Hello Guys,
i'd like to integrate OsTicket into a SSO Environment.
After some research i got some idea on how to initiate a usersession, but somehow the session is not accepted my OsTicket. Please give me a hint, how to get a staff session working with just a known username.
Thanks
<?php
/*
* Signature-Based Single Sign-On Framework
* TPA Adapter for
* osticket staff
*
* Version : 0.1
* Last update : 17.11.2013
*
* (c) Kay Strobach, Dresden, Germany
* http://www.kay-strobach.de
*/
/**
* function which is called after including this file in the SSO-Agent.
*
* <USERMENTION username="param">@param</USERMENTION>
* User_Name string Username the Session will be created for
* remote_addr string Remoteaddress of the users system
* agent string Browser
* sso_url string Url where the user will be redirected after establishing a session for him
*
* <USERMENTION username="return">@return</USERMENTION> string return the session data
*
* Leave stubs if you dont need all four params.
*/
function sso($User_Name,$remote_addr,$agent,$sso_url,$sso_version="",$sso_action="",$sso_userdata="") {
global $ost;
try {
//do basic check
if ($sso_version == "") return array("Error"=>"sso version out of date");
//unpack userdata
$sso_userdata = process_userdata($sso_userdata);
//generate name
$name = explode(' ',$sso_userdata);
// init framework
require_once('upload/main.inc.php');
if(!defined('INCLUDE_DIR')) die('Fatal Error. Kwaheri!');
require_once(INCLUDE_DIR.'class.staff.php');
require_once(INCLUDE_DIR.'class.csrf.php');
// decide sso action
switch($sso_action){
case 'create_modify':
break;
// perform logon for given $User_Name
case 'logon':
if(($user=new StaffSession(trim($User_Name))) && $user->getId()) {
Staff:($user, $User_Name);
Signal:('auth.login.succeeded', $user);
$user->cancelResetTokens();
} else {
throw new Exception('sry i do not know who you are ');
}
//return auth result
$return_val = array();
$return_val += array( "redirecturl" => $sso_url);
// pass session data to the SSO-Agent
return $return_val;
break;
}
} catch(Exception $e) {
echo $e->getMessage();
die('error');
}
}
/*
* return the protocol version
*/
function get_version(){
return "2.0";
}
/*
* process the userdata string and return an associative array
*
* <USERMENTION username="param">@param</USERMENTION> string $sso_userdata: the data from fe_users (pipe-separated)
* <USERMENTION username="return">@return</USERMENTION> array $data: the userdata
*/
function process_userdata($sso_userdata){
$sso_userdata = split("\|",$sso_userdata);
for ($i=0;$i<count($sso_userdata);$i++) {
$sso_userdata=split("=",$sso_userdata);
$data[$sso_userdata=$sso_userdata;
}
unset ($sso_userdata);
return $data;
}
?>
I think there is something missing in the case 'logon' the code is based on the login.php shipped with OsTicket 1.7.x