1a4ff4e44SJiri Dorazil<?php 2a4ff4e44SJiri Dorazil 3a4ff4e44SJiri Dorazil/** 4a4ff4e44SJiri Dorazil * DokuWiki Plugin skautis (Auth Component) 5a4ff4e44SJiri Dorazil * 6a4ff4e44SJiri Dorazil * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 7a4ff4e44SJiri Dorazil * @author Jiri Dorazil <alex@skaut.cz> 8a4ff4e44SJiri Dorazil */ 9a4ff4e44SJiri Dorazil 10a4ff4e44SJiri Dorazil// must be run within Dokuwiki 11a4ff4e44SJiri Dorazilif(!defined('DOKU_INC')) die(); 12a4ff4e44SJiri Dorazildefine('SKAUTIS_LIBS_DIR', dirname(__FILE__).'/libs/'); 13a4ff4e44SJiri Dorazilrequire_once SKAUTIS_LIBS_DIR. 'skautis-minify.php'; 14a4ff4e44SJiri Dorazil 15a4ff4e44SJiri Dorazilglobal $conf; 168a605c6dSJiri Dorazil// define cookie and session id, append server port when securecookie is configured 178a605c6dSJiri Dorazilif (!defined('AUTHSKAUTIS_COOKIE')){ 188a605c6dSJiri Dorazil define('AUTHSKAUTIS_COOKIE', 'SPGG'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:''))); 198a605c6dSJiri Dorazil} 20a4ff4e44SJiri Dorazil 21a4ff4e44SJiri Dorazilclass auth_plugin_authskautis extends auth_plugin_authplain { 22a4ff4e44SJiri Dorazil 23a4ff4e44SJiri Dorazil /** 24a4ff4e44SJiri Dorazil * Constructor. 25a4ff4e44SJiri Dorazil */ 268a605c6dSJiri Dorazil public function __construct() { 27a4ff4e44SJiri Dorazil global $config_cascade; 28a4ff4e44SJiri Dorazil parent::__construct(); // for compatibility 298a605c6dSJiri Dorazil $this->url = Skautis\Config::URL_PRODUCTION . '/Login/?appid='; 308a605c6dSJiri Dorazil $this->testUrl = Skautis\Config::URL_TEST . '/Login/?appid='; 31a4ff4e44SJiri Dorazil 32a4ff4e44SJiri Dorazil $this->success = true; 33a4ff4e44SJiri Dorazil 348a605c6dSJiri Dorazil $this->cando['addUser'] = true; // can Users be created? 358a605c6dSJiri Dorazil $this->cando['external'] = true; // does the module do external auth checking? 368a605c6dSJiri Dorazil $this->cando['logout'] = true; // can the user logout again? (eg. not possible with HTTP auth) 37a4ff4e44SJiri Dorazil 388a605c6dSJiri Dorazil } 39a4ff4e44SJiri Dorazil 40a4ff4e44SJiri Dorazil /** 41a4ff4e44SJiri Dorazil * Do all authentication [ OPTIONAL ] 42a4ff4e44SJiri Dorazil * 43a4ff4e44SJiri Dorazil * @param string $user Username 44a4ff4e44SJiri Dorazil * @param string $pass Cleartext Password 45a4ff4e44SJiri Dorazil * @param bool $sticky Cookie should not expire 46a4ff4e44SJiri Dorazil * @return bool true on successful auth 47a4ff4e44SJiri Dorazil */ 488a605c6dSJiri Dorazil public function trustExternal($user, $pass, $sticky = false) { 49a4ff4e44SJiri Dorazil global $USERINFO; 50a4ff4e44SJiri Dorazil 518a605c6dSJiri Dorazil //get user info in session 528a605c6dSJiri Dorazil if (!empty($_SESSION[DOKU_COOKIE]['authskautis']['info'])) { 538a605c6dSJiri Dorazil $USERINFO['name'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['name']; 548a605c6dSJiri Dorazil $USERINFO['mail'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['mail']; 