1a4ff4e44SJiri Dorazil<?php 2a4ff4e44SJiri Dorazil 3a4ff4e44SJiri Dorazil/** 4a4ff4e44SJiri Dorazil * DokuWiki Plugin skautis (Auth Component) 5a4ff4e44SJiri Dorazil * 6a4ff4e44SJiri Dorazil * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 7a4ff4e44SJiri Dorazil * @author Jiri Dorazil <alex@skaut.cz> 8a4ff4e44SJiri Dorazil */ 9a4ff4e44SJiri Dorazil 10a4ff4e44SJiri Dorazil// must be run within Dokuwiki 11a4ff4e44SJiri Dorazilif(!defined('DOKU_INC')) die(); 12*5c420ec9SJan Staněk 13*5c420ec9SJan Staněkrequire_once 'vendor/autoload.php'; 14a4ff4e44SJiri Dorazil 15a4ff4e44SJiri Dorazilglobal $conf; 168a605c6dSJiri Dorazil// define cookie and session id, append server port when securecookie is configured 178a605c6dSJiri Dorazilif (!defined('AUTHSKAUTIS_COOKIE')){ 188a605c6dSJiri Dorazil define('AUTHSKAUTIS_COOKIE', 'SPGG'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:''))); 198a605c6dSJiri Dorazil} 20a4ff4e44SJiri Dorazil 21*5c420ec9SJan Staněk 22a4ff4e44SJiri Dorazilclass auth_plugin_authskautis extends auth_plugin_authplain { 23a4ff4e44SJiri Dorazil 24a4ff4e44SJiri Dorazil /** 25a4ff4e44SJiri Dorazil * Constructor. 26a4ff4e44SJiri Dorazil */ 278a605c6dSJiri Dorazil public function __construct() { 28a4ff4e44SJiri Dorazil global $config_cascade; 29a4ff4e44SJiri Dorazil parent::__construct(); // for compatibility 308a605c6dSJiri Dorazil $this->url = Skautis\Config::URL_PRODUCTION . '/Login/?appid='; 318a605c6dSJiri Dorazil $this->testUrl = Skautis\Config::URL_TEST . '/Login/?appid='; 32a4ff4e44SJiri Dorazil 33a4ff4e44SJiri Dorazil $this->success = true; 34a4ff4e44SJiri Dorazil 358a605c6dSJiri Dorazil $this->cando['addUser'] = true; // can Users be created? 368a605c6dSJiri Dorazil $this->cando['external'] = true; // does the module do external auth checking? 378a605c6dSJiri Dorazil $this->cando['logout'] = true; // can the user logout again? (eg. not possible with HTTP auth) 388a605c6dSJiri Dorazil } 39a4ff4e44SJiri Dorazil 40a4ff4e44SJiri Dorazil /** 41a4ff4e44SJiri Dorazil * Do all authentication [ OPTIONAL ] 42a4ff4e44SJiri Dorazil * 43a4ff4e44SJiri Dorazil * @param string $user Username 44a4ff4e44SJiri Dorazil * @param string $pass Cleartext Password 45a4ff4e44SJiri Dorazil * @param bool $sticky Cookie should not expire 46a4ff4e44SJiri Dorazil * @return bool true on successful auth 47a4ff4e44SJiri Dorazil */ 488a605c6dSJiri Dorazil public function trustExternal($user, $pass, $sticky = false) { 49a4ff4e44SJiri Dorazil global $USERINFO; 50a4ff4e44SJiri Dorazil 518a605c6dSJiri Dorazil //get user info in session 528a605c6dSJiri Dorazil if (!empty($_SESSION[DOKU_COOKIE]['authskautis']['info'])) { 538a605c6dSJiri Dorazil $USERINFO['name'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['name']; 548a605c6dSJiri Dorazil $USERINFO['mail'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['mail']; 558a605c6dSJiri Dorazil $USERINFO['grps'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['grps']; 568a605c6dSJiri Dorazil $USERINFO['is_skautis'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['is_skautis']; 578a605c6dSJiri Dorazil $_SERVER['REMOTE_USER'] = $_SESSION[DOKU_COOKIE]['authskautis']['user']; 58a4ff4e44SJiri Dorazil return true; 598a605c6dSJiri Dorazil } 60a4ff4e44SJiri Dorazil 618a605c6dSJiri Dorazil //get form login info 628a605c6dSJiri Dorazil if(!empty($user)){ 638a605c6dSJiri Dorazil //var_dump($user,$pass);die; 648a605c6dSJiri Dorazil if($this->checkPass($user,$pass)){ 658a605c6dSJiri Dorazil $uinfo = $this->getUserData($user); 66a4ff4e44SJiri Dorazil 678a605c6dSJiri Dorazil //set user info 688a605c6dSJiri Dorazil $USERINFO['name'] = $uinfo['name']; 698a605c6dSJiri Dorazil $USERINFO['mail'] = $uinfo['email']; 708a605c6dSJiri Dorazil $USERINFO['grps'] = $uinfo['grps']; 718a605c6dSJiri Dorazil $USERINFO['pass'] = $pass; 728a605c6dSJiri Dorazil 738a605c6dSJiri Dorazil //save data in session 748a605c6dSJiri Dorazil $_SERVER['REMOTE_USER'] = $uinfo['name']; 758a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $uinfo['name']; 768a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 778a605c6dSJiri Dorazil 788a605c6dSJiri Dorazil return true; 798a605c6dSJiri Dorazil }else{ 808a605c6dSJiri Dorazil //invalid credentials - log off 818a605c6dSJiri Dorazil msg($this->getLang('badlogin'),-1); 828a605c6dSJiri Dorazil return false; 838a605c6dSJiri Dorazil } 848a605c6dSJiri Dorazil } 858a605c6dSJiri Dorazil 868a605c6dSJiri Dorazil //$sticky ? $sticky = true : $sticky = false; //sanity check 878a605c6dSJiri Dorazil if (!empty($_POST)){ 888a605c6dSJiri Dorazil 89*5c420ec9SJan Staněk $skautIsAppId = $this->getConf('skautis_app_id'); 908a605c6dSJiri Dorazil $skautIsTestmode = $this->getConf('skautis_test_mode'); 914ffb13b3SJiri Dorazil $skautIsAllowedAddUser = $this->getConf('skautis_allowed_add_user'); 92*5c420ec9SJan Staněk $skautIs = Skautis\Skautis::getInstance($skautIsAppId,$skautIsTestmode); 938a605c6dSJiri Dorazil $skautIs->setLoginData($_POST); 948a605c6dSJiri Dorazil 95*5c420ec9SJan Staněk $skautIsUser = $skautIs->getUser(); 968a605c6dSJiri Dorazil 97*5c420ec9SJan Staněk if ($skautIsUser->isLoggedIn(true)) { 988a605c6dSJiri Dorazil $userData = $skautIs->user->userDetail(); 998a605c6dSJiri Dorazil $token = $skautIs->getUser()->getLoginId(); 100*5c420ec9SJan Staněk $person = $skautIs->org->PersonDetail(['ID_Login' => $token, 'ID' => $userData->ID_Person]); 101*5c420ec9SJan Staněk $skautIsEmail = $person->Email; 102*5c420ec9SJan Staněk $skautIsUsername = $person->FirstName . ' ' . $person->LastName; 1038a605c6dSJiri Dorazil 1048a605c6dSJiri Dorazil $login = 'skautis'.$userData->ID; 1058a605c6dSJiri Dorazil $udata = $this->getUserData($login); 1064ffb13b3SJiri Dorazil 1074ffb13b3SJiri Dorazil //create and update user in base 1084ffb13b3SJiri Dorazil if($skautIsAllowedAddUser){ 1098a605c6dSJiri Dorazil if (!