diff --git a/composer.json b/composer.json
index c60f3b3bffa7fee2534847bc1f96a9b8554e65ab..12afc2b80ff0e4f78b173f3c616b9a5395307e48 100644
--- a/composer.json
+++ b/composer.json
@@ -4,7 +4,7 @@
"type": "library",
"homepage": "https://git.doit.wisc.edu/adi-ia/uw-php-security",
"license": "Apache-2.0",
- "version": "1.0.3",
+ "version": "2.0.0",
"authors": [{
"name": "UW-Madison DoIT ADI Integrated Applications",
"email": "adi-ia@lists.wisc.edu",
@@ -19,7 +19,7 @@
},
"autoload": {
"psr-4": {
- "edu\\wisc\\doit\\": "src/main/edu/wisc/doit/"
+ "edu\\wisc\\doit\\uwphps": "src/main/edu/wisc/doit/uwphps"
}
}
}
diff --git a/src/main/edu/wisc/doit/uwphps/UWUserDetails.php b/src/main/edu/wisc/doit/uwphps/UWUserDetails.php
index cb1a6469e92cfa5088e1227ae347dffe79a726c9..1ba3f6c79cf727d645b58f16d62c2d6c51ad9aa7 100644
--- a/src/main/edu/wisc/doit/uwphps/UWUserDetails.php
+++ b/src/main/edu/wisc/doit/uwphps/UWUserDetails.php
@@ -39,8 +39,17 @@ class UWUserDetails implements UserDetails
* @param string $firstName
* @param string $lastName
*/
- public function __construct($eppn, $pvi, $fullName, $udds, $emailAddress, $source, $isisEmplid, $firstName, $lastName)
- {
+ public function __construct(
+ $eppn,
+ $pvi,
+ $fullName,
+ $udds,
+ $emailAddress,
+ $source,
+ $isisEmplid,
+ $firstName,
+ $lastName
+ ) {
$this->eppn = $eppn;
$this->pvi = $pvi;
$this->fullName = $fullName;
diff --git a/src/main/edu/wisc/doit/uwphps/UserDetails.php b/src/main/edu/wisc/doit/uwphps/UserDetails.php
index 93cb4220ed926b171802b0ffccfd6cba278ab179..d3a36eae017ff3b3c8e1b2cb7a1ba47a7f003f25 100644
--- a/src/main/edu/wisc/doit/uwphps/UserDetails.php
+++ b/src/main/edu/wisc/doit/uwphps/UserDetails.php
@@ -74,4 +74,4 @@ interface UserDetails
*/
public function getLastName();
-}
\ No newline at end of file
+}
diff --git a/src/main/edu/wisc/doit/uwphps/UserDetailsProvider.php b/src/main/edu/wisc/doit/uwphps/UserDetailsProvider.php
index 1cf730d62d52a992d574b809e6b1b5d958899582..3f604e3b3b07c561e90e60ef7bb0b14b20ebc151 100644
--- a/src/main/edu/wisc/doit/uwphps/UserDetailsProvider.php
+++ b/src/main/edu/wisc/doit/uwphps/UserDetailsProvider.php
@@ -12,15 +12,8 @@ abstract class UserDetailsProvider
/** @var bool Flag indicating if headers are passed prefixed with 'HTTP_' */
protected $httpHeaders;
- // Constants representing UW Federated login Shibboleth headers
- const FED_EPPN = "eppn";
- const FED_SPVI = "eduWisconsinSPVI";
- const FED_FULLNAME = "eduWisconsinCommonName";
- const FED_FIRST_NAME = "eduWisconsinGivenName";
- const FED_LAST_NAME = "eduWisconsinSurname";
- const FED_EMAIL = "eduWisconsinEmailAddress";
-
- // Generic and/or UWMSN constants
+ // General, shared constants relevant to UWMSN and UW-System login
+ const EPPN = "eppn";
const SHIB_SESSION_ID = 'Shib-Session-Id';
const SHIB_SESSION_ID_HTTP = 'HTTP_SHIB_SESSION_ID';
const UDDS = "udds";
@@ -33,7 +26,7 @@ abstract class UserDetailsProvider
*/
public function __construct($http = true)
{
- $this->http = $http;
+ $this->httpHeaders = $http;
}
/**
diff --git a/src/main/edu/wisc/doit/uwphps/local/LocalUserDetailsProvider.php b/src/main/edu/wisc/doit/uwphps/local/LocalUserDetailsProvider.php
index 96436837b40b8940589509ddf2c0a9819aa26118..0c465ad1d6c098307196052f5e65a0368c2cea12 100644
--- a/src/main/edu/wisc/doit/uwphps/local/LocalUserDetailsProvider.php
+++ b/src/main/edu/wisc/doit/uwphps/local/LocalUserDetailsProvider.php
@@ -2,13 +2,13 @@
namespace edu\wisc\doit\uwphps\local;
+use edu\wisc\doit\uwphps\preauth\PreauthUserDetailsProvider;
use edu\wisc\doit\uwphps\UWUserDetails;
-use edu\wisc\doit\uwphps\UserDetailsProvider;
/**
* LocalUserDetailsProvider provides a developer with a {@link UWUserDetails} suitable for use in local development.
