-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathopenid_connect.api.php
91 lines (83 loc) · 2.41 KB
/
openid_connect.api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
/**
* @file
* Hooks provided by the OpenID Connect module.
*/
/**
* @addtogroup hooks
* @{
*/
/**
* Pre authorize hook that runs before a user is authorized.
*
* @param array $tokens
* ID token and access token that we received as a result of the OpenID
* Connect flow.
* @param object $account
* The user account if it exists, false if not.
* @param array $userinfo
* The user claims returned by the OpenID Connect provider.
* @param string $client_name
* The machine name of the OpenID Connect client plugin.
*
* @return bool
* TRUE if user should be logged into Drupal. FALSE if not.
*/
function hook_openid_connect_pre_authorize(array $tokens, $account, array $userinfo, $client_name) {
$allowed_users = array('user1@example.com', 'user2@example.com');
// Allow only specific users to log in.
if (in_array($userinfo['email'], $allowed_users)) {
return TRUE;
}
// Block all others.
return FALSE;
}
/**
* Perform an action after a successful authorization.
*
* @param array $tokens
* ID token and access token that we received as a result of the OpenID
* Connect flow.
* @param object $account
* The user account that has just been logged in.
* @param array $userinfo
* The user claims returned by the OpenID Connect provider.
* @param string $client_name
* The machine name of the OpenID Connect client plugin.
* @param bool $is_new
* Whether the account has just been created via OpenID Connect.
*/
function hook_openid_connect_post_authorize(array $tokens, $account, array $userinfo, $client_name, $is_new) {
drupal_set_message($is_new ? t('Welcome!') : t('Welcome back!'));
}
/**
* Alter the list of possible scopes and claims.
*
* @param array &$claims
* Array of claims to be altered.
*
* @see openid_connect_claims
*/
function hook_openid_connect_claims_alter(array &$claims) {
$claims['my_custom_claim'] = array(
'scope' => 'profile',
);
}
/**
* Alter the username for a new account created via OpenID Connect.
*
* @param string $name
* The new username.
* @param array $userinfo
* The user claims returned by the OpenID Connect provider.
* @param string $client_name
* The machine name of the OpenID Connect client plugin.
*/
function hook_openid_connect_new_username_alter(&$name, array $userinfo, $client_name) {
if ($client_name === 'my-service') {
$name = $userinfo['user-name'];
}
}
/**
* @} End of "addtogroup hooks".
*/