Commit a28b36e6 authored by Cecilia Vela Gurovic's avatar Cecilia Vela Gurovic Committed by Gerrit Code Review

Merge "Bug 1855327: Adding custom table to record SAML logins attributes"

parents 447416fa f27d2d79
......@@ -130,6 +130,15 @@ class AuthSaml extends Auth {
public function request_user_authorise($attributes) {
global $USER, $SESSION;
$this->must_be_ready();
/**
* Save the SAML attributes to "usr_login_attributes" to help with debugging
* Note: This should not be left on full time
*/
if (get_config('saml_log_attributes')) {
$jsonattributes = json_encode($attributes);
$sla_id = insert_record('usr_login_saml', (object) array('ctime' => db_format_timestamp(time()),
'data' => $jsonattributes), 'id', true);
}
if (empty($attributes) or !array_key_exists($this->config['user_attribute'], $attributes)
or !array_key_exists($this->config['institutionattribute'], $attributes)) {
......@@ -313,6 +322,13 @@ class AuthSaml extends Auth {
}
$user->commit();
/**
* Save the SAML attributes to "usr_login_attributes" to help with debugging
* Note: This should not be left on full time
*/
if (get_config('saml_log_attributes') && $sla_id) {
set_field('usr_login_saml', 'usr', $user->get('id'), 'id', $sla_id);
}
/*******************************************/
......
......@@ -775,6 +775,14 @@ $cfg->sessionhandler = 'file';
}';
*/
/**
* Log SAML attributes
* To help diagnose authentication issues between Mahara and the IdP it is useful to see what attributes are being sent
* so we log what was sent to the usr_login_saml table when this flag is set to true.
* Note: This should be switched off once problems are diagnosed / fixed and the table cleared
*/
$cfg->saml_log_attributes = false;
/**
* @global array $cfg->externalfilesystem
* A configuration data for an external file system
......
......@@ -1410,5 +1410,16 @@
<KEY NAME="blockfk" TYPE="foreign" FIELDS="block" REFTABLE="block_instance" REFFIELDS="id" />
</KEYS>
</TABLE>
<TABLE NAME="usr_login_saml">
<FIELDS>
<FIELD NAME="id" TYPE="int" LENGTH="10" NOTNULL="true" SEQUENCE="true" />
<FIELD NAME="usr" TYPE="int" LENGTH="10" NOTNULL="false" />
<FIELD NAME="data" TYPE="text" LENGTH="big" NOTNULL="true" />
<FIELD NAME="ctime" TYPE="datetime" NOTNULL="true" />
</FIELDS>
<KEYS>
<KEY NAME="primary" TYPE="primary" FIELDS="id" />
</KEYS>
</TABLE>
</TABLES>
</XMLDB>
......@@ -1563,5 +1563,17 @@ function xmldb_core_upgrade($oldversion=0) {
change_field_type($table, $field, true, true);
}
if ($oldversion < 2019120600) {
// Save the SAML attributes in a db table when debugging
log_debug('Create "usr_login_saml" table');
$table = new XMLDBTable('usr_login_saml');
$table->addFieldInfo('id', XMLDB_TYPE_INTEGER, 10, null, XMLDB_NOTNULL, XMLDB_SEQUENCE);
$table->addFieldInfo('usr', XMLDB_TYPE_INTEGER, 10);
$table->addFieldInfo('data', XMLDB_TYPE_TEXT, 'big', null, XMLDB_NOTNULL);
$table->addFieldInfo('ctime', XMLDB_TYPE_DATETIME, null, null, XMLDB_NOTNULL);
$table->addKeyInfo('primary', XMLDB_KEY_PRIMARY, array('id'));
create_table($table);
}
return $status;
}
......@@ -16,7 +16,7 @@ $config = new stdClass();
// See https://wiki.mahara.org/wiki/Developer_Area/Version_Numbering_Policy
// For upgrades on stable branches, increment the version by one. On master, use the date.
$config->version = 2019111500;
$config->version = 2019120600;
$config->series = '20.04';
$config->release = '20.04dev';
$config->minupgradefrom = 2017031605;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment