1<?php 2/** 3 * DokuWiki Plugin oauth (Auth Component) 4 * 5 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9// must be run within Dokuwiki 10if(!defined('DOKU_INC')) die(); 11 12class auth_plugin_oauth extends auth_plugin_authplain { 13 14 public function __construct() { 15 parent::__construct(); 16 17 18 $this->cando['external'] = true; 19 } 20 21 22 function trustExternal($user, $pass, $sticky = false) { 23 global $INPUT; 24 global $conf; 25 global $USERINFO; 26 27 $servicename = $INPUT->str('oa'); 28 29 // check session for existing oAuth login data 30 $session = $_SESSION[DOKU_COOKIE]['auth']; 31 if(!$servicename && isset($session['oauth'])) { 32 $servicename = $session['oauth']; 33 // check if session data is still considered valid 34 if( ($session['time'] >= time() - $conf['auth_security_timeout']) && 35 ($session['buid'] == auth_browseruid())) { 36 37 $_SERVER['REMOTE_USER'] = $session['user']; 38 $USERINFO = $session['info']; 39 return true; 40 } 41 } 42 43 // either we're in oauth login or a previous log needs to be rechecked 44 if($servicename) { 45 /** @var helper_plugin_oauth $hlp */ 46 $hlp = plugin_load('helper', 'oauth'); 47 $service = $hlp->loadService($servicename); 48 if(is_null($service)) return false; 49 50 // get the token 51 if($service->checkToken()) { 52 $uinfo = $service->getUser(); 53 $this->setUserSession($uinfo, $servicename); 54 55 56 57 58 return true; 59 } 60 61 return false; // something went wrong during oAuth login 62 } 63 64 65 // do the "normal" plain auth login via form 66 return auth_login($user, $pass, $sticky); 67 } 68 69 /** 70 * @param array $data 71 * @param string $service 72 */ 73 protected function setUserSession($data, $service) { 74 global $USERINFO; 75 global $conf; 76 77 // set up groups 78 if(!is_array($data['grps'])) { 79 $data['grps'] = array(); 80 } 81 $data['grps'][] = $conf['defaultgroup']; 82 $data['grps'][] = $this->cleanGroup($service); 83 84 $USERINFO = $data; 85 $_SERVER['REMOTE_USER'] = $data['user']; 86 $_SESSION[DOKU_COOKIE]['auth']['user'] = $data['user']; 87 $_SESSION[DOKU_COOKIE]['auth']['pass'] = $data['pass']; 88 $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO; 89 $_SESSION[DOKU_COOKIE]['auth']['buid'] = auth_browseruid(); 90 $_SESSION[DOKU_COOKIE]['auth']['time'] = time(); 91 $_SESSION[DOKU_COOKIE]['auth']['oauth'] = $service; 92 } 93 94 protected function getUserByEmail($mail) { 95 $mail = strtolower($mail); 96 } 97 98 public function createUser($user, $pwd, $name, $mail, $grps = null) { 99 $mail = strtolower($mail); 100 101 //FIXME check for duplicate mail 102 return parent::createUser($user, $pwd, $name, $mail, $grps); 103 } 104 105 public function modifyUser($user, $changes) { 106 $mail = strtolower($mail); 107 108 //FIXME check for duplicate mail 109 return parent::modifyUser($user, $changes); 110 } 111 112} 113 114// vim:ts=4:sw=4:et: