137d2401aSAnna Dabrowska<?php 237d2401aSAnna Dabrowska 31fad6988SAndreas Gohruse dokuwiki\Form\Form; 4d9be1cb5SAnna Dabrowskause dokuwiki\plugin\oauth\SessionManager; 537d2401aSAnna Dabrowskause OAuth\Common\Http\Exception\TokenResponseException; 637d2401aSAnna Dabrowska 737d2401aSAnna Dabrowska/** 837d2401aSAnna Dabrowska * DokuWiki Plugin oauth (Action Component) 937d2401aSAnna Dabrowska * 1074b4d4a4SAndreas Gohr * This adds buttons to the login page and initializes the oAuth flow by redirecting the user 1174b4d4a4SAndreas Gohr * to the third party service 1274b4d4a4SAndreas Gohr * 1337d2401aSAnna Dabrowska * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 1437d2401aSAnna Dabrowska * @author Andreas Gohr <andi@splitbrain.org> 1537d2401aSAnna Dabrowska */ 1637d2401aSAnna Dabrowskaclass action_plugin_oauth_login extends DokuWiki_Action_Plugin 1737d2401aSAnna Dabrowska{ 1837d2401aSAnna Dabrowska /** @var helper_plugin_oauth */ 1937d2401aSAnna Dabrowska protected $hlp; 2037d2401aSAnna Dabrowska 2137d2401aSAnna Dabrowska /** 2237d2401aSAnna Dabrowska * Constructor 2337d2401aSAnna Dabrowska * 2437d2401aSAnna Dabrowska * Initializes the helper 2537d2401aSAnna Dabrowska */ 2637d2401aSAnna Dabrowska public function __construct() 2737d2401aSAnna Dabrowska { 2837d2401aSAnna Dabrowska $this->hlp = plugin_load('helper', 'oauth'); 2937d2401aSAnna Dabrowska } 3037d2401aSAnna Dabrowska 3137d2401aSAnna Dabrowska /** 3237d2401aSAnna Dabrowska * Registers a callback function for a given event 3337d2401aSAnna Dabrowska * 3437d2401aSAnna Dabrowska * @param Doku_Event_Handler $controller DokuWiki's event controller object 3537d2401aSAnna Dabrowska * @return void 3637d2401aSAnna Dabrowska */ 3737d2401aSAnna Dabrowska public function register(Doku_Event_Handler $controller) 3837d2401aSAnna Dabrowska { 3937d2401aSAnna Dabrowska global $conf; 4037d2401aSAnna Dabrowska if ($conf['authtype'] != 'oauth') return; 4137d2401aSAnna Dabrowska 4237d2401aSAnna Dabrowska $conf['profileconfirm'] = false; // password confirmation doesn't work with oauth only users 4337d2401aSAnna Dabrowska 4437d2401aSAnna Dabrowska $controller->register_hook('DOKUWIKI_STARTED', 'BEFORE', $this, 'handleStart'); 451fad6988SAndreas Gohr $controller->register_hook('HTML_LOGINFORM_OUTPUT', 'BEFORE', $this, 'handleOldLoginForm'); // @deprecated 461fad6988SAndreas Gohr $controller->register_hook('FORM_LOGIN_OUTPUT', 'BEFORE', $this, 'handleLoginForm'); 4737d2401aSAnna Dabrowska $controller->register_hook('ACTION_ACT_PREPROCESS', 'BEFORE', $this, 'handleDoLogin'); 4837d2401aSAnna Dabrowska } 4937d2401aSAnna Dabrowska 5037d2401aSAnna Dabrowska /** 5137d2401aSAnna Dabrowska * Start an oAuth login or restore environment after successful login 5237d2401aSAnna Dabrowska * 5337d2401aSAnna Dabrowska * @param Doku_Event $event 5437d2401aSAnna Dabrowska * @return void 5537d2401aSAnna Dabrowska */ 5637d2401aSAnna Dabrowska public function handleStart(Doku_Event $event) 5737d2401aSAnna Dabrowska { 5837d2401aSAnna Dabrowska global $INPUT; 5937d2401aSAnna Dabrowska 6037d2401aSAnna Dabrowska // see if a login needs to be started 6137d2401aSAnna Dabrowska $servicename = $INPUT->str('oauthlogin'); 62*6d9a8a49SAndreas Gohr if (!