558a605c6dSJiri Dorazil $USERINFO['grps'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['grps']; 568a605c6dSJiri Dorazil $USERINFO['is_skautis'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['is_skautis']; 578a605c6dSJiri Dorazil $_SERVER['REMOTE_USER'] = $_SESSION[DOKU_COOKIE]['authskautis']['user']; 58a4ff4e44SJiri Dorazil return true; 598a605c6dSJiri Dorazil } 60a4ff4e44SJiri Dorazil 618a605c6dSJiri Dorazil //get form login info 628a605c6dSJiri Dorazil if(!empty($user)){ 638a605c6dSJiri Dorazil //var_dump($user,$pass);die; 648a605c6dSJiri Dorazil if($this->checkPass($user,$pass)){ 658a605c6dSJiri Dorazil $uinfo = $this->getUserData($user); 66a4ff4e44SJiri Dorazil 678a605c6dSJiri Dorazil //set user info 688a605c6dSJiri Dorazil $USERINFO['name'] = $uinfo['name']; 698a605c6dSJiri Dorazil $USERINFO['mail'] = $uinfo['email']; 708a605c6dSJiri Dorazil $USERINFO['grps'] = $uinfo['grps']; 718a605c6dSJiri Dorazil $USERINFO['pass'] = $pass; 728a605c6dSJiri Dorazil 738a605c6dSJiri Dorazil //save data in session 748a605c6dSJiri Dorazil $_SERVER['REMOTE_USER'] = $uinfo['name']; 758a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $uinfo['name']; 768a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 778a605c6dSJiri Dorazil 788a605c6dSJiri Dorazil return true; 798a605c6dSJiri Dorazil }else{ 808a605c6dSJiri Dorazil //invalid credentials - log off 818a605c6dSJiri Dorazil msg($this->getLang('badlogin'),-1); 828a605c6dSJiri Dorazil return false; 838a605c6dSJiri Dorazil } 848a605c6dSJiri Dorazil } 858a605c6dSJiri Dorazil 868a605c6dSJiri Dorazil 878a605c6dSJiri Dorazil //$sticky ? $sticky = true : $sticky = false; //sanity check 888a605c6dSJiri Dorazil if (!empty($_POST)){ 898a605c6dSJiri Dorazil 908a605c6dSJiri Dorazil $skautisAppId = $this->getConf('skautis_app_id'); 918a605c6dSJiri Dorazil $skautIsTestmode = $this->getConf('skautis_test_mode'); 924ffb13b3SJiri Dorazil $skautIsAllowedAddUser = $this->getConf('skautis_allowed_add_user'); 938a605c6dSJiri Dorazil $skautIs = SkautIs\skautIs::getInstance($skautisAppId,$skautIsTestmode); 948a605c6dSJiri Dorazil $skautIs->setLoginData($_POST); 958a605c6dSJiri Dorazil 968a605c6dSJiri Dorazil $skautisUser = $skautIs->getUser(); 978a605c6dSJiri Dorazil 988a605c6dSJiri Dorazil if ($skautisUser->isLoggedIn(true)) { 998a605c6dSJiri Dorazil $userData = $skautIs->user->userDetail(); 1008a605c6dSJiri Dorazil $token = $skautIs->getUser()->getLoginId(); 1018a605c6dSJiri Dorazil $person = $skautIs->org->PersonDetail(array('ID_Login' => $token, 'ID' => $userData->ID_Person)); 1028a605c6dSJiri Dorazil $skautisEmail = $person->Email; 1038a605c6dSJiri Dorazil $skautisUsername = $person->FirstName . ' ' . $person->LastName; 1048a605c6dSJiri Dorazil 1058a605c6dSJiri Dorazil $login = 'skautis'.$userData->ID; 1068a605c6dSJiri Dorazil $udata = $this->getUserData($login); 1074ffb13b3SJiri Dorazil 1084ffb13b3SJiri Dorazil //create and update user in base 1094ffb13b3SJiri Dorazil if($skautIsAllowedAddUser){ 1108a605c6dSJiri Dorazil if (!