Skip to content

Commit

Permalink
Support Shibboleth in KohaRest driver (#3296)
Browse files Browse the repository at this point in the history
  • Loading branch information
?/θ authored Jan 10, 2024
1 parent 7674a54 commit 840293a
Show file tree
Hide file tree
Showing 2 changed files with 63 additions and 16 deletions.
8 changes: 8 additions & 0 deletions config/vufind/KohaRest.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,14 @@ clientSecret = ""
; end. Leave this commented out to omit OPAC links.
;opacURL = "http://koha-server/cgi-bin/koha/opac-detail.pl?biblionumber=%%id%%"

; If we trust our authentication source and know it to be the same as the one used by
; Koha then we can choose to not validate our patron's passwords (Useful if you are
; using SAML/Shibboleth for authentication for both VuFind and Koha)
;
; It is strongly recommended that you set allowUserLogin to false in the [Catalog] section
; of config.ini when setting this value to true.
dontValidatePasswords = false

; This section controls hold behavior; note that you must also ensure that Holds are
; enabled in the [Catalog] section of config.ini in order to take advantage of these
; settings. Additional notes about some of these settings are available in the wiki:
Expand Down
71 changes: 55 additions & 16 deletions module/VuFind/src/VuFind/ILS/Driver/KohaRest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,13 @@ class KohaRest extends \VuFind\ILS\Driver\AbstractBase implements
*/
protected $sessionCache;

/**
* Validate passwords
*
* @var bool
*/
protected $dontValidatePasswords = false;

/**
* Default pickup location
*
Expand Down Expand Up @@ -269,6 +276,9 @@ public function init()
}
}

$this->dontValidatePasswords
= !empty($this->config['Catalog']['dontValidatePasswords']);

$this->defaultPickUpLocation
= $this->config['Holds']['defaultPickUpLocation'] ?? '';
if ($this->defaultPickUpLocation === 'user-selected') {
Expand Down Expand Up @@ -551,18 +561,48 @@ public function findReserves($course, $inst, $dept)
*/
public function patronLogin($username, $password)
{
if (empty($username) || empty($password)) {
if (empty($username)) {
return null;
}

$result = $this->makeRequest(
[
'path' => 'v1/contrib/kohasuomi/auth/patrons/validation',
'json' => ['userid' => $username, 'password' => $password],
'method' => 'POST',
'errors' => true,
]
);
if ($this->dontValidatePasswords) {
$result = $this->makeRequest(
[
'path' => 'v1/patrons',
'query' => [
'userid' => $username,
'_match' => 'exact',
],
'method' => 'GET',
'errors' => true,
]
);

if (isset($result['data'][0])) {
$data = $result['data'][0];
} else {
return null;
}
} else {
if (empty($password)) {
return null;
}

$result = $this->makeRequest(
[
'path' => 'v1/contrib/kohasuomi/auth/patrons/validation',
'json' => ['userid' => $username, 'password' => $password],
'method' => 'POST',
'errors' => true,
]
);

if (isset($result['data'])) {
$data = $result['data'];
} else {
return null;
}
}

if (401 === $result['code'] || 403 === $result['code']) {
return null;
Expand All @@ -571,17 +611,16 @@ public function patronLogin($username, $password)
throw new ILSException('Problem with Koha REST API.');
}

$result = $result['data'];
return [
'id' => $result['patron_id'],
'firstname' => $result['firstname'],
'lastname' => $result['surname'],
'id' => $data['patron_id'],
'firstname' => $data['firstname'],
'lastname' => $data['surname'],
'cat_username' => $username,
'cat_password' => $password,
'email' => $result['email'],
'cat_password' => (string)$password,
'email' => $data['email'],
'major' => null,
'college' => null,
'home_library' => $result['library_id'],
'home_library' => $data['library_id'],
];
}

Expand Down

0 comments on commit 840293a

Please sign in to comment.