[dotclear.git] / class.xorg.auth.php

<?php

require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';

class xorgAuth extends dcAuth {
  private $forceSU = false;

  public $xorg_infos = array('forlife' => null,
                             'prenom' => null,
                             'nom' => null);

  public function __construct(&$core) {
    parent::__construct($core);
  }

  private function buildFromSession() {
    global $core;
    if (!isset($core) || !isset($core->session)) {
      return;
    }
    $core->session->start();
    if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
      foreach ($this->xorg_infos as $key => $val) {
        $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
      }
      $this->user_id = $_SESSION['auth-xorg'];
      parent::checkUser($this->user_id);
    }
  }

  public function callXorg($path = null) {
    if (is_null($path)) {
      $path = $_SERVER['REQUEST_URI'];
    }
    $this->buildFromSession();
    if (@$_SESSION['auth-xorg']) {
      return true;
    }
    global $core;
    $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
    $url = "https://www.polytechnique.org/auth-groupex/utf8";
    $url .= "?session=" . session_id();
    $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
    $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
    $url .= "&url=" . urlencode($core->blog->url . "auth/XorgReturn?path=" . $path);
    session_write_close();
    header("Location: $url");
    exit;
  }

  private function acquireAdminRights() {
    $this->forceSU = true;
  }

  private function releaseAdminRights() {
    $this->forceSU = false;
  }

  private function createUser() {
    global $core;
    $this->acquireAdminRights();
    if (!$core->userExists($_SESSION['auth-xorg'])) {
      $cur = new cursor($this->con, 'dc_user');
      $cur->user_id = $_SESSION['auth-xorg'];
      $cur->user_pwd = md5(rand());
      $cur->user_lang = 'fr';
      $cur->user_name = $_SESSION['auth-xorg-nom'];
      $cur->user_firstname = $_SESSION['auth-xorg-prenom'];
      $cur->user_displayname = $cur->user_firstname . ' ' . $cur->user_name;
      $cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
      $cur->user_options = $core->userDefaults();
      $cur->user_default_blog = 'default'; // FIXME
      $core->addUser($cur);
      $core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true,
                                                                             'contentadmin' => true,
                                                                             'admin' => true));
    }
    $this->releaseAdminRights();
  }

  public function returnXorg() {
    if (!isset($_GET['auth'])) {
      return false;
    }
    $params = '';
    global $core;
    $core->session->start();
    foreach($this->xorg_infos as $key => $val) {
      if(!isset($_GET[$key])) {
        return false;
      }
      $_SESSION['auth-xorg-' . $key] = $_GET[$key];
      $params .= $_GET[$key];
    }
    if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
      unset($_GET['auth']);
      $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
		  $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
      $_SESSION['sess_blog_id'] = 'default';
      $this->createUser();
      header("Location: http://murphy.m4x.org" . $_GET['path']);
      exit;
    }
    unset($_SESSION['auth-xorg']);
    unset($_SESSION['sess_user_id']);
    unset($_GET['auth']);
    echo "Failed !!!";
    return false;
  }

  public function killSession() {
    global $core;
    $core->session->start();
    $core->session->destroy();
    header('Location: ' . $core->blog->url);
    exit;
  }

  public function checkUser($user_id, $pwd = null, $user_key = null) {
    return $this->callXorg();
  }

  public function check($permissions, $blog_id) {
    $this->buildFromSession();
    return parent::check($permissions, $blog_id);
  }

  public function allowPassChange() {
    return false;
  }

  public function userID() {
    $this->buildFromSession();
    return parent::userID();
  }

  public function getPermissions() {
    $this->buildFromSession();
    return parent::getPermissions();
  }

  public function getInfo($n) {
    $this->buildFromSession();
    return parent::getInfo($n);
  }

  public function getOption($n) {
    $this->buildFromSession();
    return parent::getOption($n);
  }

  public function isSuperAdmin() {
    return $this->forceSU || ($this->user_id == 'florent.bruneau.2003');
  }

  public function getOptions() {
    $this->buildFromSession();
    return parent::getOptions();
  }
}

