Skip to content
This repository has been archived by the owner on Sep 19, 2022. It is now read-only.

Commit

Permalink
UES is now updated asynchronously
Browse files Browse the repository at this point in the history
  • Loading branch information
@vyskocilpavel
vyskocilpavel committed Jan 5, 2020
1 parent b88f3c4 commit bc3ec33
Show file tree
Hide file tree
Showing 3 changed files with 109 additions and 71 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
All notable changes to this project will be documented in this file.

## [Unreleased]
#### Changed
- UserExtSources are now updated asynchronously

## [v3.6.0]
#### Added
Expand Down
86 changes: 15 additions & 71 deletions lib/Auth/Process/UpdateUserExtSource.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,23 +2,25 @@

namespace SimpleSAML\Module\perun\Auth\Process;

use SimpleSAML\Auth\ProcessingFilter;
use SimpleSAML\Module\perun\Adapter;
use SimpleSAML\Error\Exception;
use SimpleSAML\Logger;
use SimpleSAML\Module;
use SimpleSAML\Module\perun\UpdateUESThread;

/**
* Class sspmod_perun_Auth_Process_UpdateUserExtSource
*
* This filter updates userExtSource attributes when he logs in.
*
* @author Dominik Baránek <[email protected]>
* @author Pavel Vyskočil <[email protected]>
*/
class UpdateUserExtSource extends \SimpleSAML\Auth\ProcessingFilter
class UpdateUserExtSource extends ProcessingFilter
{
private $attrMap;
private $attrsToConversion;
private $adapter;
const UES_ATTR_NMS = 'urn:perun:ues:attribute-def:def:';

public function __construct($config, $reserved)
{
Expand All @@ -39,77 +41,19 @@ public function __construct($config, $reserved)
}

$this->attrMap = (array)$config['attrMap'];
$this->adapter = Adapter::getInstance(Adapter::RPC);
}

public function process(&$request)
{
assert(is_array($request));
try {
$userExtSource = $this->adapter->getUserExtSource(
$request['Attributes']['sourceIdPEntityID'][0],
$request['Attributes']['sourceIdPEppn'][0]
);
if ($userExtSource === null) {
throw new Exception(
'sspmod_perun_Auth_Process_UpdateUserExtSource: there is no UserExtSource with ExtSource ' .
$request['Attributes']['sourceIdPEntityID'][0] . " and Login " .
$request['Attributes']['sourceIdPEppn'][0]
);
}

$attributes = $this->adapter->getUserExtSourceAttributes($userExtSource['id'], array_keys($this->attrMap));

if ($attributes === null) {
throw new Exception(
'sspmod_perun_Auth_Process_UpdateUserExtSource: getting attributes was not successful.'
);
}

$attributesToUpdate = [];
foreach ($attributes as $attribute) {
$attrName = self::UES_ATTR_NMS . $attribute['friendlyName'];
if (isset($this->attrMap[$attrName]) && isset($request['Attributes'][$this->attrMap[$attrName]])) {
$attr = $request['Attributes'][$this->attrMap[$attrName]];

if (in_array(self::UES_ATTR_NMS . $attribute['friendlyName'], $this->attrsToConversion)) {
$arrayAsString = [''];
foreach ($attr as $value) {
$arrayAsString[0] .= $value . ';';
}
if (!empty($arrayAsString[0])) {
$arrayAsString[0] = substr($arrayAsString[0], 0, -1);
}
$attr = $arrayAsString;
}

if (strpos($attribute['type'], 'String') ||
strpos($attribute['type'], 'Integer') ||
strpos($attribute['type'], 'Boolean')) {
$valueFromIdP = $attr[0];
} elseif (strpos($attribute['type'], 'Array') || strpos($attribute['type'], 'Map')) {
$valueFromIdP = $attr;
} else {
throw new Exception(
'sspmod_perun_Auth_Process_UpdateUserExtSource: unsupported type of attribute.'
);
}
if ($valueFromIdP !== $attribute['value']) {
$attribute['value'] = $valueFromIdP;
array_push($attributesToUpdate, $attribute);
}
}
}

if (!empty($attributesToUpdate)) {
$this->adapter->setUserExtSourceAttributes($userExtSource['id'], $attributesToUpdate);
}
$this->adapter->updateUserExtSourceLastAccess($userExtSource['id']);
} catch (\Exception $ex) {
Logger::warning(
'sspmod_perun_Auth_Process_UpdateUserExtSource: update was not successful: ' .
$ex->getMessage() . ' Skip to next filter.'
);
}
$data = [
'attributes' => $request['Attributes'],
'attrMap' => $this->attrMap,
'attrsToConversion' => $this->attrsToConversion,
'perunUserId' => $request['perun']['user']->getId()
];

