From e88084651af146db2fb5c18aa006cfb11db430e2 Mon Sep 17 00:00:00 2001
From: Joachim Vandersmissen <git@joachimvandersmissen.com>
Date: Sun, 23 Dec 2018 17:43:50 +0100
Subject: [PATCH 1/6] 1.2.0 initial commit

---
 extension.json                         |  5 ++++-
 i18n/en.json                           |  7 +++++++
 i18n/nl.json                           |  7 +++++++
 includes/ShibbolethSessionProvider.php |  6 +++---
 includes/SpecialShibbolethLogin.php    | 28 +++++++++++++++++++++-----
 5 files changed, 44 insertions(+), 9 deletions(-)
 create mode 100644 i18n/en.json
 create mode 100644 i18n/nl.json

diff --git a/extension.json b/extension.json
index d9d9f54..c2a92f4 100644
--- a/extension.json
+++ b/extension.json
@@ -3,7 +3,7 @@
 	"author": "ULYSSIS VZW, by Joachim Vandersmissen",
 	"url": "https://ulyssis.org/",
 	"description": "This extension replaces the vanilla login mechanics with a KU Leuven Shibboleth login",
-	"version": "1.1.0",
+	"version": "1.2.0",
 	"license-name": "GPL-2.0+",
 	"type": "other",
 	"Hooks": {
@@ -26,6 +26,9 @@
 			"args": []
 		}
 	},
+	"MessagesDirs": {
+		"MediaWikiShibboleth": ["i18n"]
+	},
 	"config": {
 		"MWSStudentsOnly": false,
 		"MWSAllowedKULids": "",
diff --git a/i18n/en.json b/i18n/en.json
new file mode 100644
index 0000000..1c3dc4e
--- /dev/null
+++ b/i18n/en.json
@@ -0,0 +1,7 @@
+{
+	"mediawikishibboleth-login": "Click on the image to log in:",
+	"mediawikishibboleth-password-login": "Password Login",
+	"mediawikishibboleth-students-only": "Only students are allowed to sign in!",
+	"mediawikishibboleth-forbidden-student": "You are not allowed to sign in: your student number is not allowed by the website administrator!",
+	"mediawikishibboleth-forbidden-degree": "You are not allowed to sign in: you are not enrolled in any of the programmes allowing access to this website!"
+}
diff --git a/i18n/nl.json b/i18n/nl.json
new file mode 100644
index 0000000..9c5c9de
--- /dev/null
+++ b/i18n/nl.json
@@ -0,0 +1,7 @@
+{
+	"mediawikishibboleth-login": "Klik op de afbeelding om aan te melden:",
+	"mediawikishibboleth-password-login": "Aanmelden met wachtwoord",
+	"mediawikishibboleth-students-only": "Alleen studenten kunnen zich aanmelden!",
+	"mediawikishibboleth-forbidden-student": "U mag u niet aanmelden: uw studentennummer is niet toegestaan door de website administrator!",
+	"mediawikishibboleth-forbidden-degree": "U mag u niet aanmelden: u volgt geen van de opleidingen die toegang geven tot deze website!"
+}
diff --git a/includes/ShibbolethSessionProvider.php b/includes/ShibbolethSessionProvider.php
index bc3e81b..ddbdde1 100644
--- a/includes/ShibbolethSessionProvider.php
+++ b/includes/ShibbolethSessionProvider.php
@@ -48,10 +48,10 @@ public function provideSessionInfo(WebRequest $request) {
 
 			if (!$user->getId()) {
 				$user = User::createNew($kulid, [
-                                	"email" => $shib->single_email(),
-                                	"real_name" => $shib->fullname(),
+					"email" => $shib->single_email(),
+					"real_name" => $shib->fullname(),
 					"email_authenticated" => wfTimestamp(TS_MW) + 100
-                        	]);
+					]);
 				$user->addGroup("Shibboleth");
 			}
 
diff --git a/includes/SpecialShibbolethLogin.php b/includes/SpecialShibbolethLogin.php
index c2ccc5f..a0ea625 100644
--- a/includes/SpecialShibbolethLogin.php
+++ b/includes/SpecialShibbolethLogin.php
@@ -5,13 +5,31 @@ function __construct() {
 		parent::__construct("ShibbolethLogin");
 	}
 
