diff --git a/library/ZendAfi/View/Helper/DigitalResource/Dashboard.php b/library/ZendAfi/View/Helper/DigitalResource/Dashboard.php
index ea27273ff02dfe671d9a635d41e05b118761128e..5b25390f18c179183aecbcae41c285a9801bce83 100644
--- a/library/ZendAfi/View/Helper/DigitalResource/Dashboard.php
+++ b/library/ZendAfi/View/Helper/DigitalResource/Dashboard.php
@@ -240,6 +240,18 @@ class ZendAfi_View_Helper_DigitalResource_Dashboard extends ZendAfi_View_Helper_
$user->getLogin()))
. $this->view->tagAnchor($url, $url, ['target' => '_blank']);
+ if(!$this->_config->getSsoValidateUrl()) {
+ $html [] = $this->_tag('p', $this->_('Cette ressource ne prend pas en charge la validation du ticket de connexion SSO'), ['class' => 'error']) ;
+ }
+
+ if($this->_config->getSsoValidateUrl()) {
+ $url = $this->_config->validateUrlFor($user);
+ $html [] = $this->_tag('h4', $this->_('URL de validation du ticket de connexion générée pour l\'utilisateur "%s"',
+ $user->getLogin()))
+ . $this->view->tagAnchor($url, $url, ['target' => '_blank']);
+ }
+
+
if(!$album = Class_Album::findFirstby(['type_doc_id' => $this->_config->getDocType()]))
return implode($html);
diff --git a/library/digital_resources/StoryPlayR/Config.php b/library/digital_resources/StoryPlayR/Config.php
index 975654cef0102639a12f79d2e29be8959e5c599c..9362f3e1b50e0fb9728d73db0101d37df25ad026 100644
--- a/library/digital_resources/StoryPlayR/Config.php
+++ b/library/digital_resources/StoryPlayR/Config.php
@@ -26,8 +26,9 @@ class StoryPlayR_Config extends Class_DigitalResource_Config {
'AdminVars' => ['SSO_URL' => Class_AdminVar_Meta::newDefault($this->_('URL SSO de la plateforme StoryPlay*r'))
->bePrivate()],
'PermissionLabel' => $this->_('Bibliothèque numérique: accéder aux albums StoryPlay*r'),
+
'SsoAction' => true,
- 'Harvesting' => true,
+ 'SsoValidateUrl' => true,
'HelpLink' => 'http://wiki.bokeh-library-portal.org/index.php/StoryPlayR',
'Url' => 'https://www.storyplayr.com/',
@@ -41,7 +42,17 @@ class StoryPlayR_Config extends Class_DigitalResource_Config {
public function getSsoUrl($user) {
- return $this->getAdminVar('SSO_URL');
+ return $this->getAdminVar('SSO_URL') . '?' . http_build_query(['userid' => $user->getLogin(),
+ 'mediathequeid' => (new Class_AdminVar_BUID)->getValue(),
+ 'sessionid' => (new Class_CasTicket())->getTicketForUser($user)]);
+ }
+
+
+ public function validateUrlFor($user) {
+ return Class_Url::absolute(['module' => $this->getModuleName(),
+ 'controller' => 'auth',
+ 'action' => 'validate'], null, true)
+ . '?' . http_build_query(['sessionid' => (new Class_CasTicket())->getTicketForUser($user)]);
}
diff --git a/library/digital_resources/StoryPlayR/controllers/AuthController.php b/library/digital_resources/StoryPlayR/controllers/AuthController.php
new file mode 100644
index 0000000000000000000000000000000000000000..1cf7d865d53774ac6bdf96c76897666326bd21e6
--- /dev/null
+++ b/library/digital_resources/StoryPlayR/controllers/AuthController.php
@@ -0,0 +1,46 @@
+<?php
+/**
+ * Copyright (c) 2012-2017, Agence Française Informatique (AFI). All rights reserved.
+ *
+ * BOKEH is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
+ * the Free Software Foundation.
+ *
+ * There are special exceptions to the terms and conditions of the AGPL as it
+ * is applied to this software (see README file).