*/
-class LocalUserDetailsProvider extends UserDetailsProvider
+class LocalUserDetailsProvider extends PreauthUserDetailsProvider
{
/** @var string */
@@ -17,7 +17,7 @@ class LocalUserDetailsProvider extends UserDetailsProvider
/**
* LocalUserDetailsProvider constructor.
*
- * @param $filePath path to JSON file defining a local user.
+ * @param $filePath string Path to JSON file defining a local user.
*/
public function __construct($filePath)
{
@@ -38,15 +38,15 @@ class LocalUserDetailsProvider extends UserDetailsProvider
$attributes = json_decode($jsonString, true);
return new UWUserDetails(
- $attributes[UserDetailsProvider::FED_EPPN],
- $attributes[UserDetailsProvider::FED_SPVI],
- $attributes[UserDetailsProvider::FED_FULLNAME],
- $attributes[UserDetailsProvider::UDDS],
- $attributes[UserDetailsProvider::FED_EMAIL],
- $attributes[UserDetailsProvider::SOURCE],
- $attributes[UserDetailsProvider::ISIS_EMPLID],
- $attributes[UserDetailsProvider::FED_FIRST_NAME],
- $attributes[UserDetailsProvider::FED_LAST_NAME]
+ $attributes[static::EPPN],
+ $attributes[static::PVI],
+ $attributes[static::FULL_NAME],
+ $attributes[static::UDDS],
+ $attributes[static::EMAIL],
+ $attributes[static::SOURCE],
+ $attributes[static::ISIS_EMPLID],
+ $attributes[static::FIRST_NAME],
+ $attributes[static::LAST_NAME]
);
}
diff --git a/src/main/edu/wisc/doit/uwphps/preauth/FederatedPreauthUserDetailsProvider.php b/src/main/edu/wisc/doit/uwphps/preauth/FederatedPreauthUserDetailsProvider.php
index b5a85112f205b0dc132abb40cead76e72d2c387e..2f0454d7b1fb1178231b52bb8364b58e79df01a5 100644
--- a/src/main/edu/wisc/doit/uwphps/preauth/FederatedPreauthUserDetailsProvider.php
+++ b/src/main/edu/wisc/doit/uwphps/preauth/FederatedPreauthUserDetailsProvider.php
@@ -2,8 +2,8 @@
namespace edu\wisc\doit\uwphps\preauth;
-use edu\wisc\doit\uwphps\UWUserDetails;
use edu\wisc\doit\uwphps\UserDetailsProvider;
+use edu\wisc\doit\uwphps\UWUserDetails;
/**
* FederatedPreauthUserDetailsProvider is an implementation of {@link UserDetailsProvider} for loading users
@@ -14,40 +14,47 @@ use edu\wisc\doit\uwphps\UserDetailsProvider;
class FederatedPreauthUserDetailsProvider extends UserDetailsProvider
{
+ // Constants defining common header values
+ const SPVI = "eduWisconsinSPVI";
+ const EMAIL = "eduWisconsinEmailAddress";
+ const FULL_NAME = "eduWisconsinCommonName";
+ const FIRST_NAME = "eduWisconsinGivenName";
+ const LAST_NAME = "eduWisconsinSurname";
+
/**
* {@inheritdoc}
*/
public function loadUser()
{
// Return null if no Shib session is found
- if ($this->httpHeaders && !getenv(FederatedPreauthUserDetailsProvider::SHIB_SESSION_ID_HTTP) ||
