[dotclear.git] / class.xorg.auth.php

<?php

require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';

class xorgAuth extends dcAuth {
  private $forceSU = false;

  public $xorg_infos = array('forlife' => null,
                             'prenom' => null,
                             'nom' => null);

  public function __construct(&$core) {
    parent::__construct($core);
  }

  private function buildFromSession() {
    global $core;
    if (!isset($core) || !isset($core->session)) {
      return;
    }
    $core->session->start();
    if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
      foreach ($this->xorg_infos as $key => $val) {
        $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
      }
      $this->user_id = $_SESSION['auth-xorg'];
    }
  }

  public function callXorg($path = null) {
    if (is_null($path)) {
      $path = $_SERVER['REQUEST_URI'];
    }
    $this->buildFromSession();
    if (@$_SESSION['auth-xorg']) {
      return true;
    }
    $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
    $url = "https://www.polytechnique.org/auth-groupex/utf8";
    $url .= "?session=" . session_id();
    $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
    $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
    $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $path);
    session_write_close();
    header("Location: $url");
    exit;
  }

  private function acquireAdminRights() {
    $this->forceSU = true;
  }

  private function releaseAdminRights() {
    $this->forceSU = false;
  }

  private function createUser() {
    global $core;
    $this->acquireAdminRights();
    if (!$core->userExists($_SESSION['auth-xorg'])) {
      $cur = new cursor($this->con, 'dc_user');
      $cur->user_id = $_SESSION['auth-xorg'];
      $cur->user_pwd = md5(rand());
      $cur->user_lang = 'fr';
      $cur->user_name = $_SESSION['auth-xorg-nom'];
      $cur->user_firstname = $_SESSION['auth-xorg-prenom'];
      $cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
      $cur->user_options = $core->userDefaults();
      $cur->user_default_blog = 'default'; // FIXME
      $core->addUser($cur);
      $core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true,
                                                                             'contentadmin' => true,
                                                                             'admin' => true));
    }
    $this->releaseAdminRights();
  }

  public function returnXorg() {
    if (!isset($_GET['auth'])) {
      return false;
    }
    $params = '';
    global $core;
    $core->session->start();
    foreach($this->xorg_infos as $key => $val) {
      if(!isset($_GET[$key])) {
        return false;
      }
      $_SESSION['auth-xorg-' . $key] = $_GET[$key];
      $params .= $_GET[$key];
    }
    if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
      unset($_GET['auth']);
      $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
		  $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
      $_SESSION['sess_blog_id'] = 'default';
      $this->createUser();
      header("Location: http://murphy.m4x.org" . $_GET['path']);
      exit;
    }
    unset($_SESSION['auth-xorg']);
    unset($_SESSION['sess_user_id']);
    unset($_GET['auth']);
    echo "Failed !!!";
    return false;
  }

  public function killSession() {
    global $core;
    $core->session->start();
    $core->session->destroy();
    header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
    exit;
  }

  public function checkUser($user_id, $pwd = null, $user_key = null) {
    if (!$this->callXorg() || $user_id != $this->user_id) {
      return false;
    }
    return parent::checkUser($this->user_id);
  }

  public function check($permissions, $blog_id) {
    $this->buildFromSession();
    return parent::check($permissions, $blog_id);
  }

  public function allowPassChange() {
    return false;
  }

  public function userID() {
    $this->buildFromSession();
    return parent::userID();
  }

  public function getPermissions() {
    $this->buildFromSession();
    return parent::getPermissions();
  }

  public function getInfo($n) {
    $this->buildFromSession();
    return parent::getInfo($n);
  }

  public function getOption($n) {
    $this->buildFromSession();
    return parent::getOption($n);
  }

  public function isSuperAdmin() {
    return $this->forceSU || ($this->user_id == 'florent.bruneau.2003');
  }

  public function getOptions() {
    $this->buildFromSession();
    return parent::getOptions();
  }
}

