owncloud source code analysis 5--CAS single sign-on

CAS single sign-on

1. Put the CAS package under libprivate for easy reference, as shown in the picture

2. Introduce handleLogin() into line 976 of owncloudlibbase.php Method, change the content of this method to the following:

<span>if(!$_REQUEST['logout']) {
   OC_App::loadApps(array('prelogin'));
}
//引入cas类库
require_once 'private\CAS.php';</span>

<pre class="brush:php;toolbar:false"><span>phpCAS::setDebug();

// 初始化client
phpCAS::client(CAS_VERSION_2_0, '192.168.6.101', 8080, '/sso');


// 如果sso服务器是https方式的，那么需要配置信任证书。如果是http的方式，那么注释掉此项
// phpCAS::setCasServerCACert('AdminCA1.crt');
phpCAS::setNoCasServerValidation();

// 如果需要用户映射，那么需要设置serverCode，如果不需要可以注释掉
// phpCAS::setServerCode('pt.jcsj');

//处理单点退出请求，第一个参数为false，即为不进行客户端验证
phpCAS::handleLogoutRequests(false, false);

// phpCAS::setNoCasServerValidation();

// 进行认证
phpCAS::forceAuthentication();

if (isset($_REQUEST['logout'])) {
   phpCAS::logout();
   die;
   //header("Location: " . OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : ''));
}
// logout if desired
//将下面的值存储到session对象中,如果存在phpCAS的user用户则执行本地登录
//print_r(phpCAS::getAttributes());die;
if(phpCAS::getUser()) {
   if (OC_User::login(phpCAS::getUser())) {
      $userId = OC_User::getUser();
      // setting up the time zone
      if (isset($_POST['timezone-offset'])) {
         self::$server->getSession()->set('timezone', $_POST['timezone-offset']);
         self::$server->getConfig()->setUserValue($userId, 'core', 'timezone', $_POST['timezone']);
      }

      self::cleanupLoginTokens($userId);
      if (!empty($_POST["remember_login"])) {
         if (defined("DEBUG") && DEBUG) {
            self::$server->getLogger()->debug('Setting remember login to cookie', array('app' => 'core'));
         }
         $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32);
         self::$server->getConfig()->setUserValue($userId, 'login_token', $token, time());
         OC_User::setMagicInCookie($userId, $token);
      } else {
         OC_User::unsetMagicInCookie();
      }
      OC_Util::redirectToDefaultPage();
      exit();
   }
}</span>

Also modify the checkPassword method (line 158) in owncloudlibprivateuserdatabase.php to:

<pre class="brush:php;toolbar:false"><span>$query = OC_DB::prepare('SELECT `uid`, `password` FROM `*PREFIX*users` WHERE LOWER(`uid`) = LOWER(?)');
$result = $query->execute(array($uid));
$row = $result->fetchRow();
if ($row) {
   //直接返回查询的信息
   /*$storedHash = $row['password'];
   $newHash = '';
   if (\OC::$server->getHasher()->verify($password, $storedHash, $newHash)) {
      if (!empty($newHash)) {
         $this->setPassword($uid, $password);
      }*/
      return $row['uid'];

   //}
}else{
   return false;
}

return false;</span>

OVER!!

Copyright statement: This article is an original article by the blogger and may not be reproduced without the blogger's permission.

The above introduces owncloud source code analysis 5-CAS single sign-on, including the relevant content. I hope it will be helpful to friends who are interested in PHP tutorials.