Implements PlSession::apiAuth. The authentication is based on a HMAC

[platal.git] / configs / platal.ini

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;  Copyright (C) 2003-2010 Polytechnique.org                               ;
;  http://opensource.polytechnique.org/                                    ;
;                                                                          ;
;  This program is free software; you can redistribute it and/or modify    ;
;  it under the terms of the GNU General Public License as published by    ;
;  the Free Software Foundation; either version 2 of the License, or       ;
;  (at your option) any later version.                                     ;
;                                                                          ;
;  This program is distributed in the hope that it will be useful,         ;
;  but WITHOUT ANY WARRANTY; without even the implied warranty of          ;
;  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the           ;
;  GNU General Public License for more details.                            ;
;                                                                          ;
;  You should have received a copy of the GNU General Public License       ;
;  along with this program; if not, write to the Free Software             ;
;  Foundation, Inc.,                                                       ;
;  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                 ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; DO NOT EDIT THIS FILE
; This file contains the default values for the configuration variables of
; plat/al. This values can be overriden in by adding a platal.conf file in
; the same directory.
; DO NOT EDIT THIS FILE


; The core section contains the main configuration of the website like name
; of the site, its URL, or the database parameters. It also provide tools
; to setup debugging or restrictions on the website.
[Core]

; $globals->locale
; Locale of the web site. This includes language and charset to
; use for system strings.
locale   = "fr_FR.UTF-8"

; $globals->timezone
; The timezone of the server.
timezone = "Europe/Paris"

; $globals->core->restricted_platal
; When activated restricted_platal, the copy of the website is protected against
; indexation by search engine. This also activate the addition of catch-all emails
; by PlMailer. (see email_catchall and robotstxt_disallowed_uris for more details).
;
; A production website should set this variable to true in platal.conf
restricted_platal = 1

; $globals->core->robotstxt_disallowed_uris
; List of urls that must not be indexed by search engines when the site is not
; in restricted mode. The urls must be separated by spaces or commas.
; 
; e.g: robotstxt_disallowed_uris = "/javascript /images /Xorg"
robotstxt_disallowed_uris =

; $globals->email_catchall
; An email address that signal a mail to be discarded by the mail routing
; environment.
;
; email_catchall = ""

; $globals->cookie_ns
; String to preprend to the name of the cookies generated by the site
;
; cookie_ns = ""

; $globals->cookie_path
; The path the cookies generated by the site are associated to.
;
; cookie_path = ""

; $globals->debug
; Debug flags. The flags are integer mask and the debug value is a combination
; of this flags. Available values are:
;  - provided by the core:
;   1 - DEBUG_BT: displays the backtraces (SQL, mailman, banana executions)
;   2 - DEBUG_VALID: checks that the html of the page is valid
;   4 - DEBUG_SMARTY: don't hide error reported during the execution of smarty
;   8 - DEBUG_NOCACHE: disable data caching
;  16 - DEBUG_SCRIPTCACHE: cache expires after the execution of the script (no caching
;                          in session or via memcache)
;  - provided by xorg:
; 256 - DEBUG_NOCACHE: don't cache db content in the session (this feature as been moved
;                      to the core and this flag is deprecated)
;
; debug = 0

; $globals->mode
; Plat/al execution mode:
;  empty -> this copy of plat/al is disabled
;  'r'   -> read only, writing in the database is not allowed (excepting logging)
;  'rw'  -> read-write, the site is fully available
;
; mode = "rw"

; $globals->core->secure_domain
; If not empty, the site automatically redirects the user to the secure_domain.
; The value must be a hostname (eg.: www.polytechnique.org)
secure_domain = ""

; $globals->baseurl
; The base url of the web site. This value is used only for scripts called from
; command line. The value is computed automatically when php serves a web page.
baseurl = "https://www.example.org/"

; $globals->sitename
; The name of the site
;
; sitename = ""

; $globals->dbhost
; Host where the db is located
; dbhost = "localhost"

; $globals->dbuser
; Username to use to connect to the database
; dbuser = "web"

; $globals->dbpwd
; Password to use to connect to the database
; dbpwd = ""

; $globals->dbdb
; Name of the database
; dbdb = "x4dat"

; $globals->dbcharset
; The charset to use when talking to the database
; dbcharset = "utf8"

; $globals->core->memcache
; List of space separated addresses of memcache servers
memcache = ""

; $globals->static_cache_duration
; Cache duration for static content
; static_cache_duration = "604800"

; $globals->dynamic_cache_duration
; Cache duration for dynamic content
; dynamic_cache_duration = "3600"

; $globals->skin
; Skin to use for unlogged accesses and when the user didn't explicitely
; select a skin.
skin = "default"

; $globals->register_skin
; Skin to use during registration process
register_skin = "register"

; $globals->core->econfiance
; Key used to perform transactions with the 'econfiance' webservice in order
; to synchronize the X-Informatique directory with polytechnique.net
econfiance = ""


; The API section contains  the configuration for the web services.
[Api]

; $globals->api->hmac_algo
; Algorithm to use for HMAC-based authentication of API requests. Note that this
; value is shared with clients, and must be changed in all places at once.
hmac_algo = "sha256"

; $globals->api->timestamp_tolerance
; Maximum number of seconds of drift allowed between the client-side UNIX clock
; and the server-side clock. This should be big enough to also allow for network
; latency, but not too high, to limit replay opportunities.
timestamp_tolerance = 10


; The banana section contains the configuration of the forums.
[Banana]

; $globals->banana->server
; Hostname of the nntp server
server = "localhost"

; $globals->banana->port
; Port of the nntp server (if port is 563, banana automatically switch
; to nntps)
port   = 119

; $globals->banana->password
; Password used by banana to authenticate site users with the nntp server.
password = "***"