?>
Commit	Line	Data
3f6bc75f FB	1	<?php
	2
	3	require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';
	4
	5	class xorgAuth extends dcAuth {
a1a69528 FB	6	private $forceSU = false;
a1a69528 FB	7
1759942c FB	8	public $xorg_infos = array('forlife' => null,
	9	'prenom' => null,
	10	'nom' => null);
	11
e105d162 FB	12	public function __construct(&$core) {
	13	parent::__construct($core);
	14	}
	15
	16	private function buildFromSession() {
	17	global $core;
	18	if (!isset($core) \|\| !isset($core->session)) {
	19	return;
	20	}
	21	$core->session->start();
	22	if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
1759942c FB	23	foreach ($this->xorg_infos as $key => $val) {
	24	$this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
	25	}
a1a69528	26	$this->user_id = $_SESSION['auth-xorg'];
16237aee	27	parent::checkUser($this->user_id);
1759942c FB	28	}
	29	}
	30
e105d162 FB	31	public function callXorg($path = null) {
	32	if (is_null($path)) {
	33	$path = $_SERVER['REQUEST_URI'];
	34	}
	35	$this->buildFromSession();
be74d9bd	36	if (@$_SESSION['auth-xorg']) {
e105d162	37	return true;
be74d9bd	38	}
9d447124	39	global $core;
be74d9bd FB	40	$_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
	41	$url = "https://www.polytechnique.org/auth-groupex/utf8";
	42	$url .= "?session=" . session_id();
	43	$url .= "&challenge=" . $_SESSION["auth-x-challenge"];
	44	$url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
9d447124	45	$url .= "&url=" . urlencode($core->blog->url . "auth/XorgReturn?path=" . $path);
be74d9bd FB	46	session_write_close();
	47	header("Location: $url");
	48	exit;
	49	}
	50
a1a69528 FB	51	private function acquireAdminRights() {
	52	$this->forceSU = true;
	53	}
	54
	55	private function releaseAdminRights() {
	56	$this->forceSU = false;
	57	}
	58
	59	private function createUser() {
	60	global $core;
	61	$this->acquireAdminRights();
	62	if (!$core->userExists($_SESSION['auth-xorg'])) {
	63	$cur = new cursor($this->con, 'dc_user');
	64	$cur->user_id = $_SESSION['auth-xorg'];
	65	$cur->user_pwd = md5(rand());
	66	$cur->user_lang = 'fr';
	67	$cur->user_name = $_SESSION['auth-xorg-nom'];
	68	$cur->user_firstname = $_SESSION['auth-xorg-prenom'];
16237aee	69	$cur->user_displayname = $cur->user_firstname . ' ' . $cur->user_name;
a1a69528	70	$cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org';
abb4dd42 FB	71	$cur->user_options = $core->userDefaults();
abb4dd42 FB	72	$cur->user_default_blog = 'default'; // FIXME
a1a69528	73	$core->addUser($cur);
abb4dd42 FB	74	$core->setUserBlogPermissions($_SESSION['auth-xorg'], 'default', array('usage' => true,
	75	'contentadmin' => true,
	76	'admin' => true));
a1a69528 FB	77	}
	78	$this->releaseAdminRights();
	79	}
	80
be74d9bd FB	81	public function returnXorg() {
	82	if (!isset($_GET['auth'])) {
	83	return false;
	84	}
	85	$params = '';
e105d162 FB	86	global $core;
e105d162 FB	87	$core->session->start();
be74d9bd FB	88	foreach($this->xorg_infos as $key => $val) {
	89	if(!isset($_GET[$key])) {
	90	return false;
	91	}
	92	$_SESSION['auth-xorg-' . $key] = $_GET[$key];
be74d9bd FB	93	$params .= $_GET[$key];
	94	}
	95	if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
	96	unset($_GET['auth']);
a1a69528 FB	97	$_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
	98	$_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY);
	99	$_SESSION['sess_blog_id'] = 'default';
	100	$this->createUser();
c0556a51	101	header("Location: http://murphy.m4x.org" . $_GET['path']);
e105d162	102	exit;
be74d9bd	103	}
a1a69528 FB	104	unset($_SESSION['auth-xorg']);
a1a69528 FB	105	unset($_SESSION['sess_user_id']);
be74d9bd	106	unset($_GET['auth']);
e105d162	107	echo "Failed !!!";
be74d9bd FB	108	return false;
	109	}
	110
	111	public function killSession() {
e105d162 FB	112	global $core;
	113	$core->session->start();
	114	$core->session->destroy();
9d447124	115	header('Location: ' . $core->blog->url);
be74d9bd FB	116	exit;
be74d9bd FB	117	}
a1a69528	118
ccfabbd3	119	public function checkUser($user_id, $pwd = null, $user_key = null) {
16237aee	120	return $this->callXorg();
ccfabbd3 FB	121	}
	122
	123	public function check($permissions, $blog_id) {
	124	$this->buildFromSession();
	125	return parent::check($permissions, $blog_id);
	126	}
	127
a1a69528 FB	128	public function allowPassChange() {
	129	return false;
	130	}
	131
	132	public function userID() {
	133	$this->buildFromSession();
ccfabbd3	134	return parent::userID();
a1a69528 FB	135	}
	136
	137	public function getPermissions() {
ccfabbd3 FB	138	$this->buildFromSession();
ccfabbd3 FB	139	return parent::getPermissions();
a1a69528 FB	140	}
	141
	142	public function getInfo($n) {
ccfabbd3 FB	143	$this->buildFromSession();
ccfabbd3 FB	144	return parent::getInfo($n);
abb4dd42 FB	145	}
	146
	147	public function getOption($n) {
ccfabbd3 FB	148	$this->buildFromSession();
ccfabbd3 FB	149	return parent::getOption($n);
a1a69528 FB	150	}
	151
	152	public function isSuperAdmin() {
abb4dd42 FB	153	return $this->forceSU \|\| ($this->user_id == 'florent.bruneau.2003');
	154	}
	155
	156	public function getOptions() {
ccfabbd3 FB	157	$this->buildFromSession();
ccfabbd3 FB	158	return parent::getOptions();
a1a69528	159	}
3f6bc75f FB	160	}
	161
	162	?>