[owncloud-devel] user_cas broken

Kapetanakis Giannis bilias at edu.physics.uoc.gr
Mon Mar 31 10:55:09 MET 2014


I had problems with user_cas.

The app was not usable: the user did not login. No error.
The settings page was not usable: could not save any settings

So, here is a proposed patch that works for me.

My only hesitation is that I replaced
OC_User::userExists($uid) with OC_User_Database::userExists($uid)
because the first always returned true even if the user did not exist in 
the database.
That happened because the user was always cached. Something is wrong 
with this logic...

Anyway here is the patch.


diff -wrNu /tmp/apps/user_cas/lib/hooks.php user_cas/lib/hooks.php
--- /tmp/apps/user_cas/lib/hooks.php	2014-03-31 12:41:39.573647766 +0300
+++ user_cas/lib/hooks.php	2014-03-31 12:31:51.778568154 +0300
@@ -35,7 +35,7 @@
  
  			if ($cas_uid == $uid) {
  				if (array_key_exists($casBackend->mailMapping, $attributes)) {
-					$cas_email = $attributes[$casBackend->mailMapping][0];
+					$cas_email = $attributes[$casBackend->mailMapping];
  				}
  
  				if (array_key_exists($casBackend->groupMapping, $attributes)) {
@@ -46,17 +46,18 @@
  					OC_Log::write('cas','Using default group "'.$casBackend->defaultGroup.'" for the user: '.$uid, OC_Log::DEBUG);
  				}
  
-				if (!OC_User::userExists($uid)) {
+				if (!OC_User_Database::userExists($uid)) {
  					if (preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $uid)) {
  						OC_Log::write('cas','Invalid username "'.$uid.'", allowed chars "a-zA-Z0-9" and "_. at -" ',OC_Log::DEBUG);
  						return false;
  					}
  					else {
-						$random_password = OC_Util::generate_random_bytes(20);
+						$random_password = OC_Util::generateRandomBytes(20);
  						OC_Log::write('cas','Creating new user: '.$uid, OC_Log::DEBUG);
-						OC_User::createUser($uid, $random_password);
+						$user = new OC_User_Database;
+						$user->createUser($uid, $random_password);
  
-						if(OC_User::userExists($uid)) {
+						if(OC_User_Database::userExists($uid)) {
  							if (isset($cas_email)) {
  								update_mail($uid, $cas_email);
  
diff -wrNu /tmp/apps/user_cas/settings.php user_cas/settings.php
--- /tmp/apps/user_cas/settings.php	2014-03-31 12:41:39.573647766 +0300
+++ user_cas/settings.php	2014-03-31 12:40:19.876636969 +0300
@@ -23,7 +23,7 @@
  
  OC_Util::checkAdminUser();
  
-$params = array('cas_server_version', 'cas_server_hostname', 'cas_server_port', 'cas_server_path', 'cas_autocreate', 'cas_update_user_data', 'cas_protected_groups', 'cas_default_group', 'cas_email_mapping', 'cas_group_mapping');
+$params = array('cas_server_version', 'cas_server_hostname', 'cas_server_port', 'cas_server_path', 'cas_autocreate', 'cas_update_user_data', 'cas_protected_groups', 'cas_default_group', 'cas_email_mapping', 'cas_group_mapping', 'cas_cert_path');
  
  OCP\Util::addscript('user_cas', 'settings');
  
@@ -57,7 +57,7 @@
  $tmpl->assign( 'cas_server_hostname', OCP\Config::getAppValue('user_cas', 'cas_server_hostname', ''));
  $tmpl->assign( 'cas_server_port', OCP\Config::getAppValue('user_cas', 'cas_server_port', '443'));
  $tmpl->assign( 'cas_server_path', OCP\Config::getAppValue('user_cas', 'cas_server_path', '/cas'));
-$tmpl->assign( 'cas_cert_path', OCP\Config::getAppValue('user_cas', 'cas_cer_path', ''));
+$tmpl->assign( 'cas_cert_path', OCP\Config::getAppValue('user_cas', 'cas_cert_path', ''));
  
  $tmpl->assign( 'cas_autocreate', OCP\Config::getAppValue('user_cas', 'cas_autocreate', 0));
  $tmpl->assign( 'cas_update_user_data', OCP\Config::getAppValue('user_cas', 'cas_update_user_data', 0));
diff -wrNu /tmp/apps/user_cas/templates/settings.php user_cas/templates/settings.php
--- /tmp/apps/user_cas/templates/settings.php	2014-03-31 12:41:39.573647766 +0300
+++ user_cas/templates/settings.php	2014-03-28 17:08:55.672215644 +0200
@@ -13,20 +13,10 @@
  	<fieldset id="casSettings-1">
  		<p><label for="cas_server_version"><?php p($l->t('CAS Server Version'));?></label>
  		<select id="cas_server_version" name="cas_server_version">
-	<?php
-		if($_['cas_server_version'] == '2.0') {
-	?>
-			<option value="2.0" selected>CAS 2.0</option>
-			<option value="1.0">CAS 1.0</option>
-	<?php
-		}
-		else {
-	?>
-                        <option value="2.0">CAS 2.0</option>
-                        <option value="1.0" selected>CAS 1.0</option>
-	<?php
-		}
-	?>
+			<?php $version = $_['cas_server_version'];?>
+			<option value="S1" <?php echo $version=='S1'?'selected':''; ?>>SAML 1.1</option>
+			<option value="2.0" <?php echo $version=='2.0'?'selected':''; ?>>CAS 2.0</option>
+			<option value="1.0" <?php echo $version=='1.0'?'selected':''; ?>>CAS 1.0</option>
  		</select>
  		</p>
  		<p><label for="cas_server_hostname"><?php p($l->t('CAS Server Hostname'));?></label><input type="text" id="cas_server_hostname" name="cas_server_hostname" value="<?php p($_['cas_server_hostname']); ?>"></p>
@@ -34,7 +24,6 @@
  		<p><label for="cas_server_path"><?php p($l->t('CAS Server Path'));?></label><input type="text" id="cas_server_path" name="cas_server_path" value="<?php p($_['cas_server_path']); ?>"></p>
                  <p><label for="cas_cert_path"><?php p($l->t('Certification file path (.crt). Leave empty if dont want to validate'));?></label><input type="text" id="cas_cert_path" name="cas_cert_path" value="<?php p($_['cas_cert_path']); ?>"></p>
  
-
  	</fieldset>
  	<fieldset id="casSettings-2">
  	<p><label for="cas_autocreate"><?php p($l->t('Autocreate user after cas login?'));?></label><input type="checkbox" id="cas_autocreate" name="cas_autocreate" <?php print_unescaped((($_['cas_autocreate'] != false) ? 'checked="checked"' : '')); ?>></p>
@@ -46,6 +35,7 @@
  		<p><label for="cas_email_mapping"><?php p($l->t('Email'));?></label><input type="text" id="cas_email_mapping" name="cas_email_mapping" value="<?php p($_['cas_email_mapping']); ?>" /></p>
  		<p><label for="cas_group_mapping"><?php p($l->t('Group'));?></label><input type="text" id="cas_group_mapping" name="cas_group_mapping" value="<?php p($_['cas_group_mapping']); ?>" /></p>
  	</fieldset>
+	<input type="hidden" value="<?php p($_['requesttoken']); ?>" name="requesttoken" />
  	<input type="submit" value="Save" />
  	</div>
  



More information about the Devel mailing list