xref: /plugin/authskautis/auth.php (revision 4e2376697606df95e136c85b877e5451f03fc9cc) 
1<?php
2
3/**
4 * DokuWiki Plugin skautis (Auth Component)
5 *
6 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
7 * @author  Jiri Dorazil <alex@skaut.cz>
8 */
9
10// must be run within Dokuwiki
11if(!defined('DOKU_INC')) die();
12define('SKAUTIS_LIBS_DIR', dirname(__FILE__).'/libs/');
13require_once SKAUTIS_LIBS_DIR. 'skautis-minify.php';
14
15global $conf;
16// define cookie and session id, append server port when securecookie is configured
17if (!defined('AUTHSKAUTIS_COOKIE')){
18    define('AUTHSKAUTIS_COOKIE', 'SPGG'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:'')));
19}
20
21class auth_plugin_authskautis extends auth_plugin_authplain {
22
23    /**
24     * Constructor.
25     */
26    public function __construct() {
27        global $config_cascade;
28        parent::__construct(); // for compatibility
29        $this->url = Skautis\Config::URL_PRODUCTION . '/Login/?appid=';
30        $this->testUrl = Skautis\Config::URL_TEST . '/Login/?appid=';
31
32        $this->success = true;
33
34        $this->cando['addUser']     = true; // can Users be created?
35        $this->cando['external']    = true; // does the module do external auth checking?
36        $this->cando['logout']      = true; // can the user logout again? (eg. not possible with HTTP auth)
37
38    }
39
40    /**
41     * Do all authentication [ OPTIONAL ]
42     *
43     * @param   string  $user    Username
44     * @param   string  $pass    Cleartext Password
45     * @param   bool    $sticky  Cookie should not expire
46     * @return  bool             true on successful auth
47     */
48    public function trustExternal($user, $pass, $sticky = false) {
49        global $USERINFO;
50
51        //get user info in session
52        if (!empty($_SESSION[DOKU_COOKIE]['authskautis']['info'])) {
53            $USERINFO['name'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['name'];
54            $USERINFO['mail'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['mail'];
55            $USERINFO['grps'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['grps'];
56            $USERINFO['is_skautis'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['is_skautis'];
57            $_SERVER['REMOTE_USER'] = $_SESSION[DOKU_COOKIE]['authskautis']['user'];
58            return true;
59        }
60
61        //get form login info
62        if(!empty($user)){
63            //var_dump($user,$pass);die;
64            if($this->checkPass($user,$pass)){
65                $uinfo  = $this->getUserData($user);
66
67                //set user info
68                $USERINFO['name'] = $uinfo['name'];
69                $USERINFO['mail'] = $uinfo['email'];
70                $USERINFO['grps'] = $uinfo['grps'];
71                $USERINFO['pass'] = $pass;
72
73                //save data in session
74                $_SERVER['REMOTE_USER'] = $uinfo['name'];
75                $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $uinfo['name'];
76                $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO;
77
78                return true;
79            }else{
80                //invalid credentials - log off
81                msg($this->getLang('badlogin'),-1);
82                return false;
83            }
84        }
85
86
87        //$sticky ? $sticky = true : $sticky = false; //sanity check
88        if (!empty($_POST)){
89
90            $skautisAppId = $this->getConf('skautis_app_id');
91            $skautIsTestmode = $this->getConf('skautis_test_mode');
92            $skautIsAllowedAddUser = $this->getConf('skautis_allowed_add_user');
93            $skautIs = SkautIs\skautIs::getInstance($skautisAppId,$skautIsTestmode);
94            $skautIs->setLoginData($_POST);
95
96            $skautisUser = $skautIs->getUser();
97
98            if ($skautisUser->isLoggedIn(true)) {
99                $userData = $skautIs->user->userDetail();
100                $token = $skautIs->getUser()->getLoginId();
101                $person = $skautIs->org->PersonDetail(array('ID_Login' => $token, 'ID' => $userData->ID_Person));
102                $skautisEmail = $person->Email;
103                $skautisUsername = $person->FirstName . ' ' . $person->LastName;
104
105                $login = 'skautis'.$userData->ID;
106                $udata = $this->getUserData($login);
107
108                //create and update user in base
109                if($skautIsAllowedAddUser){
110                    if (!$udata) {
111                        //default groups
112                        $grps = null;
113                        if ($this->getConf('default_groups')){
114                            $grps = explode(' ', $this->getConf('default_groups'));
115                        }
116                        //create user
117                        $this->createUser($login, md5(rand().$login), $skautisUsername, $skautisEmail, $grps);
118                        $udata = $this->getUserData($login);
119                    } elseif ($udata['name'] != $skautisUsername || $udata['email'] != $skautisEmail) {
120                        //update user
121                        $this->modifyUser($login, array('name'=>$skautisUsername, 'email'=>$skautisEmail));
122                    }
123                }
124
125                if ($udata['mail'] == $skautisEmail){
126                    //set user info
127                    $USERINFO['pass'] = "";
128                    $USERINFO['name'] = $skautisUsername;
129                    $USERINFO['mail'] = $skautisEmail;
130                    $USERINFO['grps'] = $udata['grps'];
131                    $USERINFO['is_skautis'] = true;
132                    $_SERVER['REMOTE_USER'] = $skautisUsername;
133
134                    //save user info in session
135                    $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $_SERVER['REMOTE_USER'];
136                    $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO;
137
138                    //if login page - redirect to main page
139                    if (isset($_GET['do']) && $_GET['do']=='login'){
140                        header("Location: ".wl('start', '', true));
141                    }
142
143                    return true;
144                } else {
145                    msg($this->getLang('nouser'),-1);
146                    $this->logOff();
147                    return false;
148                }
149            } else {
150                msg($this->getLang('badskautis'),-1);
151                $this->logOff();
152                return false;
153            }
154        } else {
155            //return false;
156        }
157        return false;
158    }
159
160    function logOff(){
161        unset($_SESSION[DOKU_COOKIE]['authskautis']['user']);
162        unset($_SESSION[DOKU_COOKIE]['authskautis']['info']);
163    }
164}