Added link account option

front/callback.php

@@ -7,9 +7,9 @@
 ini_set('display_startup_errors', 1);
 error_reporting(E_ALL);
 
-include ('../../../inc/includes.php');
+include('../../../inc/includes.php');
 
-$provider_id = PluginSinglesignonProvider::getCallbackParameters('provider');
+$provider_id = PluginSinglesignonToolbox::getCallbackParameters('provider');
 
 if (!$provider_id) {
    Html::displayErrorAndDie(__sso("Provider not defined."), false);
@@ -27,24 +27,33 @@
 
 $signon_provider->checkAuthorization();
 
-$test = PluginSinglesignonProvider::getCallbackParameters('test');
+$test = PluginSinglesignonToolbox::getCallbackParameters('test');
 
 if ($test) {
    Html::nullHeader("Login", $CFG_GLPI["root_doc"] . '/index.php');
    echo '<div class="left spaced">';
    echo '<pre>';
+   echo "### BEGIN ###\n";
    print_r($signon_provider->getResourceOwner());
+   echo "### END ###";
    echo '</pre>';
    Html::nullFooter();
    exit();
 }
 
+$user_id = Session::getLoginUserID();
 
 $REDIRECT = "";
 
-if ($signon_provider->login()) {
+if ($user_id || $signon_provider->login()) {
 
-   $params = PluginSinglesignonProvider::getCallbackParameters('q');
+   $user_id = $user_id ?: Session::getLoginUserID();
+
+   if ($user_id) {
+      $signon_provider->linkUser($user_id);
+   }
+
+   $params = PluginSinglesignonToolbox::getCallbackParameters('q');
 
    $url_redirect = '';
 

front/picture.send.php

@@ -22,4 +22,4 @@
    Html::displayErrorAndDie(__('File not found'), true); // Not found
 }
 
-Toolbox::sendFile($path, $logo);
+Toolbox::sendFile($path, "logo.png");

front/preference.form.php

@@ -0,0 +1,17 @@
+<?php
+
+include ('../../../inc/includes.php');
+
+Session::checkLoginUser();
+
+if (isset($_POST["update"])) {
+
+   $prefer = new PluginSinglesignonPreference(Session::getLoginUserID());
+   $prefer->loadProviders();
+
+   $prefer->update($_POST);
+
+   Html::back();
+} else {
+   Html::back();
+}

front/user.form.php

@@ -0,0 +1,17 @@
+<?php
+
+include('../../../inc/includes.php');
+
+Session::checkRight(User::$rightname, UPDATE);
+
+if (isset($_POST["update"]) && isset($_POST["user_id"])) {
+
+   $prefer = new PluginSinglesignonPreference((int) $_POST["user_id"]);
+   $prefer->loadProviders();
+
+   $prefer->update($_POST);
+
+   Html::back();
+} else {
+   Html::back();
+}

hook.php

@@ -20,14 +20,14 @@ function plugin_singlesignon_display_login() {
          $query['redirect'] = $_REQUEST['redirect'];
       }
 
-      $url = PluginSinglesignonProvider::getCallbackUrl($row['id'], $query);
-      $html[] = PluginSinglesignonProvider::renderButton($url, $row);
+      $url = PluginSinglesignonToolbox::getCallbackUrl($row['id'], $query);
+      $html[] = PluginSinglesignonToolbox::renderButton($url, $row);
    }
 
