packages/dokuwiki/authmultisite/auth.php

   1 <?php
   2 if(!defined('DOKU_INC')) die();
   3
   4 /**
   5  * auth/multisite.class.php
   6  *
   7  * Login against the Check_MK Multisite API
   8  *
   9  * @author    Bastian Kuhn <bk@mathias-kettner.de>
  10  */
  11
  12 class auth_plugin_authmultisite extends DokuWiki_Auth_Plugin {
  13
  14   var $success = true;
  15   var $cando = array (
  16     'addUser'     => false, // can Users be created?
  17     'delUser'     => false, // can Users be deleted?
  18     'modLogin'    => false, // can login names be changed?
  19     'modPass'     => false, // can passwords be changed?
  20     'modName'     => false, // can real names be changed?
  21     'modMail'     => false, // can emails be changed?
  22     'modGroups'   => false, // can groups be changed?
  23     'getUsers'    => false, // can a (filtered) list of users be retrieved?
  24     'getUserCount'=> false, // can the number of users be retrieved?
  25     'getGroups'   => false, // can a list of available groups be retrieved?
  26     'external'    => true, // does the module do external auth checking?
  27     'logout'      => false,  // can the user logout again? (eg. not possible with HTTP auth)
  28   );
  29
  30   function auth_basic() {
  31   }
  32
  33   private function loadAuthFile($path) {
  34       $creds = array();
  35       foreach(file($path) AS $line) {
  36           if(strpos($line, ':') !== false) {
  37               list($username, $secret) = explode(':', $line, 2);
  38               $creds[$username] = rtrim($secret);
  39           }
  40       }
  41       return $creds;
  42   }
  43
  44   function trustExternal($user,$pass,$sticky=false){
  45       global $conf;
  46       global $USERINFO;
  47       foreach(array_keys($_COOKIE) AS $cookieName)
  48       {
  49         if(substr($cookieName, 0, 5) != 'auth_'){
  50            continue;
  51         }
  52
  53         if(!isset($_COOKIE[$cookieName]) || $_COOKIE[$cookieName] == ''){
  54             continue;
  55         }
  56         list($username, $issueTime, $cookieHash) = explode(':', $_COOKIE[$cookieName], 3);
  57
  58         require_once($conf['multisite']['authfile']);
  59         if(!isset($mk_users[$username])){
  60             continue;
  61         }
  62
  63         if(file_exists($conf['multisite']['auth_serials']))
  64             $authFile = 'serial';
  65         elseif(file_exists($conf['multisite']['htpasswd']))
  66             $authFile = 'htpasswd';
  67         else
  68             continue;
  69
  70         if($authFile == 'htpasswd')
  71             $users = $this->loadAuthFile($conf['multisite']['htpasswd']);
  72         else
  73             $users = $this->loadAuthFile($conf['multisite']['auth_serials']);
  74
  75         if(!isset($users[$username])) {
  76             throw new Exception();
  77         }
  78         $user_secret = $users[$username];
  79
  80         $secret = trim(file_get_contents($conf['multisite']['auth_secret']));
  81         if(md5($username . $issueTime . $user_secret . $secret) == $cookieHash)
  82         {
  83             $USERINFO['name'] = $username;
  84             $USERINFO['grps'] = $mk_users[$username]['roles'];
  85             $_SERVER['REMOTE_USER'] = $username;
  86             $_SESSION[DOKU_COOKIE]['auth']['user'] = $username;
  87             $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO;
  88             return true;
  89         }else
  90         {
  91             continue;
  92         }
  93       }
  94       header('Location:../check_mk/login.py?_origtarget=' . urlencode($_SERVER['REQUEST_URI']));
  95       return false;
  96   }
  97
  98
  99 }
 100 //Setup VIM: ex: et ts=2 :