MDL-46946 user: Make missing required custom fields trigger profile edit
[moodle.git] / auth / shibboleth / index.php
CommitLineData
79151615 1<?php
2
3 // Designed to be redirected from moodle/login/index.php
565809c6 4
5 require('../../config.php');
565809c6 6
5f1b2e88 7 $context = context_system::instance();
a6855934 8 $PAGE->set_url('/auth/shibboleth/index.php');
5f1b2e88 9 $PAGE->set_context($context);
79151615 10
39323c75 11 // Support for WAYFless URLs.
ab0ccc67 12 $target = optional_param('target', '', PARAM_LOCALURL);
f09afcdd 13 if (!empty($target) && empty($SESSION->wantsurl)) {
ab0ccc67
CF
14 $SESSION->wantsurl = $target;
15 }
39323c75 16
629e12fd 17 if (isloggedin() && !isguestuser()) { // Nothing to do
b9ddb2d5 18 if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
a70d959a 19 $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
20 unset($SESSION->wantsurl);
565809c6 21
a70d959a 22 } else {
23 $urltogo = $CFG->wwwroot.'/'; /// Go to the standard home page
24 unset($SESSION->wantsurl); /// Just in case
25 }
139ebfdb 26
a70d959a 27 redirect($urltogo);
5117d598 28
a70d959a 29 }
14dfa059 30
c75a9a5c 31 $pluginconfig = get_config('auth/shibboleth');
3ea28768 32 $shibbolethauth = get_auth_plugin('shibboleth');
5117d598 33
1b5ad83d 34 // Check whether Shibboleth is configured properly
b9ddb2d5 35 if (empty($pluginconfig->user_attribute)) {
54d6517d 36 print_error('shib_not_set_up_error', 'auth_shibboleth');
49465c35 37 }
565809c6 38
bab8ceb1 39/// If we can find the Shibboleth attribute, save it in session and return to main login page
b9ddb2d5 40 if (!empty($_SERVER[$pluginconfig->user_attribute])) { // Shibboleth auto-login
7dfe4b92 41 $frm = new stdClass();
f309632a 42 $frm->username = strtolower($_SERVER[$pluginconfig->user_attribute]);
91ad3ef1
MN
43 // The password is never actually used, but needs to be passed to the functions 'user_login' and
44 // 'authenticate_user_login'. Shibboleth returns true for the function 'prevent_local_password', which is
45 // used when setting the password in 'update_internal_user_password'. When 'prevent_local_password'
46 // returns true, the password is set to 'not cached' (AUTH_PASSWORD_NOT_CACHED) in the Moodle DB. However,
47 // rather than setting the password to a hard-coded value, we will generate one each time, in case there are
48 // changes to the Shibboleth plugin and it is actually used.
49 $frm->password = generate_password(8);
565809c6 50
565809c6 51 /// Check if the user has actually submitted login data to us
139ebfdb 52
af402e56
MA
53 if ($shibbolethauth->user_login($frm->username, $frm->password)
54 && $user = authenticate_user_login($frm->username, $frm->password)) {
5991cabf 55 complete_user_login($user);
5117d598 56
8df850ad 57 if (user_not_fully_set_up($USER, true)) {
565809c6 58 $urltogo = $CFG->wwwroot.'/user/edit.php?id='.$USER->id.'&amp;course='.SITEID;
59 // We don't delete $SESSION->wantsurl yet, so we get there later
60
61 } else if (isset($SESSION->wantsurl) and (strpos($SESSION->wantsurl, $CFG->wwwroot) === 0)) {
62 $urltogo = $SESSION->wantsurl; /// Because it's an address in this site
63 unset($SESSION->wantsurl);
64
65 } else {
66 $urltogo = $CFG->wwwroot.'/'; /// Go to the standard home page
67 unset($SESSION->wantsurl); /// Just in case
68 }
139ebfdb 69
ba2789c1 70 /// Go to my-moodle page instead of homepage if defaulthomepage enabled
bf0f06b1 71 if (!has_capability('moodle/site:config',context_system::instance()) and !empty($CFG->defaulthomepage) && $CFG->defaulthomepage == HOMEPAGE_MY and !isguestuser()) {
574551d9 72 if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot.'/' or $urltogo == $CFG->wwwroot.'/index.php') {
73 $urltogo = $CFG->wwwroot.'/my/';
74 }
75 }
139ebfdb 76
565809c6 77 redirect($urltogo);
5117d598 78
3ea28768 79 exit;
5117d598
PS
80 }
81
3ea28768 82 else {
af402e56
MA
83 // The Shibboleth user couldn't be mapped to a valid Moodle user
84 print_error('shib_invalid_account_error', 'auth_shibboleth');
565809c6 85 }
a70d959a 86 }
139ebfdb 87
88 // If we can find any (user independent) Shibboleth attributes but no user
49465c35 89 // attributes we probably didn't receive any user attributes
2f5237ed 90 elseif (!empty($_SERVER['HTTP_SHIB_APPLICATION_ID']) || !empty($_SERVER['Shib-Application-ID'])) {
54d6517d 91 print_error('shib_no_attributes_error', 'auth_shibboleth' , '', '\''.$pluginconfig->user_attribute.'\', \''.$pluginconfig->field_map_firstname.'\', \''.$pluginconfig->field_map_lastname.'\' and \''.$pluginconfig->field_map_email.'\'');
a70d959a 92 } else {
54d6517d 93 print_error('shib_not_set_up_error', 'auth_shibboleth');
565809c6 94 }
565809c6 95
5117d598 96