+	function errorBox($message) {
+		$errorMessage = wfMessage($message)->parse();
+		return '<table cellspacing="0" cellpadding="0" border="0" style="background: transparent; margin-top:0.5em;border:1px #b32424 solid;padding:0.5em;background-color: #fee7e6"><tr><td><b>' . $errorMessage . '</b></td></tr></table></p>';
+	}
+
+	function image($shib) {
+		$ret = $_SERVER['PHP_SELF'];
+		if ($_GET['returnto']) {
+			$ret .= '?title=' . $_GET['returnto'];
+		}
+		$clickMessage = wfMessage('mediawikishibboleth-login')->parse();
+		return '<p>' . $clickMessage . '</p><a href="' . $shib->login_link($ret) . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a>';
+	}
+
+	function password_login($formHtml) {
+		$passwordLogin = wfMessage('mediawikishibboleth-password-login')->parse();
+		return '<a href="#" onclick="if(document.getElementById(\'spr\').style.display==\'none\'){document.getElementById(\'spr\').style.display=\'\';document.getElementById(\'spra\').innerHTML=\'' . $passwordLogin . ' &#9660;\'}else{document.getElementById(\'spr\').style.display=\'none\';document.getElementById(\'spra\').innerHTML=\'' . $passwordLogin . ' &#9654;\'}"><p id="spra">' . $passwordLogin . ' &#9654;</p></a><div id="spr" style="display:none">' . $formHtml . '</div>';
+	}
+
 	function getPageHtml($formHtml) {
 		$shib = new bKULshib();
-
 		if ($shib->check_login()) {
 			global $wgMWSStudentsOnly;
 			if ($wgMWSStudentsOnly && (!$shib->is_student() || $shib->is_employee())) {
-				return '<table cellspacing="0" cellpadding="0" border="0" style="background: transparent; margin-top:0.5em;border:1px #b32424 solid;padding:0.5em;background-color: #fee7e6"><tr><td><b>Only students are allowed to access this site!</b></td></tr></table></p><p>Click on image to log in:</p><a href="' . $shib->login_link() . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a><a href="#" onclick="if(document.getElementById(\'spr\').style.display==\'none\'){document.getElementById(\'spr\').style.display=\'\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9660;\'}else{document.getElementById(\'spr\').style.display=\'none\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9654;\'}"><p id="spra">Password Login &#9654;</p></a><div id="spr" style="display:none">' . $formHtml . '</div>';
+				return $this->errorBox('mediawikishibboleth-students-only') . $this->password_login($formHtml);
 			}
 
 			global $wgMWSAllowedKULids;
@@ -24,7 +42,7 @@ function getPageHtml($formHtml) {
 			}
 
 			if (!$found) {
-				return '<table cellspacing="0" cellpadding="0" border="0" style="background: transparent; margin-top:0.5em;border:1px #b32424 solid;padding:0.5em;background-color: #fee7e6"><tr><td><b>You are not allowed to access this site!</b></td></tr></table></p><p>Click on image to log in:</p><a href="' . $shib->login_link() . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a><a href="#" onclick="if(document.getElementById(\'spr\').style.display==\'none\'){document.getElementById(\'spr\').style.display=\'\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9660;\'}else{document.getElementById(\'spr\').style.display=\'none\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9654;\'}"><p id="spra">Password Login &#9654;</p></a><div id="spr" style="display:none">' . $formHtml . '</div>';
+				return $this->errorBox('mediawikishibboleth-forbidden-student') . $this->password_login($formHtml);
 			}
 
 			global $wgMWSAllowedDegrees;
@@ -38,10 +56,10 @@ function getPageHtml($formHtml) {
 			}
 
 			if (!$found) {
-				return '<table cellspacing="0" cellpadding="0" border="0" style="background: transparent; margin-top:0.5em;border:1px #b32424 solid;padding:0.5em;background-color: #fee7e6"><tr><td><b>You are not allowed to access this site!</b></td></tr></table></p><p>Click on image to log in:</p><a href="' . $shib->login_link() . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a><a href="#" onclick="if(document.getElementById(\'spr\').style.display==\'none\'){document.getElementById(\'spr\').style.display=\'\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9660;\'}else{document.getElementById(\'spr\').style.display=\'none\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9654;\'}"><p id="spra">Password Login &#9654;</p></a><div id="spr" style="display:none">' . $formHtml . '</div>';
+				return $this->errorBox('mediawikishibboleth-forbidden-degree') . $this->password_login($formHtml);
 			}
 		}
 
