'', SHAREDAPI_EVENT_FIELD_ERROR_MESSAGE => $message, SHAREDAPI_EVENT_FIELD_ERROR_DATA => ''); } /** * Verify listener * * @param array $json array * * @return array */ function vbsso_listener_verify($json) { global $conf; $vbsso = new action_plugin_vbsso(); if (!$conf['useacl']) { return array(SHAREDAPI_EVENT_FIELD_ERROR => $vbsso->getLang('acl_is_off')); } $supported = vbsso_get_supported_api_properties(); $settings = array(); foreach ($supported as $key => $item) { $settings[$key] = $json[$item['field']]; } vbsso_save_platform_settings($settings); return array(SHAREDAPI_EVENT_FIELD_DATA => array(SHAREDAPI_EVENT_FIELD_VERIFY => TRUE)); } /** * User load * * @param array $json array * @param bool $create_user flag * * @return bool */ function vbsso_listener_user_load($json, $create_user = FALSE) { global $vbsso_settings; $auth = (class_exists('auth_plugin_authplain')) ? new auth_plugin_authplain() : new auth_plain(); $usergroups = array(); $plugin_ugs = json_decode($vbsso_settings[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_ASSOC]); foreach (explode(',', $json[SHAREDAPI_EVENT_FIELD_USERGROUPS]) as $ug) { $usergroups[] = (isset($plugin_ugs->$ug)) ? $plugin_ugs->$ug : 'user'; } if (!$user = $auth->getUserData($json[SHAREDAPI_EVENT_FIELD_USERNAME]) and $create_user) { if ($auth->createUser($json[SHAREDAPI_EVENT_FIELD_USERNAME], '', $json[SHAREDAPI_EVENT_FIELD_USERNAME], $json[SHAREDAPI_EVENT_FIELD_EMAIL], array_unique($usergroups))) { $user = $auth->getUserData($json[SHAREDAPI_EVENT_FIELD_USERNAME]); } } return ($user and $user['mail'] == $json[SHAREDAPI_EVENT_FIELD_EMAIL]) ? $user : FALSE; } /** * Listener register * * @param array $json array * * @return array */ function vbsso_listener_register($json) { $u = vbsso_listener_user_load($json, TRUE); if (is_array($u)) { return array(SHAREDAPI_EVENT_FIELD_DATA => 'User ' . $json[SHAREDAPI_EVENT_FIELD_USERNAME] . ' successfully created'); } else { return array(SHAREDAPI_EVENT_FIELD_ERROR => $u); } } /** * Listener logout * * @return void */ function vbsso_listener_logout() { auth_logoff(TRUE); } /** * Listener auth * * @param array $json array * * @return void */ function vbsso_listener_authentication($json) { if (vbsso_listener_user_load($json, TRUE)) { $_SERVER['REMOTE_USER'] = $json[SHAREDAPI_EVENT_FIELD_USERNAME]; $secret = auth_cookiesalt(TRUE); //always sticky vbsso_auth_setCookie($json[SHAREDAPI_EVENT_FIELD_USERNAME], PMA_blowfish_encrypt('', $secret), $json[SHAREDAPI_EVENT_FIELD_REMEMBERME], $json[SHAREDAPI_EVENT_FIELD_TIMEOUT]); } } /** * Listener credentials * * @param array $json array * * @return array */ function vbsso_listener_credentials($json) { global $vbsso_settings; if ($u = vbsso_listener_user_load($json)) { $update = FALSE; $changes = array(); if (isset($json[SHAREDAPI_EVENT_FIELD_EMAIL2])) { $changes['mail'] = $json[SHAREDAPI_EVENT_FIELD_EMAIL2]; $update = TRUE; } if (isset($json[SHAREDAPI_EVENT_FIELD_USERNAME2])) { $changes['name'] = $json[SHAREDAPI_EVENT_FIELD_USERNAME2]; $update = TRUE; } if (isset($json[SHAREDAPI_EVENT_FIELD_USERGROUPS2])) { $usergroups = array(); $plugin_ugs = json_decode($vbsso_settings[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_ASSOC]); foreach (explode(',', $json[SHAREDAPI_EVENT_FIELD_USERGROUPS2]) as $ug) { $usergroups[] = (isset($plugin_ugs->$ug)) ? $plugin_ugs->$ug : 'user'; } $changes['grps'] = array_unique($usergroups); $update = TRUE; } if ($update) { $auth = (class_exists('auth_plugin_authplain')) ? new auth_plugin_authplain() : new auth_plain(); $auth->modifyUser($json[SHAREDAPI_EVENT_FIELD_USERNAME], $changes); } return array(SHAREDAPI_EVENT_FIELD_DATA => 'User ' . $json[SHAREDAPI_EVENT_FIELD_USERNAME] . ' successfully modified'); } else { return array(SHAREDAPI_EVENT_FIELD_ERROR => vbsso_listener_report_error('Unable to update user login: ' . $json[SHAREDAPI_EVENT_FIELD_USERNAME])); } } /** * Generate password * * @return string */ function vbsso_generate_password() { $password = ""; $possible = "1234567890abcdefghjklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; for ($i = 0; $i < 20; $i++) { $password .= substr($possible, mt_rand(0, strlen($possible) - 1), 1); } return $password; } /** * Save platform settings * * @param mixed $settings settinhs * * @return void */ function vbsso_save_platform_settings($settings) { file_put_contents(VBSSO_PLATFORM_CONFIG_FILE, base64_encode(serialize($settings))); } /** * Get platform settings * * @return mixed */ function vbsso_get_platform_settings() { if (!file_exists(VBSSO_PLATFORM_CONFIG_FILE)) { file_put_contents(VBSSO_PLATFORM_CONFIG_FILE, ''); } return unserialize(base64_decode(file_get_contents(VBSSO_PLATFORM_CONFIG_FILE))); } /** * Get vB user groups * * @return array|mixed */ function vbsso_get_vb_usergroups() { global $vbsso_platform_settings, $vbsso_settings; $baa_username = sharedapi_decode_data($vbsso_settings[VBSSO_NAMED_EVENT_FIELD_API_KEY], $vbsso_platform_settings[VBSSO_NAMED_EVENT_FIELD_BAA_USERNAME]); $baa_password = sharedapi_decode_data($vbsso_settings[VBSSO_NAMED_EVENT_FIELD_API_KEY], $vbsso_platform_settings[VBSSO_NAMED_EVENT_FIELD_BAA_PASSWORD]); $vbug = sharedapi_post($vbsso_platform_settings[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_URL], FALSE, $baa_username, $baa_password); return ($vbug['error_string']) ? $vbug : json_decode($vbug['response']); } /** * Get alc groups * * @return array */ function vbsso_get_acl_groups() { $groups = array(); foreach (auth_loadACL() as $a) { // Don't parse comments if (preg_match('/^#/', $a)) { continue; } if (preg_match('/^[^\s]+\s@([^\s]+)/', $a, $matches)) { $groups[urldecode($matches[1])] = $matches[1]; } } return $groups; } /** * Set cookie * * @param object $user user * @param string $pass password * @param integer $sticky glue * @param integer $session_timeout timeout * * @return bool */ function vbsso_auth_setCookie($user, $pass, $sticky, $session_timeout) { global $conf, $auth, $USERINFO; if (!