From 1edd3efcc935b94876ab891d21d4ababfa5c0254 Mon Sep 17 00:00:00 2001 From: Florent Bruneau Date: Sun, 25 May 2008 22:23:55 +0200 Subject: [PATCH] Missing files... Signed-off-by: Florent Bruneau --- _admin.php | 10 ++++++++ _public.php | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 _admin.php create mode 100644 _public.php diff --git a/_admin.php b/_admin.php new file mode 100644 index 0000000..1a99bbb --- /dev/null +++ b/_admin.php @@ -0,0 +1,10 @@ +addBehavior('initWidgets', array('xorgAuthWidgetBehavior', 'initWidget')); + +class xorgAuthWidgetBehavior { + public static function initWidget(&$w) { + $w->create('XorgAuth', __('Auth. X.org'), array('xorgAuthWidget','widget')); + } +} + +?> diff --git a/_public.php b/_public.php new file mode 100644 index 0000000..bef7224 --- /dev/null +++ b/_public.php @@ -0,0 +1,82 @@ +url->register('xorgAuth', 'Xorg', '^auth/(.*)$', array('xorgAuthentifier', 'doAuth')); + +class xorgAuthWidget { + static public function widget(&$w) { + global $core; + if ($core->auth->xorg_infos['forlife']) { + return '

Tu es ' . $core->auth->xorg_infos['prenom'] . ' ' . $core->auth->xorg_infos['nom'] . '
' + . 'déconnexion

'; + } else { + return '

M\'authentifier via Polytechnique.org

'; + } + } +} + +class xorgAuthentifier extends dcUrlHandlers { + static public function doAuth($args) { + @session_start(); + switch ($args) { + case 'exit': + self::killSession(); + break; + case 'Xorg': + self::callXorg(); + break; + case 'XorgReturn': + self::returnXorg(); + break; + default: + self::p404(); + } + return; + } + + static protected function callXorg() { + if (@$_SESSION['auth-xorg']) { + header("Location: http://murphy.m4x.org/" . $_GET['path']); + return; + } + $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1)); + $url = "https://www.polytechnique.org/auth-groupex/utf8"; + $url .= "?session=" . session_id(); + $url .= "&challenge=" . $_SESSION["auth-x-challenge"]; + $url .= "&pass=" . md5($_SESSION["auth-x-challenge"] . XORG_AUTH_KEY); + $url .= "&url=http://murphy.m4x.org/~x2003bruneau/dotclear/auth/XorgReturn" . urlencode("?path=" . $_GET['path']); + session_write_close(); + header("Location: $url"); + exit; + } + + static protected function returnXorg() { + if (!isset($_GET['auth'])) { + return false; + } + global $core; + $params = ''; + foreach($core->auth->xorg_infos as $key => $val) { + if(!isset($_GET[$key])) { + return false; + } + $_SESSION['auth-xorg-' . $key] = $_GET[$key]; + $core->auth->xorg_infos[$key] = $_GET[$key]; + $params .= $_GET[$key]; + } + if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) { + unset($_GET['auth']); + $_SESSION['auth-xorg'] = $_GET['forlife']; + header("Location: http://murphy.m4x.org/" . $_GET['path']); + return true; + } + $_SESSION['auth-xorg'] = null; + unset($_GET['auth']); + return false; + } + + static protected function killSession() { + @session_destroy(); + header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/'); + exit; + } +} +?> -- 2.1.4