-		return '<p>Click on image to log in:</p><a href="' . $shib->login_link() . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a><a href="#" onclick="if(document.getElementById(\'spr\').style.display==\'none\'){document.getElementById(\'spr\').style.display=\'\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9660;\'}else{document.getElementById(\'spr\').style.display=\'none\';document.getElementById(\'spra\').innerHTML=\'Password Login &#9654;\'}"><p id="spra">Password Login &#9654;</p></a><div id="spr" style="display:none">' . $formHtml . '</div>';
+		return $this->image($shib) . $this->password_login($formHtml);
 	}
 }

From 299d2f6e509cc9a3a308f3e676ed0374bead195a Mon Sep 17 00:00:00 2001
From: Joachim Vandersmissen <git@joachimvandersmissen.com>
Date: Sun, 3 Feb 2019 19:55:09 +0100
Subject: [PATCH 2/6] Moved files for version 1.2.0

---
 MediaWikiShibboleth_body.php           | 25 -------------------------
 extension.json                         | 16 ++++++++--------
 includes/MediaWikiShibboleth.php       | 26 ++++++++++++++++++++++++++
 includes/ShibbolethSessionProvider.php |  5 ++++-
 includes/SpecialShibbolethLogin.php    | 10 +++++-----
 5 files changed, 43 insertions(+), 39 deletions(-)
 delete mode 100644 MediaWikiShibboleth_body.php
 create mode 100644 includes/MediaWikiShibboleth.php

diff --git a/MediaWikiShibboleth_body.php b/MediaWikiShibboleth_body.php
deleted file mode 100644
index 7bf4849..0000000
--- a/MediaWikiShibboleth_body.php
+++ /dev/null
@@ -1,25 +0,0 @@
-<?php
-$wgRevokePermissions['Shibboleth']['editmyprivateinfo'] = true;
-$wgGroupPermissions['*']['createaccount'] = false;
-
-
-class MediaWikiShibboleth {
-	public static function onPersonalUrls(array &$personal_urls, Title $title, SkinTemplate $skin) {
-		unset($personal_urls['createaccount']);
-	}
-
-	public static function onSpecialPage_initList(&$specialPages) {
-		$specialPages['Userlogin'] = "SpecialShibbolethLogin";
-		return true;
-	}
-
-	public static function onUserLogout(&$user) {
-		global $wgOut;
-
-		$shib = new bKULshib();
-		if ($shib->check_login()) {
-			$wgOut->redirect($shib->logout_link());
-		}
-		return true;
-	}
-}
diff --git a/extension.json b/extension.json
index c2a92f4..c01bc2a 100644
--- a/extension.json
+++ b/extension.json
@@ -6,23 +6,23 @@
 	"version": "1.2.0",
 	"license-name": "GPL-2.0+",
 	"type": "other",
+	"AutoloadNamespaces": {
+		"MediaWikiShibboleth\\": "includes/",
+	},
+	"AutoloadClasses": {
+		"bKULshib": "includes/bKULshib.php",
+	},
 	"Hooks": {
 		"PersonalUrls": ["MediaWikiShibboleth::onPersonalUrls"],
 		"SpecialPage_initList": ["MediaWikiShibboleth::onSpecialPage_initList"],
 		"UserLogout": ["MediaWikiShibboleth::onUserLogout"]
 	},
 	"SpecialPages": {
-		"ShibbolethLogin": "SpecialShibbolethLogin"
-	},
-	"AutoloadClasses": {
-		"MediaWikiShibboleth": "MediaWikiShibboleth_body.php",
-		"ShibbolethSessionProvider": "includes/ShibbolethSessionProvider.php",
-		"bKULshib": "includes/bKULshib.php",
-		"SpecialShibbolethLogin": "includes/SpecialShibbolethLogin.php"
+		"ShibbolethLogin": "MediaWikiShibboleth\\SpecialShibbolethLogin"
 	},
 	"SessionProviders": {
 		"ShibbolethSessionProvider": {
-			"class": "ShibbolethSessionProvider",
+			"class": "MediaWikiShibboleth\\ShibbolethSessionProvider",
 			"args": []
 		}
 	},
diff --git a/includes/MediaWikiShibboleth.php b/includes/MediaWikiShibboleth.php
new file mode 100644
index 0000000..1c2c26e
--- /dev/null
+++ b/includes/MediaWikiShibboleth.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace MediaWikiShibboleth;
+
+$wgRevokePermissions['Shibboleth']['editmyprivateinfo'] = true;
+$wgGroupPermissions['*']['createaccount'] = false;
+
+public static function onPersonalUrls(array &$personal_urls, Title $title, SkinTemplate $skin) {
+	unset($personal_urls['createaccount']);
+}
+
+public static function onSpecialPage_initList(&$specialPages) {
+	$specialPages['Userlogin'] = "SpecialShibbolethLogin";
+	return true;
+}
+
+public static function onUserLogout(&$user) {
+	global $wgOut;
+
+	$shib = new bKULshib();
+	if ($shib->check_login()) {
+		$wgOut->redirect($shib->logout_link());
+	}
+	return true;
+}
+
diff --git a/includes/ShibbolethSessionProvider.php b/includes/ShibbolethSessionProvider.php
index ddbdde1..3c6c131 100644
--- a/includes/ShibbolethSessionProvider.php
+++ b/includes/ShibbolethSessionProvider.php
@@ -1,5 +1,7 @@
 <?php
 