?>
Commit	Line	Data
3f6bc75f FB	1	<?php
	2
	3	require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';
	4
	5	class xorgAuth extends dcAuth {
a1a69528 FB	6	private $forceSU = false;
a1a69528 FB	7
1759942c FB	8	public $xorg_infos = array('forlife' => null,
	9	'prenom' => null,
	10	'nom' => null);
	11
e105d162 FB	12	public function __construct(&$core) {
	13	parent::__construct($core);
	14	}
	15
	16	private function buildFromSession() {
	17	global $core;
	18	if (!isset($core) \|\| !isset($core->session)) {
	19	return;
	20	}
	21	$core->session->start();
	22	if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
1759942c FB	23	foreach ($this->xorg_infos as $key => $val) {
	24	$this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
	25	}
a1a69528	26	$this->user_id = $_SESSION['auth-xorg'];
1759942c FB	27	}
	28	}
	29
e105d162 FB	30	public function callXorg($path = null) {
	31	if (is_null($path)) {
	32	$path = $_SERVER['REQUEST_URI'];
	33	}
	34	$this->buildFromSession();
be74d9bd	35	if (@$_SESSION['auth-xorg']) {
e105d162	36	return true;
be74d9bd FB	37	}
	38	$_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
	39	$url = "https://www.polytechnique.org/auth-groupex/utf8";
	40	$url .= "?session=" . session_id();
	41	$url .= "&challenge=" . $_SESSION["auth-x-challenge"];
	42	$url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
03bc7383	43	$url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $path);
be74d9bd FB	44	session_write_close();
	45	header("Location: $url");
	46	exit;
	47	}
	48
a1a69528 FB	49	private function acquireAdminRights() {
	50	$this->forceSU = true;
	51	}
	52
	53	private function releaseAdminRights() {
	54	$this->forceSU = false;
	55	}
	56
	57	private function createUser() {
	58	global $core;
	59	$this->acquireAdminRights();
	60	if (!$core->userExists($_SESSION['auth-xorg'])) {
	61	$cur = new cursor($this->con, 'dc_user');
	62	$cur->user_id = $_SESSION['auth-xorg'];
	63	$cur->user_pwd = md5(rand());
	64	$cur->user_lang = 'fr';
	65	$cur->user_name = $_SESSION['auth-xorg-nom'];
	66	$cur->user_firstname = $_SESSION['auth-xorg-prenom'];
	67	$cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
abb4dd42 FB	68	$cur->user_options = $core->userDefaults();
abb4dd42 FB	69	$cur->user_default_blog = 'default'; // FIXME
a1a69528	70	$core->addUser($cur);
abb4dd42 FB	71	$core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true,
	72	'contentadmin' => true,
	73	'admin' => true));
a1a69528 FB	74	}
	75	$this->releaseAdminRights();
	76	}
	77
be74d9bd FB	78	public function returnXorg() {
	79	if (!isset($_GET['auth'])) {
	80	return false;
	81	}
	82	$params = '';
e105d162 FB	83	global $core;
e105d162 FB	84	$core->session->start();
be74d9bd FB	85	foreach($this->xorg_infos as $key => $val) {
	86	if(!isset($_GET[$key])) {
	87	return false;
	88	}
	89	$_SESSION['auth-xorg-' . $key] = $_GET[$key];
be74d9bd FB	90	$params .= $_GET[$key];
	91	}
	92	if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
	93	unset($_GET['auth']);
a1a69528 FB	94	$_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
	95	$_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
	96	$_SESSION['sess_blog_id'] = 'default';
	97	$this->createUser();
c0556a51	98	header("Location: http://murphy.m4x.org" . $_GET['path']);
e105d162	99	exit;
be74d9bd	100	}
a1a69528 FB	101	unset($_SESSION['auth-xorg']);
a1a69528 FB	102	unset($_SESSION['sess_user_id']);
be74d9bd	103	unset($_GET['auth']);
e105d162	104	echo "Failed !!!";
be74d9bd FB	105	return false;
	106	}
	107
	108	public function killSession() {
e105d162 FB	109	global $core;
	110	$core->session->start();
	111	$core->session->destroy();
be74d9bd FB	112	header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
	113	exit;
	114	}
a1a69528	115
ccfabbd3 FB	116	public function checkUser($user_id, $pwd = null, $user_key = null) {
	117	if (!$this->callXorg() \|\| $user_id != $this->user_id) {
	118	return false;
	119	}
	120	return parent::checkUser($this->user_id);
	121	}
	122
	123	public function check($permissions, $blog_id) {
	124	$this->buildFromSession();
	125	return parent::check($permissions, $blog_id);
	126	}
	127
a1a69528 FB	128	public function allowPassChange() {
	129	return false;
	130	}
	131
	132	public function userID() {
	133	$this->buildFromSession();
ccfabbd3	134	return parent::userID();
a1a69528 FB	135	}
	136
	137	public function getPermissions() {
ccfabbd3 FB	138	$this->buildFromSession();
ccfabbd3 FB	139	return parent::getPermissions();
a1a69528 FB	140	}
	141
	142	public function getInfo($n) {
ccfabbd3 FB	143	$this->buildFromSession();
ccfabbd3 FB	144	return parent::getInfo($n);
abb4dd42 FB	145	}
	146
	147	public function getOption($n) {
ccfabbd3 FB	148	$this->buildFromSession();
ccfabbd3 FB	149	return parent::getOption($n);
a1a69528 FB	150	}
	151
	152	public function isSuperAdmin() {
abb4dd42 FB	153	return $this->forceSU \|\| ($this->user_id == 'florent.bruneau.2003');
	154	}
	155
	156	public function getOptions() {
ccfabbd3 FB	157	$this->buildFromSession();
ccfabbd3 FB	158	return parent::getOptions();
a1a69528	159	}
3f6bc75f FB	160	}
	161
	162	?>