<?php
	/**
	 * Elgg UNL CAS authentication
	 * 
	 * @package cas_auth_unl
	 * @license BSD http://www1.unl.edu/wdn/wiki/Software_License
	 * @author University of Nebraska-Lincoln
	 * @copyright 2010 Regents of the University of Nebraska 
	 * @link http://www.unl.edu/
	 */

	global $CONFIG;
        require_once $CONFIG->url.'mod/cas_auth_unl/peoplefinder/include.php';
        // http://code.google.com/p/simplecas/
        require_once $CONFIG->url.'mod/cas_auth_unl/SimpleCAS/Autoload.php';
        require_once $CONFIG->url.'mod/cas_auth_unl/HTTP/Request2.php';
	

 
	function cas_auth_unl_init() { 
		 
	}
	
 
	register_action("getemail",true,$CONFIG->pluginspath."cas_auth_unl/views/default/actions/getemail.php");
	register_action("login",false,$CONFIG->pluginspath."cas_auth_unl/actions/login.php"); 
	register_action("logout",false,$CONFIG->pluginspath."cas_auth_unl/actions/logout.php"); 
	
	// Fire up the plugin initialization using the elgg handler
	register_elgg_event_handler('init','system','cas_auth_unl_init');
	
	 
	
	// Set up login page, this creates the url /pg/login to be used as our login page
	register_page_handler('login', 'login_page_handler');
	
	function login_page_handler($page) {
		// If we're not logged in, display the login page
		if (!isloggedin()) {
			page_draw(elgg_echo('login'), elgg_view("account/forms/login"));
		// Otherwise, forward to the index page
		} else {
			forward();
		}
	}
	

	
	
	
	
class elggSimpleCas {	
	
	var $client;  
	var $casInitialized = false;
	
	function __construct() {   
		if (!$this->casInitialized) {
			// Elgg blows away $_GET at some point which SimpleCAS tries to use so we will reset it
			if ($ticket = get_input('ticket')) {
				$_GET['ticket'] = $ticket;
			}
			// Setup CAS
			$config = find_plugin_settings('cas_auth_unl');
			$options = array('hostname' => $config->casurl,
                			 'port'     => $config->casport,
                			 'uri'      => $config->casuri);
			$protocol = new SimpleCAS_Protocol_Version2($options);
			$request = $protocol->getRequest();
			// SSL doesn't work right on login.unl.edu
	        $defaultClass = SimpleCAS_Protocol::DEFAULT_REQUEST_CLASS;
	        if ($request instanceof $defaultClass) {
	            $protocol->getRequest()->setConfig('ssl_verify_peer', false);
	        }
	        // Create Our Client
			$this->client = SimpleCAS::client($protocol); 
			$this->casInitialized = true;
		}
		return true;
	} 
	
	public function forceCas() {
		$this->client->forceAuthentication();
		return true;
	}
	 
	public function checkCas() {	 
		if ($this->client->isAuthenticated())
			return true;
		else 
			return false;
	} 
	
	public function getUserCas() {
		return $this->client->getUsername();
	}
 
	public function logoutCas() { 
		$this->client->logout();
		return true;
	}
 
	public function casAuthenticate($username){ 
		if (empty($username))
			return false;

		// we're making this copy for use in the peoplefinderservices call later
		// we dont want to call peoplefinderservices here since we dont need to every time a SSO user logs in
		$casusername = $username;
		
		//We're going to make every UNL SSO user have an elgg profile name as such: unl_erasmussen2
		//and not allow friends of unl who register via elgg to pick names that begin with "unl_"
		//This way, we won't have to deal with the case where someone registers erasmussen2 on elgg, then
		//the real erasmussen2 signs in for the first time with UNL SSO and is logged in as the elgg user erasmussen2
		//rather then having a new account created.									
		$username = 'unl_' . $username;
		//Replace the hyphen in a student's name with an underscore
		$username = str_replace('-','_',$username);

		if ($user = get_user_by_username($username)) {
			// User exists, return the user object        	        
			return $user;
		} else {
			// Valid login but user doesn't exist
			$pf_user_info = peoplefinderServices($casusername);

			$name  = $pf_user_info->cn;

 			if (isset($_REQUEST['email'])) {
				$email = $_REQUEST['email'];
			} else {	
				if($pf_user_info->mail)
					forward($CONFIG->url . 'mod/cas_auth/views/default/account/getemail.php?e=' . $pf_user_info->mail);
				else
					forward($CONFIG->url . 'mod/cas_auth/views/default/account/getemail.php');
			}
				
			try {
				if ($user_guid = register_user($username, generate_random_cleartext_password(), $name, $email, false, 0, '', true)) {
					$thisuser = get_user($user_guid);
					
					//pre-populate profile fields with data from Peoplefinder Services
					$address = $pf_user_info->formatPostalAddress();
					$thisuser->profile_country = 'USA';
					$thisuser->profile_state = $address['region'];
					$thisuser->profile_city = $address['locality'];
					if($address['locality'] == 'Omaha') {
						$thisuser->longitude = -95.9;
						$thisuser->latitude = 41.25;
					} else { //this is going to cover Lincoln and everyone else
						$thisuser->longitude = -96.7;
						$thisuser->latitude = 40.82;
					}
						 
					return $thisuser;
				} else {
					register_error(elgg_echo("registerbad"));
				}
			} catch (RegistrationException $r) {
				register_error($r->getMessage());
			}
		}
 	}

 	
}
?>