This wiki space contains archival documentation of Project Bamboo, April 2008 - March 2013.
The Drupal module code is versioned in Project Bamboo's svn instance at Sourceforge, at http://svn.code.sf.net/p/projectbamboo/code/account-services/trunk/
Two Drupal modules can be found in the repository:
This is a convenience module for development purposes. It was useful for developing bamboo_as.module on a local AMP stack where Shibboleth was not installed. See the README.md in this module for more info.
This module was intended to be installed on a centrally-deployed site through which users of multiple clients would maintain their Bamboo identities. This site was instantiated during the period of the Bamboo Technology Project at(no longer maintained).
Development of this module was halted when funding for a second phase of Project Bamboo software development was not forthcoming.
This module aimed to implement the functionality described on the page Account Services Drupal module workflow.
A demonstration (including webcast) described in a blog entry of November 2012, User-onboarding: creating a Bamboo Identity, shows how far we got with this module. Watch the video here to understand how the module works from a user perspective (with an unfinished user interface), and vis-a-vis user attributes passed into the Drupal environment by the authentication process, managed by the Shibboleth SP Drupal module shib_auth.
Some examples of the REST calls made in this module may be useful to developers of future clients to Bamboo's IAM services:
The shib_auth module installed in the Drupal instance permits Drupal to act as a Shibboleth Service Provider. When a user logs in via Shib the shib_auth module populates some PHP $_SERVER variables. The first thing we do is throw an error if the expected variables don't exist:
Create a sha256 hash of the persistent-id (an expected / required practice for passing user identities between clients and the Bamboo Person service)
REST Call: Attempt to GET the bamboo person id from BSP:
The REST_client class can be found in bamboo_as_rest.inc.
The approach taken here is to create a variable containing an XML template
convert it to an object using PHP's SimpleXML library
populate the object with required values, identifying the IdP used to authenticate and the authenticated user, provided via the shib_auth module on successful authentication (note that the combination of user identifier and IdP identifier were called a "sourced Id" by the team that implemented the Bamboo IAM infrastructure):
After prepending the xml declaration, it's removed:
POST the request to BSP
(This code needs more work, which was precluded when the project came to a close.)
A bamboo person id can be associated with multiple profiles.
Look up profile(s) for a bamboo id:
Find the person namespace of the object and load the profile
Then pass the profile data to Drupal's FormAPI:
From here on the code follows the same patterns as above, so only pointers to functions follow.
Contact data is under the primary profile.