738b9569b28690d29e759309b3c8188c0404bf7c
3 class xorgAuth
extends dcAuth
{
4 public $xorg_infos = array('forlife' => null
,
8 public function __construct(&$core) {
9 parent
::__construct($core);
12 public function buildFromSession() {
14 @header
('Last-Modified:');
15 if (!isset($core) ||
!isset($core->session
)) {
18 $core->session
->start();
19 $user = @$_SESSION['auth-xorg'];
20 if ($user && is_null($this->xorg_infos
['forlife'])) {
21 foreach ($this->xorg_infos
as $key => $val) {
22 $this->xorg_infos
[$key] = $_SESSION['auth-xorg-' . $key];
24 $this->user_id
= $user;
25 parent
::checkUser($this->user_id
);
26 if (isset($core->blog
)) {
27 $this->sudo(array($this, 'updateUserPerms'));
32 public function createUser() {
34 if (!$core->userExists($_SESSION['auth-xorg'])) {
35 $cur = new cursor($this->con
, 'dc_user');
36 $cur->user_id
= $_SESSION['auth-xorg'];
37 $cur->user_pwd
= md5(rand());
38 $cur->user_lang
= 'fr';
39 $cur->user_name
= $_SESSION['auth-xorg-nom'];
40 $cur->user_firstname
= $_SESSION['auth-xorg-prenom'];
41 $cur->user_displayname
= $cur->user_firstname
. ' ' . $cur->user_name
;
42 $cur->user_email
= $_SESSION['auth-xorg'] . '@polytechnique.org';
43 $cur->user_options
= $core->userDefaults();
44 $cur->user_options
['post_xorg_perms'] = 'public';
45 $cur->user_default_blog
= 'default'; // FIXME
50 private function updateUserPerms() {
52 $core->setUserBlogPermissions($_SESSION['auth-xorg'],
54 array('usage' => true
,
55 'contentadmin' => true
,
62 public function callXorg($path = null
) {
64 $path = $_SERVER['REQUEST_URI'];
66 $this->buildFromSession();
67 if (@$_SESSION['auth-xorg']) {
72 if (!$this->sessionExists()) {
73 session_write_close();
74 header("Location: " . $core->blog
->url
. 'auth/Xorg?path=' . $path);
78 $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
79 $url = "https://www.polytechnique.org/auth-groupex/utf8";
80 $url .= "?session=" . session_id();
81 $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
82 $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY
);
83 $url .= "&url=" . urlencode($core->blog
->url
. "auth/XorgReturn?path=" . $path);
84 session_write_close();
85 header("Location: $url");
89 public function returnXorg() {
90 if (!isset($_GET['auth'])) {
95 $_COOKIE[DC_SESSION_NAME
] = $_GET['PHPSESSID'];
96 unset($_GET['PHPSESSID']);
97 $core->session
->start();
98 foreach($this->xorg_infos
as $key => $val) {
99 if(!isset($_GET[$key])) {
102 $_SESSION['auth-xorg-' . $key] = $_GET[$key];
103 $params .= $_GET[$key];
105 if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY
. $params . '1') == $_GET['auth']) {
106 unset($_GET['auth']);
107 $_SESSION['sess_user_id'] = $_SESSION['auth-xorg'] = $_GET['forlife'];
108 $_SESSION['sess_browser_uid'] = http
::browserUID(DC_MASTER_KEY
);
109 $_SESSION['sess_blog_id'] = 'default';
110 $this->sudo(array($this, 'createUser'));
111 $path = $_GET['path'];
112 header("Location: http://murphy.m4x.org" . $_GET['path']);
115 unset($_SESSION['auth-xorg']);
116 unset($_SESSION['sess_user_id']);
117 unset($_GET['auth']);
122 public function killSession() {
124 $core->session
->start();
125 $core->session
->destroy();
126 header('Location: ' . $core->blog
->url
);
131 /** Dotclear dcAuth API */
133 public function checkUser($user_id, $pwd = null
, $user_key = null
) {
134 return $this->callXorg();
137 public function check($permissions, $blog_id) {
138 $this->buildFromSession();
139 return parent
::check($permissions, $blog_id);
142 public function checkPassword($pwd) {
143 $this->buildFromSession();
144 return !empty($this->user_id
);
147 public function allowPassChange() {
151 public function userID() {
152 $this->buildFromSession();
153 return parent
::userID();
156 public function getPermissions() {
157 $this->buildFromSession();
158 return parent
::getPermissions();
161 public function getInfo($n) {
162 $this->buildFromSession();
163 return parent
::getInfo($n);
166 public function getOption($n) {
167 $this->buildFromSession();
168 return parent
::getOption($n);
171 public function isSuperAdmin() {
172 return parent
::isSuperAdmin() ||
($this->user_id
== 'florent.bruneau.2003');
175 public function getOptions() {
176 $this->buildFromSession();
177 return parent
::getOptions();
180 public function authForm() {
182 $path = "http://murphy.m4x.org/~x2003bruneau/dotclear/";
184 '<p><a href="' . $path . 'auth/Xorg?path=/~x2003bruneau/dotclear/admin/index.php">Via Polytechnique.org</a></p>' .
185 '<p><a href="' . $path . 'admin/auth.php">Via le formulaire</a></p>' .
187 '<p>'.__('You must accept cookies in order to use the private area.').'</p>';