1a4ff4e44SJiri Dorazil<?php 2a4ff4e44SJiri Dorazil 3a4ff4e44SJiri Dorazil/** 4a4ff4e44SJiri Dorazil * DokuWiki Plugin skautis (Auth Component) 5a4ff4e44SJiri Dorazil * 6a4ff4e44SJiri Dorazil * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 7a4ff4e44SJiri Dorazil * @author Jiri Dorazil <alex@skaut.cz> 8a4ff4e44SJiri Dorazil */ 9a4ff4e44SJiri Dorazil 10a4ff4e44SJiri Dorazil// must be run within Dokuwiki 11a4ff4e44SJiri Dorazilif(!defined('DOKU_INC')) die(); 125c420ec9SJan Staněk 135c420ec9SJan Staněkrequire_once 'vendor/autoload.php'; 14a4ff4e44SJiri Dorazil 15a4ff4e44SJiri Dorazilglobal $conf; 168a605c6dSJiri Dorazil// define cookie and session id, append server port when securecookie is configured 178a605c6dSJiri Dorazilif (!defined('AUTHSKAUTIS_COOKIE')){ 188a605c6dSJiri Dorazil define('AUTHSKAUTIS_COOKIE', 'SPGG'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:''))); 198a605c6dSJiri Dorazil} 20a4ff4e44SJiri Dorazil 215c420ec9SJan Staněk 22a4ff4e44SJiri Dorazilclass auth_plugin_authskautis extends auth_plugin_authplain { 23a4ff4e44SJiri Dorazil 24a4ff4e44SJiri Dorazil /** 25a4ff4e44SJiri Dorazil * Constructor. 26a4ff4e44SJiri Dorazil */ 278a605c6dSJiri Dorazil public function __construct() { 28a4ff4e44SJiri Dorazil global $config_cascade; 29a4ff4e44SJiri Dorazil parent::__construct(); // for compatibility 308a605c6dSJiri Dorazil $this->url = Skautis\Config::URL_PRODUCTION . '/Login/?appid='; 318a605c6dSJiri Dorazil $this->testUrl = Skautis\Config::URL_TEST . '/Login/?appid='; 32a4ff4e44SJiri Dorazil 33a4ff4e44SJiri Dorazil $this->success = true; 34a4ff4e44SJiri Dorazil 358a605c6dSJiri Dorazil $this->cando['addUser'] = true; // can Users be created? 368a605c6dSJiri Dorazil $this->cando['external'] = true; // does the module do external auth checking? 378a605c6dSJiri Dorazil $this->cando['logout'] = true; // can the user logout again? (eg. not possible with HTTP auth) 388a605c6dSJiri Dorazil } 39a4ff4e44SJiri Dorazil 40a4ff4e44SJiri Dorazil /** 41a4ff4e44SJiri Dorazil * Do all authentication [ OPTIONAL ] 42a4ff4e44SJiri Dorazil * 43a4ff4e44SJiri Dorazil * @param string $user Username 44a4ff4e44SJiri Dorazil * @param string $pass Cleartext Password 45a4ff4e44SJiri Dorazil * @param bool $sticky Cookie should not expire 46a4ff4e44SJiri Dorazil * @return bool true on successful auth 47a4ff4e44SJiri Dorazil */ 488a605c6dSJiri Dorazil public function trustExternal($user, $pass, $sticky = false) { 49a4ff4e44SJiri Dorazil global $USERINFO; 50*0d77d705SJiří Dorazil global $INPUT; 51a4ff4e44SJiri Dorazil 528a605c6dSJiri Dorazil //get user info in session 538a605c6dSJiri Dorazil if (!empty($_SESSION[DOKU_COOKIE]['authskautis']['info'])) { 548a605c6dSJiri Dorazil $USERINFO['name'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['name']; 558a605c6dSJiri Dorazil $USERINFO['mail'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['mail']; 568a605c6dSJiri Dorazil $USERINFO['grps'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['grps']; 57*0d77d705SJiří Dorazil $USERINFO['is_skautis'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['is_skautis']??null; 58*0d77d705SJiří Dorazil $INPUT->server->set('REMOTE_USER', $_SESSION[DOKU_COOKIE]['authskautis']['user'] ?? null); 59a4ff4e44SJiri Dorazil return true; 608a605c6dSJiri Dorazil } 61a4ff4e44SJiri Dorazil 628a605c6dSJiri Dorazil //get form login info 638a605c6dSJiri Dorazil if(!empty($user)){ 648a605c6dSJiri Dorazil //var_dump($user,$pass);die; 658a605c6dSJiri Dorazil if($this->checkPass($user,$pass)){ 668a605c6dSJiri Dorazil $uinfo = $this->getUserData($user); 67a4ff4e44SJiri Dorazil 688a605c6dSJiri Dorazil //set user info 698a605c6dSJiri Dorazil $USERINFO['name'] = $uinfo['name']; 708a605c6dSJiri Dorazil $USERINFO['mail'] = $uinfo['email']; 718a605c6dSJiri Dorazil $USERINFO['grps'] = $uinfo['grps']; 728a605c6dSJiri Dorazil $USERINFO['pass'] = $pass; 738a605c6dSJiri Dorazil 748a605c6dSJiri Dorazil //save data in session 75*0d77d705SJiří Dorazil $INPUT->server->set('REMOTE_USER', $uinfo['name']); 768a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $uinfo['name']; 778a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 788a605c6dSJiri Dorazil 798a605c6dSJiri Dorazil return true; 808a605c6dSJiri Dorazil }else{ 818a605c6dSJiri Dorazil //invalid credentials - log off 828a605c6dSJiri Dorazil msg($this->getLang('badlogin'),-1); 838a605c6dSJiri Dorazil return false; 848a605c6dSJiri Dorazil } 858a605c6dSJiri Dorazil } 868a605c6dSJiri Dorazil 878a605c6dSJiri Dorazil //$sticky ? $sticky = true : $sticky = false; //sanity check 888a605c6dSJiri Dorazil if (!empty($_POST)){ 898a605c6dSJiri Dorazil 905c420ec9SJan Staněk $skautIsAppId = $this->getConf('skautis_app_id'); 918a605c6dSJiri Dorazil $skautIsTestmode = $this->getConf('skautis_test_mode'); 924ffb13b3SJiri Dorazil $skautIsAllowedAddUser = $this->getConf('skautis_allowed_add_user'); 935c420ec9SJan Staněk $skautIs = Skautis\Skautis::getInstance($skautIsAppId,$skautIsTestmode); 948a605c6dSJiri Dorazil $skautIs->setLoginData($_POST); 958a605c6dSJiri Dorazil 965c420ec9SJan Staněk $skautIsUser = $skautIs->getUser(); 978a605c6dSJiri Dorazil 985c420ec9SJan Staněk if ($skautIsUser->isLoggedIn(true)) { 998a605c6dSJiri Dorazil $userData = $skautIs->user->userDetail(); 1008a605c6dSJiri Dorazil $token = $skautIs->getUser()->getLoginId(); 1015c420ec9SJan Staněk $person = $skautIs->org->PersonDetail(['ID_Login' => $token, 'ID' => $userData->ID_Person]); 1025c420ec9SJan Staněk $skautIsEmail = $person->Email; 1035c420ec9SJan Staněk $skautIsUsername = $person->FirstName . ' ' . $person->LastName; 1048a605c6dSJiri Dorazil 1058a605c6dSJiri Dorazil $login = 'skautis'.$userData->ID; 1068a605c6dSJiri Dorazil $udata = $this->getUserData($login); 1074ffb13b3SJiri Dorazil 1084ffb13b3SJiri Dorazil //create and update user in base 1094ffb13b3SJiri Dorazil if($skautIsAllowedAddUser){ 1108a605c6dSJiri Dorazil if (!