+namespace MediaWikiShibboleth;
+
 use MediaWiki\Session\SessionProvider;
 use MediaWiki\Session\ImmutableSessionProviderWithCookie;
 use MediaWiki\Session\SessionBackend;
@@ -48,6 +50,7 @@ public function provideSessionInfo(WebRequest $request) {
 
 			if (!$user->getId()) {
 				$user = User::createNew($kulid, [
+// TODO: Prevent password resets
 					"email" => $shib->single_email(),
 					"real_name" => $shib->fullname(),
 					"email_authenticated" => wfTimestamp(TS_MW) + 100
@@ -71,7 +74,7 @@ public function persistsSessionId() {
 	}
 
 	public function canChangeUser() {
-		return true;
+		return false;
 	}
 
 	public function persistSession(SessionBackend $session, WebRequest $request) {
diff --git a/includes/SpecialShibbolethLogin.php b/includes/SpecialShibbolethLogin.php
index a0ea625..084f659 100644
--- a/includes/SpecialShibbolethLogin.php
+++ b/includes/SpecialShibbolethLogin.php
@@ -1,5 +1,7 @@
 <?php
 
+namespace MediaWikiShibboleth;
+
 class SpecialShibbolethLogin extends SpecialUserLogin {
 	function __construct() {
 		parent::__construct("ShibbolethLogin");
@@ -11,12 +13,8 @@ function errorBox($message) {
 	}
 
 	function image($shib) {
-		$ret = $_SERVER['PHP_SELF'];
-		if ($_GET['returnto']) {
-			$ret .= '?title=' . $_GET['returnto'];
-		}
 		$clickMessage = wfMessage('mediawikishibboleth-login')->parse();
-		return '<p>' . $clickMessage . '</p><a href="' . $shib->login_link($ret) . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a>';
+		return '<p>' . $clickMessage . '</p><a href="' . $shib->login_link() . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a>';
 	}
 
 	function password_login($formHtml) {
@@ -58,6 +56,8 @@ function getPageHtml($formHtml) {
 			if (!$found) {
 				return $this->errorBox('mediawikishibboleth-forbidden-degree') . $this->password_login($formHtml);
 			}
+
+			$this->successfulAction();
 		}
 
 		return $this->image($shib) . $this->password_login($formHtml);

