[dotclear.git] / class.xorg.auth.php

<?php

require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';

class xorgAuth extends dcAuth {
  private $forceSU = false;

  public $xorg_infos = array('forlife' => null,
                             'prenom' => null,
                             'nom' => null);

  public function __construct(&$core) {
    parent::__construct($core);
  }

  private function buildFromSession() {
    global $core;
    if (!isset($core) || !isset($core->session)) {
      return;
    }
    $core->session->start();
    if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
      foreach ($this->xorg_infos as $key => $val) {
        $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
      }
      $this->user_id = $_SESSION['auth-xorg'];
      parent::checkUser($this->user_id);
    }
  }

  public function callXorg($path = null) {
    if (is_null($path)) {
      $path = $_SERVER['REQUEST_URI'];
    }
    $this->buildFromSession();
    if (@$_SESSION['auth-xorg']) {
      return true;
    }
    $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
    $url = "https://www.polytechnique.org/auth-groupex/utf8";
    $url .= "?session=" . session_id();
    $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
    $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
    $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $path);
    session_write_close();
    header("Location: $url");
    exit;
  }

  private function acquireAdminRights() {
    $this->forceSU = true;
  }

  private function releaseAdminRights() {
    $this->forceSU = false;
  }

  private function createUser() {
    global $core;
    $this->acquireAdminRights();
    if (!$core->userExists($_SESSION['auth-xorg'])) {
      $cur = new cursor($this->con, 'dc_user');
      $cur->user_id = $_SESSION['auth-xorg'];
      $cur->user_pwd = md5(rand());
      $cur->user_lang = 'fr';
      $cur->user_name = $_SESSION['auth-xorg-nom'];
      $cur->user_firstname = $_SESSION['auth-xorg-prenom'];
      $cur->user_displayname = $cur->user_firstname . ' ' . $cur->user_name;
      $cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
      $cur->user_options = $core->userDefaults();
      $cur->user_default_blog = 'default'; // FIXME
      $core->addUser($cur);
      $core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true,
                                                                             'contentadmin' => true,
                                                                             'admin' => true));
    }
    $this->releaseAdminRights();
  }

  public function returnXorg() {
    if (!isset($_GET['auth'])) {
      return false;
    }
    $params = '';
    global $core;
    $core->session->start();
    foreach($this->xorg_infos as $key => $val) {
      if(!isset($_GET[$key])) {
        return false;
      }
      $_SESSION['auth-xorg-' . $key] = $_GET[$key];
      $params .= $_GET[$key];
    }
    if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
      unset($_GET['auth']);
      $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
		  $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
      $_SESSION['sess_blog_id'] = 'default';
      $this->createUser();
      header("Location: http://murphy.m4x.org" . $_GET['path']);
      exit;
    }
    unset($_SESSION['auth-xorg']);
    unset($_SESSION['sess_user_id']);
    unset($_GET['auth']);
    echo "Failed !!!";
    return false;
  }

  public function killSession() {
    global $core;
    $core->session->start();
    $core->session->destroy();
    header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
    exit;
  }

  public function checkUser($user_id, $pwd = null, $user_key = null) {
    return $this->callXorg();
  }

  public function check($permissions, $blog_id) {
    $this->buildFromSession();
    return parent::check($permissions, $blog_id);
  }

  public function allowPassChange() {
    return false;
  }

  public function userID() {
    $this->buildFromSession();
    return parent::userID();
  }

  public function getPermissions() {
    $this->buildFromSession();
    return parent::getPermissions();
  }

  public function getInfo($n) {
    $this->buildFromSession();
    return parent::getInfo($n);
  }

  public function getOption($n) {
    $this->buildFromSession();
    return parent::getOption($n);
  }

  public function isSuperAdmin() {
    return $this->forceSU || ($this->user_id == 'florent.bruneau.2003');
  }

  public function getOptions() {
    $this->buildFromSession();
    return parent::getOptions();
  }
}

