Example of custom authentication provider with SampleAuth

General discussion about MantisBT Plugins

Moderators: Developer, Contributor

Post Reply
tasso85
Posts: 1
Joined: 29 Apr 2019, 11:15

Example of custom authentication provider with SampleAuth

Post by tasso85 »

Hi everyone,

I wanted to ask if there is a "working example" of how to implement a custom authentication flow in mantis.

I have checked the SampleAuth plugin on github, but found it hasn't a complete example.

What I would like to implement in mantis is the following flow:
- check username against another database (that is, not mantis own database)
- if user exists, check password against that other database
- if check ok, and user not already in local mantis database, create it with no password and assign role derived from user role on other database
- finally, set the needed session values and let user proceed

Is there any example of a similar flow, or more generically of a custom one not involving LDAP or OpenID/OAuth, just a different (maybe remote) database?
Starbuck
Posts: 219
Joined: 14 Feb 2006, 02:53
Location: USA
Contact:

Re: Example of custom authentication provider with SampleAuth

Post by Starbuck »

The approach I would take with this is to look into the Mantis code to see how it determines whether a user is logged in, and what it does when a user is not. Then: Is there a hook there for alternative behavior?
If so, look to see what a hooked event handler needs to accept and return.
If not, see what the hard-coded login routine does to return a value that then leads the user back to the original page. Look to see how to fire an event at that point. Insert an event handler that will avoid other default code when your code has provided all required data.
Submit your event hook as a Github PR for addition into the core.
Then when a future version of Mantis is published, it will automatically call your code to do exactly what you want.

Any help as a high-level guide?
If you want Mantis to work differently, use or create a plugin. Visit the Plugins forums.
Ask developers to create a plugin that you need - and motivate them to help you!
MrMaker
Posts: 3
Joined: 01 Jul 2019, 23:04

Re: Example of custom authentication provider with SampleAuth

Post by MrMaker »

I had a go at making a custom authentication provider using Server provided auth (REMOTE_USER) - the concept is similar to what you are asking for from the mantis point of view, except I skip the login page (which you will not want to do), and check server environment variables instead of an external database (this bit is probably useful for you to study, as the mantis side of what I'm doing will be the same).

You can check it here: https://github.com/make-all/ServerAuth

It is forked from the SampleAuth app, so you should be able to check diffs for some idea of what might need changing for your case compared with the original SampleAuth code.
MrMaker
Posts: 3
Joined: 01 Jul 2019, 23:04

Re: Example of custom authentication provider with SampleAuth

Post by MrMaker »

I think all the logic for your authentication needs to go into auth_user_flags() in SampleAuth.php.

You can take the user creation from my ServerAuth.php auto_login() function, but move it to where the TODO comment is in auth_user_flags():

Code: Select all

    	$t_user_id = empty($t_username) ? false : user_get_id_by_name( $t_username );
	if ( !$t_user_id ) {
		if (!empty(t_username) && plugin_config_get('autocreate_users')) {
			$t_email = /* READ YOUR EMAIL FROM THE DATABASE HERE, OR OTHERWISE GENERATE THE EMAILS FROM THE USERNAME IF THERE IS A STANDARD FORMAT WITHIN YOUR ORG */;
			$t_realname = /* READ YOUR REALNAME FROM YOUR DATABASE HERE, OR USE USERNAME IF YOU DON'T HAVE ONE */;
			user_create($t_username, auth_generate_random_password(), $t_email, auth_signup_access_level(), false, true, $t_realname);
		}
		return;
	}	
mylinuxguy
Posts: 1
Joined: 13 Oct 2019, 12:22

Re: Example of custom authentication provider with SampleAuth

Post by mylinuxguy »

Has anyone ever figured out an answer to the original post:

What I would like to implement in mantis is the following flow:
- check username against another database (that is, not mantis own database)
- if user exists, check password against that other database
- if check ok, and user not already in local mantis database, create it with no password and assign role derived from user role on other database
- finally, set the needed session values and let user proceed


I need the exact things setup... I've looked at a few different SampleAuth packages but nothing fits the bill. I can get accounts to automatically be created with: user_create() but I can't get the auto-login stuff to work and I still end up using the password assigned when user_create() is called and not pull from an external db. Once the account is created... I just don't want to test against the password in the mantis db but a password in an external db.


- jack
Post Reply