Feature: Custom Attributes

[sevmonster]

This branch adds a custom attributes option that allows users to pull in additional CAS claims. It also adds an option to change the assigned username, as setting it to the email address was not playing nice with the LDAP plugin and we use both in my environment. This means you can set the osTicket username to whatever you want, even the value of a custom claim attribute.

phpCAS version has also been updated from 1.3.5 to 1.3.8 with no adverse affects, and the removal of a warning that was causing issues in my development environment.

During testing I needed to see the phpCAS.log but we are using IIS, so I had to change that string to get it to work. Instead, I thought it would be better to use $TEMP to make it platform-independent.

While editing the config page I also added some help text for some other options to make them more clear.

First time CAS and PHP user, so let me know if I did anything wrong :)

[kevinoconnor7]

I'd also be open to breaking this up so that only custom attributes are introduced in this PR and we can have another one to work through the user/email switching.

[sevmonster]

The username switch is entirely optional, and by default it will retain compatibility with previous versions; note that you used getEmail explicitly for the osTicket username for both lookupByUsername and when creating the ClientCreateRequest. getUsername will return the email field by default.

[sevmonster]

I added field validation to check for incorrect number of columns and use of reserved names: I made the username switcher a drop-down as suggested:

[kevinoconnor7]

Nice work!

[sevmonster]

We are using this in production so I will be on the lookout for any issues.

Thank you for your cooperation and guidance!

[kevinoconnor7]

I'm going to test it in my demo environment and then cut a new release, hopefully today.

[lucek23]

I have a CAS system in my company and I have a problem with configuring it in the OS ticket, namely each employee has his own login starting with the first letter of his name and then his surname, for example jkon, unfortunately the login does not equal the email address because the email address looks like this: jan.kon@domain. com Is there any way to obtain a login and correct e-mail address from CAS?

[kevinoconnor7]

Your CAS instance will need to expose the email as an attribute (typically mail is used). You can set this in the plugin configuration under E-mail attribute key.

[lucek23]

A technician from the central user management system gave me the attribute that I entered in the email key, but unfortunately the same email address as the username is still created, I managed to determine that the plugin loads the email as the name that is entered as the username in the CAS login portal.