?>
Commit	Line	Data
3f6bc75f FB	1	<?php
	2
	3	require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';
	4
	5	class xorgAuth extends dcAuth {
a1a69528 FB	6	private $forceSU = false;
a1a69528 FB	7
1759942c FB	8	public $xorg_infos = array('forlife' => null,
	9	'prenom' => null,
	10	'nom' => null);
	11
e105d162 FB	12	public function __construct(&$core) {
	13	parent::__construct($core);
	14	}
	15
	16	private function buildFromSession() {
	17	global $core;
	18	if (!isset($core) \|\| !isset($core->session)) {
	19	return;
	20	}
	21	$core->session->start();
	22	if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
1759942c FB	23	foreach ($this->xorg_infos as $key => $val) {
	24	$this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
	25	}
a1a69528	26	$this->user_id = $_SESSION['auth-xorg'];
16237aee	27	parent::checkUser($this->user_id);
1759942c FB	28	}
	29	}
	30
e105d162 FB	31	public function callXorg($path = null) {
	32	if (is_null($path)) {
	33	$path = $_SERVER['REQUEST_URI'];
	34	}
	35	$this->buildFromSession();
be74d9bd	36	if (@$_SESSION['auth-xorg']) {
e105d162	37	return true;
be74d9bd FB	38	}
	39	$_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
	40	$url = "https://www.polytechnique.org/auth-groupex/utf8";
	41	$url .= "?session=" . session_id();
	42	$url .= "&challenge=" . $_SESSION["auth-x-challenge"];
	43	$url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
03bc7383	44	$url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $path);
be74d9bd FB	45	session_write_close();
	46	header("Location: $url");
	47	exit;
	48	}
	49
a1a69528 FB	50	private function acquireAdminRights() {
	51	$this->forceSU = true;
	52	}
	53
	54	private function releaseAdminRights() {
	55	$this->forceSU = false;
	56	}
	57
	58	private function createUser() {
	59	global $core;
	60	$this->acquireAdminRights();
	61	if (!$core->userExists($_SESSION['auth-xorg'])) {
	62	$cur = new cursor($this->con, 'dc_user');
	63	$cur->user_id = $_SESSION['auth-xorg'];
	64	$cur->user_pwd = md5(rand());
	65	$cur->user_lang = 'fr';
	66	$cur->user_name = $_SESSION['auth-xorg-nom'];
	67	$cur->user_firstname = $_SESSION['auth-xorg-prenom'];
16237aee	68	$cur->user_displayname = $cur->user_firstname . ' ' . $cur->user_name;
a1a69528	69	$cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
abb4dd42 FB	70	$cur->user_options = $core->userDefaults();
abb4dd42 FB	71	$cur->user_default_blog = 'default'; // FIXME
a1a69528	72	$core->addUser($cur);
abb4dd42 FB	73	$core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true,
	74	'contentadmin' => true,
	75	'admin' => true));
a1a69528 FB	76	}
	77	$this->releaseAdminRights();
	78	}
	79
be74d9bd FB	80	public function returnXorg() {
	81	if (!isset($_GET['auth'])) {
	82	return false;
	83	}
	84	$params = '';
e105d162 FB	85	global $core;
e105d162 FB	86	$core->session->start();
be74d9bd FB	87	foreach($this->xorg_infos as $key => $val) {
	88	if(!isset($_GET[$key])) {
	89	return false;
	90	}
	91	$_SESSION['auth-xorg-' . $key] = $_GET[$key];
be74d9bd FB	92	$params .= $_GET[$key];
	93	}
	94	if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
	95	unset($_GET['auth']);
a1a69528 FB	96	$_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
	97	$_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
	98	$_SESSION['sess_blog_id'] = 'default';
	99	$this->createUser();
c0556a51	100	header("Location: http://murphy.m4x.org" . $_GET['path']);
e105d162	101	exit;
be74d9bd	102	}
a1a69528 FB	103	unset($_SESSION['auth-xorg']);
a1a69528 FB	104	unset($_SESSION['sess_user_id']);
be74d9bd	105	unset($_GET['auth']);
e105d162	106	echo "Failed !!!";
be74d9bd FB	107	return false;
	108	}
	109
	110	public function killSession() {
e105d162 FB	111	global $core;
	112	$core->session->start();
	113	$core->session->destroy();
be74d9bd FB	114	header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
	115	exit;
	116	}
a1a69528	117
ccfabbd3	118	public function checkUser($user_id, $pwd = null, $user_key = null) {
16237aee	119	return $this->callXorg();
ccfabbd3 FB	120	}
	121
	122	public function check($permissions, $blog_id) {
	123	$this->buildFromSession();
	124	return parent::check($permissions, $blog_id);
	125	}
	126
a1a69528 FB	127	public function allowPassChange() {
	128	return false;
	129	}
	130
	131	public function userID() {
	132	$this->buildFromSession();
ccfabbd3	133	return parent::userID();
a1a69528 FB	134	}
	135
	136	public function getPermissions() {
ccfabbd3 FB	137	$this->buildFromSession();
ccfabbd3 FB	138	return parent::getPermissions();
a1a69528 FB	139	}
	140
	141	public function getInfo($n) {
ccfabbd3 FB	142	$this->buildFromSession();
ccfabbd3 FB	143	return parent::getInfo($n);
abb4dd42 FB	144	}
	145
	146	public function getOption($n) {
ccfabbd3 FB	147	$this->buildFromSession();
ccfabbd3 FB	148	return parent::getOption($n);
a1a69528 FB	149	}
	150
	151	public function isSuperAdmin() {
abb4dd42 FB	152	return $this->forceSU \|\| ($this->user_id == 'florent.bruneau.2003');
	153	}
	154
	155	public function getOptions() {
ccfabbd3 FB	156	$this->buildFromSession();
ccfabbd3 FB	157	return parent::getOptions();
a1a69528	158	}
3f6bc75f FB	159	}
	160
	161	?>