Extension:PluggableAuth

The PluggableAuth extension provides a framework for creating authentication and authorization extensions. PluggableAuth provides the shared code necessary to implement these extensions. PluggableAuth is especially useful for use with enterprise authentication servers accessed through layered mechanisms such as OpenID Connect or SimpleSAMLphp. Authentication extensions subclass the abstract  class. Because wiki sysops may wish to limit access to a subset of all authenticated users, PluggableAuth provides an authorization hook, PluggableAuthUserAuthorization.

Configuration parameters
The class specified by  must implement the following functions:


 * Called to authenticate the user.
 * The parameters are used to return the user id, username, real name, and email address of the authenticated user.
 * must be set to  if the user is new, in which case   will add the user to the database.
 * Must return true if the user has been authenticated and false otherwise.


 * Called after a new user has been authenticated and added to the database to add any additional information to the database required by the authentication mechanism.


 * Called when the user logs out to notify the identity provider, if necessary, that cleanup such as removing the user's session should be done.

Authorization hooks use the PluggableAuthUserAuthorization hook to register an implementation of the following function:


 * is the User object for the user requesting authorization
 * must be set to true if the user is authorized and false otherwise.
 * Return true to call other authorization hook implementations and false to skip them.

Version 1.1

 * Added call to logout when session times out to ensure that the deauthenticate function in implementing classes gets called

Version 1.0

 * Initial version