$auth) { return FALSE; } $USERINFO = $auth->getUserData($user); // set cookie $cookie = base64_encode($user) . '|' . ((int)$sticky) . '|' . base64_encode($pass); $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir']; $time = $sticky ? (time() + 60 * 60 * 24 * 365) : (time() + $session_timeout); //one year if (version_compare(PHP_VERSION, '5.2.0', '>')) { setcookie(DOKU_COOKIE, $cookie, $time, $cookieDir, '', ($conf['securecookie'] && is_ssl()), TRUE); } else { setcookie(DOKU_COOKIE, $cookie, $time, $cookieDir, '', ($conf['securecookie'] && is_ssl())); } // set session $_SESSION[DOKU_COOKIE]['auth']['user'] = $user; $_SESSION[DOKU_COOKIE]['auth']['pass'] = sha1($pass); $_SESSION[DOKU_COOKIE]['auth']['buid'] = auth_browseruid(); $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO; //If an administrator was registered NOT by vBSSO, //we don't know his pass, so he will logout every period, set in "auth_security_timeout". //We will just increase this parameter $_SESSION[DOKU_COOKIE]['auth']['time'] = time() + $time; return TRUE; } /** * Get Platform settings * * @return mixed */ function vbsso_get_dokuwiki_settings() { if (!file_exists(VBSSO_VBSSO_CONFIG_FILE)) { file_put_contents(VBSSO_VBSSO_CONFIG_FILE, ''); } $settings = unserialize(base64_decode(file_get_contents(VBSSO_VBSSO_CONFIG_FILE))); if (!isset($settings[VBSSO_NAMED_EVENT_FIELD_LOGIN_THROUGH_VB_PAGE])) { $settings[VBSSO_NAMED_EVENT_FIELD_LOGIN_THROUGH_VB_PAGE] = TRUE; } if (!isset($settings[VBSSO_PLATFORM_FOOTER_LINK_PROPERTY])) { $settings[VBSSO_PLATFORM_FOOTER_LINK_PROPERTY] = VBSSO_PLATFORM_FOOTER_LINK_SHOW_EVERYWHERE; } if (!isset($settings[VBSSO_NAMED_EVENT_FIELD_API_KEY])) { $settings[VBSSO_NAMED_EVENT_FIELD_API_KEY] = SHAREDAPI_DEFAULT_API_KEY; } if (!isset($settings[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_ASSOC])) { $settings[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_ASSOC] = FALSE; } return $settings; } /** * Save platform settings * * @return void */ function vbsso_save_mediawiki_settings() { global $vbsso_settings, $vbsso_platform_settings; $settings = array(); $settings[VBSSO_PLATFORM_FOOTER_LINK_PROPERTY] = (isset($_POST[VBSSO_PLATFORM_FOOTER_LINK_PROPERTY])) ? $_POST[VBSSO_PLATFORM_FOOTER_LINK_PROPERTY] : '1'; $settings[VBSSO_NAMED_EVENT_FIELD_API_KEY] = (isset($_POST[VBSSO_NAMED_EVENT_FIELD_API_KEY]) && !empty($_POST[VBSSO_NAMED_EVENT_FIELD_API_KEY])) ? $_POST[VBSSO_NAMED_EVENT_FIELD_API_KEY] : SHAREDAPI_DEFAULT_API_KEY; $settings[VBSSO_NAMED_EVENT_FIELD_LOGIN_THROUGH_VB_PAGE] = (isset($_POST[VBSSO_NAMED_EVENT_FIELD_LOGIN_THROUGH_VB_PAGE])) ? $_POST[VBSSO_NAMED_EVENT_FIELD_LOGIN_THROUGH_VB_PAGE] : '0'; if ($vbsso_platform_settings[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_URL]) { $vb_usergroups = vbsso_get_vb_usergroups(); $vbsso_usergroups_assoc = array(); foreach ($vb_usergroups as $vb_usergroup) { $vbsso_usergroups_assoc[$vb_usergroup->usergroupid] = $_POST[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_ASSOC . '_' . $vb_usergroup->usergroupid]; } $settings[VBSSO_NAMED_EVENT_FIELD_USERGROUPS_ASSOC] = json_encode($vbsso_usergroups_assoc); } file_put_contents(VBSSO_VBSSO_CONFIG_FILE, base64_encode(serialize($settings))); $vbsso_settings = $settings; }