- !$this->httpHeaders && !getenv(FederatedPreauthUserDetailsProvider::SHIB_SESSION_ID)) {
+ if ($this->httpHeaders && !getenv(static::SHIB_SESSION_ID_HTTP) ||
+ !$this->httpHeaders && !getenv(static::SHIB_SESSION_ID)) {
return null;
}
if ($this->httpHeaders) {
$userDetails = new UWUserDetails(
- getenv($this->mapAttribute(UserDetailsProvider::FED_EPPN)),
- getenv($this->mapAttribute(UserDetailsProvider::FED_SPVI)),
- getenv($this->mapAttribute(UserDetailsProvider::FED_FULLNAME)),
- getenv($this->mapAttribute(UserDetailsProvider::UDDS)),
- getenv($this->mapAttribute(UserDetailsProvider::FED_EMAIL)),
- getenv($this->mapAttribute(UserDetailsProvider::SOURCE)),
- getenv($this->mapAttribute(UserDetailsProvider::ISIS_EMPLID)),
- getenv($this->mapAttribute(UserDetailsProvider::FED_FIRST_NAME)),
- getenv($this->mapAttribute(UserDetailsProvider::FED_LAST_NAME))
+ getenv($this->mapAttribute(static::EPPN)),
+ getenv($this->mapAttribute(static::SPVI)),
+ getenv($this->mapAttribute(static::FULL_NAME)),
+ getenv($this->mapAttribute(static::UDDS)),
+ getenv($this->mapAttribute(static::EMAIL)),
+ getenv($this->mapAttribute(static::SOURCE)),
+ getenv($this->mapAttribute(static::ISIS_EMPLID)),
+ getenv($this->mapAttribute(static::FIRST_NAME)),
+ getenv($this->mapAttribute(static::LAST_NAME))
);
} else {
$userDetails = new UWUserDetails(
- getenv(UserDetailsProvider::FED_EPPN),
- getenv(UserDetailsProvider::FED_SPVI),
- getenv(UserDetailsProvider::FED_FULLNAME),
- getenv(UserDetailsProvider::UDDS),
- getenv(UserDetailsProvider::FED_EMAIL),
- getenv(UserDetailsProvider::SOURCE),
- getenv(UserDetailsProvider::ISIS_EMPLID),
- getenv(UserDetailsProvider::FED_FIRST_NAME),
- getenv(UserDetailsProvider::FED_LAST_NAME)
+ getenv(static::EPPN),
+ getenv(static::SPVI),
+ getenv(static::FULL_NAME),
+ getenv(static::UDDS),
+ getenv(static::EMAIL),
+ getenv(static::SOURCE),
+ getenv(static::ISIS_EMPLID),
+ getenv(static::FIRST_NAME),
+ getenv(static::LAST_NAME)
);
}
diff --git a/src/main/edu/wisc/doit/uwphps/preauth/PreauthUserDetailsProvider.php b/src/main/edu/wisc/doit/uwphps/preauth/PreauthUserDetailsProvider.php
index 77bcecc23141a583c35c4ea453be7d34b1cb9cdf..8925fdba7fcf16d29d4b55c223b9e174ef11f594 100644
--- a/src/main/edu/wisc/doit/uwphps/preauth/PreauthUserDetailsProvider.php
+++ b/src/main/edu/wisc/doit/uwphps/preauth/PreauthUserDetailsProvider.php
@@ -2,6 +2,9 @@
namespace edu\wisc\doit\uwphps\preauth;
+use edu\wisc\doit\uwphps\UserDetailsProvider;
+use edu\wisc\doit\uwphps\UWUserDetails;
+
/**
* PreauthUserDetailsProvider is an implementation of {@link UserDetailsProvider} for loading users authenticated
* with UW-Madison login.