$servicename) return; 63*6d9a8a49SAndreas Gohr 64*6d9a8a49SAndreas Gohr try { 65*6d9a8a49SAndreas Gohr $om = new \dokuwiki\plugin\oauth\OAuthManager(); 66*6d9a8a49SAndreas Gohr $om->startFlow($servicename); 67*6d9a8a49SAndreas Gohr } catch (TokenResponseException|Exception $e) { 68*6d9a8a49SAndreas Gohr $this->hlp->showException($e, 'login failed'); 69*6d9a8a49SAndreas Gohr } 7037d2401aSAnna Dabrowska } 7137d2401aSAnna Dabrowska 7237d2401aSAnna Dabrowska /** 73d9be1cb5SAnna Dabrowska * Add the oAuth login links to login form 7437d2401aSAnna Dabrowska * 7537d2401aSAnna Dabrowska * @param Doku_Event $event event object by reference 7637d2401aSAnna Dabrowska * @return void 7774b4d4a4SAndreas Gohr * @deprecated can be removed in the future 7837d2401aSAnna Dabrowska */ 791fad6988SAndreas Gohr public function handleOldLoginForm(Doku_Event $event) 8037d2401aSAnna Dabrowska { 8137d2401aSAnna Dabrowska /** @var Doku_Form $form */ 8237d2401aSAnna Dabrowska $form = $event->data; 831fad6988SAndreas Gohr $html = $this->prepareLoginButtons(); 841fad6988SAndreas Gohr if (!$html) return; 851fad6988SAndreas Gohr 861fad6988SAndreas Gohr $form->_content[] = form_openfieldset( 871fad6988SAndreas Gohr [ 881fad6988SAndreas Gohr '_legend' => $this->getLang('loginwith'), 891fad6988SAndreas Gohr 'class' => 'plugin_oauth', 901fad6988SAndreas Gohr ] 911fad6988SAndreas Gohr ); 921fad6988SAndreas Gohr $form->_content[] = $html; 931fad6988SAndreas Gohr $form->_content[] = form_closefieldset(); 941fad6988SAndreas Gohr } 951fad6988SAndreas Gohr 961fad6988SAndreas Gohr /** 971fad6988SAndreas Gohr * Add the oAuth login links to login form 981fad6988SAndreas Gohr * 991fad6988SAndreas Gohr * @param Doku_Event $event event object by reference 1001fad6988SAndreas Gohr * @return void 10174b4d4a4SAndreas Gohr * @deprecated can be removed in the future 1021fad6988SAndreas Gohr */ 1031fad6988SAndreas Gohr public function handleLoginForm(Doku_Event $event) 1041fad6988SAndreas Gohr { 1051fad6988SAndreas Gohr /** @var Form $form */ 1061fad6988SAndreas Gohr $form = $event->data; 1071fad6988SAndreas Gohr $html = $this->prepareLoginButtons(); 1081fad6988SAndreas Gohr if (!$html) return; 1091fad6988SAndreas Gohr 1101fad6988SAndreas Gohr $form->addFieldsetOpen($this->getLang('loginwith'))->addClass('plugin_oauth'); 1111fad6988SAndreas Gohr $form->addHTML($html); 1121fad6988SAndreas Gohr $form->addFieldsetClose(); 1131fad6988SAndreas Gohr } 1141fad6988SAndreas Gohr 1151fad6988SAndreas Gohr /** 1161fad6988SAndreas Gohr * Create HTML for the various login buttons 1171fad6988SAndreas Gohr * 1181fad6988SAndreas Gohr * @return string the HTML 1191fad6988SAndreas Gohr */ 12074b4d4a4SAndreas Gohr protected function prepareLoginButtons() 12174b4d4a4SAndreas Gohr { 12237d2401aSAnna Dabrowska $html = ''; 12337d2401aSAnna Dabrowska 12437d2401aSAnna Dabrowska $validDomains = $this->hlp->getValidDomains(); 12537d2401aSAnna Dabrowska 12637d2401aSAnna Dabrowska if (count($validDomains) > 0) { 1276f3a59e8SAndreas Gohr $html .= '<p class="plugin-oauth-emailrestriction">' . sprintf( 1286f3a59e8SAndreas Gohr $this->getLang('eMailRestricted'), 1296f3a59e8SAndreas Gohr '<b>' . join(', ', $validDomains) . '</b>' 1306f3a59e8SAndreas Gohr ) . '</p>'; 13137d2401aSAnna Dabrowska } 13237d2401aSAnna Dabrowska 13337d2401aSAnna Dabrowska foreach ($this->hlp->listServices() as $service) { 13437d2401aSAnna Dabrowska $html .= $service->loginButton(); 13537d2401aSAnna Dabrowska } 13637d2401aSAnna Dabrowska 1371fad6988SAndreas Gohr return $html; 13837d2401aSAnna Dabrowska } 13937d2401aSAnna Dabrowska 14037d2401aSAnna Dabrowska /** 14137d2401aSAnna Dabrowska * When singleservice is wanted, do not show login, but execute login right away 14237d2401aSAnna Dabrowska * 14337d2401aSAnna Dabrowska * @param Doku_Event $event 14437d2401aSAnna Dabrowska * @return bool 14537d2401aSAnna Dabrowska */ 14637d2401aSAnna Dabrowska public function handleDoLogin(Doku_Event $event) 14737d2401aSAnna Dabrowska { 14837d2401aSAnna Dabrowska global $ID; 14937d2401aSAnna Dabrowska 15037d2401aSAnna Dabrowska if ($event->data != 'login') return true; 15137d2401aSAnna Dabrowska 15237d2401aSAnna Dabrowska $singleService = $this->getConf('singleService'); 15337d2401aSAnna Dabrowska if (!