From e105d16244297a1eda475d5e7b9489324b5f1355 Mon Sep 17 00:00:00 2001
From: Florent Bruneau <florent.bruneau@polytechnique.org>
Date: Mon, 26 May 2008 00:13:20 +0200
Subject: [PATCH] Partial rewrite of auth.

Signed-off-by: Florent Bruneau <florent.bruneau@polytechnique.org>
---
 _public.php         |  6 ++++--
 class.xorg.auth.php | 35 ++++++++++++++++++++++++++---------
 2 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/_public.php b/_public.php
index 2b00670..84d05da 100644
--- a/_public.php
+++ b/_public.php
@@ -15,14 +15,16 @@ class xorgAuthWidget {
 
 class xorgAuthentifier extends dcUrlHandlers {
   static public function doAuth($args) {
-    @session_start();
     global $core;
     switch ($args) {
      case 'exit':
       $core->auth->killSession();
       break;
      case 'Xorg':
-      $core->auth->callXorg();
+      if ($core->auth->callXorg($_GET['path'])) {
+        header('Location: http://murphy.m4x.org' . $_GET['path']);
+        exit;
+      }
       break;
      case 'XorgReturn':
       $core->auth->returnXorg();
diff --git a/class.xorg.auth.php b/class.xorg.auth.php
index 4d47927..0b00ae4 100644
--- a/class.xorg.auth.php
+++ b/class.xorg.auth.php
@@ -7,9 +7,17 @@ class xorgAuth extends dcAuth {
                              'prenom' => null,
                              'nom' => null);
 
-  public function __construct() {
-    @session_start();
-    if (@$_SESSION['auth-xorg']) {
+  public function __construct(&$core) {
+    parent::__construct($core);
+  }
+
+  private function buildFromSession() {
+    global $core;
+    if (!isset($core) || !isset($core->session)) {
+      return;
+    }
+    $core->session->start();
+    if (@$_SESSION['auth-xorg'] && is_null($this->xorg_infos['forlife'])) {
       foreach ($this->xorg_infos as $key => $val) {
         $this->xorg_infos[$key] = $_SESSION['auth-xorg-' . $key];
       }
@@ -17,19 +25,24 @@ class xorgAuth extends dcAuth {
   }
 
   public function checkUser($user_id, $pwd = null, $user_key = null) {
+    return $this->callXorg();
 //    echo "checking auth for " . $user_id;
     return parent::checkUser($user_id, $pwd, $user_key);
   }
 
   public function check($permissions, $blog_id) {
+     $this->buildFromSession();
 //    echo "Checking right to view $permissions on $blog_id";
     return parent::check($permissions, $blog_id);
   }
 
-  public function callXorg() {
+  public function callXorg($path = null) {
+    if (is_null($path)) {
+      $path = $_SERVER['REQUEST_URI'];
+    }
+    $this->buildFromSession();
     if (@$_SESSION['auth-xorg']) {
-      header("Location: http://murphy.m4x.org" . $_GET['path']);
-      return;
+      return true;
     }
     $_SESSION["auth-x-challenge"] = md5(uniqid(rand(), 1));
     $url = "https://www.polytechnique.org/auth-groupex/utf8";
@@ -47,27 +60,31 @@ class xorgAuth extends dcAuth {
       return false;
     }
     $params = '';
+    global $core;
+    $core->session->start();
     foreach($this->xorg_infos as $key => $val) {
       if(!isset($_GET[$key])) {
         return false;
       }
       $_SESSION['auth-xorg-' . $key] = $_GET[$key];
-      $this->xorg_infos[$key] = $_GET[$key];
       $params .= $_GET[$key];
     }
     if (md5('1' . $_SESSION['auth-x-challenge'] . XORG_AUTH_KEY . $params . '1') == $_GET['auth']) {
       unset($_GET['auth']);
       $_SESSION['auth-xorg'] = $_GET['forlife'];
       header("Location: http://murphy.m4x.org" . $_GET['path']);
-      return true;
+      exit;
     }
     $_SESSION['auth-xorg'] = null;
     unset($_GET['auth']);
+    echo "Failed !!!";
     return false;
   }
 
   public function killSession() {
-    @session_destroy();
+    global $core;
+    $core->session->start();
+    $core->session->destroy();
     header('Location: http://murphy.m4x.org/~x2003bruneau/dotclear/');
     exit;
   }
-- 
2.1.4