@@ -11,12 +14,53 @@ namespace edu\wisc\doit\uwphps\preauth;
class PreauthUserDetailsProvider extends UserDetailsProvider
{
+ // Constants defining common header values
+ const PVI = 'wiscEduPVI';
+ const FULL_NAME = 'cn';
+ const EMAIL = 'mail';
+ const UDDS = 'wiscEduUDDS';
+ const ISIS_EMPLID = 'wiscEduIsisEmplid';
+ const FIRST_NAME = 'givenName';
+ const LAST_NAME = 'sn';
+
/**
* {@inheritdoc}
*/
public function loadUser()
{
+ // Return null if no Shib session is found
+ if ($this->httpHeaders && !getenv(static::SHIB_SESSION_ID_HTTP) ||
+ !$this->httpHeaders && !getenv(static::SHIB_SESSION_ID)) {
+ return null;
+ }
+
+ if ($this->httpHeaders) {
+ $userDetails = new UWUserDetails(
+ getenv($this->mapAttribute(static::EPPN)),
+ getenv($this->mapAttribute(static::PVI)),
+ getenv($this->mapAttribute(static::FULL_NAME)),
+ getenv($this->mapAttribute(static::UDDS)),
+ getenv($this->mapAttribute(static::EPPN)),
+ getenv($this->mapAttribute(static::SOURCE)),
+ getenv($this->mapAttribute(static::ISIS_EMPLID)),
+ getenv($this->mapAttribute(static::FIRST_NAME)),
+ getenv($this->mapAttribute(static::LAST_NAME))
+ );
+ } else {
+ $userDetails = new UWUserDetails(
+ getenv(static::EPPN),
+ getenv(static::PVI),
+ getenv(static::FULL_NAME),
+ getenv(static::UDDS),
+ getenv(static::EPPN),
+ getenv(static::SOURCE),
+ getenv(static::ISIS_EMPLID),
+ getenv(static::FIRST_NAME),
+ getenv(static::LAST_NAME)
+ );
+ }
+ return $userDetails;
}
}
diff --git a/src/main/resources/localuser.json b/src/main/resources/localuser.json
index a3a534459cfdc2a46fbf549dc978220726505e98..148a35285eddb928324f43eeb5153d1bafbb1fed 100644
--- a/src/main/resources/localuser.json
+++ b/src/main/resources/localuser.json
@@ -1,15 +1,15 @@
{
"eppn": "bbadger@wisc.edu",
- "eduWisconsinSPVI": "UW123A456",
+ "wiscEduPVI": "UW123A456",
"cn": "BUCKINGHAM BADGER",
- "eduWisconsinCommonName": "BUCKINGHAM BADGER",
- "eduWisconsinGivenName": "BUCKINGHAM",
- "eduWisconsinSurname": "BADGER",
- "udds": [
+ "cn": "BUCKINGHAM BADGER",
+ "givenName": "BUCKINGHAM",
+ "sn": "BADGER",
+ "wiscEduUDDS": [
"UW123A456",
"UW234A567"
],
- "eduWisconsinEmailAddress": "bucky.badger@wisc.edu",
+ "mail": "bucky.badger@wisc.edu",
"source": "a_source",
"isisEmplid": "123456789"
}
\ No newline at end of file
diff --git a/src/test/edu/wisc/doit/LocalUserDetailsProviderTest.php b/src/test/edu/wisc/doit/uwphps/local/LocalUserDetailsProviderTest.php
similarity index 88%
rename from src/test/edu/wisc/doit/LocalUserDetailsProviderTest.php
rename to src/test/edu/wisc/doit/uwphps/local/LocalUserDetailsProviderTest.php
index 35c73e0efa17186f3f3410b396c7820b3e373347..3ee4255ec27d37fdbcb9a26ca5aad246a38799a6 100644
--- a/src/test/edu/wisc/doit/LocalUserDetailsProviderTest.php
+++ b/src/test/edu/wisc/doit/uwphps/local/LocalUserDetailsProviderTest.php
@@ -8,9 +8,12 @@ use edu\wisc\doit\uwphps\local\LocalUserDetailsProvider;
class LocalUserDetailsProviderTest extends \PHPUnit_Framework_TestCase
{
- public function testLoadUser()
+ /**
+ * @test
+ */
+ public function loadUser()
{
