Friday, May 16, 2014

Accept both username and email address as login identity in simplesamlphp

By default, simplesamlphp only allow you to login by username. But, you hack the source code to make simplesamlphp accept both username and email address as login identity. The solution is pretty simple:

+ just take the input username and check if
-- it is an email than split the string, get only the username part
-- it is not an email, than use the input string


# nano /path/to/simplesamlphp/modules/core/www/loginuserpass.php


...
function get_username($un) {
        if (strpos($un,'@') !== false) {
                $un = strstr($un, '@', true);
        }
        return $un;
}


if (array_key_exists('username', $_REQUEST)) {
        $username = get_username($_REQUEST['username']);
} elseif ($source->getRememberUsernameEnabled() && array_key_exists($source->getAuthId() . '-username', $_COOKIE)) {
        $username = $_COOKIE[$source->getAuthId() . '-username'];
} elseif (isset($state['core:username'])) {
        $username = (string)$state['core:username'];
} else {
        $username = '';
}
...

Notes: This does not validate the email address so the user will be able to login to the system using whatever the email address she inputed as long as the username part is correct.