    if (!empty($html)) {
       echo '<div class="singlesignon-box">';
       echo implode(" \n", $html);
-      echo PluginSinglesignonProvider::renderButton('#', ['name' => __('GLPI')], 'vsubmit old-login');
+      echo PluginSinglesignonToolbox::renderButton('#', ['name' => __('GLPI')], 'vsubmit old-login');
       echo '</div>';
       ?>
       <style>
@@ -181,6 +181,18 @@ function plugin_singlesignon_install() {
                 ADD `color` varchar(7) DEFAULT NULL";
       $DB->query($query) or die("error adding picture column " . $DB->error());
    }
+   if (version_compare($currentVersion, "1.3.0", '<')) {
+      $query = "CREATE TABLE `glpi_plugin_singlesignon_providers_users` (
+         `id` int(11) NOT NULL AUTO_INCREMENT,
+         `plugin_singlesignon_providers_id` int(11) NOT NULL DEFAULT '0',
+         `users_id` int(11) NOT NULL DEFAULT '0',
+         `remote_id` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
+         PRIMARY KEY (`id`),
+         UNIQUE KEY `unicity` (`plugin_singlesignon_providers_id`,`users_id`),
+         UNIQUE KEY `unicity_remote` (`plugin_singlesignon_providers_id`,`remote_id`)
+       ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;";
+      $DB->query($query) or die("error creating glpi_plugin_singlesignon_providers_users " . $DB->error());
+   }
 
    Config::setConfigurationValues('singlesignon', [
       'version' => PLUGIN_SINGLESIGNON_VERSION,

