180852c15SAndreas Gohr<?php 23e7ac5b1SAndreas Gohr 3e170f465SAndreas Gohruse dokuwiki\plugin\oauth\OAuthManager; 4e170f465SAndreas Gohruse dokuwiki\plugin\oauth\Session; 5e170f465SAndreas Gohruse dokuwiki\Subscriptions\RegistrationSubscriptionSender; 6e170f465SAndreas Gohruse OAuth\Common\Exception\Exception as OAuthException; 7e170f465SAndreas Gohr 880852c15SAndreas Gohr/** 980852c15SAndreas Gohr * DokuWiki Plugin oauth (Auth Component) 1080852c15SAndreas Gohr * 1180852c15SAndreas Gohr * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 1280852c15SAndreas Gohr * @author Andreas Gohr <andi@splitbrain.org> 1380852c15SAndreas Gohr */ 143e7ac5b1SAndreas Gohrclass auth_plugin_oauth extends auth_plugin_authplain 153e7ac5b1SAndreas Gohr{ 16e170f465SAndreas Gohr /** @var helper_plugin_oauth */ 17e170f465SAndreas Gohr protected $hlp; 18e170f465SAndreas Gohr 19e170f465SAndreas Gohr // region standard auth methods 2080852c15SAndreas Gohr 213e7ac5b1SAndreas Gohr /** @inheritDoc */ 223e7ac5b1SAndreas Gohr public function __construct() 233e7ac5b1SAndreas Gohr { 24f10e09e2SAndreas Gohr parent::__construct(); 25f10e09e2SAndreas Gohr $this->cando['external'] = true; 26e170f465SAndreas Gohr $this->hlp = $this->loadHelper('oauth'); 2780852c15SAndreas Gohr } 2880852c15SAndreas Gohr 293e7ac5b1SAndreas Gohr /** @inheritDoc */ 30311a6606SAnna Dabrowska public function trustExternal($user, $pass, $sticky = false) 313e7ac5b1SAndreas Gohr { 32a02a5d81SAnna Dabrowska global $INPUT; 33438dcc52SMichael Grosse 348523e9d0SAndreas Gohr // handle redirects from farmer to animal wiki instances 358523e9d0SAndreas Gohr if ($INPUT->has('state') && plugin_load('helper', 'farmer')) { 36d9be1cb5SAnna Dabrowska $this->handleFarmState($INPUT->str('state')); 37438dcc52SMichael Grosse } 3880852c15SAndreas Gohr 3974b4d4a4SAndreas Gohr try { 4074b4d4a4SAndreas Gohr // either oauth or "normal" plain auth login via form 41e170f465SAndreas Gohr $om = new OAuthManager(); 4274b4d4a4SAndreas Gohr return $om->continueFlow() || auth_login($user, $pass, $sticky); 43e170f465SAndreas Gohr } catch (OAuthException $e) { 44e170f465SAndreas Gohr $this->hlp->showException($e); 4528002081SAndreas Gohr auth_logoff(); // clears all session and cookie data 4674b4d4a4SAndreas Gohr return false; 47a7a8f46aSAndreas Gohr } 48a7a8f46aSAndreas Gohr } 4980852c15SAndreas Gohr 50f2e164b0SMichael Große /** 51311a6606SAnna Dabrowska * Enhance function to check against duplicate emails 52311a6606SAnna Dabrowska * 53e170f465SAndreas Gohr * @inheritdoc 54311a6606SAnna Dabrowska */ 55311a6606SAnna Dabrowska public function createUser($user, $pwd, $name, $mail, $grps = null) 56311a6606SAnna Dabrowska { 57311a6606SAnna Dabrowska if ($this->getUserByEmail($mail)) { 58311a6606SAnna Dabrowska msg($this->getLang('emailduplicate'), -1); 59311a6606SAnna Dabrowska return false; 60311a6606SAnna Dabrowska } 61311a6606SAnna Dabrowska 62311a6606SAnna Dabrowska return parent::createUser($user, $pwd, $name, $mail, $grps); 63311a6606SAnna Dabrowska } 64311a6606SAnna Dabrowska 65311a6606SAnna Dabrowska /** 66311a6606SAnna Dabrowska * Enhance function to check against duplicate emails 67311a6606SAnna Dabrowska * 68e170f465SAndreas Gohr * @inheritdoc 69311a6606SAnna Dabrowska */ 70311a6606SAnna Dabrowska public function modifyUser($user, $changes) 71311a6606SAnna Dabrowska { 72311a6606SAnna Dabrowska