From 1bd1e23e618409b10d05ea537ccb31e17c38fa1c Mon Sep 17 00:00:00 2001
From: Joachim Vandersmissen <git@joachimvandersmissen.com>
Date: Sun, 3 Feb 2019 20:32:28 +0100
Subject: [PATCH 3/6] More bugfixes for 1.2.0

---
 extension.json                         | 11 ++++-----
 includes/MediaWikiShibboleth.php       | 31 +++++++++++++++-----------
 includes/ShibbolethSessionProvider.php | 11 ++++-----
 includes/SpecialShibbolethLogin.php    |  2 ++
 includes/bKULshib.php                  |  2 ++
 5 files changed, 32 insertions(+), 25 deletions(-)

diff --git a/extension.json b/extension.json
index c01bc2a..c41b118 100644
--- a/extension.json
+++ b/extension.json
@@ -7,15 +7,12 @@
 	"license-name": "GPL-2.0+",
 	"type": "other",
 	"AutoloadNamespaces": {
-		"MediaWikiShibboleth\\": "includes/",
-	},
-	"AutoloadClasses": {
-		"bKULshib": "includes/bKULshib.php",
+		"MediaWikiShibboleth\\": "includes/"
 	},
 	"Hooks": {
-		"PersonalUrls": ["MediaWikiShibboleth::onPersonalUrls"],
-		"SpecialPage_initList": ["MediaWikiShibboleth::onSpecialPage_initList"],
-		"UserLogout": ["MediaWikiShibboleth::onUserLogout"]
+		"PersonalUrls": ["MediaWikiShibboleth\\MediaWikiShibboleth::onPersonalUrls"],
+		"SpecialPage_initList": ["MediaWikiShibboleth\\MediaWikiShibboleth::onSpecialPage_initList"],
+		"UserLogout": ["MediaWikiShibboleth\\MediaWikiShibboleth::onUserLogout"]
 	},
 	"SpecialPages": {
 		"ShibbolethLogin": "MediaWikiShibboleth\\SpecialShibbolethLogin"
diff --git a/includes/MediaWikiShibboleth.php b/includes/MediaWikiShibboleth.php
index 1c2c26e..3908296 100644
--- a/includes/MediaWikiShibboleth.php
+++ b/includes/MediaWikiShibboleth.php
@@ -2,25 +2,30 @@
 
 namespace MediaWikiShibboleth;
 
+use Title;
+use SkinTemplate;
+
 $wgRevokePermissions['Shibboleth']['editmyprivateinfo'] = true;
 $wgGroupPermissions['*']['createaccount'] = false;
 
-public static function onPersonalUrls(array &$personal_urls, Title $title, SkinTemplate $skin) {
-	unset($personal_urls['createaccount']);
-}
+class MediaWikiShibboleth {
+	public static function onPersonalUrls(array &$personal_urls, Title $title, SkinTemplate $skin) {
+		unset($personal_urls['createaccount']);
+	}
 
-public static function onSpecialPage_initList(&$specialPages) {
-	$specialPages['Userlogin'] = "SpecialShibbolethLogin";
-	return true;
-}
+	public static function onSpecialPage_initList(&$specialPages) {
+		$specialPages['Userlogin'] = "MediaWikiShibboleth\\SpecialShibbolethLogin";
+		return true;
+	}
 
-public static function onUserLogout(&$user) {
-	global $wgOut;
+	public static function onUserLogout(&$user) {
+		global $wgOut;
 
-	$shib = new bKULshib();
-	if ($shib->check_login()) {
-		$wgOut->redirect($shib->logout_link());
+		$shib = new bKULshib();
+		if ($shib->check_login()) {
+			$wgOut->redirect($shib->logout_link());
+		}
+		return true;
 	}
-	return true;
 }
 
diff --git a/includes/ShibbolethSessionProvider.php b/includes/ShibbolethSessionProvider.php
index 3c6c131..455c746 100644
--- a/includes/ShibbolethSessionProvider.php
+++ b/includes/ShibbolethSessionProvider.php
@@ -2,6 +2,8 @@
 
 namespace MediaWikiShibboleth;
 
