From f71e897072712bf6c82ea12ab608f21f905818b0 Mon Sep 17 00:00:00 2001
From: Eric Rasmussen <erasmussen2@unl.edu>
Date: Wed, 27 Jan 2010 22:55:58 +0000
Subject: [PATCH] work on getemail page that appears during first time CAS sign
 in.  changes include: moving files arround into the correct elgg structure,
 adding tokens to the action calls

---
 plugins/cas_auth_unl/actions/getemail.php | 37 +++++++++++++++++++++++
 plugins/cas_auth_unl/actions/login.php    |  4 ++-
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 plugins/cas_auth_unl/actions/getemail.php

diff --git a/plugins/cas_auth_unl/actions/getemail.php b/plugins/cas_auth_unl/actions/getemail.php
new file mode 100644
index 00000000..1455f3af
--- /dev/null
+++ b/plugins/cas_auth_unl/actions/getemail.php
@@ -0,0 +1,37 @@
+<?php
+
+	/**
+	 * Elgg UNL SSO get email registration action
+	 * 
+	 * @package Elgg
+	 * @subpackage Core
+	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+	 * @author Curverider Ltd
+	 * @copyright Curverider Ltd 2008-2009
+	 * @link http://elgg.org/
+	 */
+ 
+	global $CONFIG;
+	
+	action_gatekeeper();
+ 
+	$email = get_input('email');
+	$email = sanitise_string($email);
+
+	if (is_email_address($email)) {
+		if (!get_user_by_email($email)) {
+			$ts = time();
+			$token = generate_action_token($ts); 
+			forward($CONFIG->url.'action/login?usecas=yes&email='.$email.'&__elgg_ts='.$ts.'&__elgg_token='.$token);
+		} else {
+			register_error(elgg_echo("Sorry, that email has already been registered.  Please try again."));
+		}
+	} else {
+		register_error(elgg_echo("Sorry, that is not a complete email address.  Please try again."));
+	}
+		
+ 
+	
+	forward($CONFIG->url . 'pg/getemail?e=' . urlencode($email));
+
+?>
\ No newline at end of file
diff --git a/plugins/cas_auth_unl/actions/login.php b/plugins/cas_auth_unl/actions/login.php
index dbb1ecbf..eb933b96 100644
--- a/plugins/cas_auth_unl/actions/login.php
+++ b/plugins/cas_auth_unl/actions/login.php
@@ -21,6 +21,8 @@
         $password = get_input("password");
         $persistent = get_input("persistent", false);
         $usecas = get_input('usecas'); 
+        //this is available once they have given their email
+        $email = get_input('email');
         
     // 1. Do the regular elgg login if username and password are set 
     	$result = false;          
@@ -41,7 +43,7 @@
         		$casObject->forceCas();
 			} else {
 				$cas_user = $casObject->getUserCas();
-				if ($user = $casObject->casAuthenticate($cas_user)) {
+				if ($user = $casObject->casAuthenticate($cas_user,$email)) {
 					$result = login($user);
 					if ($result)
 						$_SESSION['loggedInWithCas'] = true;
-- 
GitLab