passkey.module

<?php
/**
* Implementation of hook_help().
*/
function passkey_help($path, $arg) {
    switch ( $path ) {
        case 'admin/help#passkey': {
            return( '<p>' . t('Authentication to Drupal with an external system.') . '</p>' );
        }
    }
}

function passkey_menu() {
  $items = array();

  $items['admin/config/people/passkey_role'] = array(
    'title' => t('Passkey'),
    'description' => t('Choose which module will handle Passkey authorization and assign users who log in with Passkey to a role.'),
    'page callback' => 'drupal_get_form',
    'page arguments' => array('passkey_admin_settings'),
    'access arguments' => array('administer users'),
  );

  return $items;
}

/**
   * Implementation of hook_form_alter().
   *
   * Change the normal form login form behaviour.
   */
function passkey_form_user_login_alter(&$form, $form_state) {
    $form['#validate'] = array('user_login_name_validate', 'passkey_login_validate', 'user_login_final_validate');
}

/**
* authenticate a user using an external account
*/
function passkey_login_validate( $form, &$form_state ) {
  $user = $form_state['values']['name'];
  $pass = $form_state['values']['pass'];
  $function = variable_get('passkey_hook', '') .'_passkey_auth';
  if (!function_exists($function)) {
    form_set_error('', t('Login on this site is misconfigured. Please contact the site owner.'));
    watchdog('passkey', 'Passkey is not configured properly. @function does not exist.',
     array('@function' => $function),
     WATCHDOG_ERROR
     );
    return;
  }
  if ($function($user, $pass)) {
    $account = user_external_load($user);
    if (!isset($account->uid)) {
      user_external_login_register($user, 'passkey' );
      $account = user_external_load($user);   
      $form_state['uid'] = $account->uid;
      passkey_add_role($account->uid);   
      watchdog('passkey', "$user first login with Passkey");
    } else {
      $form_state['uid'] = $account->uid;
      watchdog('passkey', "$user logged in with Passkey");      
    }
  }
  // If external auth fails, do nothing and Drupal sees this as a rejection
}

function passkey_form_user_register_form_alter(&$form, &$form_state) {
  drupal_set_message('register validate');
  $form['#validate'] = 'passkey_register';
}

function passkey_register($form, &$form_state) {
  $function = variable_get('passkey_hook', '') .'_passkey_register';
  $result = $function($form_state['values']);
  $result = passkey_api_call($function, $user);

  if (is_array($result)) {
    if (!empty($result['goto'])) {
      drupal_goto($result['goto']);
    } else {
      drupal_goto('<front>');
    }    
  }
}

function passkey_add_role($uid)  {
  $rid = variable_get('passkey_roles', '');
  // check to see if the user already has this role assigned to them
  $results = db_select('users_roles', 'r')
    ->fields('r', array('rid'))
    ->condition('r.uid', $uid)
    ->condition('r.rid', $rid)
    ->execute();
  // if not, add the role
  if ($results->rowCount() == 0)  {
    $insert = db_insert('users_roles')
      ->fields(array(
        'uid' => $uid,
        'rid' => $rid,
      ))
      ->execute();
  }
}

function passkey_user( $op, &$edit, &$account, $category = null ) {
    switch( $op ) {

        case('update'): {
          // Don't allow users to update their account
          unset($edit);
          drupal_set_message( 'Accounts must be edited in remote system, not here.', 'error' );
        }
    }
}

function passkey_admin_settings() {
  $modules = module_implements('passkey_auth');
  foreach ($modules as $name) {
    $options[$name] = $name;
  }
  $form['passkey_hook'] = array(
    '#type' => 'select',
    '#title' => t('Which module would you like to handle auth for you?'),
    '#options' => $options,
    '#default_value' => variable_get('passkey_hook', ''),
  );
  $roles = user_roles(TRUE);
  unset($roles['2']);
  $form['passkey_roles'] = array(
    '#type' => 'radios',
    '#title' => t('Select role to automatically assign to users who log in via Passkey'),
    '#options' => $roles,
    '#default_value' => variable_get('passkey_roles', ''),
    '#description' => t('The selected role will be assigned to anyone who logs in with a remote account.'),
  );
  return system_settings_form($form);
}


/*
alter user profile form
*/
function passkey_form_user_profile_form_alter(&$form, &$form_state, $form_id){
/*
removed default validation functions
    [0] => user_account_form_validate
    [1] => user_validate_current_pass
    [2] => user_validate_picture
    [3] => user_profile_form_validate
    [4] => logintoboggan_user_edit_validate
*/	  

	$form['#validate'] = array('passkey_user_profile_validate');
    
}

/*
user profile form validation function
*/
function passkey_user_profile_validate(&$form, &$form_state) {
	foreach($form_state['values'] as $key => $value){
	  $userinfo[$key] = $value;
	 }
	  $function = variable_get('passkey_hook', '') .'_passkey_user_profile';
	  $user = $userinfo['name'];
	  
	  //response from module function
	  $resp = passkey_api_call($function, $userinfo);
    
    if ($resp == false) {
      watchdog('passkey', "Could not update account for $user");  
    }else{
      watchdog('passkey', "$user - Account updated successfully");    
    }
}

/**
   * Implementation of hook_form_alter().
   *
   * Change the password recovery form behavoir
   */
function passkey_form_user_pass_alter(&$form, &$form_state) {
  drupal_set_message('register validate');
  $form['#validate'][] = 'passkey_recover';
}

function passkey_recover($form, &$form_state) {
  $user = $form_state['values']['name'];
  $function = variable_get('passkey_hook', '') .'_passkey_recover';
  $resp = passkey_api_call($function, $user);
  if (!$resp) {
    watchdog('passkey', "Could not process new password request for $user");  
  } else {
    watchdog('passkey', "$user has requested a new password");    
  }
}

function passkey_api_call() {
  $args = func_get_args();
  $function = array_shift($args);
  $result = $function($args);
  
  foreach ($result['messages'] as $message) {
    $type = (array_key_exists('type', $message) && !empty($message['type'])) ? $message['type'] : 'status';
    drupal_set_message($message['text'], $type);
  }
  // Let the module respond with a list of errors
  if (array_key_exists('errors', $result)) {
    foreach ($result['errors'] as $error) {
      form_set_error('', $error);      
    }
    return false;    
  }
  return $result;
}

?>