1<?php 2 3/** 4 * DokuWiki Plugin skautis (Auth Component) 5 * 6 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 7 * @author Jiri Dorazil <alex@skaut.cz> 8 */ 9 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13require_once 'vendor/autoload.php'; 14 15global $conf; 16// define cookie and session id, append server port when securecookie is configured 17if (!defined('AUTHSKAUTIS_COOKIE')){ 18 define('AUTHSKAUTIS_COOKIE', 'SPGG'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:''))); 19} 20 21 22class auth_plugin_authskautis extends auth_plugin_authplain { 23 24 /** 25 * Constructor. 26 */ 27 public function __construct() { 28 global $config_cascade; 29 parent::__construct(); // for compatibility 30 $this->url = Skautis\Config::URL_PRODUCTION . '/Login/?appid='; 31 $this->testUrl = Skautis\Config::URL_TEST . '/Login/?appid='; 32 33 $this->success = true; 34 35 $this->cando['addUser'] = true; // can Users be created? 36 $this->cando['external'] = true; // does the module do external auth checking? 37 $this->cando['logout'] = true; // can the user logout again? (eg. not possible with HTTP auth) 38 } 39 40 /** 41 * Do all authentication [ OPTIONAL ] 42 * 43 * @param string $user Username 44 * @param string $pass Cleartext Password 45 * @param bool $sticky Cookie should not expire 46 * @return bool true on successful auth 47 */ 48 public function trustExternal($user, $pass, $sticky = false) { 49 global $USERINFO; 50 51 //get user info in session 52 if (!empty($_SESSION[DOKU_COOKIE]['authskautis']['info'])) { 53 $USERINFO['name'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['name']; 54 $USERINFO['mail'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['mail']; 55 $USERINFO['grps'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['grps']; 56 $USERINFO['is_skautis'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['is_skautis']; 57 $_SERVER['REMOTE_USER'] = $_SESSION[DOKU_COOKIE]['authskautis']['user']; 58 return true; 59 } 60 61 //get form login info 62 if(!empty($user)){ 63 //var_dump($user,$pass);die; 64 if($this->checkPass($user,$pass)){ 65 $uinfo = $this->getUserData($user); 66 67 //set user info 68 $USERINFO['name'] = $uinfo['name']; 69 $USERINFO['mail'] = $uinfo['email']; 70 $USERINFO['grps'] = $uinfo['grps']; 71 $USERINFO['pass'] = $pass; 72 73 //save data in session 74 $_SERVER['REMOTE_USER'] = $uinfo['name']; 75 $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $uinfo['name']; 76 $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 77 78 return true; 79 }else{ 80 //invalid credentials - log off 81 msg($this->getLang('badlogin'),-1); 82 return false; 83 } 84 } 85 86 //$sticky ? $sticky = true : $sticky = false; //sanity check 87 if (!empty($_POST)){ 88 89 $skautIsAppId = $this->getConf('skautis_app_id'); 90 $skautIsTestmode = $this->getConf('skautis_test_mode'); 91 $skautIsAllowedAddUser = $this->getConf('skautis_allowed_add_user'); 92 $skautIs = Skautis\Skautis::getInstance($skautIsAppId,$skautIsTestmode); 93 $skautIs->setLoginData($_POST); 94 95 $skautIsUser = $skautIs->getUser(); 96 97 if ($skautIsUser->isLoggedIn(true)) { 98 $userData = $skautIs->user->userDetail(); 99 $token = $skautIs->getUser()->getLoginId(); 100 $person = $skautIs->org->PersonDetail(['ID_Login' => $token, 'ID' => $userData->ID_Person]); 101 $skautIsEmail = $person->Email; 102 $skautIsUsername = $person->FirstName . ' ' . $person->LastName; 103 104 $login = 'skautis'.$userData->ID; 105 $udata = $this->getUserData($login); 106 107 //create and update user in base 108 if($skautIsAllowedAddUser){ 109 if (!$udata) { 110 //default groups 111 $grps = null; 112 if ($this->getConf('default_groups')){ 113 $grps = explode(' ', $this->getConf('default_groups')); 114 } 115 //create user 116 $this->createUser($login, md5(rand().$login), $skautIsUsername, $skautIsEmail, $grps); 117 $udata = $this->getUserData($login); 118 } elseif ($udata['name'] != $skautIsUsername || $udata['email'] != $skautIsEmail) { 119 //update user 120 $this->modifyUser($login, ['name'=>$skautIsUsername, 'email'=>$skautIsEmail]); 121 } 122 } 123 124 if ($this->isUserValid($login)){ 125 //set user info 126 $USERINFO['pass'] = ""; 127 $USERINFO['name'] = $skautIsUsername; 128 $USERINFO['mail'] = $skautIsEmail; 129 $USERINFO['grps'] = $udata['grps']; 130 $USERINFO['is_skautis'] = true; 131 $_SERVER['REMOTE_USER'] = $skautIsUsername; 132 133 //save user info in session 134 $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $_SERVER['REMOTE_USER']; 135 $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 136 137 //if login page - redirect to main page 138 if (isset($_GET['do']) && $_GET['do']=='login'){ 139 header("Location: ".wl('start', '', true)); 140 } 141 142 return true; 143 } else { 144 msg($this->getLang('nouser'),-1); 145 $this->logOff(); 146 return false; 147 } 148 } else { 149 msg($this->getLang('badskautis'),-1); 150 $this->logOff(); 151 return false; 152 } 153 } else { 154 //return false; 155 } 156 return false; 157 } 158 159 function logOff(){ 160 unset($_SESSION[DOKU_COOKIE]['authskautis']['user']); 161 unset($_SESSION[DOKU_COOKIE]['authskautis']['info']); 162 } 163 164 function isUserValid($login){ 165 return isset($this->users[$login]) ? true : false; 166 } 167} 168