1<?php 2/** 3 * DokuWiki Plugin oauth (Helper Component) 4 * 5 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html 6 * @author Andreas Gohr <andi@splitbrain.org> 7 */ 8 9use dokuwiki\Extension\Event; 10use dokuwiki\plugin\oauth\Service; 11 12require_once(__DIR__ . '/vendor/autoload.php'); 13 14/** 15 * Basic helper methods for the oauth flow 16 */ 17class helper_plugin_oauth extends DokuWiki_Plugin 18{ 19 20 /** 21 * Load the needed libraries and initialize the named oAuth service 22 * 23 * @param string $servicename 24 * @return null|Service 25 */ 26 public function loadService($servicename) 27 { 28 $services = $this->listServices(true); 29 if (!isset($services[$servicename])) return null; 30 $service = $services[$servicename]; 31 32 if (!$service->getOAuthService()) { 33 msg(hsc("Failed to initialize $servicename authentication service. Check credentials"), -1); 34 return null; 35 } 36 37 return $service; 38 } 39 40 /** 41 * The redirect URI used in all oAuth requests 42 * 43 * @return string 44 */ 45 public function redirectURI() 46 { 47 if ($this->getConf('custom-redirectURI') !== '') { 48 return $this->getConf('custom-redirectURI'); 49 } else { 50 return DOKU_URL . DOKU_SCRIPT; 51 } 52 } 53 54 /** 55 * List available Services 56 * 57 * @param bool $enabledonly list only services that have been configured 58 * @triggers PLUGIN_OAUTH_BACKEND_REGISTER 59 * @return Service[] list of service objects 60 */ 61 public function listServices($enabledonly = true) 62 { 63 $services = []; 64 $event = new Event('PLUGIN_OAUTH_BACKEND_REGISTER', $services); 65 $event->advise_before(false); 66 $event->advise_after(); 67 68 // filter out unconfigured services 69 if ($enabledonly) { 70 $services = array_filter($services, function ($service) { 71 /** @var Service $service */ 72 return (bool)$service->getKey(); 73 }); 74 } 75 76 return $services; 77 } 78 79 /** 80 * @return array 81 */ 82 public function getValidDomains() 83 { 84 if ($this->getConf('mailRestriction') === '') { 85 return array(); 86 } 87 $validDomains = explode(',', trim($this->getConf('mailRestriction'), ',')); 88 $validDomains = array_map('trim', $validDomains); 89 return $validDomains; 90 } 91 92 /** 93 * @param string $mail 94 * 95 * @return bool 96 */ 97 public function checkMail($mail) 98 { 99 $hostedDomains = $this->getValidDomains(); 100 101 foreach ($hostedDomains as $validDomain) { 102 if (substr($mail, -strlen($validDomain)) === $validDomain) { 103 return true; 104 } 105 } 106 return false; 107 } 108 109 /** 110 * @param array $session cookie auth session 111 * 112 * @return bool 113 */ 114 public function validBrowserID($session) 115 { 116 return $session['buid'] == auth_browseruid(); 117 } 118 119 /** 120 * @param array $session cookie auth session 121 * 122 * @return bool 123 */ 124 public function isSessionTimedOut($session) 125 { 126 global $conf; 127 return $session['time'] < time() - $conf['auth_security_timeout']; 128 } 129 130 /** 131 * @return bool 132 */ 133 public function isGETRequest() 134 { 135 global $INPUT; 136 return $INPUT->server->str('REQUEST_METHOD') === 'GET'; 137 } 138 139 /** 140 * check if we are handling a request to doku.php. Only doku.php defines $updateVersion 141 * 142 * @return bool 143 */ 144 public function isDokuPHP() 145 { 146 global $updateVersion; 147 return isset($updateVersion); 148 } 149 150 /** 151 * Display an exception to the user 152 * 153 * @param Exception $e 154 * @param string $prefix - user friendly explanation if available 155 */ 156 public function showException(\Exception $e, $prefix = '') 157 { 158 global $conf; 159 msg('OAuth: ' . $prefix . ' ' . hsc($e->getMessage()), -1); 160 if ($conf['allowdebug']) { 161 msg('<pre>' . hsc($e->getTraceAsString()) . '</pre>', -1); 162 } 163 } 164} 165