@ -94,68 +94,145 @@ call @phone. Note: if you are a student taking online courses only, please emai
}
/**
* Lookup the user in Evergreen and verify the surname matches .
* Authenticate against Evergreen and return an auth token .
*
* @param string $campus_id
* The user's campus ID / barcode.
* @param string $base_url
* The base Evergreen URL.
* @param string $username
* The Evergreen staff username.
* @param string $password
* The Evergreen staff password.
*
* @return string|null
* The auth token, or NULL on failure.
*/
function upei_roblib_ill_evergreen_login($base_url, $username, $password) {
$gateway_url = rtrim($base_url, '/') . '/osrf-gateway-v1';
$client = \Drupal::httpClient();
// Step 1: Get the seed/nonce for the username.
$seed_response = $client->get($gateway_url, [
'timeout' => 10,
'query' => [
'service' => 'open-ils.auth',
'method' => 'open-ils.auth.authenticate.init',
'param' => '"' . $username . '"',
],
]);
$seed_data = json_decode((string) $seed_response->getBody(), TRUE);
$seed = $seed_data['payload'][0] ?? NULL;
if (empty($seed)) {
\Drupal::logger('upei_roblib_ill')->error('Evergreen auth init failed: no seed returned.');
return NULL;
}
// Step 2: Authenticate with the hashed password.
$hashed_password = md5($seed . md5($password));
$auth_response = $client->get($gateway_url, [
'timeout' => 10,
'query' => [
'service' => 'open-ils.auth',
'method' => 'open-ils.auth.authenticate.complete',
'param' => json_encode([
'username' => $username,
'password' => $hashed_password,
'type' => 'staff',
]),
],
]);
$auth_data = json_decode((string) $auth_response->getBody(), TRUE);
$auth_result = $auth_data['payload'][0] ?? NULL;
if (empty($auth_result) || ($auth_result['ilsevent'] ?? -1) != 0) {
$text_code = $auth_result['textcode'] ?? 'unknown';
\Drupal::logger('upei_roblib_ill')->error('Evergreen auth failed: @code', [
'@code' => $text_code,
]);
return NULL;
}
return $auth_result['payload']['authtoken'] ?? NULL;
}
/**
* Lookup the user in Evergreen via the REST API and verify the surname matches.
*
* Authenticates with Evergreen using staff credentials, then retrieves the
* patron by user ID and compares the family_name field against the provided
* surname.
*
* @param string $user_id
* The Evergreen user ID.
* @param string $surname
* The surname to check against.
*
* @return bool
* TRUE if the surname matches, FALSE otherwise.
*/
function upei_roblib_ill_authenticate($campus_id, $surname): bool
function upei_roblib_ill_authenticate($user _id, $surname): bool
{
if (empty($campus_id) || empty($surname)) {
if (empty($user _id) || empty($surname)) {
return FALSE;
}
$config = \Drupal::config('upei_roblib_ill.settings');
$evergreen_api_url = $config->get('evergreen_api_url');
if (empty($evergreen_api_url)) {
\Drupal::logger('upei_roblib_ill')->error('Evergreen API URL is not configured.');
$eg_username = $config->get('evergreen_username');
$eg_password = $config->get('evergreen_password');
if (empty($evergreen_api_url) || empty($eg_username) || empty($eg_password)) {
\Drupal::logger('upei_roblib_ill')->error('Evergreen API URL or credentials are not configured.');
return FALSE;
}
// Construct the PatronAPI dump URL.
// Format: {evergreen_api_url}/api/patronapi/{campus_id}/dump
$url = rtrim($evergreen_api_url, '/') . '/api/patronapi/' . urlencode($campus_id) . '/dump';
try {
$response = \Drupal::httpClient()->get($url, [
// Authenticate to get an auth token.
$auth_token = upei_roblib_ill_evergreen_login($evergreen_api_url, $eg_username, $eg_password);
if (empty($auth_token)) {
return FALSE;
}
// Retrieve the patron by user ID using the auth token.
$gateway_url = rtrim($evergreen_api_url, '/') . '/osrf-gateway-v1';
$response = \Drupal::httpClient()->get($gateway_url, [
'timeout' => 10,
'query' => [
'service' => 'open-ils.actor',
'method' => 'open-ils.actor.user.retrieve',
'param' => ['"' . $auth_token . '"', '"' . $user_id . '"'],
],
]);
$data = (string)$response->getBody();
$data = json_decode( (string) $response->getBody(), TRUE );
// The PatronAPI dump endpoint returns data in a plain text/HTML format
// looking like `PATRN NAME[p]=Smith, John`.
if (preg_match('/PATRN NAME\[p\]=([^\[< ]+)/i', $data, $matches)) {
$patron_name = trim($matches[1]);
$patron = $data['payload'][0] ?? NULL;
if (empty($patron) || isset($patron['ilsevent'])) {
$evt = $patron['textcode'] ?? 'no data';
\Drupal::logger('upei_roblib_ill')->warning('Evergreen REST API returned no patron for user ID @user_id: @evt', [
'@user_id' => $user_id,
'@evt' => $evt,
]);
return FALSE;
}
// Usually "Lastname, Firstname"
$name_parts = explode(',', $patron_name);
if (count($name_parts) > 0) {
$evergreen_surname = trim($name_parts[0]);
$evergreen_surname = $patron['family_name'] ?? '';
// Case-insensitive comparison of the extracted surname and provided surname.
if (strcasecmp($evergreen_surname, trim($surname)) === 0) {
return TRUE;
}
}
// Case-insensitive comparison of the Evergreen surname and provided surname.
if (strcasecmp(trim($evergreen_surname), trim($surname)) === 0) {
return TRUE;
}
// Log failure for debugging.
\Drupal::logger('upei_roblib_ill')->warning('Evergreen authentication failed for @campus_id. Expected surname: @surname', [
'@campus_id' => $campus_id,
\Drupal::logger('upei_roblib_ill')->warning('Evergreen authentication failed for user ID @user_id. Expected surname: @surname, got: @evergreen_surname', [
'@user_id' => $user_id,
'@surname' => $surname,
'@evergreen_surname' => $evergreen_surname,
]);
return FALSE;
}
catch (\Exception $e) {
\Drupal::logger('upei_roblib_ill')->error('Failed to connect to Evergreen API: @message', [
\Drupal::logger('upei_roblib_ill')->error('Failed to connect to Evergreen REST API: @message', [
'@message' => $e->getMessage(),
]);
return FALSE;
