Implement external authentication for scp

include/staff/login.header.php

@@ -8,6 +8,7 @@ defined('OSTSCPINC') or die('Invalid path');
     <meta http-equiv="refresh" content="7200" />
     <title>osTicket:: SCP Login</title>
     <link rel="stylesheet" href="css/login.css" type="text/css" />
+    <link type="text/css" rel="stylesheet" href="<?php echo ROOT_PATH; ?>css/font-awesome.min.css">
     <meta name="robots" content="noindex" />
     <meta http-equiv="cache-control" content="no-cache" />
     <meta http-equiv="pragma" content="no-cache" />

include/staff/login.tpl.php

@@ -5,19 +5,33 @@ $info = ($_POST && $errors)?Format::htmlchars($_POST):array();
 <div id="loginBox">
     <h1 id="logo"><a href="index.php">osTicket Staff Control Panel</a></h1>
     <h3><?php echo Format::htmlchars($msg); ?></h3>
-    <div><small><?php echo ($content) ? Format::display($content->getBody()) : ''; ?></small></div>
+    <div class="banner"><small><?php echo ($content) ? Format::display($content->getBody()) : ''; ?></small></div>
     <form action="login.php" method="post">
         <?php csrf_token(); ?>
         <input type="hidden" name="do" value="scplogin">
         <fieldset>
             <input type="text" name="userid" id="name" value="<?php echo $info['userid']; ?>" placeholder="username" autocorrect="off" autocapitalize="off">
             <input type="password" name="passwd" id="pass" placeholder="password" autocorrect="off" autocapitalize="off">
+            <?php if ($show_reset && $cfg->allowPasswordReset()) { ?>
+            <h3 style="display:inline"><a href="pwreset.php">Forgot my password</a></h3>
+            <?php } ?>
+            <input class="submit" type="submit" name="submit" value="Log In">
         </fieldset>
-        <?php if ($show_reset && $cfg->allowPasswordReset()) { ?>
-        <h3 style="display:inline"><a href="pwreset.php">Forgot my password</a></h3>
-        <?php } ?>
-        <input class="submit" type="submit" name="submit" value="Log In">
     </form>
+<?php
+$ext_bks = array();
+foreach (StaffAuthenticationBackend::allRegistered() as $bk)
+    if ($bk instanceof ExternalAuthentication)
+        $ext_bks[] = $bk;
+
+if (count($ext_bks)) { ?>
+<div class="or">
+    <hr/>
+</div><?php
+    foreach ($ext_bks as $bk) { ?>
+<div class="external-auth"><?php $bk->renderExternalLink(); ?></div><?php
+    }
+} ?>
 </div>
 <div id="copyRights">Copyright &copy; <a href='http://www.osticket.com' target="_blank">osTicket.com</a></div>
 </body>

scp/css/login.css

@@ -23,7 +23,9 @@ html {
 
 body {
     -webkit-font-smoothing:antialiased;
-    background:url(../images/login-background.jpg) top left repeat-x #fff;
+    background:url(../images/login-background.jpg);
+    background-repeat: repeat-x;
+    background-attachment: fixed;
     font-size: 16px;
     font-smoothing:antialiased;
     height:100%;
@@ -105,15 +107,30 @@ fieldset input {
     width: 96%;
 }
 
+hr {
+    margin: 20px;
+    border: none;
+    height: 0;
+    border-bottom: 1px solid #eee;
+}
+
+div.banner {
+    color: #666;
+    line-height: 1.2em;
+}
+div.banner:not(:empty) {
+    margin-bottom: 1em;
+}
+
 input.submit {
+    border-radius: 4px;
     display:inline-block;
-    float:right;
     margin:0.25em;
     height:24px;
     line-height:24px;
     font-weight:bold;
     border:1px solid #666666;
-    padding:0 10px;
+    padding:0 30px;
     background: url('../images/grey_btn_bg.png?1312910883') top left repeat-x;
     color: #333;
 }
@@ -132,3 +149,46 @@ input.submit:hover, input.submit:active {
 #copyRights a {
     color:#888;
 }
+
+.external-auth {
+    display:inline-block;
+}
+.external-auth + .external-auth {
+    margin-top: 4px;
+}
+
+a.external-sign-in {
+    text-decoration: none;
+}
+.external-auth-box {
+    vertical-align: middle;
+    border-radius: 4px;
+    border: 1px solid #777;
+}
+.external-auth-icon {
+    display: inline-block;
+    color: #333;
+    width: 30px;
+    padding: 5px 10px;
+    border-right: 1px solid #ddd;
+}
+.external-auth-name {
+    color: #333;
+    width: 100px;
+    padding: 5px 10px;
+    line-height:30px;
+    font-size: 11pt;
+}
+img.sign-in-image {
+    border: none;
+    max-height: 40px;
+    max-width: 200px;
+    width: auto;
+    height: auto;
+}
+
+input[type=text],
+input[type=password] {
+    border-radius: 4px;
+    padding: 5px;
+}

scp/login.php

@@ -40,8 +40,17 @@ if($_POST) {
     $msg = $errors['err']?$errors['err']:'Invalid login';
     $show_reset = true;
 }
+elseif ($_GET['do']) {
+    switch ($_GET['do']) {
+    case 'ext':
+        // Lookup external backend
+        if ($bk = StaffAuthenticationBackend::getBackend($_GET['bk']))
+            $bk->triggerAuth();
+    }
+    Http::redirect('login.php');
+}
 // Consider single sign-on authentication backends
-else if (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) {
+elseif (!$thisstaff || !($thisstaff->getId() || $thisstaff->isValid())) {
     if (($user = StaffAuthenticationBackend::processSignOn($errors, false))
             && ($user instanceof StaffSession))
        @header("Location: $dest");