class.xorg.auth.php

   1 <?php
   2
   3 require_once dirname(__FILE__) . '/../../inc/core/class.dc.auth.php';
   4
   5 class xorgAuth extends dcAuth {
   6   public $xorg_infos = array('forlife' => null,
   7                              'prenom' => null,
   8                              'nom' => null);
   9
  10   public function __construct() {
  11     @session_start();
  12     if (@$_SESSION['auth-xorg']) {
  13       foreach ($this->xorg_infos as $key => $val) {
  14         $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
  15       }
  16     }
  17   }
  18
  19   public function checkUser($user_id, $pwd = null, $user_key = null) {
  20 //    echo "checking auth for " . $user_id;
  21     return parent::checkUser($user_id, $pwd, $user_key);
  22   }
  23
  24   public function check($permissions, $blog_id) {
  25 //    echo "Checking right to view $permissions on $blog_id";
  26     return parent::check($permissions, $blog_id);
  27   }
  28
  29   public function callXorg() {
  30     if (@$_SESSION['auth-xorg']) {
  31       header("Location: http://murphy.m4x.org/" . $_GET['path']);
  32       return;
  33     }
  34     $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
  35     $url = "https://www.polytechnique.org/auth-groupex/utf8";
  36     $url .= "?session=" . session_id();
  37     $url .= "&challenge=" . $_SESSION["auth-x-challenge"];
  38     $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY);
  39     $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $_GET['path']);
  40     session_write_close();
  41     header("Location: $url");
  42     exit;
  43   }
  44
  45   public function returnXorg() {
  46     if (!isset($_GET['auth'])) {
  47       return false;
  48     }
  49     $params = '';
  50     foreach($this->xorg_infos as $key => $val) {
  51       if(!isset($_GET[$key])) {
  52         return false;
  53       }
  54       $_SESSION['auth-xorg-' . $key] = $_GET[$key];
  55       $this->xorg_infos[$key] = $_GET[$key];
  56       $params .= $_GET[$key];
  57     }
  58     if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
  59       unset($_GET['auth']);
  60       $_SESSION['auth-xorg'] = $_GET['forlife'];
  61       header("Location: http://murphy.m4x.org/" . $_GET['path']);
  62       return true;
  63     }
  64     $_SESSION['auth-xorg'] = null;
  65     unset($_GET['auth']);
  66     return false;
  67   }
  68
  69   public function killSession() {
  70     @session_destroy();
  71     header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
  72     exit;
  73   }
  74 }
  75
  76 ?>