Commit | Line | Data |
---|---|---|
3f6bc75f FB |
1 | <?php |
2 | ||
3 | require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php'; | |
4 | ||
5 | class xorgAuth extends dcAuth { | |
a1a69528 FB |
6 | private $forceSU = false; |
7 | ||
1759942c FB |
8 | public $xorg_infos = array('forlife' => null, |
9 | 'prenom' => null, | |
10 | 'nom' => null); | |
11 | ||
e105d162 FB |
12 | public function __construct(&$core) { |
13 | parent::__construct($core); | |
14 | } | |
15 | ||
16 | private function buildFromSession() { | |
17 | global $core; | |
18 | if (!isset($core) || !isset($core->session)) { | |
19 | return; | |
20 | } | |
21 | $core->session->start(); | |
22 | if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) { | |
1759942c FB |
23 | foreach ($this->xorg_infos as $key => $val) { |
24 | $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key]; | |
25 | } | |
a1a69528 | 26 | $this->user_id = $_SESSION['auth-xorg']; |
1759942c FB |
27 | } |
28 | } | |
29 | ||
3f6bc75f | 30 | public function checkUser($user_id, $pwd = null, $user_key = null) { |
a1a69528 | 31 | return $this->callXorg() && $user_id == $this->user_id; |
3f6bc75f | 32 | // echo "checking auth for " . $user_id; |
a1a69528 | 33 | // return parent::checkUser($user_id, $pwd, $user_key); |
3f6bc75f FB |
34 | } |
35 | ||
36 | public function check($permissions, $blog_id) { | |
a1a69528 FB |
37 | $this->buildFromSession(); |
38 | return true; | |
1759942c | 39 | // echo "Checking right to view $permissions on $blog_id"; |
a1a69528 | 40 | // return parent::check($permissions, $blog_id); |
3f6bc75f | 41 | } |
be74d9bd | 42 | |
e105d162 FB |
43 | public function callXorg($path = null) { |
44 | if (is_null($path)) { | |
45 | $path = $_SERVER['REQUEST_URI']; | |
46 | } | |
47 | $this->buildFromSession(); | |
be74d9bd | 48 | if (@$_SESSION['auth-xorg']) { |
e105d162 | 49 | return true; |
be74d9bd FB |
50 | } |
51 | $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1)); | |
52 | $url = "https://www.polytechnique.org/auth-groupex/utf8"; | |
53 | $url .= "?session=" . session_id(); | |
54 | $url .= "&challenge=" . $_SESSION["auth-x-challenge"]; | |
55 | $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY); | |
03bc7383 | 56 | $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $path); |
be74d9bd FB |
57 | session_write_close(); |
58 | header("Location: $url"); | |
59 | exit; | |
60 | } | |
61 | ||
a1a69528 FB |
62 | private function acquireAdminRights() { |
63 | $this->forceSU = true; | |
64 | } | |
65 | ||
66 | private function releaseAdminRights() { | |
67 | $this->forceSU = false; | |
68 | } | |
69 | ||
70 | private function createUser() { | |
71 | global $core; | |
72 | $this->acquireAdminRights(); | |
73 | if (!$core->userExists($_SESSION['auth-xorg'])) { | |
74 | $cur = new cursor($this->con, 'dc_user'); | |
75 | $cur->user_id = $_SESSION['auth-xorg']; | |
76 | $cur->user_pwd = md5(rand()); | |
77 | $cur->user_lang = 'fr'; | |
78 | $cur->user_name = $_SESSION['auth-xorg-nom']; | |
79 | $cur->user_firstname = $_SESSION['auth-xorg-prenom']; | |
80 | $cur->user_email = $_SESSION['auth-xorg'] . '@polytechnique.org'; | |
81 | $core->addUser($cur); | |
82 | } | |
83 | $this->releaseAdminRights(); | |
84 | } | |
85 | ||
be74d9bd FB |
86 | public function returnXorg() { |
87 | if (!isset($_GET['auth'])) { | |
88 | return false; | |
89 | } | |
90 | $params = ''; | |
e105d162 FB |
91 | global $core; |
92 | $core->session->start(); | |
be74d9bd FB |
93 | foreach($this->xorg_infos as $key => $val) { |
94 | if(!isset($_GET[$key])) { | |
95 | return false; | |
96 | } | |
97 | $_SESSION['auth-xorg-' . $key] = $_GET[$key]; | |
be74d9bd FB |
98 | $params .= $_GET[$key]; |
99 | } | |
100 | if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) { | |
101 | unset($_GET['auth']); | |
a1a69528 FB |
102 | $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife']; |
103 | $_SESSION['sess_browser_uid'] = http::browserUID(DC_MASTER_KEY); | |
104 | $_SESSION['sess_blog_id'] = 'default'; | |
105 | $this->createUser(); | |
c0556a51 | 106 | header("Location: http://murphy.m4x.org" . $_GET['path']); |
e105d162 | 107 | exit; |
be74d9bd | 108 | } |
a1a69528 FB |
109 | unset($_SESSION['auth-xorg']); |
110 | unset($_SESSION['sess_user_id']); | |
be74d9bd | 111 | unset($_GET['auth']); |
e105d162 | 112 | echo "Failed !!!"; |
be74d9bd FB |
113 | return false; |
114 | } | |
115 | ||
116 | public function killSession() { | |
e105d162 FB |
117 | global $core; |
118 | $core->session->start(); | |
119 | $core->session->destroy(); | |
be74d9bd FB |
120 | header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/'); |
121 | exit; | |
122 | } | |
a1a69528 FB |
123 | |
124 | public function allowPassChange() { | |
125 | return false; | |
126 | } | |
127 | ||
128 | public function userID() { | |
129 | $this->buildFromSession(); | |
130 | return $this->user_id; | |
131 | } | |
132 | ||
133 | public function getPermissions() { | |
134 | return array('default' => array('name' => 'My first blog', | |
135 | 'url' => 'http://murphy.m4x.org/~x2003bruneau/dotclear/', | |
136 | 'permissions' => array('usage' => true, | |
137 | 'contentadmin' => true, | |
138 | 'admin' => true))); | |
139 | } | |
140 | ||
141 | public function getInfo($n) { | |
142 | switch ($n) { | |
143 | case 'user_lang': | |
144 | return "fr"; | |
145 | case 'user_default_blog': | |
146 | return 'default'; | |
147 | case 'user_post_status': | |
148 | return 1; | |
149 | case 'user_tz': | |
150 | return 'UTC'; | |
151 | } | |
152 | echo "$n "; | |
153 | return null; | |
154 | } | |
155 | ||
156 | public function isSuperAdmin() { | |
157 | return $this->forceSU; | |
158 | } | |
3f6bc75f FB |
159 | } |
160 | ||
161 | ?> |