1<?php 2 3/** 4 * DokuWiki Plugin skautis (Auth Component) 5 * 6 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 7 * @author Jiri Dorazil <alex@skaut.cz> 8 */ 9 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13require_once 'vendor/autoload.php'; 14 15global $conf; 16// define cookie and session id, append server port when securecookie is configured 17if (!defined('AUTHSKAUTIS_COOKIE')){ 18 define('AUTHSKAUTIS_COOKIE', 'SPGG'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:''))); 19} 20 21 22class auth_plugin_authskautis extends auth_plugin_authplain { 23 24 /** 25 * Constructor. 26 */ 27 public function __construct() { 28 global $config_cascade; 29 parent::__construct(); // for compatibility 30 $this->url = Skautis\Config::URL_PRODUCTION . '/Login/?appid='; 31 $this->testUrl = Skautis\Config::URL_TEST . '/Login/?appid='; 32 33 $this->success = true; 34 35 $this->cando['addUser'] = true; // can Users be created? 36 $this->cando['external'] = true; // does the module do external auth checking? 37 $this->cando['logout'] = true; // can the user logout again? (eg. not possible with HTTP auth) 38 } 39 40 /** 41 * Do all authentication [ OPTIONAL ] 42 * 43 * @param string $user Username 44 * @param string $pass Cleartext Password 45 * @param bool $sticky Cookie should not expire 46 * @return bool true on successful auth 47 */ 48 public function trustExternal($user, $pass, $sticky = false) { 49 global $USERINFO; 50 global $INPUT; 51 52 //get user info in session 53 if (!empty($_SESSION[DOKU_COOKIE]['authskautis']['info'])) { 54 $USERINFO['name'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['name']; 55 $USERINFO['mail'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['mail']; 56 $USERINFO['grps'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['grps']; 57 $USERINFO['is_skautis'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['is_skautis']??null; 58 $INPUT->server->set('REMOTE_USER', $_SESSION[DOKU_COOKIE]['authskautis']['user'] ?? null); 59 return true; 60 } 61 62 //get form login info 63 if(!empty($user)){ 64 //var_dump($user,$pass);die; 65 if($this->checkPass($user,$pass)){ 66 $uinfo = $this->getUserData($user); 67 68 //set user info 69 $USERINFO['name'] = $uinfo['name']; 70 $USERINFO['mail'] = $uinfo['email']; 71 $USERINFO['grps'] = $uinfo['grps']; 72 $USERINFO['pass'] = $pass; 73 74 //save data in session 75 $INPUT->server->set('REMOTE_USER', $uinfo['name']); 76 $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $uinfo['name']; 77 $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 78 79 return true; 80 }else{ 81 //invalid credentials - log off 82 msg($this->getLang('badlogin'),-1); 83 return false; 84 } 85 } 86 87 //$sticky ? $sticky = true : $sticky = false; //sanity check 88 if (!empty($_POST)){ 89 90 $skautIsAppId = $this->getConf('skautis_app_id'); 91 $skautIsTestmode = $this->getConf('skautis_test_mode'); 92 $skautIsAllowedAddUser = $this->getConf('skautis_allowed_add_user'); 93 $skautIs = Skautis\Skautis::getInstance($skautIsAppId,$skautIsTestmode); 94 $skautIs->setLoginData($_POST); 95 96 $skautIsUser = $skautIs->getUser(); 97 98 if ($skautIsUser->isLoggedIn(true)) { 99 $userData = $skautIs->user->userDetail(); 100 $token = $skautIs->getUser()->getLoginId(); 101 $person = $skautIs->org->PersonDetail(['ID_Login' => $token, 'ID' => $userData->ID_Person]); 102 $skautIsEmail = $person->Email; 103 $skautIsUsername = $person->FirstName . ' ' . $person->LastName; 104 105 $login = 'skautis'.$userData->ID; 106 $udata = $this->getUserData($login); 107 108 //create and update user in base 109 if($skautIsAllowedAddUser){ 110 if (!$udata) { 111 //default groups 112 $grps = null; 113 if ($this->getConf('default_groups')){ 114 $grps = explode(' ', $this->getConf('default_groups')); 115 } 116 //create user 117 $this->createUser($login, md5(rand().$login), $skautIsUsername, $skautIsEmail, $grps); 118 $udata = $this->getUserData($login); 119 } elseif ($udata['name'] != $skautIsUsername || $udata['email'] != $skautIsEmail) { 120 //update user 121 $this->modifyUser($login, ['name'=>$skautIsUsername, 'email'=>$skautIsEmail]); 122 } 123 } 124 125 if ($this->isUserValid($login)){ 126 //set user info 127 $USERINFO['pass'] = ""; 128 $USERINFO['name'] = $skautIsUsername; 129 $USERINFO['mail'] = $skautIsEmail; 130 $USERINFO['grps'] = $udata['grps']; 131 $USERINFO['is_skautis'] = true; 132 $INPUT->server->set('REMOTE_USER', $skautIsUsername); 133 134 //save user info in session 135 $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $INPUT->server->str('REMOTE_USER'); 136 $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 137 138 //if login page - redirect to main page 139 if ($INPUT->get->str('do') === 'login'){ 140 header("Location: ".wl('start', '', true)); 141 } 142 143 return true; 144 } else { 145 msg($this->getLang('nouser'),-1); 146 $this->logOff(); 147 return false; 148 } 149 } else { 150 msg($this->getLang('badskautis'),-1); 151 $this->logOff(); 152 return false; 153 } 154 } else { 155 //return false; 156 } 157 return false; 158 } 159 160 function logOff(){ 161 unset($_SESSION[DOKU_COOKIE]['authskautis']['user']); 162 unset($_SESSION[DOKU_COOKIE]['authskautis']['info']); 163 } 164 165 function isUserValid($login){ 166 return isset($this->users[$login]) ? true : false; 167 } 168} 169