$udata) { 1118a605c6dSJiri Dorazil //default groups 1128a605c6dSJiri Dorazil $grps = null; 1138a605c6dSJiri Dorazil if ($this->getConf('default_groups')){ 1148a605c6dSJiri Dorazil $grps = explode(' ', $this->getConf('default_groups')); 1158a605c6dSJiri Dorazil } 1168a605c6dSJiri Dorazil //create user 1178a605c6dSJiri Dorazil $this->createUser($login, md5(rand().$login), $skautisUsername, $skautisEmail, $grps); 1188a605c6dSJiri Dorazil $udata = $this->getUserData($login); 1198a605c6dSJiri Dorazil } elseif ($udata['name'] != $skautisUsername || $udata['email'] != $skautisEmail) { 1208a605c6dSJiri Dorazil //update user 1218a605c6dSJiri Dorazil $this->modifyUser($login, array('name'=>$skautisUsername, 'email'=>$skautisEmail)); 1228a605c6dSJiri Dorazil } 1238a605c6dSJiri Dorazil } 1248a605c6dSJiri Dorazil 125*472c46daSJiri Dorazil if ($this->isUserValid($login)){ 1268a605c6dSJiri Dorazil //set user info 1278a605c6dSJiri Dorazil $USERINFO['pass'] = ""; 1288a605c6dSJiri Dorazil $USERINFO['name'] = $skautisUsername; 1298a605c6dSJiri Dorazil $USERINFO['mail'] = $skautisEmail; 1308a605c6dSJiri Dorazil $USERINFO['grps'] = $udata['grps']; 1318a605c6dSJiri Dorazil $USERINFO['is_skautis'] = true; 1328a605c6dSJiri Dorazil $_SERVER['REMOTE_USER'] = $skautisUsername; 1338a605c6dSJiri Dorazil 1348a605c6dSJiri Dorazil //save user info in session 1358a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $_SERVER['REMOTE_USER']; 1368a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 1378a605c6dSJiri Dorazil 1388a605c6dSJiri Dorazil //if login page - redirect to main page 1398a605c6dSJiri Dorazil if (isset($_GET['do']) && $_GET['do']=='login'){ 1408a605c6dSJiri Dorazil header("Location: ".wl('start', '', true)); 1418a605c6dSJiri Dorazil } 1428a605c6dSJiri Dorazil 1438a605c6dSJiri Dorazil return true; 1448a605c6dSJiri Dorazil } else { 1454ffb13b3SJiri Dorazil msg($this->getLang('nouser'),-1); 1464ffb13b3SJiri Dorazil $this->logOff(); 1474ffb13b3SJiri Dorazil return false; 1484ffb13b3SJiri Dorazil } 1494ffb13b3SJiri Dorazil } else { 1504ffb13b3SJiri Dorazil msg($this->getLang('badskautis'),-1); 1518a605c6dSJiri Dorazil $this->logOff(); 1528a605c6dSJiri Dorazil return false; 1538a605c6dSJiri Dorazil } 1548a605c6dSJiri Dorazil } else { 1558a605c6dSJiri Dorazil //return false; 1568a605c6dSJiri Dorazil } 1578a605c6dSJiri Dorazil return false; 1588a605c6dSJiri Dorazil } 1598a605c6dSJiri Dorazil 1608a605c6dSJiri Dorazil function logOff(){ 1618a605c6dSJiri Dorazil unset($_SESSION[DOKU_COOKIE]['authskautis']['user']); 1628a605c6dSJiri Dorazil unset($_SESSION[DOKU_COOKIE]['authskautis']['info']); 1638a605c6dSJiri Dorazil } 164*472c46daSJiri Dorazil 165*472c46daSJiri Dorazil function isUserValid($login){ 166*472c46daSJiri Dorazil return isset($this->users[$login]) ? true : false; 167*472c46daSJiri Dorazil } 168a4ff4e44SJiri Dorazil}