pkp / shibboleth Goto Github PK
View Code? Open in Web Editor NEWShibboleth support for OJS/OMP 3.x
License: GNU General Public License v2.0
Shibboleth support for OJS/OMP 3.x
License: GNU General Public License v2.0
Seems to be named locale
with no extension as usual locale.xml
. If it wrong my appreciation, please forget this comment.
See the error that happens under OJS 3.3.0
PHP Fatal error: Declaration of ShibbolethSettingsForm::fetch($request) must be compatible with Form::fetch($request, $template = null, $display = false) in /var/www/html/plugins/generic/shibboleth/ShibbolethSettingsForm.inc.php on line 98
Clicking the enable tickbox brings the message "The plugin "Shibboleth Authentication Plugin" has been enabled." to the screen, but the checkbox isn't checked afterwards and can't be disabled.
shibboleth/pages/ShibbolethHandler.inc.php
Line 543 in 5306b9e
Hi everyone,
even though the required status of the LastName field was removed from the SettingsForm, the ShibbolethHandler still treats the LastName as a required property and causes the registration to fail.
Version
OJS: 3.3.0.13
Shibboleth plugin: latest, installed from plugin gallery
shibboleth/pages/ShibbolethHandler.inc.php
Line 555 in 5306b9e
In short: the assignment of the email as username will cause the registration to fail, as the character limit for usernames is 32 and only alphanumeric characters are allowed.
Steps to reproduce the issue:
Register a new user by using the Shibboleth Institutional Sign-In.
I confirmed this by assigning a username that fits the criteria $user->setUsername("testuser123");
With this setting the registration works.
Detailed description:
can be found in the PKP forum: https://forum.pkp.sfu.ca/t/fatal-error-on-shibboleth-registration/76215
Hi, I have an 3.3.0.10 installation of OJS, recently i add this plugin but i can't configure it because it shows me a Failed Ajax request or invalid JSON returned.
The log said:
PHP Fatal error: Declaration of ShibbolethSettingsForm::fetch($request) must be compatible with Form::fetch($request, $template = null, $display = false) in /openjs/ojs/plugins/generic/shibboleth/ShibbolethSettingsForm.inc.php on line 98
Could you help me, please??
I have a Redhat 8.7 with apache 2.4.37 and PHP 8.0
Thanks in advance...
The plugin settings should not take effect until it is configured. Currently, if the plugin is enabled, but unconfigured, the system triggers an HTTP redirect loop.
shibboleth/ShibbolethAuthPlugin.inc.php
Lines 51 to 57 in 3e59e58
Upon a successful login with Shibboleth, and if the user does not already exist, a new user is created. Among other things, the user's first name and last name are set (with setFirstName
and setLastName
respectively). However, since pkp-lib's 32d50e1a846d8c9493ec6a1f24661aa0b28371d7 commit, these 2 functions are gone and replaced by (presumably) setGivenName
and setFamilyName
in the Identity data object. This results in a PHP Fatal error: Uncaught Error: Call to undefined method User::setFirstName()
. Would switching setFirstName
and setLastName
for setGivenName
and setFamilyName
respectively in ShibbolethHandler.inc.php suffice as a fix?
The plugin doesn't work under OJS 3.3 due to minor issues.
The local "Forgot Password" option redirects to the Shibboleth Sign-In instead of providing the user with a form to reset their password.
Proposed solution:
replace the functions leading to that behaviour with the corresponding functions from the LoginHandler, so that a new password is sent to the user via e-mail.
See Draft-PR #23
Settings should be denoted as required or optional:
shibboleth/templates/settingsForm.tpl
Lines 25 to 33 in 3e59e58
Note that surname/family-name should not be required, in favor of only requiring given name:
shibboleth/pages/ShibbolethHandler.inc.php
Lines 537 to 545 in 3e59e58
Context
We have a use case where graduate student workers serve as site admins. We periodically need to add and remove them as site admins using the Shibboleth form setting. We've run into problems disabling these graduate student workers after they graduate and seem to be unable to de-escalate their privileges through the Shibboleth plugin form.
Issue
I believe the issue is caused because the student worker needs to login after we have removed them from the admin list to trigger their removal from the admin group here. Typically this maintenance happens after students have graduated and it isn't practical/possible to have them login again.
Steps to Reproduce
Proposed solution
Trigger an admin group update for each person in shibbolethAdminUins
upon saving the plugin settings form.
Version
OJS: 3.3.0.6
Shibboleth plugin: latest
The user-facing label and description settings should be multilingual:
shibboleth/templates/settingsForm.tpl
Lines 40 to 43 in 3e59e58
This will require changes to:
We're running a test where OJS is behind an Apache reverse proxy and when authenticating with Shibboleth we use the RequestHeader set HEADER value
directive to set the appropriate headers which are later read in the plugin as:
$uinHeader = $this->_plugin->getSetting(
$this->_contextId,
'shibbolethHeaderUin'
);
...
$_SERVER[$uinHeader]
The problem is that the headers we set are not available in $_SERVER
. However, they are available in the Apache-specific getallheaders
.
To overcome the problem we've added this snippet to ShibbolethHandler.inc.php
at the beginning of shibLogin
:
// If we are using Apache let's try and get all the headers and combine
// them in $_SERVER.
if (function_exists("getallheaders")) {
$_SERVER = array_merge(getallheaders(), $_SERVER);
}
Do you think that would be reasonable to add to the plugin? Do you have any other suggestions? Thanks!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.