class.xorg.auth.php

   1 <?php
   2
   3 require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';
   4
   5 class xorgAuth extends dcAuth {
   6   public $xorg_infos = array('forlife' => null,
   7                              'prenom' => null,
   8                              'nom' => null);
   9
  10   public function __construct(&$core) {
  11     parent::__construct($core);
  12   }
  13
  14   private function buildFromSession() {
  15     global $core;
  16     if (!isset($core) || !isset($core->session)) {
  17       return;
  18     }
  19     $core->session->start();
  20     if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
  21       foreach ($this->xorg_infos as $key => $val) {
  22         $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
  23       }
  24     }
  25   }
  26
  27   public function checkUser($user_id, $pwd = null, $user_key = null) {
  28     return $this->callXorg();
  29 //    echo "checking auth for " . $user_id;
  30     return parent::checkUser($user_id, $pwd, $user_key);
  31   }
  32
  33   public function check($permissions, $blog_id) {
  34      $this->buildFromSession();
  35 //    echo "Checking right to view $permissions on $blog_id";
  36     return parent::check($permissions, $blog_id);
  37   }
  38
  39   public function callXorg($path = null) {
  40     if (is_null($path)) {
  41       $path = $_SERVER['REQUEST_URI'];
  42     }
  43     $this->buildFromSession();
  44     if (@$_SESSION['auth-xorg']) {
  45       return true;
  46     }
  47     $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
  48     $url = "https://www.polytechnique.org/auth-groupex/utf8";
  49     $url .= "?session=" . session_id();
  50     $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
  51     $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
  52     $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $_GET['path']);
  53     session_write_close();
  54     header("Location: $url");
  55     exit;
  56   }
  57
  58   public function returnXorg() {
  59     if (!isset($_GET['auth'])) {
  60       return false;
  61     }
  62     $params = '';
  63     global $core;
  64     $core->session->start();
  65     foreach($this->xorg_infos as $key => $val) {
  66       if(!isset($_GET[$key])) {
  67         return false;
  68       }
  69       $_SESSION['auth-xorg-' . $key] = $_GET[$key];
  70       $params .= $_GET[$key];
  71     }
  72     if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
  73       unset($_GET['auth']);
  74       $_SESSION['auth-xorg'] = $_GET['forlife'];
  75       header("Location: http://murphy.m4x.org" . $_GET['path']);
  76       exit;
  77     }
  78     $_SESSION['auth-xorg'] = null;
  79     unset($_GET['auth']);
  80     echo "Failed !!!";
  81     return false;
  82   }
  83
  84   public function killSession() {
  85     global $core;
  86     $core->session->start();
  87     $core->session->destroy();
  88     header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
  89     exit;
  90   }
  91 }
  92
  93 ?>