phpBB

Development Wiki

Difference between revisions of "Authentication providers"

From phpBB Development Wiki

(auth/provider/class.php)
(Moved to new docs)
 
Line 1: Line 1:
phpBB3.1 supports external authentication plugins that may be used in place of the built-in authentication providers. Only one provider may currently be active at a time and the active one is chosen from the ACP.
+
This documentation has been moved.
  
== Creating an Authentication Provider ==
+
[https://area51.phpbb.com/docs/dev/31x/extensions/tutorial_authentication.html#authentication-providers phpBB Development Documentation: Authentication Providers].
 
+
An authentication provider that comes with phpBB requires a minimum of two files: a class and an entry in phpBB/config/auth.yml file. Authentication providers that are part of an extension instead of requiring an entry in phpBB/config/auth_providers.yml must provide their own yaml file defining the service in addition to all normal requirements of an extension.
+
 
+
Following is an example using a mock plugin, authext, by an author imkingdavid.
+
 
+
=== auth/provider/class.php ===
+
 
+
The provider class must implement the phpbb_auth_provider_interface in order to insure proper functionality. However, it is recommended to extend phpbb_auth_provider_base so as to not implement unneeded methods and to ensure that the provider will not break due to an update to the interface. An example authentication provider class is show below.
+
<php>
+
<?php
+
/**
+
*
+
* @package auth
+
* @copyright (c) 2013 phpBB Group
+
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+
*
+
*/
+
 
+
/**
+
* @ignore
+
*/
+
if (!defined('IN_PHPBB'))
+
{
+
exit;
+
}
+
 
+
/**
+
* Database authentication provider for phpBB3
+
*
+
* This is for authentication via the integrated user table
+
*
+
* @package auth
+
*/
+
class phpbb_ext_imkingdavid_authext_auth_provider_db2 implements phpbb_auth_provider_base
+
{
+
 
+
/**
+
* Database Authentication Constructor
+
*
+
* @param \phpbb\db\driver\driver_interface $db
+
*/
+
public function __construct(\phpbb\db\driver\driver_interface $db)
+
{
+
$this->db = $db;
+
}
+
 
+
/**
+
* {@inheritdoc}
+
*/
+
public function login($username, $password)
+
{
+
// Auth plugins get the password untrimmed.
+
// For compatibility we trim() here.
+
$password = trim($password);
+
 
+
// do not allow empty password
+
if (!$password)
+
{
+
return array(
+
'status' => LOGIN_ERROR_PASSWORD,
+
'error_msg' => 'NO_PASSWORD_SUPPLIED',
+
'user_row' => array('user_id' => ANONYMOUS),
+
);
+
}
+
 
+
if (!$username)
+
{
+
return array(
+
'status' => LOGIN_ERROR_USERNAME,
+
'error_msg' => 'LOGIN_ERROR_USERNAME',
+
'user_row' => array('user_id' => ANONYMOUS),
+
);
+
}
+
 
+
$username_clean = utf8_clean_string($username);
+
 
+
$sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts
+
FROM ' . USERS_TABLE . "
+
WHERE username_clean = '" . $this->db->sql_escape($username_clean) . "'";
+
$result = $this->db->sql_query($sql);
+
$row = $this->db->sql_fetchrow($result);
+
$this->db->sql_freeresult($result);
+
 
+
// Successful login... set user_login_attempts to zero...
+
return array(
+
'status' => LOGIN_SUCCESS,
+
'error_msg' => false,
+
'user_row' => $row,
+
);
+
}
+
}
+
</php>
+
 
+
=== config/services.yml ===
+
 
+
This file is required for proper [[Dependency_Injection_Container|dependency injection]]. The arguments are the arguments of the provider's constructor and may be empty if no arguments are necessary. The provider must be tagged with { name: auth.provider } in order for the class to be made available in phpBB.
+
 
+
<pre>
+
services:
+
    auth.provider.db2:
+
        class: phpbb_ext_imkingdavid_authext_auth_provider_db2
+
        arguments:
+
            - @dbal.conn
+
        tags:
+
            - { name: auth.provider }
+
</pre>
+
 
+
Once the auth.yml file has been expanded, don't forget to purge the cache from the Administration Control Panel. This will recreate the cache and redetermine the authentication methods available in the ACP.
+
 
+
=== auth provider config form ===
+
 
+
Following the above steps renders the authentication provider visible in the ACP. However, to allow an admin to configure your plugin the available fields need to be created in order to reach the configuration from the php-auth-provider plugin. This interface is configured in HTML format in adm/style/auth_provider_<providername>.html
+
 
+
For example the below sample based on existing LDAP terms used to configure an HTTPS server:
+
 
+
<php>
+
<fieldset id="auth_test_settings">
+
<legend>{TEST}</legend>
+
<dl>
+
<dt><label for="https_server">{TEST_SERVER}{L_COLON}</label><br /><span>{TEST_SERVER_EXPLAIN}</span></dt>
+
<dd><input type="text" id="https_server" size="40" name="config[https_server]" value="{AUTH_HTTPS_SERVER}" /></dd>
+
</dl>
+
</fieldset>
+
</php>
+
 
+
This value can then be retrieved from <provider>.php file like this:
+
 
+
<php>
+
$domain = $this->config['https_server'];
+
</php>
+
 
+
[[Category:API]]
+

Latest revision as of 18:28, 5 December 2016

This documentation has been moved.

phpBB Development Documentation: Authentication Providers.