Commit | Line | Data |
---|---|---|
3f6bc75f FB |
1 | <?php |
2 | ||
3 | require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php'; | |
4 | ||
5 | class xorgAuth extends dcAuth { | |
1759942c FB |
6 | public $xorg_infos = array('forlife' => null, |
7 | 'prenom' => null, | |
8 | 'nom' => null); | |
9 | ||
e105d162 FB |
10 | public function __construct(&$core) { |
11 | parent::__construct($core); | |
12 | } | |
13 | ||
14 | private function buildFromSession() { | |
15 | global $core; | |
16 | if (!isset($core) || !isset($core->session)) { | |
17 | return; | |
18 | } | |
19 | $core->session->start(); | |
20 | if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) { | |
1759942c FB |
21 | foreach ($this->xorg_infos as $key => $val) { |
22 | $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key]; | |
23 | } | |
24 | } | |
25 | } | |
26 | ||
3f6bc75f | 27 | public function checkUser($user_id, $pwd = null, $user_key = null) { |
e105d162 | 28 | return $this->callXorg(); |
3f6bc75f FB |
29 | // echo "checking auth for " . $user_id; |
30 | return parent::checkUser($user_id, $pwd, $user_key); | |
31 | } | |
32 | ||
33 | public function check($permissions, $blog_id) { | |
e105d162 | 34 | $this->buildFromSession(); |
1759942c | 35 | // echo "Checking right to view $permissions on $blog_id"; |
3f6bc75f FB |
36 | return parent::check($permissions, $blog_id); |
37 | } | |
be74d9bd | 38 | |
e105d162 FB |
39 | public function callXorg($path = null) { |
40 | if (is_null($path)) { | |
41 | $path = $_SERVER['REQUEST_URI']; | |
42 | } | |
43 | $this->buildFromSession(); | |
be74d9bd | 44 | if (@$_SESSION['auth-xorg']) { |
e105d162 | 45 | return true; |
be74d9bd FB |
46 | } |
47 | $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1)); | |
48 | $url = "https://www.polytechnique.org/auth-groupex/utf8"; | |
49 | $url .= "?session=" . session_id(); | |
50 | $url .= "&challenge=" . $_SESSION["auth-x-challenge"]; | |
51 | $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY); | |
52 | $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $_GET['path']); | |
53 | session_write_close(); | |
54 | header("Location: $url"); | |
55 | exit; | |
56 | } | |
57 | ||
58 | public function returnXorg() { | |
59 | if (!isset($_GET['auth'])) { | |
60 | return false; | |
61 | } | |
62 | $params = ''; | |
e105d162 FB |
63 | global $core; |
64 | $core->session->start(); | |
be74d9bd FB |
65 | foreach($this->xorg_infos as $key => $val) { |
66 | if(!isset($_GET[$key])) { | |
67 | return false; | |
68 | } | |
69 | $_SESSION['auth-xorg-' . $key] = $_GET[$key]; | |
be74d9bd FB |
70 | $params .= $_GET[$key]; |
71 | } | |
72 | if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) { | |
73 | unset($_GET['auth']); | |
74 | $_SESSION['auth-xorg'] = $_GET['forlife']; | |
c0556a51 | 75 | header("Location: http://murphy.m4x.org" . $_GET['path']); |
e105d162 | 76 | exit; |
be74d9bd FB |
77 | } |
78 | $_SESSION['auth-xorg'] = null; | |
79 | unset($_GET['auth']); | |
e105d162 | 80 | echo "Failed !!!"; |
be74d9bd FB |
81 | return false; |
82 | } | |
83 | ||
84 | public function killSession() { | |
e105d162 FB |
85 | global $core; |
86 | $core->session->start(); | |
87 | $core->session->destroy(); | |
be74d9bd FB |
88 | header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/'); |
89 | exit; | |
90 | } | |
3f6bc75f FB |
91 | } |
92 | ||
93 | ?> |