124cd6f55SDamien Regad<?php 224cd6f55SDamien Regad/** 324cd6f55SDamien Regad * DokuWiki Plugin authwordpress (Auth Component) 424cd6f55SDamien Regad * 535dd80b8SDamien Regad * Provides authentication against a WordPress MySQL database backend 635dd80b8SDamien Regad * 735dd80b8SDamien Regad * This program is free software; you can redistribute it and/or modify 835dd80b8SDamien Regad * it under the terms of the GNU General Public License as published by 935dd80b8SDamien Regad * the Free Software Foundation; version 2 of the License 1035dd80b8SDamien Regad * 1135dd80b8SDamien Regad * This program is distributed in the hope that it will be useful, 1235dd80b8SDamien Regad * but WITHOUT ANY WARRANTY; without even the implied warranty of 1335dd80b8SDamien Regad * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 1435dd80b8SDamien Regad * GNU General Public License for more details. 1535dd80b8SDamien Regad * 1635dd80b8SDamien Regad * See the COPYING file in your DokuWiki folder for details 1735dd80b8SDamien Regad * 1824cd6f55SDamien Regad * @author Damien Regad <dregad@mantisbt.org> 1935dd80b8SDamien Regad * @copyright 2015 Damien Regad 2035dd80b8SDamien Regad * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 21b5b72c15SDamien Regad * @version 1.1 2235dd80b8SDamien Regad * @link https://github.com/dregad/dokuwiki-authwordpress 2324cd6f55SDamien Regad */ 2424cd6f55SDamien Regad 2535dd80b8SDamien Regad 2624cd6f55SDamien Regad// must be run within Dokuwiki 2724cd6f55SDamien Regadif(!defined('DOKU_INC')) die(); 2824cd6f55SDamien Regad 2935dd80b8SDamien Regad/** 3035dd80b8SDamien Regad * WordPress password hashing framework 3135dd80b8SDamien Regad */ 3235dd80b8SDamien Regadrequire_once('class-phpass.php'); 3335dd80b8SDamien Regad 3435dd80b8SDamien Regad/** 3535dd80b8SDamien Regad * Authentication class 3635dd80b8SDamien Regad */ 3724cd6f55SDamien Regadclass auth_plugin_authwordpress extends DokuWiki_Auth_Plugin { 3824cd6f55SDamien Regad 3935dd80b8SDamien Regad /** 4035dd80b8SDamien Regad * SQL statement to retrieve User data from WordPress DB 4135dd80b8SDamien Regad * (including group memberships) 42b5b72c15SDamien Regad * '%prefix%' will be replaced by the actual prefix (from plugin config) 4335dd80b8SDamien Regad */ 440341717fSDamien Regad protected $sql_wp_user_data = "SELECT 4535dd80b8SDamien Regad id, user_login, user_pass, user_email, display_name, 4635dd80b8SDamien Regad meta_value AS groups 47b5b72c15SDamien Regad FROM %prefix%users u 48b5b72c15SDamien Regad JOIN %prefix%usermeta m ON u.id = m.user_id 495a632944SDamien Regad WHERE meta_key = '%prefix%capabilities' 5035dd80b8SDamien Regad AND user_login = :user"; 5124cd6f55SDamien Regad 5224cd6f55SDamien Regad /** 53015f33b2SDamien Regad * Wordpress database connection 54015f33b2SDamien Regad */ 550341717fSDamien Regad protected $db; 56015f33b2SDamien Regad 57015f33b2SDamien Regad 58015f33b2SDamien Regad /** 5924cd6f55SDamien Regad * Constructor. 6024cd6f55SDamien Regad */ 6124cd6f55SDamien Regad public function __construct() { 6235dd80b8SDamien Regad parent::__construct(); 6324cd6f55SDamien Regad 64*16ceb666SDamien Regad $this->cando['getUsers'] = true; 65*16ceb666SDamien Regad 6635dd80b8SDamien Regad // Try to establish a connection to the WordPress DB 6735dd80b8SDamien Regad // abort in case of failure 6835dd80b8SDamien Regad try { 695a360df9SDamien Regad $this->wp_connect(); 7035dd80b8SDamien Regad } 7135dd80b8SDamien Regad catch (Exception $e) { 7235dd80b8SDamien Regad msg(sprintf($this->getLang('error_connect_failed'), $e->getMessage())); 7335dd80b8SDamien Regad $this->success = false; 7435dd80b8SDamien Regad return; 7535dd80b8SDamien Regad } 7624cd6f55SDamien Regad 77b5b72c15SDamien Regad // Initialize SQL query with configured prefix 78b5b72c15SDamien Regad $this->sql_wp_user_data = str_replace( 79b5b72c15SDamien Regad '%prefix%', 80b5b72c15SDamien Regad $this->getConf('prefix'), 81b5b72c15SDamien Regad $this->sql_wp_user_data 82b5b72c15SDamien Regad ); 83b5b72c15SDamien Regad 8424cd6f55SDamien Regad $this->success = true; 8524cd6f55SDamien Regad } 8624cd6f55SDamien Regad 8724cd6f55SDamien Regad 8824cd6f55SDamien Regad /** 8924cd6f55SDamien Regad * Check user+password 9024cd6f55SDamien Regad * 9124cd6f55SDamien Regad * @param string $user the user name 9224cd6f55SDamien Regad * @param string $pass the clear text password 9324cd6f55SDamien Regad * @return bool 9435dd80b8SDamien Regad * 9535dd80b8SDamien Regad * @uses PasswordHash::CheckPassword WordPress password hasher 9624cd6f55SDamien Regad */ 9724cd6f55SDamien Regad public function checkPass($user, $pass) { 9835dd80b8SDamien Regad $data = $this->getUserData($user); 9935dd80b8SDamien Regad if ($data === false) { 10035dd80b8SDamien Regad return false; 10124cd6f55SDamien Regad } 10224cd6f55SDamien Regad 10335dd80b8SDamien Regad $hasher = new PasswordHash(8, true); 104eed09871SDamien Regad $check = $hasher->CheckPassword($pass, $data['pass']); 105eed09871SDamien Regad dbglog("Password " . ($check ? 