UserPassBase: Make it possible to force which username should be used.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1468 44740490-163a-0410-bde0-09ae8108e29a

modules/core/lib/Auth/UserPassBase.php

@@ -25,6 +25,15 @@ abstract class sspmod_core_Auth_UserPassBase extends SimpleSAML_Auth_Source {
 	const AUTHID = 'sspmod_core_Auth_UserPassBase.AuthId';
 
 
+	/**
+	 * Username we should force.
+	 *
+	 * A forced username cannot be changed by the user.
+	 * If this is NULL, we won't force any username.
+	 */
+	private $forcedUsername;
+
+
 	/**
 	 * Constructor for this authentication source.
 	 *
@@ -43,6 +52,17 @@ abstract class sspmod_core_Auth_UserPassBase extends SimpleSAML_Auth_Source {
 	}
 
 
+	/**
+	 * Set forced username.
+	 *
+	 * @param string|NULL $forcedUsername  The forced username.
+	 */
+	public function setForcedUsername($forcedUsername) {
+		assert('is_string($forcedUsername) || is_null($forcedUsername)');
+		$this->forcedUsername = $forcedUsername;
+	}
+
+
 	/**
 	 * Initialize login.
 	 *
@@ -57,6 +77,11 @@ abstract class sspmod_core_Auth_UserPassBase extends SimpleSAML_Auth_Source {
 		/* We are going to need the authId in order to retrieve this authentication source later. */
 		$state[self::AUTHID] = $this->authId;
 
+		/* What username we should force, if any. */
+		if ($this->forcedUsername !== NULL) {
+			$state['forcedUsername'] = $this->forcedUsername;
+		}
+
 		$id = SimpleSAML_Auth_State::saveState($state, self::STAGEID);
 
 		$url = SimpleSAML_Module::getModuleURL('core/loginuserpass.php');

modules/core/templates/loginuserpass.php

@@ -33,7 +33,15 @@ if ($this->data['errorcode'] !== NULL) {
 		<tr>
 			<td rowspan="3"><img src="/<?php echo $this->data['baseurlpath']; ?>resources/icons/pencil.png" alt="" /></td>
 			<td style="padding: .3em;"><?php echo $this->t('{login:username}'); ?></td>
-			<td><input type="text" id="username" tabindex="1" name="username" value="<?php echo htmlspecialchars($this->data['username']); ?>" /></td>
+			<td>
+<?php
+if ($this->data['forceUsername']) {
+	echo '<strong style="font-size: medium">' . htmlspecialchars($this->data['username']) . '</strong>';
+} else {
+	echo '<input type="text" id="username" tabindex="1" name="username" value="' . htmlspecialchars($this->data['username']) . '" />';
+}
+?>
+			</td>
 			<td style="padding: .4em;" rowspan="3">
 				<input type="submit" tabindex="4" value="<?php echo $this->t('{login:login_button}'); ?>" />
 			</td>

modules/core/www/loginuserpass.php

@@ -32,6 +32,11 @@ if (array_key_exists('password', $_REQUEST)) {
 
 if (!empty($username) || !empty($password)) {
 	/* Either username or password set - attempt to log in. */
+
+	if (array_key_exists('forcedUsername', $state)) {
+		$username = $state['forcedUsername'];
+	}
+
 	$errorCode = sspmod_core_Auth_UserPassBase::handleLogin($authStateId, $username, $password);
 } else {
 	$errorCode = NULL;
@@ -40,7 +45,13 @@ if (!empty($username) || !empty($password)) {
 $globalConfig = SimpleSAML_Configuration::getInstance();
 $t = new SimpleSAML_XHTML_Template($globalConfig, 'core:loginuserpass.php');
 $t->data['stateparams'] = array('AuthState' => $authStateId);
-$t->data['username'] = $username;
+if (array_key_exists('forcedUsername', $state)) {
+	$t->data['username'] = $state['forcedUsername'];
+	$t->data['forceUsername'] = TRUE;
+} else {
+	$t->data['username'] = $username;
+	$t->data['forceUsername'] = FALSE;
+}
 $t->data['errorcode'] = $errorCode;
 $t->show();
 exit();