0337d704 |
1 | <?php |
2 | /*************************************************************************** |
3 | * Copyright (C) 2003-2004 Polytechnique.org * |
4 | * http://opensource.polytechnique.org/ * |
5 | * * |
6 | * This program is free software; you can redistribute it and/or modify * |
7 | * it under the terms of the GNU General Public License as published by * |
8 | * the Free Software Foundation; either version 2 of the License, or * |
9 | * (at your option) any later version. * |
10 | * * |
11 | * This program is distributed in the hope that it will be useful, * |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * |
14 | * GNU General Public License for more details. * |
15 | * * |
16 | * You should have received a copy of the GNU General Public License * |
17 | * along with this program; if not, write to the Free Software * |
18 | * Foundation, Inc., * |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * |
20 | ***************************************************************************/ |
21 | |
22 | $gpex_pass = $_GET["pass"]; |
23 | $gpex_url = urldecode($_GET["url"]); |
24 | if (strpos($gpex_url, '?') === false) { |
25 | $gpex_url .= "?PHPSESSID=" . $_GET["session"]; |
26 | } else { |
27 | $gpex_url .= "&PHPSESSID=" . $_GET["session"]; |
28 | } |
29 | /* a-t-on besoin d'ajouter le http:// ? */ |
30 | if (!preg_match("/^(http|https):\/\/.*/",$gpex_url)) |
31 | $gpex_url = "http://$gpex_url"; |
32 | $gpex_challenge = $_GET["challenge"]; |
33 | |
34 | require_once("xorg.inc.php"); |
35 | new_skinned_page('index.tpl',AUTH_COOKIE); |
36 | |
37 | // mise à jour de l'heure et de la machine de dernier login sauf quand on est en suid |
38 | if (!isset($_SESSION['suid'])) { |
39 | $logger = (isset($_SESSION['log']) && $_SESSION['log']->uid==$uid) ? $_SESSION['log'] : new DiogenesCoreLogger($uid); |
40 | $logger->log("connexion_auth_ext",$_SERVER['PHP_SELF']); |
41 | } |
42 | |
43 | /* cree le champs "auth" renvoye au Groupe X */ |
44 | function gpex_make_auth($chlg, $privkey, $datafields) { |
45 | global $globals; |
46 | $fieldarr = split(",",$datafields); |
47 | $tohash = "1$chlg$privkey"; |
48 | |
49 | while (list(,$val) = each($fieldarr)) { |
50 | /* on verifie qu'on n'a pas demandé une |
51 | variable inexistante ! */ |
52 | if (isset($_SESSION[$val])) { |
53 | $tohash .= $_SESSION[$val]; |
54 | } else if ($val == 'username') { |
55 | $res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid')); |
56 | $min_username = $res->fetchOneCell(); |
57 | $tohash .= $min_username; |
58 | } |
59 | } |
60 | $tohash .= "1"; |
61 | return md5($tohash); |
62 | } |
63 | |
64 | /* cree les parametres de l'URL de retour avec les champs demandes */ |
65 | function gpex_make_params($chlg, $privkey, $datafields) { |
66 | global $globals; |
67 | $params = "&auth=".gpex_make_auth($chlg, $privkey, $datafields); |
68 | $fieldarr = split(",",$datafields); |
69 | while (list(,$val) = each($fieldarr)) { |
70 | if (isset($_SESSION[$val])) { |
71 | $params .= "&$val=".$_SESSION[$val]; |
72 | } else if ($val == 'username') { |
73 | $res = $globals->xdb->query("SELECT alias FROM aliases WHERE id = {?} AND FIND_IN_SET('bestalias', flags)", Session::getInt('uid')); |
74 | $min_username = $res->fetchOneCell(); |
75 | $params .= "&$val=".$min_username; |
76 | } |
77 | } |
78 | return $params; |
79 | } |
80 | |
81 | /* on parcourt les entrees de groupes_auth */ |
82 | $res = $globals->xdb->iterRow('select privkey,name,datafields from groupesx_auth'); |
83 | |
84 | while (list($privkey,$name,$datafields) = $res->next()) { |
85 | if (md5($gpex_challenge.$privkey) == $gpex_pass) { |
86 | $returl = $gpex_url.gpex_make_params($gpex_challenge,$privkey,$datafields); |
87 | header("Location:$returl"); |
88 | exit(0); |
89 | } |
90 | } |
91 | |
92 | /* si on n'a pas trouvé, on renvoit sur x.org */ |
93 | header("Location:https://www.polytechnique.org/"); |
94 | exit(0); |
95 | |
96 | ?> |