'OK' : 'Invalid')); 106eed09871SDamien Regad 107eed09871SDamien Regad return $check; 10835dd80b8SDamien Regad } 10935dd80b8SDamien Regad 110*16ceb666SDamien Regad /** 111*16ceb666SDamien Regad * Bulk retrieval of user data 112*16ceb666SDamien Regad * 113*16ceb666SDamien Regad * @param int $start index of first user to be returned 114*16ceb666SDamien Regad * @param int $limit max number of users to be returned 115*16ceb666SDamien Regad * @param array $filter array of field/pattern pairs 116*16ceb666SDamien Regad * @return array userinfo (refer getUserData for internal userinfo details) 117*16ceb666SDamien Regad */ 118*16ceb666SDamien Regad public function retrieveUsers($start = 0, $limit = 0, $filter = array()) { 119*16ceb666SDamien Regad msg($this->getLang('user_list_use_wordpress')); 120*16ceb666SDamien Regad return array(); 121*16ceb666SDamien Regad } 122*16ceb666SDamien Regad 12335dd80b8SDamien Regad 12424cd6f55SDamien Regad /** 12535dd80b8SDamien Regad * Returns info about the given user 12624cd6f55SDamien Regad * 12724cd6f55SDamien Regad * @param string $user the user name 12824cd6f55SDamien Regad * @return array containing user data or false 12924cd6f55SDamien Regad */ 1300341717fSDamien Regad public function getUserData($user, $requireGroups=true) { 13135dd80b8SDamien Regad global $conf; 13235dd80b8SDamien Regad 133015f33b2SDamien Regad $stmt = $this->db->prepare($this->sql_wp_user_data); 13435dd80b8SDamien Regad $stmt->bindParam(':user', $user); 135eed09871SDamien Regad dbglog("Retrieving data for user '$user'\n" . $this->sql_wp_user_data); 13635dd80b8SDamien Regad 13735dd80b8SDamien Regad if (!$stmt->execute()) { 1389520968dSDamien Regad // Query execution failed 139eed09871SDamien Regad $err = $stmt->errorInfo(); 140eed09871SDamien Regad dbglog("Error $err[1]: $err[2]"); 14124cd6f55SDamien Regad return false; 14224cd6f55SDamien Regad } 1439520968dSDamien Regad 1449520968dSDamien Regad $user = $stmt->fetch(PDO::FETCH_ASSOC); 1459520968dSDamien Regad if ($user === false) { 1469520968dSDamien Regad // Unknown user 147eed09871SDamien Regad dbglog("Unknown user"); 1489520968dSDamien Regad return false; 1499520968dSDamien Regad } 15024cd6f55SDamien Regad 15135dd80b8SDamien Regad // Group membership - add DokuWiki's default group 15235dd80b8SDamien Regad $groups = array_keys(unserialize($user['groups'])); 15329953764SDamien Regad if($this->getConf('usedefaultgroup')) { 15435dd80b8SDamien Regad $groups[] = $conf['defaultgroup']; 15529953764SDamien Regad } 15624cd6f55SDamien Regad 15735dd80b8SDamien Regad $info = array( 15835dd80b8SDamien Regad 'user' => $user['user_login'], 15935dd80b8SDamien Regad 'name' => $user['display_name'], 16035dd80b8SDamien Regad 'pass' => $user['user_pass'], 16135dd80b8SDamien Regad 'mail' => $user['user_email'], 16235dd80b8SDamien Regad 'grps' => $groups, 16335dd80b8SDamien Regad ); 16435dd80b8SDamien Regad return $info; 16524cd6f55SDamien Regad } 16624cd6f55SDamien Regad 16724cd6f55SDamien Regad 16824cd6f55SDamien Regad /** 16935dd80b8SDamien Regad * Connect to Wordpress database 170015f33b2SDamien Regad * Initializes $db property as PDO object 17124cd6f55SDamien Regad */ 1720341717fSDamien Regad protected function wp_connect() { 173cb81639bSDamien Regad if($this->db) { 174cb81639bSDamien Regad // Already connected 175cb81639bSDamien Regad return; 176cb81639bSDamien Regad } 177cb81639bSDamien Regad 178cb81639bSDamien Regad // Build connection string 17935dd80b8SDamien Regad $dsn = array( 18035dd80b8SDamien Regad 'host=' . $this->getConf('hostname'), 18135dd80b8SDamien Regad 'dbname=' . $this->getConf('database'), 18235dd80b8SDamien Regad ); 18335dd80b8SDamien Regad $port = $this->getConf('port'); 18435dd80b8SDamien Regad if ($port) { 18535dd80b8SDamien Regad $dsn[] = 'port=' . $port; 18635dd80b8SDamien Regad } 18735dd80b8SDamien Regad $dsn = 'mysql:' . implode(';', $dsn); 18835dd80b8SDamien Regad 189015f33b2SDamien Regad $this->db = new PDO($dsn, $this->getConf('username'), $this->getConf('password')); 19024cd6f55SDamien Regad } 19124cd6f55SDamien Regad 19224cd6f55SDamien Regad} 19324cd6f55SDamien Regad 1940e6cb03cSDamien Regad// vim:ts=4:sw=4:noet: 195