From 3eb4e6920daa5da441f06f4894ea9cdad72de6d7 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Mon, 11 Jan 2010 11:03:34 -0800
Subject: [PATCH 1/2] Implement Ldap_User::groups() to match K24 APIs.

---
 modules/ldap/libraries/drivers/IdentityProvider/Ldap.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
index c3eb1dd1..69440199 100644
--- a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
+++ b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php
@@ -239,9 +239,6 @@ class Ldap_User implements User_Definition {
     case "id":
       return $this->ldap_entry["uidnumber"][0];
 
-    case "groups":
-      return IdentityProvider_Ldap_Driver::groups_for($this);
-
     case "locale":  // @todo
       return null;
 
@@ -266,6 +263,10 @@ class Ldap_User implements User_Definition {
     }
   }
 
+  public function groups() {
+      return IdentityProvider_Ldap_Driver::groups_for($this);
+  }
+
   public function avatar_url($size=80, $default=null) {
     return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
                    md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");

From 60238ddfad5d444fa06f0476a5715d1e3b125992 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Mon, 11 Jan 2010 11:05:49 -0800
Subject: [PATCH 2/2] Rudimentary Single sign-on module

---
 modules/sso/helpers/sso_event.php | 32 +++++++++++++++++++++++++++++++
 modules/sso/module.info           |  3 +++
 2 files changed, 35 insertions(+)
 create mode 100644 modules/sso/helpers/sso_event.php
 create mode 100644 modules/sso/module.info

diff --git a/modules/sso/helpers/sso_event.php b/modules/sso/helpers/sso_event.php
new file mode 100644
index 00000000..67d81a7e
--- /dev/null
+++ b/modules/sso/helpers/sso_event.php
@@ -0,0 +1,32 @@
+<?php defined("SYSPATH") or die("No direct script access.");/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class sso_event {
+  static function gallery_ready() {
+    $sso_username = Input::instance()->server("REMOTE_USER");
+    $user = Session::instance()->get("user");
+    if (empty($user) || $user->name != $sso_username) {
+      try {
+        identity::set_active_user(identity::lookup_user_by_name($sso_username));
+      } catch (Exception $e) {
+        Kohana_Log::add("error", "Couldn't authenticate as $sso_username: " .
+                        $e->getMessage() . "\n" . $e->getTraceAsString());
+      }
+    }
+  }
+}
diff --git a/modules/sso/module.info b/modules/sso/module.info
new file mode 100644
index 00000000..53e235a8
--- /dev/null
+++ b/modules/sso/module.info
@@ -0,0 +1,3 @@
+name = "SSO"
+description = "Support single-signon authentication"
+version = 1