$cmd = 'curl -X POST -H "Content-Type: application/json" -d \'' . json_encode($data) . '\' ' .
Module::getModuleURL('perun/updateUes.php') . ' > /dev/null &';
exec($cmd);
}
}
92 changes: 92 additions & 0 deletions www/updateUes.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
<?php

/**
* Script for updating UES in separate thread
*
* @author Pavel Vyskočil <[email protected]>
*/

use SimpleSAML\Logger;
use SimpleSAML\Module\perun\Adapter;

$adapter = Adapter::getInstance(Adapter::RPC);

$entityBody = file_get_contents('php://input');
$body = json_decode($entityBody, true);

$attributes = $body['attributes'];
$attrMap = $body['attrMap'];
$attrsToConversion = $body['attrsToConversion'];
$perunUserId = $body['perunUserId'];

const UES_ATTR_NMS = 'urn:perun:ues:attribute-def:def:';

try {
$userExtSource = $adapter->getUserExtSource(
$attributes['sourceIdPEntityID'][0],
$attributes['sourceIdPEppn'][0]
);
if ($userExtSource === null) {
throw new Exception(
'sspmod_perun_Auth_Process_UpdateUserExtSource: there is no UserExtSource with ExtSource ' .
$attributes['sourceIdPEntityID'][0] . " and Login " .
$attributes['sourceIdPEppn'][0]
);
}

$attributes = $adapter->getUserExtSourceAttributes($userExtSource['id'], array_keys($attrMap));

if ($attributes === null) {
throw new Exception(
'sspmod_perun_Auth_Process_UpdateUserExtSource: getting attributes was not successful.'
);
}

$attributesToUpdate = [];
foreach ($attributes as $attribute) {
$attrName = UES_ATTR_NMS . $attribute['friendlyName'];
if (isset($attrMap[$attrName], $attributes[$attrMap[$attrName]])) {
$attr = $attributes[$attrMap[$attrName]];

if (in_array(UES_ATTR_NMS . $attribute['friendlyName'], $attrsToConversion)) {
$arrayAsString = [''];
foreach ($attr as $value) {
$arrayAsString[0] .= $value . ';';
}
if (!empty($arrayAsString[0])) {
$arrayAsString[0] = substr($arrayAsString[0], 0, -1);
}
$attr = $arrayAsString;
}

if (strpos($attribute['type'], 'String') ||
strpos($attribute['type'], 'Integer') ||
strpos($attribute['type'], 'Boolean')) {
$valueFromIdP = $attr[0];
} elseif (strpos($attribute['type'], 'Array') || strpos($attribute['type'], 'Map')) {
$valueFromIdP = $attr;
} else {
throw new Exception(
'sspmod_perun_updateUes: unsupported type of attribute.'
);
}
if ($valueFromIdP !== $attribute['value']) {
$attribute['value'] = $valueFromIdP;
array_push($attributesToUpdate, $attribute);
}
}
}

if (!empty($attributesToUpdate)) {
$adapter->setUserExtSourceAttributes($userExtSource['id'], $attributesToUpdate);
}

$adapter->updateUserExtSourceLastAccess($userExtSource['id']);

Logger::debug('sspmod_perun_updateUes - Updating UES for user with userId: ' . $perunUserId . ' was successful.');
} catch (\Exception $ex) {
Logger::warning(
'sspmod_perun_updateUes: Updating UES for user with userId: ' . $perunUserId . ' was not successful: ' .
$ex->getMessage()
);
}

0 comments on commit bc3ec33

Please sign in to comment.