File: /home/nexper/public_html/crm/modules/Users/authentication/SAMLAuthenticate/SAMLAuthenticate.php
<?php
if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
/*********************************************************************************
* SugarCRM Community Edition is a customer relationship management program developed by
* SugarCRM, Inc. Copyright (C) 2004-2013 SugarCRM Inc.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU Affero General Public License version 3 as published by the
* Free Software Foundation with the addition of the following permission added
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
* IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
* OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
* You should have received a copy of the GNU Affero General Public License along with
* this program; if not, see http://www.gnu.org/licenses or write to the Free
* Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301 USA.
*
* You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
* SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU Affero General Public License version 3.
*
* In accordance with Section 7(b) of the GNU Affero General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "Powered by
* SugarCRM" logo. If the display of the logo is not reasonably feasible for
* technical reasons, the Appropriate Legal Notices must display the words
* "Powered by SugarCRM".
********************************************************************************/
/**
* This file is used to control the authentication process.
* It will call on the user authenticate and controll redirection
* based on the users validation
*
*/
require_once('modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php');
require_once('modules/Users/authentication/SAMLAuthenticate/lib/onelogin/saml.php');
class SAMLAuthenticate extends SugarAuthenticate {
var $userAuthenticateClass = 'SAMLAuthenticateUser';
var $authenticationDir = 'SAMLAuthenticate';
/**
* Constructs SAMLAuthenticate
* This will load the user authentication class
*
* @return SAMLAuthenticate
*/
function SAMLAuthenticate(){
parent::SugarAuthenticate();
}
/**
* pre_login
*
* Override the pre_login function from SugarAuthenticate so that user is
* redirected to SAML entry point if other is not specified
*/
function pre_login()
{
parent::pre_login();
$this->redirectToLogin($GLOBALS['app']);
}
/**
* Called when a user requests to logout
*
* Override default behavior. Redirect user to special "Logged Out" page in
* order to prevent automatic logging in.
*/
public function logout() {
session_destroy();
ob_clean();
header('Location: index.php?module=Users&action=LoggedOut');
sugar_cleanup(true);
}
/**
* Redirect to login page
*
* @param SugarApplication $app
*/
public function redirectToLogin(SugarApplication $app)
{
require(get_custom_file_if_exists('modules/Users/authentication/SAMLAuthenticate/settings.php'));
$loginVars = $app->createLoginVars();
// $settings - variable from modules/Users/authentication/SAMLAuthenticate/settings.php
$settings->assertion_consumer_service_url .= htmlspecialchars($loginVars);
$authRequest = new SamlAuthRequest($settings);
$url = $authRequest->create();
$app->redirect($url);
}
}