']->group(["middleware" => ["web", "auth"]], function (Router $router) { $router->get($this->app['config']->get('services.discourse.route'), [ 'uses' => 'Herpaderpaldent\Seat\SeatDiscourse\Controllers\SsoController@login', @@ -34,12 +38,20 @@ public function register() // } - public function add_events() + public function addEvents() { // Internal Authentication Events $this->app->events->listen(RegisterEvent::class, Register::class); + } + public function addCommands() + { + + $this->commands([ + //DiscourseGroupsUpdate::class, + ]); + } } From c7fc2b82e8f477e95c9a0bc39a311930cb6941db Mon Sep 17 00:00:00 2001 From: Herpaderp Aldent Date: Fri, 6 Apr 2018 00:46:57 +0200 Subject: [PATCH 6/7] Initial Commit --- src/Commands/SyncRolesWithDiscourse.php | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 src/Commands/SyncRolesWithDiscourse.php diff --git a/src/Commands/SyncRolesWithDiscourse.php b/src/Commands/SyncRolesWithDiscourse.php new file mode 100644 index 0000000..76f2475 --- /dev/null +++ b/src/Commands/SyncRolesWithDiscourse.php @@ -0,0 +1,28 @@ + Date: Fri, 6 Apr 2018 22:09:39 +0200 Subject: [PATCH 7/7] Initial Commit --- readme.md | 117 +++++------------------------------------------------- 1 file changed, 10 insertions(+), 107 deletions(-) diff --git a/readme.md b/readme.md index bed64b7..0579d85 100644 --- a/readme.md +++ b/readme.md @@ -1,126 +1,29 @@ -# SPINEN's Discourse SSO for Laravel +# Hepraderp Aldent's - SeAT Discourse + +This SeAT-Package is based upon [SPINEN's Discourse SSO for Laravel](https://github.com/spinen/laravel-discourse-sso). +Extendend with [richp10/discourse-api-php](https://github.com/richp10/discourse-api-php) to be able to create users and +topics based on roles in SeAT. ## Prerequisite -Aside from Laravel >= 5.2, there is 1 package that is required. NOTE: There are limitations in the way that 5.1 deals with collections, so I am taking the easy way & just not supporting it. If you need this in 5.1, then please make a merge request on the `SsoController`. +There are two dependencies. -* ["cviebrock/discourse-php": "^0.9.3",](https://github.com/cviebrock/discourse-php) +* ["cviebrock/discourse-php": "^0.9.3"](https://github.com/cviebrock/discourse-php) +* ["richp10/discourse-api-php": "^1.2"](https://github.com/richp10/discourse-api-php) ## Install Install Discourse SSO for Laravel: ```bash - $ composer require spinen/laravel-discourse-sso + $ composer require herpaderpaldent/seat-discourse ``` -### For >= Laravel 5.5, you are done with the Install +### For SeAT 3.0, you are done with the Install The package uses the auto registration feature -### For < Laravel 5.5, you have to register the Service Provider - -Add the Service Provider to `config/app.php`: - -```php - 'providers' => [ - // ... - Spinen\Discourse\SsoServiceProvider::class, - ]; -``` - -## Configuration - -All of the configuration values are stored in under a `discourse` key in `config/services.php`. Here is the array to add... - -```php - 'discourse' => [ - // The route's URI that acts as the entrypoint for Discourse to start the SSO process. - // Used by Discourse to route incoming logins. - 'route' => 'discourse/sso', - - // Secret string used to encrypt/decrypt SSO information, - // be sure that it is 10 chars or longer - 'secret' => env('DISCOURSE_SECRET'), - - // Disable Discourse from sending welcome message - 'suppress_welcome_message' => 'true', - - // Where the Discourse form lives - 'url' => env('DISCOURSE_URL'), - - // User specific items - // NOTE: The 'email' & 'external_id' are the only 2 required fields - 'user' => [ - // Check to see if the user has forum access & should be logged in via SSO - 'access' => null, - - // Groups to make sure that the user is part of in a comma-separated string - // NOTE: Groups cannot have spaces in their names & must already exist in Discourse - 'add_groups' => null, - - // Boolean for user a Discourse admin, leave null to ignore - 'admin' => null, - // Full path to user's avatar image - 'avatar_url' => null, - - // The avatar is cached, so this triggers an update - 'avatar_force_update' => false, - - // Content of the user's bio - 'bio' => null, - - // Verified email address (see "require_activation" if not verified) - 'email' => 'email', - - // Unique string to the user that will never change - 'external_id' => 'id', - - // Boolean for user a Discourse admin, leave null to ignore - 'moderator' => null, - - // Full name on Discourse if the user is new or - // if SiteSetting.sso_overrides_name is set - 'name' => 'name', - - // Groups to make sure that the user is *NOT* part of in a comma-separated string - // NOTE: Groups cannot have spaces in their names & must already exist in Discourse - // There is not a way to specify the exact list of groups that a user is in, so - // you may want to send the inverse of the 'add_groups' - 'remove_groups' => null, - - // If the email has not been verified, set this to true - 'require_activation' => false, - - // username on Discourse if the user is new or - // if SiteSetting.sso_overrides_username is set - 'username' => 'email', - ], - ], -``` - -The value of the properties for the `user` property can be one of 4 values... - -1. `false` -- passed as set to Discourse -2. `true` -- passed as set to Discourse -3. `null` -- disables sending property to Discourse -4. a `string` -- name of a property on the `User` model - -You can then add logic to the `User` model inside of [Accessors](https://laravel.com/docs/master/eloquent-mutators#defining-an-accessor) to provide the values for the properties configured for the user. For example, if you wanted any user with an email address that matched "yourdomain.tld" to be a moderator, then you could set the `moderator` property to a string like `discourse_moderator` and add the following to your `User` model... - -```php - /** - * Is the user a Discourse moderator. - * - * @param string $value - * @return boolean - */ - public function getDiscourseModeratorAttribute($value) - { - return ends_with($this->email, "yourdomain.tld"); - } -``` ## Left to do