; $globals->banana->web_user
; Username used by banana
web_user = "***"

; $globals->banana->web_pass
; Password used by banana to perform administrative tasks unrelated to a
; specific user
web_pass = "***"

; $globals->banana->event_forum
; Name of the newsgroup where events are posted
event_forum = ""

; $globals->banana->event_reply
; Name of a newsgroup where to reply to posted events
event_reply = ""


; The geocoder section contains parameters used to perform the geocoding 
; and the formatting of user addresses.
[Geocoder]

; $globals->geocder->email
; Unused parameter.
email = ""

; $globals->geocoder->gmaps_key
; API key to use when querying google maps web service
gmaps_key = ""

; $globals->geocoder->gmaps_url
; URL of geocoding webservice
gmaps_url = "http://maps.google.com/maps/geo"

; $globals->geocoder->gmaps_hl
; Default output language.
gmaps_hl = "fr"

; $globals->geocoder->gmaps_gl
; Default location preference.
gmaps_gl = "fr"


; The lists section contains parameters used to interact with mailman.
[Lists]

; $globals->lists->rpchost
; Hostname where the lists' rpc server is located
rpchost   = "localhost"

; $globasl->lists->rpcport
; Port of the lists' rpc server
rpcport   = "4949"

; $globals->lists->spool
; Path to the archives of mailman. This is used to provide access to the archives
; via the web interface
spool     = "/var/lib/mailman/archives/private"

; $globals->lists->vhost_sep
; Character used to separate the host part and the list name part in the internal
; name of the list in mailman. If vhost_sep is '_', the list blah@example.com will
; be internally named example.com_blah
vhost_sep = "_"

; $globals->lists->max_mail_per_min
; Maximum number of mails an instance of the moderation cron accepts to deliver.
max_mail_per_min = 400


; The mail section contains parameters used to interacts with email routing
[Mail]

; $globals->mail->domain
; Main mail domain
domain  = ""

; $globals->mail->domain2
; Secondary mail domain providing aliases to the main domain.
domain2 = ""

; $globals->mail->alias_dom
; Mail domain hosting user-choosen aliases.
alias_dom  = ""

; $globals->mail->alias_dom2
; Secondary domain for user-choosen aliases.
alias_dom2 = ""

blacklist_check_url = ""
blacklist_host_resolution_limit =

; $globals->mail->domain_whitelist
; Space-separated list of domains to be accepted in urls in the newsletter even if this
; domain is blacklisted by a spam filter.
domain_whitelist = ""


; The mailstorage section contains parameters describing the availability of email storage services
[MailStorage]

; $globals->mailstorage->imap_active
; Boolean flag triggering the activation of the administration interface for the imap storage service.
imap_active = 0

; $globals->mailstorage->googleapps_active
; Boolean flag triggering the activation of the administration interface for the googleapps service.
googleapps_active = 0

; $globals->mailstorage->googleapps_domain
; Domain used internally when redirecting an email to the googleapps account of a user.
googleapps_domain = ""


; The manageurs section contains parameters for the webservice providing data to manageurs.com
[Manageurs]

; $globals->manageurs->authorized_ips
; Space-separated list of IP that are allowed on the webservice
authorized_ips       = "129.104.30.32 129.104.30.33 213.251.145.200"

; $globals->manageurs->manageurs_cipher_key
; Key used to cipher data sent to manageurs.com
manageurs_cipher_key = ""

; $globals->manageurs->manageurs_pass
; Password to be provided by manageurs.com to get authenticated on the webservice
manageurs_pass       = ""


; The money section contains parameters for the payment module
[Money]

; $globals->money->email
; Email address to which payment related actions are reported
;
; email = ""

; Undocumented parameter
mpay_def_id   = 0

; Undocumented parameter
mpay_def_meth = 0

; $globals->money->paypal_site
; Hostname of the Paypal site
paypal_site   = ""

; $globals->money->paypal_compte
; Account on Paypal
paypal_compte = ""

; $globals->money->cyberplus_key
; API key to use when accessing the CyberPlus payment service
;
; cyperplus_key = ""


; The poison section contains parameters for injecting poisonous email on the internet
[Poison]

; $globals->poison->file
; Path to a file containing one poisonous email per line
file = ""


; The search section contains parameters for the search module
[Search]

; $globals->search->public_max
; Maximum number of profiles a search on the public site is allowed to return.
public_max  =  25

; $globals->search->private_max
; Maximum number of profiles a search on the private site is allowed to return
private_max = 800

; $globals->search->per_page
; Maximum number of profiles per page in the result of a search
per_page    =  20


; The register section contains parameters for the registration process
[Register]

; $globals->register->notif
; Email address to be notified on new registrations.
notif       = ""


; The webservice section contains parameters used to access external webservices
[WebService]

; $globals->webservice->pass
; Pass to access the webservice of manageurs.com
pass           = ""

; $globals->webservice->pass_ax
; Passphrase to use to access the webservice of the AX
pass_ax        = ""

; $globals->webservice->hsot_ax
; Host of the webservice of the AX
host_ax        = "https://www.polytechniciens.com/"

; $globals->webservice->private_key_ax
; Path to the private key used for authentication with the webservice of the AX
private_key_ax = ""


; The xnet section contains parameters for Polytechnique.net
[Xnet]

; $globals->xnet->secret
; Authentication key to use to authenticate users with Polytechnique.org
secret       = ""

; $globals->xnet->auth_baseurl
; Baseur of the site used to perform authentication
auth_baseurl = ""

; $globals->xnet->evts_domain
; Domain address where the aliases containing the list of (non-)subscribers
; of an event are created.
evts_domain  = ""

; The merge section contains parameters about the merge's state.
[Merge]

; $globals->merge->state
; Pending before the merge, done afterwards.
state = "pending"