Software Development

WordPress CAS plugin adventures

I am building some SFU websites using WordPress and I need to set them up to use the SFU central authentication service (CAS). A quick search on Google found this plugin:
cas-authentication

I downloaded and installed it without trouble, but couldn’t seem to get it working. Likely it has something to do with the fact that it was written for WordPress 2.5.1, and I’m using the latest (2.6.1). The errors I was getting were unhelpful, basically just stating that the CAS authentication failed and that I was not logged in. I tried in vain to debug the script for an hour or so.

Then I came across a thread in a WordPress message forum indicating that I was not the only one having these problems. Through this thread, I was able to find another CAS plugin (written by Casey Bisson) that claimed to work with WordPress 2.6.1 – and the claims were true.

The plugin can be found at http://wordpress.org/extend/plugins/wpcas/

(Note to self: SFU uses CAS 1.0; not 2.0).

The only thing that this new plugin lacked was the ability to automatically create accounts when users log in. I made the following change to the wpcas.php file to add this behavior.


function authenticate() {
		global $wpcas_options, $cas_configured;

		if ( !$cas_configured )
			die( __( 'wpCAS plugin not configured', 'wpcas' ));

		if( phpCAS::isAuthenticated() ){
			// CAS was successful
			if ( $user = get_userdatabylogin( phpCAS::getUser())){ // user already exists
				// the CAS user has a WP account
				wp_set_auth_cookie( $user->ID );
				if( isset( $_REQUEST['redirect_to'] ))
					wp_redirect( function_exists( 'site_url' )  ? site_url( $_REQUEST['redirect_to'] ) : $_REQUEST['redirect_to'] );
				wp_redirect( function_exists( 'site_url' )  ? site_url( '/wp-admin/' ) : '/wp-admin/' );
			}else{
				// the CAS user _does_not_have_ a WP account

/**  BEGIN CHANGES TO ADD AUTO ACCOUNT CREATION **/
				if (function_exists( 'wpcas_nowpuser' ))
					wpcas_nowpuser( phpCAS::getUser() );
				else
					{
					// auto-registration is enabled
					require(dirname(__FILE__).'/../../../wp-includes/registration.php');
				  // User is not in the WordPress database
				  // they passed CAS and so are authorized
				  // add them to the database
				  $username = phpCAS::getUser();
     			  $password = md5('testing');
				  $user_email = '';
				  if ($cas_authentication_opt['email_suffix'] != '')
					$user_email = $username . '@sfu.ca';
				  
				  $user_info = array();
				  $user_info['user_login'] = $username;
				  $user_info['user_pass'] = $password;
				  $user_info['user_email'] = $user_email;
				  $res = wp_insert_user($user_info);
				  
				  $user = get_userdatabylogin( phpCAS::getUser());
				  
				  wp_set_auth_cookie( $user->ID );
				  if( isset( $_REQUEST['redirect_to'] ))
				  	wp_redirect( function_exists( 'site_url' )  ? site_url( $_REQUEST['redirect_to'] ) : $_REQUEST['redirect_to'] );
				  wp_redirect( function_exists( 'site_url' )  ? site_url( '/wp-admin/' ) : '/wp-admin/' );
				}			//	die( __( 'you do not have permission here', 'wpcas' ));
			}
/** END CHANGES TO ADD AUTO ACCOUNT CREATION **/		
			
		}else{
			// hey, authenticate
			phpCAS::forceAuthentication();
			die();
		}
	}

Now it works like a charm.

comments powered by Disqus