bef72247c4def68ba6cb863d59c80c18b7be82dd
2 $core->url
->register('xorgAuth', 'Xorg', '^auth/(.*)$', array('xorgAuthentifier', 'doAuth'));
5 static public function widget(&$w) {
7 if ($core->auth
->xorg_infos
['forlife']) {
8 return '<p>Tu es ' . $core->auth
->xorg_infos
['prenom'] . ' ' . $core->auth
->xorg_infos
['nom'] . '<br />'
9 . '<a href="auth/exit">déconnexion</a></p>';
11 return '<p><a href="auth/Xorg?path=' . $_SERVER['REQUEST_URI'] . '">M\'authentifier via Polytechnique.org</a></p>';
16 class xorgAuthentifier
extends dcUrlHandlers
{
17 static public function doAuth($args) {
35 static protected function callXorg() {
36 if (@$_SESSION['auth-xorg']) {
37 header("Location: http://murphy.m4x.org/" . $_GET['path']);
40 $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
41 $url = "https://www.polytechnique.org/auth-groupex/utf8";
42 $url .= "?session=" . session_id();
43 $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
44 $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY
);
45 $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $_GET['path']);
46 session_write_close();
47 header("Location: $url");
51 static protected function returnXorg() {
52 if (!isset($_GET['auth'])) {
57 foreach($core->auth
->xorg_infos
as $key => $val) {
58 if(!isset($_GET[$key])) {
61 $_SESSION['auth-xorg-' . $key] = $_GET[$key];
62 $core->auth
->xorg_infos
[$key] = $_GET[$key];
63 $params .= $_GET[$key];
65 if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY
. $params . '1') == $_GET['auth']) {
67 $_SESSION['auth-xorg'] = $_GET['forlife'];
68 header("Location: http://murphy.m4x.org/" . $_GET['path']);
71 $_SESSION['auth-xorg'] = null
;
76 static protected function killSession() {
78 header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');