fix username display

cleaned up mess
joshp23 · Nov 25, 2019 · 7875f5d · 7875f5d
1 parent c976ddf
commit 7875f5d
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 27 deletions.
diff --git a/README.md b/README.md
@@ -5,7 +5,7 @@ This plugin enables authentication against a generic OpenID Connect server in YO
 
 ### Features
 - Respects YOURLS auth flow
-- Respects YOURLS hard-coded logins
+- Respects YOURLS hard-coded logins, if desired
 - Can link OpenID Connect accounts to existing YOURLS accounts
 - Sets user to `sub`, sets display name to `preferred_username`
 - Single Sign Out: signing out of YOURLS signs off OIDC server.
@@ -21,8 +21,9 @@ This plugin enables authentication against a generic OpenID Connect server in YO
 1. Download this repo and extract the `oidc` folder into `YOURLS/user/plugins/`
 2. `cd` to the directory you just created
 3. Run `composer install` in that directory to fetch the OIDC library
-4. Configure the plugin (see below)
-5. Enable in Admin
+4. Define OIDC server parameters (see below)
+5. Optionally map OIDC `user_id` hash to local user names. To use YOURLS native auth as backup, map to existing YOURLS users (ie, fallback admin option)
+6. Enable in Admin
 
 Configuration
 -------------
@@ -32,15 +33,15 @@ Config: `user/config.php` file.
 define( 'OIDC_BASE_URL', 'https://keycloak.example.com/auth/realms/master/' );
 define( 'OIDC_CLIENT_NAME', 'YOURLS' );
 define( 'OIDC_CLIENT_SECRET', 'YOUR-SUPER-SECRET-HASH' );
-// identity mapping (optional)
+// identity mapping ( optional )
 $oidc_profiles = array( 
 	'YOURLS_UNAME' => 'sub attribute from OIDC provider',
 );
 ```
 ### In Development
 - Tight integration with AuthMgrPlus
 	- Group and attribute assignment
-- User panel in admin for linking accounts with the push of a button
+- User panel in admin for linking to existing accounts with the push of a button
 
 ### Support Dev
 All of my published code is developed and maintained in spare time, if you would like to support development of this, or any of my published code, I have set up a Liberpay account for just this purpose. Thank you.

diff --git a/oidc/plugin.php b/oidc/plugin.php
@@ -3,7 +3,7 @@
 Plugin Name: oidc
 Plugin URI: https://github.com/joshp23/YOURLS-OIDC
 Description: Enables OpenID Connect user authentication
-Version: 0.1.0
+Version: 0.2.0
 Author: Josh Panter
 Author URI: https://unfettered.net
 */
@@ -30,39 +30,22 @@ function oidc_auth($valid) {
 		if ($user_id) {	
 			$valid = true;
 			$id = $user_id;
-			$display_name = $pref_name;
-			$valid = true;
 			global $yourls_user_passwords;
 			global $oidc_profiles;
-			foreach( $oidc_profiles as $linked_user => $linked_hash) {
-				if( $user_id == $linked_hash ) {
-					foreach( $yourls_user_passwords as $yourls_user => $password) {
-						if( $linked_user == $yourls_user ) {
-							$id = $display_name = $yourls_user;
-							break;
-						}
-					}
-				}
+			foreach( $oidc_profiles as $local_user => $local_hash) {
+				if( $user_id == $local_hash )
+					$id = $local_user;
 			}
+			$valid = true;
 			yourls_set_user($id);
-			setcookie('yourls_'.yourls_salt('OIDC_DISPLAY_NAME') ,$display_name );
 		}
 	}
 	// return appropriate validation status
 	return $valid;
 }
-yourls_add_filter( 'logout_link', 'oidc_logout_link' );
-function oidc_logout_link( $data ) {
-	if( isset($_COOKIE['yourls_'.yourls_salt('OIDC_DISPLAY_NAME')]) ) {
-		$name = $_COOKIE['yourls_'.yourls_salt('OIDC_DISPLAY_NAME')];
-		$data = sprintf( yourls__('Hello <strong>%s</strong>'), $name ) . ' (<a href="' . yourls_admin_url() . '?action=logout" title="' . yourls_esc_attr__( 'Logout' ) . '">' . yourls__( 'Logout' ) . '</a>)' ;
-	}
-	return $data;
-}
 
 yourls_add_action( 'logout', 'oidc_logout' );
 function oidc_logout() {
-	setcookie('yourls_'.yourls_salt('OIDC_DISPLAY_NAME') ,'', time() - 3600);
 	yourls_store_cookie( null );
 	global $oidc;
 	$oidc->signOut( null, YOURLS_SITE );