- $userDetailsService = new LocalUserDetailsProvider(__DIR__ . "/../../../resources/localuser.json");
+ $userDetailsService = new LocalUserDetailsProvider(__DIR__ . "/../../../../../resources/localuser.json");
$user = $userDetailsService->loadUser();
$this->assertEquals("bbadger@wisc.edu", $user->getEppn());
$this->assertEquals("UW123A456", $user->getPvi());
@@ -21,4 +24,5 @@ class LocalUserDetailsProviderTest extends \PHPUnit_Framework_TestCase
$this->assertEquals("BUCKINGHAM", $user->getFirstName());
$this->assertEquals("BADGER", $user->getLastName());
}
+
}
diff --git a/src/test/edu/wisc/doit/HTTPFederatedPreauthUserDetailsProviderTest.php b/src/test/edu/wisc/doit/uwphps/preauth/HTTPFederatedPreauthUserDetailsProviderTest.php
similarity index 61%
rename from src/test/edu/wisc/doit/HTTPFederatedPreauthUserDetailsProviderTest.php
rename to src/test/edu/wisc/doit/uwphps/preauth/HTTPFederatedPreauthUserDetailsProviderTest.php
index c4f1d70ca5a453feb0ce3542e6181010c05c7e32..09ddc42697fbbf443fe78e2b730a38a36e7cbf2a 100644
--- a/src/test/edu/wisc/doit/HTTPFederatedPreauthUserDetailsProviderTest.php
+++ b/src/test/edu/wisc/doit/uwphps/preauth/HTTPFederatedPreauthUserDetailsProviderTest.php
@@ -16,12 +16,11 @@ class HTTPFederatedPreauthUserDetailsProviderTest extends \PHPUnit_Framework_Tes
private $userProvider;
/**
- * Populate putenv with Shib attributes to simulate a logged in user
+ * Populate $_SERVER with Shib attributes to simulate a logged in user
*/
protected function setUp()
{
- parent::setUp();
- $jsonString = file_get_contents(__DIR__ . "/../../../resources/testuser_http.json");
+ $jsonString = file_get_contents(__DIR__ . "/../../../../../resources/testuser_http.json");
if ($jsonString === false) {
return null;
}
@@ -29,19 +28,22 @@ class HTTPFederatedPreauthUserDetailsProviderTest extends \PHPUnit_Framework_Tes
$this->attributes = json_decode($jsonString, true);
$this->userProvider = new FederatedPreauthUserDetailsProvider();
- putenv($this->mapAttribute(UserDetailsProvider::FED_EPPN) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::FED_EPPN)]);
- putenv($this->mapAttribute(UserDetailsProvider::FED_SPVI) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::FED_SPVI)]);
- putenv($this->mapAttribute(UserDetailsProvider::FED_FULLNAME) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::FED_FULLNAME)]);
- putenv($this->mapAttribute(UserDetailsProvider::FED_FIRST_NAME) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::FED_FIRST_NAME)]);
- putenv($this->mapAttribute(UserDetailsProvider::FED_LAST_NAME) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::FED_LAST_NAME)]);
+ putenv($this->mapAttribute(UserDetailsProvider::EPPN) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::EPPN)]);
+ putenv($this->mapAttribute(FederatedPreauthUserDetailsProvider::SPVI) . '=' . $this->attributes[$this->mapAttribute(FederatedPreauthUserDetailsProvider::SPVI)]);
+ putenv($this->mapAttribute(FederatedPreauthUserDetailsProvider::FULL_NAME) . '=' . $this->attributes[$this->mapAttribute(FederatedPreauthUserDetailsProvider::FULL_NAME)]);