$udata) { 1108a605c6dSJiri Dorazil //default groups 1118a605c6dSJiri Dorazil $grps = null; 1128a605c6dSJiri Dorazil if ($this->getConf('default_groups')){ 1138a605c6dSJiri Dorazil $grps = explode(' ', $this->getConf('default_groups')); 1148a605c6dSJiri Dorazil } 1158a605c6dSJiri Dorazil //create user 116*5c420ec9SJan Staněk $this->createUser($login, md5(rand().$login), $skautIsUsername, $skautIsEmail, $grps); 1178a605c6dSJiri Dorazil $udata = $this->getUserData($login); 118*5c420ec9SJan Staněk } elseif ($udata['name'] != $skautIsUsername || $udata['email'] != $skautIsEmail) { 1198a605c6dSJiri Dorazil //update user 120*5c420ec9SJan Staněk $this->modifyUser($login, ['name'=>$skautIsUsername, 'email'=>$skautIsEmail]); 1218a605c6dSJiri Dorazil } 1228a605c6dSJiri Dorazil } 1238a605c6dSJiri Dorazil 124472c46daSJiri Dorazil if ($this->isUserValid($login)){ 1258a605c6dSJiri Dorazil //set user info 1268a605c6dSJiri Dorazil $USERINFO['pass'] = ""; 127*5c420ec9SJan Staněk $USERINFO['name'] = $skautIsUsername; 128*5c420ec9SJan Staněk $USERINFO['mail'] = $skautIsEmail; 1298a605c6dSJiri Dorazil $USERINFO['grps'] = $udata['grps']; 1308a605c6dSJiri Dorazil $USERINFO['is_skautis'] = true; 131*5c420ec9SJan Staněk $_SERVER['REMOTE_USER'] = $skautIsUsername; 1328a605c6dSJiri Dorazil 1338a605c6dSJiri Dorazil //save user info in session 1348a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $_SERVER['REMOTE_USER']; 1358a605c6dSJiri Dorazil $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 1368a605c6dSJiri Dorazil 1378a605c6dSJiri Dorazil //if login page - redirect to main page 1388a605c6dSJiri Dorazil if (isset($_GET['do']) && $_GET['do']=='login'){ 1398a605c6dSJiri Dorazil header("Location: ".wl('start', '', true)); 1408a605c6dSJiri Dorazil } 1418a605c6dSJiri Dorazil 1428a605c6dSJiri Dorazil return true; 1438a605c6dSJiri Dorazil } else { 1444ffb13b3SJiri Dorazil msg($this->getLang('nouser'),-1); 1454ffb13b3SJiri Dorazil $this->logOff(); 1464ffb13b3SJiri Dorazil return false; 1474ffb13b3SJiri Dorazil } 1484ffb13b3SJiri Dorazil } else { 1494ffb13b3SJiri Dorazil msg($this->getLang('badskautis'),-1); 1508a605c6dSJiri Dorazil $this->logOff(); 1518a605c6dSJiri Dorazil return false; 1528a605c6dSJiri Dorazil } 1538a605c6dSJiri Dorazil } else { 1548a605c6dSJiri Dorazil //return false; 1558a605c6dSJiri Dorazil } 1568a605c6dSJiri Dorazil return false; 1578a605c6dSJiri Dorazil } 1588a605c6dSJiri Dorazil 1598a605c6dSJiri Dorazil function logOff(){ 1608a605c6dSJiri Dorazil unset($_SESSION[DOKU_COOKIE]['authskautis']['user']); 1618a605c6dSJiri Dorazil unset($_SESSION[DOKU_COOKIE]['authskautis']['info']); 1628a605c6dSJiri Dorazil } 163472c46daSJiri Dorazil 164472c46daSJiri Dorazil function isUserValid($login){ 165472c46daSJiri Dorazil return isset($this->users[$login]) ? true : false; 166472c46daSJiri Dorazil } 167a4ff4e44SJiri Dorazil} 168