Use $core->blog->url when possible.
[dotclear.git] / class.xorg.auth.php
CommitLineData
3f6bc75f
FB
1<?php
2
3require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';
4
5class xorgAuth extends dcAuth {
a1a69528
FB
6 private $forceSU = false;
7
1759942c
FB
8 public $xorg_infos = array('forlife' => null,
9 'prenom' => null,
10 'nom' => null);
11
e105d162
FB
12 public function __construct(&$core) {
13 parent::__construct($core);
14 }
15
16 private function buildFromSession() {
17 global $core;
18 if (!isset($core) || !isset($core->session)) {
19 return;
20 }
21 $core->session->start();
22 if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
1759942c
FB
23 foreach ($this->xorg_infos as $key => $val) {
24 $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
25 }
a1a69528 26 $this->user_id = $_SESSION['auth-xorg'];
16237aee 27 parent::checkUser($this->user_id);
1759942c
FB
28 }
29 }
30
e105d162
FB
31 public function callXorg($path = null) {
32 if (is_null($path)) {
33 $path = $_SERVER['REQUEST_URI'];
34 }
35 $this->buildFromSession();
be74d9bd 36 if (@$_SESSION['auth-xorg']) {
e105d162 37 return true;
be74d9bd 38 }
9d447124 39 global $core;
be74d9bd
FB
40 $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
41 $url = "https://www.polytechnique.org/auth-groupex/utf8";
42 $url .= "?session=" . session_id();
43 $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
44 $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
9d447124 45 $url .= "&url=" . urlencode($core->blog->url . "auth/XorgReturn?path=" . $path);
be74d9bd
FB
46 session_write_close();
47 header("Location: $url");
48 exit;
49 }
50
a1a69528
FB
51 private function acquireAdminRights() {
52 $this->forceSU = true;
53 }
54
55 private function releaseAdminRights() {
56 $this->forceSU = false;
57 }
58
59 private function createUser() {
60 global $core;
61 $this->acquireAdminRights();
62 if (!$core->userExists($_SESSION['auth-xorg'])) {
63 $cur = new cursor($this->con, 'dc_user');
64 $cur->user_id = $_SESSION['auth-xorg'];
65 $cur->user_pwd = md5(rand());
66 $cur->user_lang = 'fr';
67 $cur->user_name = $_SESSION['auth-xorg-nom'];
68 $cur->user_firstname = $_SESSION['auth-xorg-prenom'];
16237aee 69 $cur->user_displayname = $cur->user_firstname . ' ' . $cur->user_name;
a1a69528 70 $cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
abb4dd42
FB
71 $cur->user_options = $core->userDefaults();
72 $cur->user_default_blog = 'default'; // FIXME
a1a69528 73 $core->addUser($cur);
abb4dd42
FB
74 $core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true,
75 'contentadmin' => true,
76 'admin' => true));
a1a69528
FB
77 }
78 $this->releaseAdminRights();
79 }
80
be74d9bd
FB
81 public function returnXorg() {
82 if (!isset($_GET['auth'])) {
83 return false;
84 }
85 $params = '';
e105d162
FB
86 global $core;
87 $core->session->start();
be74d9bd
FB
88 foreach($this->xorg_infos as $key => $val) {
89 if(!isset($_GET[$key])) {
90 return false;
91 }
92 $_SESSION['auth-xorg-' . $key] = $_GET[$key];
be74d9bd
FB
93 $params .= $_GET[$key];
94 }
95 if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
96 unset($_GET['auth']);
a1a69528
FB
97 $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
98 $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
99 $_SESSION['sess_blog_id'] = 'default';
100 $this->createUser();
c0556a51 101 header("Location: http://murphy.m4x.org" . $_GET['path']);
e105d162 102 exit;
be74d9bd 103 }
a1a69528
FB
104 unset($_SESSION['auth-xorg']);
105 unset($_SESSION['sess_user_id']);
be74d9bd 106 unset($_GET['auth']);
e105d162 107 echo "Failed !!!";
be74d9bd
FB
108 return false;
109 }
110
111 public function killSession() {
e105d162
FB
112 global $core;
113 $core->session->start();
114 $core->session->destroy();
9d447124 115 header('Location: ' . $core->blog->url);
be74d9bd
FB
116 exit;
117 }
a1a69528 118
ccfabbd3 119 public function checkUser($user_id, $pwd = null, $user_key = null) {
16237aee 120 return $this->callXorg();
ccfabbd3
FB
121 }
122
123 public function check($permissions, $blog_id) {
124 $this->buildFromSession();
125 return parent::check($permissions, $blog_id);
126 }
127
a1a69528
FB
128 public function allowPassChange() {
129 return false;
130 }
131
132 public function userID() {
133 $this->buildFromSession();
ccfabbd3 134 return parent::userID();
a1a69528
FB
135 }
136
137 public function getPermissions() {
ccfabbd3
FB
138 $this->buildFromSession();
139 return parent::getPermissions();
a1a69528
FB
140 }
141
142 public function getInfo($n) {
ccfabbd3
FB
143 $this->buildFromSession();
144 return parent::getInfo($n);
abb4dd42
FB
145 }
146
147 public function getOption($n) {
ccfabbd3
FB
148 $this->buildFromSession();
149 return parent::getOption($n);
a1a69528
FB
150 }
151
152 public function isSuperAdmin() {
abb4dd42
FB
153 return $this->forceSU || ($this->user_id == 'florent.bruneau.2003');
154 }
155
156 public function getOptions() {
ccfabbd3
FB
157 $this->buildFromSession();
158 return parent::getOptions();
a1a69528 159 }
3f6bc75f
FB
160}
161
162?>