+use WebRequest;
+use User;
 use MediaWiki\Session\SessionProvider;
 use MediaWiki\Session\ImmutableSessionProviderWithCookie;
 use MediaWiki\Session\SessionBackend;
@@ -50,10 +52,9 @@ public function provideSessionInfo(WebRequest $request) {
 
 			if (!$user->getId()) {
 				$user = User::createNew($kulid, [
-// TODO: Prevent password resets
-					"email" => $shib->single_email(),
-					"real_name" => $shib->fullname(),
-					"email_authenticated" => wfTimestamp(TS_MW) + 100
+					'email' => $shib->single_email(),
+					'real_name' => $shib->fullname(),
+					'email_authenticated' => wfTimestamp(TS_MW) + 100
 					]);
 				$user->addGroup("Shibboleth");
 			}
@@ -74,7 +75,7 @@ public function persistsSessionId() {
 	}
 
 	public function canChangeUser() {
-		return false;
+		return true;
 	}
 
 	public function persistSession(SessionBackend $session, WebRequest $request) {
diff --git a/includes/SpecialShibbolethLogin.php b/includes/SpecialShibbolethLogin.php
index 084f659..2cde6a6 100644
--- a/includes/SpecialShibbolethLogin.php
+++ b/includes/SpecialShibbolethLogin.php
@@ -2,6 +2,8 @@
 
 namespace MediaWikiShibboleth;
 
+use SpecialUserLogin;
+
 class SpecialShibbolethLogin extends SpecialUserLogin {
 	function __construct() {
 		parent::__construct("ShibbolethLogin");
diff --git a/includes/bKULshib.php b/includes/bKULshib.php
index e7ed1cd..c63ed34 100644
--- a/includes/bKULshib.php
+++ b/includes/bKULshib.php
@@ -1,5 +1,7 @@
 <?php
 
+namespace MediaWikiShibboleth;
+
 class bKULshib {
 	protected $shib = FALSE;
 	protected $debug = FALSE;

From 4bab29ad2394354eff80b81987266845ced6cf84 Mon Sep 17 00:00:00 2001
From: Joachim Vandersmissen <git@joachimvandersmissen.com>
Date: Sun, 3 Feb 2019 20:50:25 +0100
Subject: [PATCH 4/6] Move the options and other modifications to
 LocalSettings.php

---
 extension.json                   | 5 -----
 includes/MediaWikiShibboleth.php | 3 ---
 2 files changed, 8 deletions(-)

diff --git a/extension.json b/extension.json
index c41b118..7f63589 100644
--- a/extension.json
+++ b/extension.json
@@ -26,11 +26,6 @@
 	"MessagesDirs": {
 		"MediaWikiShibboleth": ["i18n"]
 	},
-	"config": {
-		"MWSStudentsOnly": false,
-		"MWSAllowedKULids": "",
-		"MWSAllowedDegrees": ""
-	},
 	"manifest_version": 1
 }
 
diff --git a/includes/MediaWikiShibboleth.php b/includes/MediaWikiShibboleth.php
index 3908296..c25d3cf 100644
--- a/includes/MediaWikiShibboleth.php
+++ b/includes/MediaWikiShibboleth.php
@@ -5,9 +5,6 @@
 use Title;
 use SkinTemplate;
 
-$wgRevokePermissions['Shibboleth']['editmyprivateinfo'] = true;
-$wgGroupPermissions['*']['createaccount'] = false;
-
 class MediaWikiShibboleth {
 	public static function onPersonalUrls(array &$personal_urls, Title $title, SkinTemplate $skin) {
 		unset($personal_urls['createaccount']);

From 6e01ef78e60d38fcbc4d709a92b2c8c8b4fdae79 Mon Sep 17 00:00:00 2001
From: Joachim Vandersmissen <git@joachimvandersmissen.com>
Date: Sun, 3 Feb 2019 21:17:22 +0100
Subject: [PATCH 5/6] Remove emails for Shibboleth users again, because of
 password resetting

