1<?php
2// must be run within Dokuwiki
3if(!defined('DOKU_INC')) die();
4
5
6/**
7 * privacyIDEA Authentication backend
8 *
9 * @author corny@cornelinux.de
10 */
11class auth_plugin_authprivacyidea extends auth_plugin_authplain  {
12
13    public function __construct() {
14        parent::__construct();
15
16        $this->success = true;
17    }
18
19
20	public function checkPass($user, $pass) {
21		assert(is_string($user));
22		assert(is_string($pass));
23		$userinfo = $this->getUserData($user);
24
25		$status = False;
26		$value = False;
27
28		if($userinfo === false) return false;
29
30		if (!function_exists('curl_init')){
31	        die('Sorry cURL is not installed!');
32	    }
33
34        $escPassword = urlencode($pass);
35        $escUsername = urlencode($user);
36
37		dbglog("Starting privacyIDEA auth with " . $escUsername . " and " . $escPassword);
38
39		try {
40        	$crl = curl_init();
41	        $timeout = 5;
42			$privacyidea_url = $this->getConf("privacyidea_url");
43			$privacyidea_realm = $this->getConf("privacyidea_realm");
44			$privacyidea_verify = $this->getConf("privacyidea_verify");
45			$timeout = $this->getConf("privacyidea_timeout");
46
47
48	        $url = $privacyidea_url . '?user=' . $escUsername . '&pass=' . $escPassword;
49			if ($privacyidea_realm != "") {
50				$url = $url . "&realm=" . $privacyidea_realm;
51			}
52			curl_setopt ($crl, CURLOPT_URL, $url);
53	        curl_setopt ($crl, CURLOPT_RETURNTRANSFER, TRUE);
54			curl_setopt ($crl, CURLOPT_HEADER, TRUE);
55	        curl_setopt ($crl, CURLOPT_CONNECTTIMEOUT, $timeout);
56	        curl_setopt ($crl, CURLOPT_SSL_VERIFYPEER, $privacyidea_verify);
57	        curl_setopt ($crl, CURLOPT_SSL_VERIFYHOST, $privacyidea_verify);
58
59			dbglog("About to execute curl for url ". $url);
60
61	        $response = curl_exec($crl);
62
63			dbglog("Got response " . $response);
64
65	        $header_size = curl_getinfo($crl, CURLINFO_HEADER_SIZE);
66	        $body = json_decode(substr( $response, $header_size ));
67
68			$status = $body->result->status;
69			$value = $body->result->value;
70
71	        curl_close($crl);
72		}
73		catch (Exception $e)
74		{
75			die("Something went wrong: " + $e);
76		}
77
78		return $value;
79	}
80
81
82
83}
84?>
85