+ *
+ * BOKEH is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * along with BOKEH; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+class StoryPlayR_Plugin_AuthController extends Class_DigitalResource_Controller {
+ public function validateAction() {
+ $response = $this->_isValid($this->_getParam('sessionid', null))
+ ? ['success' => 1]
+ : ['success' => 0,
+ 'message' => $this->_('Le jeton d\'accès est périmé')];
+
+ $this->_helper->json($response);
+ }
+
+
+ protected function _isValid($ticket) {
+ xdebug_break();
+ if(!$this->_config->isEnabled())
+ return;
+
+ if(!$ticket)
+ return;
+
+ if(!$user = (new Class_CasTicket())->userForTicket($ticket))
+ return;
+
+ return $this->_config->hasRightAccess($user);
+ }
+}
\ No newline at end of file
diff --git a/library/digital_resources/StoryPlayR/tests/StoryPlayRTest.php b/library/digital_resources/StoryPlayR/tests/StoryPlayRTest.php
index 80eb4ba44024126cc05716d1d5065759cc87d02c..51db87bbb820093fea1c961e6a0dd7a00c158e8a 100644
--- a/library/digital_resources/StoryPlayR/tests/StoryPlayRTest.php
+++ b/library/digital_resources/StoryPlayR/tests/StoryPlayRTest.php
@@ -19,45 +19,54 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
-
-class StoryPlayRSsoTest extends AbstractControllerTestCase {
- protected $_storm_default_to_volatile = true;
-
+class StoryPlayRActivatedTestCase extends AbstractControllerTestCase {
+ protected
+ $_storm_default_to_volatile = true,
+ $_user;
public function setUp() {
parent::setUp();
-
- Class_AdminVar::set('StoryPlayR_SSO_URL', 'https://www.storyplayr.com/');
+ Class_AdminVar::set('StoryPlayR_SSO_URL', 'https://www.storyplayr.com/api/assa/login');
+ Class_AdminVar::set('BUID', 123456);
$group = $this->fixture('Class_UserGroup',
- ['id' => 1]);
+ ['id' => 1,
+ 'libelle' => 'Digital resources']);
- $user = $this->fixture('Class_Users',
- ['id' => 1,
- 'login' => 'Tom',
- 'password' => 'pwd'])
- ->setUserGroups([$group]);
+ $this->_user = $this->fixture('Class_Users',
+ ['id' => 1,
+ 'login' => 'Tom',
+ 'password' => 'pwd'])
+ ->setUserGroups([$group]);
$this->fixture('Class_Permission',
['id' => 1,
'code' => 'StoryPlayR'])
->permitTo($group, new Class_Entity());
+ }
+}
+
- ZendAfi_Auth::getInstance()->logUser($user);
+
+class StoryPlayRSsoTest extends StoryPlayRActivatedTestCase {
+
+ public function setUp() {
+ parent::setUp();
+ ZendAfi_Auth::getInstance()->logUser($this->_user);
$this->dispatch('/opac/modules/story-play-r', true);
}
/** @test */
public function shouldRedirectToStoryPlayer() {
- $this->assertXPathContentContains('//script' , 'document.location.href="https://www.storyplayr.com/";', $this->_response->getBody());
+ $this->assertXPathContentContains('//script' , 'document.location.href="https://www.storyplayr.com/api/assa/login?userid=Tom&mediathequeid=123456&sessionid=ST-', $this->_response->getBody());
}
}
-class StoryPlayRDashboardTest extends Admin_AbstractControllerTestCase {
+class StoryPlayRDashboardUnactivatedTest extends Admin_AbstractControllerTestCase {
protected $_storm_default_to_volatile = true;
@@ -68,7 +77,7 @@ class StoryPlayRDashboardTest extends Admin_AbstractControllerTestCase {
/** @test */
- public function shouldDisplayActivated() {
+ public function shouldDisplayDeactivated() {
$this->assertXPathContentContains('//button', 'Désactivé');
}
@@ -77,4 +86,60 @@ class StoryPlayRDashboardTest extends Admin_AbstractControllerTestCase {
public function ssoUrlShoudlBeDisplay() {
$this->assertXPathContentContains('//table', 'StoryPlayR_SSO_URL');
}
+}
+
+
+
+
+class StoryPlayRDashboardActivatedTest extends StoryPlayRActivatedTestCase {
+ protected $_storm_default_to_volatile = true;
+
+
+ public function setUp() {
+ parent::setUp();
+
+ ZendAfi_Auth::getInstance()->logUser($this->fixture('Class_Users',
+ ['id' => 2,
+ 'login' => 'admin',
+ 'password' => 'admin',
+ 'role_level' => ZendAfi_Acl_AdminControllerRoles::SUPER_ADMIN]));
+ $this->dispatch('/StoryPlayR_Plugin', true);
+ }
+
+
+ /** @test */
+ public function shouldDisplayActivated() {
+ $this->assertXPathContentContains('//button', 'Activé');
+ }
+
+
+ /** @test */
+ public function testSsoValidateUrlMessageShoudlBeDisplay() {
+ $this->assertXPathContentContains('//h4', 'URL de validation du ticket de connexion générée pour l\'utilisateur "StoryPlayR_test_user"');
+ }
+
+
+ /** @test */
+ public function testSsoValidateUrlShoudlBeDisplay() {
+ $this->assertXPathContentContains('//a', '/StoryPlayR_Plugin/auth/validate?sessionid=ST-');
+ }
+}
+
+
+
+
+class StoryPlayRAuthValidateTest extends StoryPlayRActivatedTestCase {
+ protected $_storm_default_to_volatile = true;
+
+ public function setUp() {
+ parent::setUp();
+ $ticket = (new Class_CasTicket())->getTicketForUser($this->_user);
+ $this->dispatch('/StoryPlayR_Plugin/auth/validate?sessionid=' . $ticket, true);
+ }
+
+
+ /** @test */
+ public function shouldReturnSuccessInJson() {
+ $this->assertEquals(json_encode(['success' => 1]), $this->_response->getBody());
+ }
}
\ No newline at end of file