$udata) { 1118a605c6dSJiri Dorazil //default groups 1128a605c6dSJiri Dorazil $grps = null; 1138a605c6dSJiri Dorazil if ($this->getConf('default_groups')){ 1148a605c6dSJiri Dorazil $grps = explode(' ', $this->getConf('default_groups')); 1158a605c6dSJiri Dorazil } 1168a605c6dSJiri Dorazil //create user 1175c420ec9SJan Staněk $this->createUser($login, md5(rand().$login), $skautIsUsername, $skautIsEmail, $grps); 1188a605c6dSJiri Dorazil $udata = $this->getUserData($login); 1195c420ec9SJan Staněk } elseif ($udata['name'] != $skautIsUsername || $udata['email'] != $skautIsEmail) { 1208a605c6dSJiri Dorazil //update user 1215c420ec9SJan Staněk $this->modifyUser($login, ['name'=>$skautIsUsername, 'email'=>$skautIsEmail]); 1228a605c6dSJiri Dorazil } 1238a605c6dSJiri Dorazil } 1248a605c6dSJiri Dorazil 125472c46daSJiri Dorazil if ($this->isUserValid($login)){ 1268a605c6dSJiri Dorazil //set user info 1278a605c6dSJiri Dorazil $USERINFO['pass'] = ""; 1285c420ec9SJan Staněk $USERINFO['name'] = $skautIsUsername; 1295c420ec9SJan Staněk $USERINFO['mail'] = $skautIsEmail; 1308a605c6dSJiri Dorazil $USERINFO['grps'] = $udata['grps']; 1318a605c6dSJiri Dorazil $USERINFO['is_skautis'] = true; 132*0d77d705SJiří Dorazil $INPUT->server->set('REMOTE_USER', $skautIsUsername); 1338a605c6dSJiri Dorazil 1348a605c6dSJiri Dorazil //save user info in session 135*0d77d705SJiří Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $INPUT->server->str('REMOTE_USER'); 1368a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 1378a605c6dSJiri Dorazil 1388a605c6dSJiri Dorazil //if login page - redirect to main page 139*0d77d705SJiří Dorazil if ($INPUT->get->str('do') === 'login'){ 1408a605c6dSJiri Dorazil header("Location: ".wl('start', '', true)); 1418a605c6dSJiri Dorazil } 1428a605c6dSJiri Dorazil 1438a605c6dSJiri Dorazil return true; 1448a605c6dSJiri Dorazil } else { 1454ffb13b3SJiri Dorazil msg($this->getLang('nouser'),-1); 1464ffb13b3SJiri Dorazil $this->logOff(); 1474ffb13b3SJiri Dorazil return false; 1484ffb13b3SJiri Dorazil } 1494ffb13b3SJiri Dorazil } else { 1504ffb13b3SJiri Dorazil msg($this->getLang('badskautis'),-1); 1518a605c6dSJiri Dorazil $this->logOff(); 1528a605c6dSJiri Dorazil return false; 1538a605c6dSJiri Dorazil } 1548a605c6dSJiri Dorazil } else { 1558a605c6dSJiri Dorazil //return false; 1568a605c6dSJiri Dorazil } 1578a605c6dSJiri Dorazil return false; 1588a605c6dSJiri Dorazil } 1598a605c6dSJiri Dorazil 1608a605c6dSJiri Dorazil function logOff(){ 1618a605c6dSJiri Dorazil unset($_SESSION[DOKU_COOKIE]['authskautis']['user']); 1628a605c6dSJiri Dorazil unset($_SESSION[DOKU_COOKIE]['authskautis']['info']); 1638a605c6dSJiri Dorazil } 164472c46daSJiri Dorazil 165472c46daSJiri Dorazil function isUserValid($login){ 166472c46daSJiri Dorazil return isset($this->users[$login]) ? true : false; 167472c46daSJiri Dorazil } 168a4ff4e44SJiri Dorazil} 169