global $conf; 73311a6606SAnna Dabrowska 74311a6606SAnna Dabrowska if (isset($changes['mail'])) { 75311a6606SAnna Dabrowska $found = $this->getUserByEmail($changes['mail']); 76311a6606SAnna Dabrowska if ($found && $found != $user) { 77311a6606SAnna Dabrowska msg($this->getLang('emailduplicate'), -1); 78311a6606SAnna Dabrowska return false; 79311a6606SAnna Dabrowska } 80311a6606SAnna Dabrowska } 81311a6606SAnna Dabrowska 82311a6606SAnna Dabrowska $ok = parent::modifyUser($user, $changes); 83311a6606SAnna Dabrowska 84311a6606SAnna Dabrowska // refresh session cache 85311a6606SAnna Dabrowska touch($conf['cachedir'] . '/sessionpurge'); 86311a6606SAnna Dabrowska return $ok; 87311a6606SAnna Dabrowska } 88311a6606SAnna Dabrowska 89311a6606SAnna Dabrowska /** 90311a6606SAnna Dabrowska * Unset additional stuff in session on logout 91311a6606SAnna Dabrowska */ 92311a6606SAnna Dabrowska public function logOff() 93311a6606SAnna Dabrowska { 94311a6606SAnna Dabrowska parent::logOff(); 95e170f465SAndreas Gohr (Session::getInstance())->clear(); 96311a6606SAnna Dabrowska } 97311a6606SAnna Dabrowska 98e170f465SAndreas Gohr // endregion 99e170f465SAndreas Gohr 100311a6606SAnna Dabrowska /** 101e170f465SAndreas Gohr * Register a new user logged in by oauth 102f2e164b0SMichael Große * 103e170f465SAndreas Gohr * It ensures the username is unique, by adding a number if needed. 104e170f465SAndreas Gohr * Default and service name groups are set here. 105e170f465SAndreas Gohr * Registration notifications are triggered. 106a02a5d81SAnna Dabrowska * 107e170f465SAndreas Gohr * @param array $userinfo This will be updated with the new username 108b2b9fbc7SMichael Große * @param string $servicename 109b2b9fbc7SMichael Große * 110b2b9fbc7SMichael Große * @return bool 111e170f465SAndreas Gohr * @todo - should this be part of the OAuthManager class instead? 112b2b9fbc7SMichael Große */ 113e170f465SAndreas Gohr public function registerOAuthUser(&$userinfo, $servicename) 1143e7ac5b1SAndreas Gohr { 115b2b9fbc7SMichael Große global $conf; 116a02a5d81SAnna Dabrowska $user = $userinfo['user']; 117b2b9fbc7SMichael Große $count = ''; 118b2b9fbc7SMichael Große while ($this->getUserData($user . $count)) { 119b2b9fbc7SMichael Große if ($count) { 120b2b9fbc7SMichael Große $count++; 121b2b9fbc7SMichael Große } else { 122b2b9fbc7SMichael Große $count = 1; 123b2b9fbc7SMichael Große } 124b2b9fbc7SMichael Große } 125b2b9fbc7SMichael Große $user = $user . $count; 126a02a5d81SAnna Dabrowska $userinfo['user'] = $user; 127e170f465SAndreas Gohr $groups_on_creation = []; 128b2b9fbc7SMichael Große $groups_on_creation[] = $conf['defaultgroup']; 129b2b9fbc7SMichael Große $groups_on_creation[] = $this->cleanGroup($servicename); // add service as group 130a02a5d81SAnna Dabrowska $userinfo['grps'] = array_merge((array)$userinfo['grps'], $groups_on_creation); 131b2b9fbc7SMichael Große 132e170f465SAndreas Gohr // the password set here will remain unknown to the user 133b2b9fbc7SMichael Große $ok = $this->triggerUserMod( 134b2b9fbc7SMichael Große 'create', 135e170f465SAndreas Gohr [ 136e170f465SAndreas Gohr $user, 137e170f465SAndreas Gohr auth_pwgen($user), 138e170f465SAndreas Gohr $userinfo['name'], 139e170f465SAndreas Gohr $userinfo['mail'], 1404928b245SAndreas Gohr $userinfo['grps'], 141e170f465SAndreas Gohr ] 142b2b9fbc7SMichael Große ); 143b2b9fbc7SMichael Große if (!