---
 includes/ShibbolethSessionProvider.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/ShibbolethSessionProvider.php b/includes/ShibbolethSessionProvider.php
index 455c746..e60758e 100644
--- a/includes/ShibbolethSessionProvider.php
+++ b/includes/ShibbolethSessionProvider.php
@@ -52,7 +52,7 @@ public function provideSessionInfo(WebRequest $request) {
 
 			if (!$user->getId()) {
 				$user = User::createNew($kulid, [
-					'email' => $shib->single_email(),
+//					'email' => $shib->single_email(),
 					'real_name' => $shib->fullname(),
 					'email_authenticated' => wfTimestamp(TS_MW) + 100
 					]);

From cdf102eec37423cd96ec224d51d068b242a7de95 Mon Sep 17 00:00:00 2001
From: Joachim Vandersmissen <git@joachimvandersmissen.com>
Date: Sun, 3 Feb 2019 22:17:11 +0100
Subject: [PATCH 6/6] UI improvements on login page

---
 i18n/en.json                        | 4 ++--
 i18n/nl.json                        | 4 ++--
 includes/SpecialShibbolethLogin.php | 7 ++++---
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/i18n/en.json b/i18n/en.json
index 1c3dc4e..2f0c70a 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -1,6 +1,6 @@
 {
-	"mediawikishibboleth-login": "Click on the image to log in:",
-	"mediawikishibboleth-password-login": "Password Login",
+	"mediawikishibboleth-login": "Log in using Central KU Leuven login:",
+	"mediawikishibboleth-password-login": "Login without Central KU Leuven login:",
 	"mediawikishibboleth-students-only": "Only students are allowed to sign in!",
 	"mediawikishibboleth-forbidden-student": "You are not allowed to sign in: your student number is not allowed by the website administrator!",
 	"mediawikishibboleth-forbidden-degree": "You are not allowed to sign in: you are not enrolled in any of the programmes allowing access to this website!"
diff --git a/i18n/nl.json b/i18n/nl.json
index 9c5c9de..fb0e76c 100644
--- a/i18n/nl.json
+++ b/i18n/nl.json
@@ -1,6 +1,6 @@
 {
-	"mediawikishibboleth-login": "Klik op de afbeelding om aan te melden:",
-	"mediawikishibboleth-password-login": "Aanmelden met wachtwoord",
+	"mediawikishibboleth-login": "Aanmelden met Centrale KU Leuven login:",
+	"mediawikishibboleth-password-login": "Aanmelden zonder Centrale KU Leuven login",
 	"mediawikishibboleth-students-only": "Alleen studenten kunnen zich aanmelden!",
 	"mediawikishibboleth-forbidden-student": "U mag u niet aanmelden: uw studentennummer is niet toegestaan door de website administrator!",
 	"mediawikishibboleth-forbidden-degree": "U mag u niet aanmelden: u volgt geen van de opleidingen die toegang geven tot deze website!"
diff --git a/includes/SpecialShibbolethLogin.php b/includes/SpecialShibbolethLogin.php
index 2cde6a6..1b51c50 100644
--- a/includes/SpecialShibbolethLogin.php
+++ b/includes/SpecialShibbolethLogin.php
@@ -15,8 +15,9 @@ function errorBox($message) {
 	}
 
 	function image($shib) {
-		$clickMessage = wfMessage('mediawikishibboleth-login')->parse();
-		return '<p>' . $clickMessage . '</p><a href="' . $shib->login_link() . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a>';
+		$login_link = $shib->login_link();
+		$clickMessage = '<a href="' . $login_link . '">' . wfMessage('mediawikishibboleth-login')->parse() . '</a>';
+		return '<p>' . $clickMessage . '</p><a href="' . $login_link . '"><img src="extensions/MediaWikiShibboleth/shib.gif" alt="Centrale KU Leuven Login" align="middle"></a>';
 	}
 
 	function password_login($formHtml) {
@@ -62,6 +63,6 @@ function getPageHtml($formHtml) {
 			$this->successfulAction();
 		}
 
-		return $this->image($shib) . $this->password_login($formHtml);
+		return $this->image($shib) . '<hr>' . $this->password_login($formHtml);
 	}
 }