$singleService) return true; 15437d2401aSAnna Dabrowska 15537d2401aSAnna Dabrowska $enabledServices = $this->hlp->listServices(); 15637d2401aSAnna Dabrowska if (count($enabledServices) !== 1) { 15737d2401aSAnna Dabrowska msg($this->getLang('wrongConfig'), -1); 15837d2401aSAnna Dabrowska return false; 15937d2401aSAnna Dabrowska } 16037d2401aSAnna Dabrowska 16137d2401aSAnna Dabrowska $service = array_shift($enabledServices); 16237d2401aSAnna Dabrowska 16337d2401aSAnna Dabrowska $url = wl($ID, ['oauthlogin' => $service->getServiceID()], true, '&'); 16437d2401aSAnna Dabrowska send_redirect($url); 16537d2401aSAnna Dabrowska return true; // never reached 16637d2401aSAnna Dabrowska } 16737d2401aSAnna Dabrowska 16837d2401aSAnna Dabrowska /** 16937d2401aSAnna Dabrowska * start the oauth login 17037d2401aSAnna Dabrowska * 17137d2401aSAnna Dabrowska * This will redirect to the external service and stop processing in this request. 17237d2401aSAnna Dabrowska * The second part of the login will happen in auth 17337d2401aSAnna Dabrowska * 17437d2401aSAnna Dabrowska * @see auth_plugin_oauth 17537d2401aSAnna Dabrowska */ 17637d2401aSAnna Dabrowska protected function startOAuthLogin($servicename) 17737d2401aSAnna Dabrowska { 17837d2401aSAnna Dabrowska global $ID; 17974b4d4a4SAndreas Gohr// $service = $this->hlp->loadService($servicename); 18074b4d4a4SAndreas Gohr// if (is_null($service)) return; 18174b4d4a4SAndreas Gohr// 18274b4d4a4SAndreas Gohr// // remember service in session 18374b4d4a4SAndreas Gohr// $sessionManager = SessionManager::getInstance(); 18474b4d4a4SAndreas Gohr// $sessionManager->setServiceName($servicename); 18574b4d4a4SAndreas Gohr// $sessionManager->setPid($ID); 18674b4d4a4SAndreas Gohr// $sessionManager->saveState(); 18737d2401aSAnna Dabrowska 188*6d9a8a49SAndreas Gohr 18937d2401aSAnna Dabrowska } 19037d2401aSAnna Dabrowska 19137d2401aSAnna Dabrowska /** 19237d2401aSAnna Dabrowska * Restore the request environment that had been set before the oauth shuffle 19374b4d4a4SAndreas Gohr * @todo this should be handled by the session manager, if we really need it 19437d2401aSAnna Dabrowska */ 19537d2401aSAnna Dabrowska protected function restoreSessionEnvironment() 19637d2401aSAnna Dabrowska { 19737d2401aSAnna Dabrowska global $INPUT, $ACT, $TEXT, $PRE, $SUF, $SUM, $RANGE, $DATE_AT, $REV; 198d9be1cb5SAnna Dabrowska 199d9be1cb5SAnna Dabrowska $sessionManager = SessionManager::getInstance(); 200d9be1cb5SAnna Dabrowska $ACT = $sessionManager->getDo(); 201d9be1cb5SAnna Dabrowska $_REQUEST = $sessionManager->getRequest(); 20237d2401aSAnna Dabrowska 20337d2401aSAnna Dabrowska $REV = $INPUT->int('rev'); 20437d2401aSAnna Dabrowska $DATE_AT = $INPUT->str('at'); 20537d2401aSAnna Dabrowska $RANGE = $INPUT->str('range'); 20637d2401aSAnna Dabrowska if ($INPUT->post->has('wikitext')) { 20737d2401aSAnna Dabrowska $TEXT = cleanText($INPUT->post->str('wikitext')); 20837d2401aSAnna Dabrowska } 20937d2401aSAnna Dabrowska $PRE = cleanText(substr($INPUT->post->str('prefix'), 0, -1)); 21037d2401aSAnna Dabrowska $SUF = cleanText($INPUT->post->str('suffix')); 21137d2401aSAnna Dabrowska $SUM = $INPUT->post->str('summary'); 21237d2401aSAnna Dabrowska 213d9be1cb5SAnna Dabrowska $sessionManager->setDo(''); 214d9be1cb5SAnna Dabrowska $sessionManager->setRequest([]); 215d9be1cb5SAnna Dabrowska $sessionManager->saveState(); 21637d2401aSAnna Dabrowska } 21737d2401aSAnna Dabrowska} 218