$ok) { 144b2b9fbc7SMichael Große return false; 145b2b9fbc7SMichael Große } 146b2b9fbc7SMichael Große 147e170f465SAndreas Gohr // send notification about the new user 148e170f465SAndreas Gohr $subscriptionSender = new RegistrationSubscriptionSender(); 149e170f465SAndreas Gohr $subscriptionSender->sendRegister($user, $userinfo['name'], $userinfo['mail']); 150e170f465SAndreas Gohr 151b2b9fbc7SMichael Große return true; 152b2b9fbc7SMichael Große } 153b2b9fbc7SMichael Große 154b2b9fbc7SMichael Große /** 155a02a5d81SAnna Dabrowska * Find a user by email address 156b2b9fbc7SMichael Große * 157b2b9fbc7SMichael Große * @param $mail 158b2b9fbc7SMichael Große * @return bool|string 159b2b9fbc7SMichael Große */ 16074b4d4a4SAndreas Gohr public function getUserByEmail($mail) 1613e7ac5b1SAndreas Gohr { 1628b214edcSAndreas Gohr if ($this->users === null) { 1638b214edcSAndreas Gohr $this->loadUserData(); 1648b214edcSAndreas Gohr } 165b2b9fbc7SMichael Große $mail = strtolower($mail); 166b2b9fbc7SMichael Große 167a02a5d81SAnna Dabrowska foreach ($this->users as $user => $userinfo) { 168a02a5d81SAnna Dabrowska if (strtolower($userinfo['mail']) == $mail) return $user; 169b2b9fbc7SMichael Große } 170b2b9fbc7SMichael Große 171b2b9fbc7SMichael Große return false; 172b2b9fbc7SMichael Große } 173b2b9fbc7SMichael Große 174b2b9fbc7SMichael Große /** 175*2a8b22d5SAndreas Gohr * Fall back to plain auth strings 176*2a8b22d5SAndreas Gohr * 177*2a8b22d5SAndreas Gohr * @inheritdoc 178*2a8b22d5SAndreas Gohr */ 179*2a8b22d5SAndreas Gohr public function getLang($id) 180*2a8b22d5SAndreas Gohr { 181*2a8b22d5SAndreas Gohr $result = parent::getLang($id); 182*2a8b22d5SAndreas Gohr if($result) return $result; 183*2a8b22d5SAndreas Gohr 184*2a8b22d5SAndreas Gohr $parent = new auth_plugin_authplain(); 185*2a8b22d5SAndreas Gohr return $parent->getLang($id); 186*2a8b22d5SAndreas Gohr } 187*2a8b22d5SAndreas Gohr 188*2a8b22d5SAndreas Gohr /** 189b8ca6a42SAnna Dabrowska * Farmer plugin support 190b8ca6a42SAnna Dabrowska * 191b8ca6a42SAnna Dabrowska * When coming back to farmer instance via OAUTH redirectURI, we need to redirect again 192b8ca6a42SAnna Dabrowska * to a proper animal instance detected from $state 193b2b9fbc7SMichael Große * 194311a6606SAnna Dabrowska * @param $state 195b2b9fbc7SMichael Große */ 196e170f465SAndreas Gohr protected function handleFarmState($state) 1973e7ac5b1SAndreas Gohr { 198311a6606SAnna Dabrowska /** @var \helper_plugin_farmer $farmer */ 199311a6606SAnna Dabrowska $farmer = plugin_load('helper', 'farmer', false, true); 200311a6606SAnna Dabrowska $data = json_decode(base64_decode(urldecode($state))); 201311a6606SAnna Dabrowska if (empty($data->animal) || $farmer->getAnimal() == $data->animal) { 202311a6606SAnna Dabrowska return; 203827232fcSMichael Große } 204311a6606SAnna Dabrowska $animal = $data->animal; 205311a6606SAnna Dabrowska $allAnimals = $farmer->getAllAnimals(); 206311a6606SAnna Dabrowska if (!in_array($animal, $allAnimals)) { 207311a6606SAnna Dabrowska msg('Animal ' . $animal . ' does not exist!'); 208311a6606SAnna Dabrowska return; 209827232fcSMichael Große } 210311a6606SAnna Dabrowska global $INPUT; 211311a6606SAnna Dabrowska $url = $farmer->getAnimalURL($animal) . '/doku.php?' . $INPUT->server->str('QUERY_STRING'); 212311a6606SAnna Dabrowska send_redirect($url); 213b2b9fbc7SMichael Große } 214b2b9fbc7SMichael Große} 215