+ putenv($this->mapAttribute(FederatedPreauthUserDetailsProvider::FIRST_NAME) . '=' . $this->attributes[$this->mapAttribute(FederatedPreauthUserDetailsProvider::FIRST_NAME)]);
+ putenv($this->mapAttribute(FederatedPreauthUserDetailsProvider::LAST_NAME) . '=' . $this->attributes[$this->mapAttribute(FederatedPreauthUserDetailsProvider::LAST_NAME)]);
putenv($this->mapAttribute(UserDetailsProvider::UDDS) . '=' . implode(",", $this->attributes[$this->mapAttribute(UserDetailsProvider::UDDS)]));
- putenv($this->mapAttribute(UserDetailsProvider::FED_EMAIL) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::FED_EMAIL)]);
+ putenv($this->mapAttribute(FederatedPreauthUserDetailsProvider::EMAIL) . '=' . $this->attributes[$this->mapAttribute(FederatedPreauthUserDetailsProvider::EMAIL)]);
putenv($this->mapAttribute(UserDetailsProvider::SOURCE) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::SOURCE)]);
putenv($this->mapAttribute(UserDetailsProvider::ISIS_EMPLID) . '=' . $this->attributes[$this->mapAttribute(UserDetailsProvider::ISIS_EMPLID)]);
putenv(UserDetailsProvider::SHIB_SESSION_ID_HTTP . '=' . $this->attributes[UserDetailsProvider::SHIB_SESSION_ID_HTTP]);
}
- public function testLoadUser()
+ /**
+ * @test
+ */
+ public function loadUser()
{
$user = $this->userProvider->loadUser();
$this->assertNotNull($user);
@@ -55,7 +57,10 @@ class HTTPFederatedPreauthUserDetailsProviderTest extends \PHPUnit_Framework_Tes
$this->assertEquals("BADGER", $user->getLastName());
}
- public function testLoadUserWithNoEPPN()
+ /**
+ * @test
+ */
+ public function loadUserWithNoEPPN()
{
// Clear Shib session ID to simulate no session
putenv(UserDetailsProvider::SHIB_SESSION_ID_HTTP);
@@ -63,10 +68,13 @@ class HTTPFederatedPreauthUserDetailsProviderTest extends \PHPUnit_Framework_Tes
$this->assertNull($user);
}
- public function testLoadUserWithNoEmail()
+ /**
+ * @test
+ */
+ public function loadUserWithNoEmail()
{
// Clear email to simulate no email
- putenv('HTTP_' . strtoupper(UserDetailsProvider::FED_EMAIL));
+ putenv('HTTP_' . strtoupper(FederatedPreauthUserDetailsProvider::EMAIL));
$user = $this->userProvider->loadUser();
$this->assertFalse($user->getEmailAddress());
}
diff --git a/src/test/resources/localuser.json b/src/test/resources/localuser.json
index a3a534459cfdc2a46fbf549dc978220726505e98..447c367bf82a35a856e8fe729f5eb92cb62bfc86 100644
--- a/src/test/resources/localuser.json
+++ b/src/test/resources/localuser.json
@@ -1,15 +1,15 @@
{
"eppn": "bbadger@wisc.edu",
- "eduWisconsinSPVI": "UW123A456",
+ "wiscEduPVI": "UW123A456",
"cn": "BUCKINGHAM BADGER",
- "eduWisconsinCommonName": "BUCKINGHAM BADGER",
- "eduWisconsinGivenName": "BUCKINGHAM",
- "eduWisconsinSurname": "BADGER",
- "udds": [
+ "cn": "BUCKINGHAM BADGER",
+ "givenName": "BUCKINGHAM",
+ "sn": "BADGER",
+ "wiscEduUDDS": [
"UW123A456",
"UW234A567"
],
- "eduWisconsinEmailAddress": "bucky.badger@wisc.edu",
+ "mail": "bucky.badger@wisc.edu",
"source": "a_source",
- "isisEmplid": "123456789"
+ "wiscEduIsisEmplid": "123456789"
}
\ No newline at end of file