1<?php 2 3/** 4 * DokuWiki Plugin skautis (Auth Component) 5 * 6 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 7 * @author Jiri Dorazil <alex@skaut.cz> 8 */ 9 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12define('SKAUTIS_LIBS_DIR', dirname(__FILE__).'/libs/'); 13require_once SKAUTIS_LIBS_DIR. 'skautis-minify.php'; 14 15global $conf; 16// define cookie and session id, append server port when securecookie is configured 17if (!defined('AUTHSKAUTIS_COOKIE')){ 18 define('AUTHSKAUTIS_COOKIE', 'SPGG'.md5(DOKU_REL.(($conf['securecookie'])?$_SERVER['SERVER_PORT']:''))); 19} 20 21class auth_plugin_authskautis extends auth_plugin_authplain { 22 23 /** 24 * Constructor. 25 */ 26 public function __construct() { 27 global $config_cascade; 28 parent::__construct(); // for compatibility 29 $this->url = Skautis\Config::URL_PRODUCTION . '/Login/?appid='; 30 $this->testUrl = Skautis\Config::URL_TEST . '/Login/?appid='; 31 32 $this->success = true; 33 34 $this->cando['addUser'] = true; // can Users be created? 35 $this->cando['external'] = true; // does the module do external auth checking? 36 $this->cando['logout'] = true; // can the user logout again? (eg. not possible with HTTP auth) 37 38 } 39 40 /** 41 * Do all authentication [ OPTIONAL ] 42 * 43 * @param string $user Username 44 * @param string $pass Cleartext Password 45 * @param bool $sticky Cookie should not expire 46 * @return bool true on successful auth 47 */ 48 public function trustExternal($user, $pass, $sticky = false) { 49 global $USERINFO; 50 51 //get user info in session 52 if (!empty($_SESSION[DOKU_COOKIE]['authskautis']['info'])) { 53 $USERINFO['name'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['name']; 54 $USERINFO['mail'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['mail']; 55 $USERINFO['grps'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['grps']; 56 $USERINFO['is_skautis'] = $_SESSION[DOKU_COOKIE]['authskautis']['info']['is_skautis']; 57 $_SERVER['REMOTE_USER'] = $_SESSION[DOKU_COOKIE]['authskautis']['user']; 58 return true; 59 } 60 61 //get form login info 62 if(!empty($user)){ 63 //var_dump($user,$pass);die; 64 if($this->checkPass($user,$pass)){ 65 $uinfo = $this->getUserData($user); 66 67 //set user info 68 $USERINFO['name'] = $uinfo['name']; 69 $USERINFO['mail'] = $uinfo['email']; 70 $USERINFO['grps'] = $uinfo['grps']; 71 $USERINFO['pass'] = $pass; 72 73 //save data in session 74 $_SERVER['REMOTE_USER'] = $uinfo['name']; 75 $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $uinfo['name']; 76 $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 77 78 return true; 79 }else{ 80 //invalid credentials - log off 81 msg($this->getLang('badlogin'),-1); 82 return false; 83 } 84 } 85 86 87 //$sticky ? $sticky = true : $sticky = false; //sanity check 88 if (!empty($_POST)){ 89 90 $skautisAppId = $this->getConf('skautis_app_id'); 91 $skautIsTestmode = $this->getConf('skautis_test_mode'); 92 //$skautIsAllowedAddUser = $this->getConf('skautis_allowed_add_user'); 93 $skautIsAllowedAddUser = true; 94 $skautIs = SkautIs\skautIs::getInstance($skautisAppId,$skautIsTestmode); 95 $skautIs->setLoginData($_POST); 96 97 $skautisUser = $skautIs->getUser(); 98 99 if ($skautisUser->isLoggedIn(true)) { 100 $userData = $skautIs->user->userDetail(); 101 $token = $skautIs->getUser()->getLoginId(); 102 $person = $skautIs->org->PersonDetail(array('ID_Login' => $token, 'ID' => $userData->ID_Person)); 103 //$roles = $skautIs->user->userRoleAll(array('ID_Login' => $token, 'ID_User' => $userData->ID)); 104 $skautisEmail = $person->Email; 105 $skautisUsername = $person->FirstName . ' ' . $person->LastName; 106 107 //create and update user in base 108 if($skautIsAllowedAddUser){ 109 $login = 'skautis'.$userData->ID; 110 $udata = $this->getUserData($login); 111 if (!$udata) { 112 //default groups 113 $grps = null; 114 if ($this->getConf('default_groups')){ 115 $grps = explode(' ', $this->getConf('default_groups')); 116 } 117 //create user 118 $this->createUser($login, md5(rand().$login), $skautisUsername, $skautisEmail, $grps); 119 $udata = $this->getUserData($login); 120 } elseif ($udata['name'] != $skautisUsername || $udata['email'] != $skautisEmail) { 121 //update user 122 $this->modifyUser($login, array('name'=>$skautisUsername, 'email'=>$skautisEmail)); 123 } 124 } 125 126 127 //set user info 128 $USERINFO['pass'] = ""; 129 $USERINFO['name'] = $skautisUsername; 130 $USERINFO['mail'] = $skautisEmail; 131 $USERINFO['grps'] = $udata['grps']; 132 $USERINFO['is_skautis'] = true; 133 $_SERVER['REMOTE_USER'] = $skautisUsername; 134 135 //save user info in session 136 $_SESSION[DOKU_COOKIE]['authskautis']['user'] = $_SERVER['REMOTE_USER']; 137 $_SESSION[DOKU_COOKIE]['authskautis']['info'] = $USERINFO; 138 139 //if login page - redirect to main page 140 if (isset($_GET['do']) && $_GET['do']=='login'){ 141 header("Location: ".wl('start', '', true)); 142 } 143 144 return true; 145 } else { 146 $this->logOff(); 147 return false; 148 } 149 } else { 150 //return false; 151 } 152 return false; 153 } 154 155 function logOff(){ 156 unset($_SESSION[DOKU_COOKIE]['authskautis']['user']); 157 unset($_SESSION[DOKU_COOKIE]['authskautis']['info']); 158 } 159}