From e4a242df30d086625e49f5404bf3b7f75b2f72fb Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 23 Jun 2008 08:51:16 +0000
Subject: [PATCH] Auth MemCookie: Add support for shib13 authentication.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@692 44740490-163a-0410-bde0-09ae8108e29a
---
 config-templates/authmemcookie.php |  6 ++++++
 lib/SimpleSAML/AuthMemCookie.php   | 19 +++++++++++++++++++
 www/authmemcookie.php              | 26 +++++++++++++++++++++-----
 3 files changed, 46 insertions(+), 5 deletions(-)

diff --git a/config-templates/authmemcookie.php b/config-templates/authmemcookie.php
index 537c07c83..b9f585d29 100644
--- a/config-templates/authmemcookie.php
+++ b/config-templates/authmemcookie.php
@@ -6,6 +6,12 @@
 
 $config = array(
 
+	/*
+	 * What type of login Auth MemCookie will use. Can be either 'saml2' or 'shib13'.
+	 * The default value is 'saml2'.
+	 */
+	'loginmethod' => 'saml2',
+
 	/*
 	 * This is the name of the cookie we should save the session id in. The value of this option must match the
 	 * Auth_memCookie_CookieName option in the Auth MemCookie configuration. The default value is 'AuthMemCookie'.
diff --git a/lib/SimpleSAML/AuthMemCookie.php b/lib/SimpleSAML/AuthMemCookie.php
index a316041d9..b9ec11f8f 100644
--- a/lib/SimpleSAML/AuthMemCookie.php
+++ b/lib/SimpleSAML/AuthMemCookie.php
@@ -46,6 +46,25 @@ class SimpleSAML_AuthMemCookie {
 	}
 
 
+	/**
+	 * Retrieve the login method which should be used to authenticate the user.
+	 *
+	 * @return  The login type which should be used for Auth MemCookie.
+	 */
+	public function getLoginMethod() {
+		$loginMethod = $this->amcConfig->getValue('loginmethod', 'saml2');
+		$supportedLogins = array(
+			'saml2',
+			'shib13',
+			);
+		if(!in_array($loginMethod, $supportedLogins, TRUE)) {
+			throw new Exception('Configuration option \'loginmethod\' contains an invalid value.');
+		}
+
+		return $loginMethod;
+	}
+
+
 	/**
 	 * This function retrieves the name of the cookie from the configuration.
 	 *
diff --git a/www/authmemcookie.php b/www/authmemcookie.php
index 4fcb18cb7..fa6c40e05 100644
--- a/www/authmemcookie.php
+++ b/www/authmemcookie.php
@@ -26,11 +26,27 @@ try {
 	$amc = SimpleSAML_AuthMemCookie::getInstance();
 
 	/* Check if the user is authorized. We attempt to authenticate the user if not. */
-	if (!$session->isValid('saml2') ) {
-		SimpleSAML_Utilities::redirect(
-			'/' . $globalConfig->getBaseURL() . 'saml2/sp/initSSO.php',
-			array('RelayState' => SimpleSAML_Utilities::selfURL())
-			);
+	$loginMethod = $amc->getLoginMethod();
+	switch($loginMethod) {
+	case 'saml2':
+		if (!$session->isValid('saml2') ) {
+			SimpleSAML_Utilities::redirect(
+				'/' . $globalConfig->getBaseURL() . 'saml2/sp/initSSO.php',
+				array('RelayState' => SimpleSAML_Utilities::selfURL())
+				);
+		}
+		break;
+	case 'shib13':
+		if (!$session->isValid('shib13') ) {
+			SimpleSAML_Utilities::redirect(
+				'/' . $globalConfig->getBaseURL() . 'shib13/sp/initSSO.php',
+				array('RelayState' => SimpleSAML_Utilities::selfURL())
+				);
+		}
+		break;
+	default:
+		/* Should never happen, as the login method is checked in the AuthMemCookie class. */
+		throw new Exception('Invalid login method.');
 	}
 
 
-- 
GitLab