AuthX - Extended authentication support (portable and router-friendly)

.gitignore

@@ -3,6 +3,7 @@
 .use-civicrm-setup
 /ext/*
 !/ext/afform
+!/ext/authx
 !/ext/sequentialcreditnotes
 !/ext/flexmailer
 !/ext/eventcart

CRM/Core/Invoke.php

@@ -64,6 +64,7 @@ public static function _invoke($args) {
       // may exit
       self::hackMenuRebuild($args);
       self::init($args);
+      Civi::dispatcher()->dispatch('civi.invoke.auth', \Civi\Core\Event\GenericHookEvent::create(['args' => $args]));
       $item = self::getItem($args);
       return self::runItem($item);
     }

CRM/Core/Session.php

@@ -86,6 +86,39 @@ public static function &singleton() {
     return self::$_singleton;
   }
 
+  /**
+   * Replace the session object with a fake session.
+   */
+  public static function useFakeSession() {
+    self::$_singleton = new class() extends CRM_Core_Session {
+
+      public function initialize($isRead = FALSE) {
+        if ($isRead) {
+          return;
+        }
+
+        if (!isset($this->_session)) {
+          $this->_session = [];
+        }
+
+        if (!isset($this->_session[$this->_key]) || !is_array($this->_session[$this->_key])) {
+          $this->_session[$this->_key] = [];
+        }
+      }
+
+      public function isEmpty() {
+        return empty($this->_session);
+      }
+
+    };
+    self::$_singleton->_session = NULL;
+    // This is not a revocable proposition. Should survive, even with things 'System.flush'.
+    if (!defined('_CIVICRM_FAKE_SESSION')) {
+      define('_CIVICRM_FAKE_SESSION', TRUE);
+    }
+    return self::$_singleton;
+  }
+
   /**
    * Creates an array in the session.
    *

CRM/Utils/System/Drupal.php

@@ -850,7 +850,9 @@ public function onCiviExit() {
       if (!defined('MAINTENANCE_MODE') || MAINTENANCE_MODE != 'update') {
         module_invoke_all('exit');
       }
-      drupal_session_commit();
+      if (!defined('_CIVICRM_FAKE_SESSION')) {
+        drupal_session_commit();
+      }
     }
   }
 

distmaker/dists/common.sh

@@ -125,6 +125,7 @@ function dm_core_exts() {
   echo ext/ewaysingle
   echo ext/financialacls
   echo ext/afform
+  echo ext/authx
   echo ext/greenwich
   echo ext/contributioncancelactions
   echo ext/oauth-client

ext/authx/CRM/Authx/Page/AJAX.php

@@ -0,0 +1,44 @@
+<?php
+
+use CRM_Authx_ExtensionUtil as E;
+
+class CRM_Authx_Page_AJAX {
+
+  /**
+   * Identify the current user.
+   *
+   * GET /civicrm/authx/id
+   */
+  public static function getId() {
+    $authxUf = _authx_uf();
+
+    $response = [
+      'contact_id' => CRM_Core_Session::getLoggedInContactID(),
+      'user_id' => $authxUf->getCurrentUserId(),
+    ];
+
+    CRM_Utils_JSON::output($response);
+  }
+
+  /**
+   * Present the outcome of an authx login.
+   *
+   * Note that the actual authentication is handled in the authentication layer.
+   * This method just renders the response page after a successful login.
+   */
+  public static function login() {
+    self::getId();
+  }
+
+  /**
+   * Logout of Civi+CMS.
+   *
+   * GET /civicrm/authx/logout
+   * POST /civicrm/authx/logout
+   */
+  public static function logout() {
+    _authx_uf()->logoutSession();
+    CRM_Utils_JSON::output([]);
+  }
+
+}