inc/preference.class.php

@@ -0,0 +1,211 @@
+<?php
+
+class PluginSinglesignonPreference extends CommonDBTM {
+
+   static protected $notable = true;
+   static $rightname = '';
+
+   // Provider data
+   public $user_id = null;
+   public $providers = [];
+   public $providers_users = [];
+
+   public function __construct($user_id = null) {
+      parent::__construct();
+
+      $this->user_id = $user_id;
+   }
+
+   public function loadProviders() {
+      $signon_provider = new PluginSinglesignonProvider();
+
+      $condition = '`is_active` = 1';
+      if (version_compare(GLPI_VERSION, '9.4', '>=')) {
+         $condition = [$condition];
+      }
+      $this->providers = $signon_provider->find($condition);
+
+      $provider_user = new PluginSinglesignonProvider_User();
+
+      $condition = "`users_id` = {$this->user_id}";
+      if (version_compare(GLPI_VERSION, '9.4', '>=')) {
+         $condition = [$condition];
+      }
+      $this->providers_users = $provider_user->find($condition);
+   }
+
+   public function update(array $input, $history = 1, $options = []) {
+      if (!isset($input['_remove_sso']) || !is_array($input['_remove_sso'])) {
+         return false;
+      }
+
+      $ids = $input['_remove_sso'];
+      if (empty($ids)) {
+         return false;
+      }
+
+      $provider_user = new PluginSinglesignonProvider_User();
+      $condition = "`users_id` = {$this->user_id} AND `id` IN (" . implode(',', $ids) . ")";
+      if (version_compare(GLPI_VERSION, '9.4', '>=')) {
+         $condition = [$condition];
+      }
+
+      $providers_users = $provider_user->find($condition);
+
+      foreach ($providers_users as $pu) {
+         $provider_user->delete($pu);
+      }
+   }
+
+   function getTabNameForItem(CommonGLPI $item, $withtemplate = 0) {
+      switch (get_class($item)) {
+         case 'Preference':
+         case 'User':
+            return [1 => __sso('Single Sign-on')];
+         default:
+            return '';
+      }
+   }
+
+   static function displayTabContentForItem(CommonGLPI $item, $tabnum = 1, $withtemplate = 0) {
+      switch (get_class($item)) {
+         case 'User':
+            $prefer = new self($item->fields['id']);
+            $prefer->loadProviders();
+            $prefer->showFormUser($item);
+            break;
+         case 'Preference':
+            $prefer = new self(Session::getLoginUserID());
+            $prefer->loadProviders();
+            $prefer->showFormPreference($item);
+            break;
+      }
+      return true;
+   }
+
+   function showFormUser(CommonGLPI $item) {
+      global $CFG_GLPI;
+
+      if (!User::canView()) {
+         return false;
+      }
+      $canedit = Session::haveRight(User::$rightname, UPDATE);
+      if ($canedit) {
+         echo "<form name='form' action=\"" . $CFG_GLPI['root_doc'] . "/plugins/singlesignon/front/user.form.php\" method='post'>";
+      }
+      echo Html::hidden('user_id', ['value' => $this->user_id]);
+
+      echo "<div class='center' id='tabsbody'>";
+      echo "<table class='tab_cadre_fixe'>";
+
+      echo "<tr><th colspan='4'>" . __('Settings') . "</th></tr>";
+
+      $this->showFormDefault($item);
+
+      if ($canedit) {
+         echo "<tr class='tab_bg_2'>";
+         echo "<td colspan='4' class='center'>";
+         echo "<input type='submit' name='update' class='submit' value=\"" . _sx('button', 'Save') . "\">";
+         echo "</td></tr>";
+      }
+
+      echo "</table></div>";
+      Html::closeForm();
+   }
+
+   function showFormPreference(CommonGLPI $item) {
+      $user = new User();
+      if (!$user->can($this->user_id, READ) && ($this->user_id != Session::getLoginUserID())) {
+         return false;
+      }
+      $canedit = $this->user_id == Session::getLoginUserID();
+
+      if ($canedit) {
+         echo "<form name='form' action=\"" . Toolbox::getItemTypeFormURL(__CLASS__) . "\" method='post'>";
+      }
+
+      echo "<div class='center' id='tabsbody'>";
+      echo "<table class='tab_cadre_fixe'>";
+
+      echo "<tr><th colspan='4'>" . __('Settings') . "</th></tr>";
+
+      $this->showFormDefault($item);
+
+      if ($canedit) {
+         echo "<tr class='tab_bg_2'>";
+         echo "<td colspan='4' class='center'>";
+         echo "<input type='submit' name='update' class='submit' value=\"" . _sx('button', 'Save') . "\">";
+         echo "</td></tr>";
+      }
+
+      echo "</table></div>";
+      Html::closeForm();
+   }
+
+   function showFormDefault(CommonGLPI $item) {
+      echo "<tr class='tab_bg_2'>";
+      echo "<td> " . __sso('Single Sign-on Provider') . "</td><td>";
+
+      foreach ($this->providers as $p) {
+         switch (get_class($item)) {
+            case 'User':
+               $redirect = $item->getFormURLWithID($this->user_id, true);
+               break;
+            case 'Preference':
+               $redirect = $item->getSearchURL(false);
+               break;
+            default:
+               $redirect = '';
+         }
+
+         $url = PluginSinglesignonToolbox::getCallbackUrl($p['id'], ['redirect' => $redirect]);
+
+         echo PluginSinglesignonToolbox::renderButton($url, $p);
+         echo " ";
+      }
+
+      echo "</td></tr>";
+
+      echo "<tr class='tab_bg_2'>";
+
+      if (!empty($this->providers_users)) {
+         echo "<tr><th colspan='2'>" . __sso('Linked accounts') . "</th></tr>";
+
+         foreach ($this->providers_users as $pu) {
+            /** @var PluginSinglesignonProvider */
+            $provider = PluginSinglesignonProvider::getById($pu['plugin_singlesignon_providers_id']);
+
+            echo "<tr><td>";
+            echo $provider->fields['name'] . ' (ID:' . $pu['remote_id'] . ')';
+            echo "</td><td>";
+            echo Html::getCheckbox([
+               'title' => __('Clear'),
+               'name'  => "_remove_sso[]",
+               'value'  => $pu['id'],
+            ]);
+            echo "&nbsp;" . __('Clear');
+            echo "</td></tr>";
+         }
+      }
+
+      ?>
+      <script type="text/javascript">
+         $(document).ready(function() {
+
+            // On click, open a popup
+            $(document).on("click", ".singlesignon.oauth-login", function(e) {
+               e.preventDefault();
+
+               var url = $(this).attr("href");
+               var left = ($(window).width() / 2) - (600 / 2);
+               var top = ($(window).height() / 2) - (800 / 2);
+               var newWindow = window.open(url, "singlesignon", "width=600,height=800,left=" + left + ",top=" + top);
+               if (window.focus) {
+                  newWindow.focus();
+               }
+            });
+         });
+      </script>
+      <?php
+   }
+}