Mark,
I'm working on something similar, and the remote user authentication
is fairly simple.
I'll snip what I've got from my Codeigniter Model in regards to
logging in,
which is using a Curl library found here:
http://codeigniter.com/wiki/File:curl-library-1-1.zip
$username = 'user';
$password = md5('password');
$host = 'http://evergreen.lib.in.us/gateway';
$post = 'method=open-ils.auth.authenticate.init&service=open-
ils.auth¶m="' . $username . '"';
$response = json_decode($this->curl->post($host, $post,
array(CURLOPT_HTTPHEADER => array("Content-Type: text/xml"))));
//print_r($response);
$seed = $response->payload[0]; // init seed sent to us by evergreen
$md5_password = md5( $seed . $password);
// let's login now.
$login_param = json_encode(array('password'=>$md5_password,
'type'=>'opac', 'org'=>null,'username'=>$username));
$post = 'method=open-ils.auth.authenticate.complete&service=open-
ils.auth¶m=' . $login_param;
$response = json_decode($this->curl->post($host, $post,
array(CURLOPT_HTTPHEADER => array("Content-Type: text/xml"))));
$authtoken = $response->payload[0]->payload->authtoken;
Niles Ingalls
UNIX & Web Administrator
Hussey-Mayfield Memorial Public Library
250 N. Fifth Street
P.O. Box 840
Zionsville, IN. 46077
Phone 317-873-3149 x13280
Fax 317-873-8339
"Confidence is what you have before you understand the problem." -
Woody Allen
On Feb 20, 2009, at 11:38 AM, Mark Jordan wrote:
Hi,
I've looked through most of the docs and can't find any mention of
an API to authenticate users against their credentials in Evergreen.
Is there such an API (preferably a web-servicy one)? I saw the
dicussion in the list archives from last May about writing a Perl
script to pull up patron info via OpenSRF, but that's about all I've
come across.
I'm writing a Drupal module that will use "drivers" to authenticate
against whatever external auth source will respond, focusing for now
on library-oriented sources like ILSs since there are already Drupal
modules for LDAP, Shib, Pubcookie, etc. Each driver is a small PHP
file that simply returns TRUE or FALSE, and optimially an email
address, for a user who logs into Drupal. (It also allows you to
modify the login form programmatically but that's independent of the
authentication.) If the account is not an existing local Drupal
account, the request is routed to the driver (configured by the site
admin) and an account is either created or logged in if the driver
returns TRUE after talkikg to the external auth source. If the
driver returns FALSE, the user is told the standard Drupal
"unrecognized username or password".
I've got a working driver for Innovative (wich has a RESTful patron
API) and a sample/generic SQL driver. I've figured out enough about
Evergreen's actor.usr table to authenticate using it (well, it will
work in Drupal 7 since in Drupal 6 you can't switch between MySQL
and Postgres nicely), but if there's a more API-oriented way to
query for users, I'd rather use that. I've looked for a PHP library
for OpenSRF but didn't find any.
Mark
Mark Jordan
Head of Library Systems
W.A.C. Bennett Library, Simon Fraser University
Burnaby, British Columbia, V5A 1S6, Canada
Voice: 778.782.5753 / Fax: 778.782.3023
[email protected]
