search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Converting number of Excel column names no longer limited
[phpmyadmin/arisferyanto.git] / libraries / auth / swekey / swekey.auth.lib.php
blob3dbad75d0c7578c67a87815220e85ba648b89d76
1 <?php
2 /**
3 * @package Swekey
4 */
5
6 /**
7 * Checks Swekey authentication.
8 */
9 function Swekey_auth_check()
10 {
11 global $cfg;
12 $confFile = $cfg['Server']['auth_swekey_config'];
13
14 if (! isset($_SESSION['SWEKEY'])) {
15 $_SESSION['SWEKEY'] = array();
16 }
17
18 $_SESSION['SWEKEY']['ENABLED'] = (! empty($confFile) && file_exists($confFile));
19
20 // Load the swekey.conf file the first time
21 if ($_SESSION['SWEKEY']['ENABLED'] && empty($_SESSION['SWEKEY']['CONF_LOADED'])) {
22 $_SESSION['SWEKEY']['CONF_LOADED'] = true;
23 $_SESSION['SWEKEY']['VALID_SWEKEYS'] = array();
24 $valid_swekeys = explode("\n",@file_get_contents($confFile));
25 foreach ($valid_swekeys as $line) {
26 if (preg_match("/^[0-9A-F]{32}:.+$/", $line) != false)
27 {
28 $items = explode(":", $line);
29 if (count($items) == 2)
30 $_SESSION['SWEKEY']['VALID_SWEKEYS'][$items[0]] = trim($items[1]);
31 }
32 else if (preg_match("/^[A-Z_]+=.*$/", $line) != false) {
33 $items = explode("=", $line);
34 $_SESSION['SWEKEY']['CONF_'.trim($items[0])] = trim($items[1]);
35 }
36 }
37
38 // Set default values for settings
39 if (! isset($_SESSION['SWEKEY']['CONF_SERVER_CHECK']))
40 $_SESSION['SWEKEY']['CONF_SERVER_CHECK'] = "";
41 if (! isset($_SESSION['SWEKEY']['CONF_SERVER_RNDTOKEN']))
42 $_SESSION['SWEKEY']['CONF_SERVER_RNDTOKEN'] = "";
43 if (! isset($_SESSION['SWEKEY']['CONF_SERVER_STATUS']))
44 $_SESSION['SWEKEY']['CONF_SERVER_STATUS'] = "";
45 if (! isset($_SESSION['SWEKEY']['CONF_CA_FILE']))
46 $_SESSION['SWEKEY']['CONF_CA_FILE'] = "";
47 if (! isset($_SESSION['SWEKEY']['CONF_ENABLE_TOKEN_CACHE']))
48 $_SESSION['SWEKEY']['CONF_ENABLE_TOKEN_CACHE'] = true;
49 if (! isset($_SESSION['SWEKEY']['CONF_DEBUG']))
50 $_SESSION['SWEKEY']['CONF_DEBUG'] = false;
51 }
52
53 // check if a web key has been authenticated
54 if ($_SESSION['SWEKEY']['ENABLED']) {
55 if (empty($_SESSION['SWEKEY']['AUTHENTICATED_SWEKEY']))
56 return false;
57 }
58
59 return true;
60 }
61
62
63 /**
64 * Handle Swekey authentication error.
65 */
66 function Swekey_auth_error()
67 {
68 if (! isset($_SESSION['SWEKEY']))
69 return null;
70
71 if (! $_SESSION['SWEKEY']['ENABLED'])
72 return null;
73
74 require_once './libraries/auth/swekey/authentication.inc.php';
75
76 ?>
77 <script>
78 function Swekey_GetValidKey()
79 {
80 var valids = "<?php
81 foreach ($_SESSION['SWEKEY']['VALID_SWEKEYS'] as $key => $value)
82 echo $key.',';
83 ?>";
84 var connected_keys = Swekey_ListKeyIds().split(",");
85 for (i in connected_keys)
86 if (connected_keys[i] != null && connected_keys[i].length == 32)
87 if (valids.indexOf(connected_keys[i]) >= 0)
88 return connected_keys[i];
89
90
91 if (connected_keys.length > 0)
92 if (connected_keys[0].length == 32)
93 return "unknown_key_" + connected_keys[0];
94
95 return "none";
96 }
97
98 var key = Swekey_GetValidKey();
99
100 function timedCheck()
101 {
102 if (key != Swekey_GetValidKey())
103 {
104 window.location.search = "?swekey_reset";
105 }
106 else
107 setTimeout("timedCheck()",1000);
108 }
109
110 setTimeout("timedCheck()",1000);
111 </script>
112 <?php
113
114 if (! empty($_SESSION['SWEKEY']['AUTHENTICATED_SWEKEY']))
115 return null;
116
117 if (count($_SESSION['SWEKEY']['VALID_SWEKEYS']) == 0)
118 return sprintf($GLOBALS['strSwekeyNoKeyId'], $GLOBALS['cfg']['Server']['auth_swekey_config']);
119
120 require_once "./libraries/auth/swekey/swekey.php";
121
122 Swekey_SetCheckServer($_SESSION['SWEKEY']['CONF_SERVER_CHECK']);
123 Swekey_SetRndTokenServer($_SESSION['SWEKEY']['CONF_SERVER_RNDTOKEN']);
124 Swekey_SetStatusServer($_SESSION['SWEKEY']['CONF_SERVER_STATUS']);
125 Swekey_EnableTokenCache($_SESSION['SWEKEY']['CONF_ENABLE_TOKEN_CACHE']);
126
127 $caFile = $_SESSION['SWEKEY']['CONF_CA_FILE'];
128 if (empty($caFile))
129 {
130 $caFile = __FILE__;
131 $pos = strrpos($caFile, '/');
132 if ($pos === false)
133 $pos = strrpos($caFile, '\\'); // windows
134 $caFile = substr($caFile, 0, $pos + 1).'musbe-ca.crt';
135 // echo "\n<!-- $caFile -->\n";
136 // if (file_exists($caFile))
137 // echo "<!-- exists -->\n";
138 }
139
140 if (file_exists($caFile))
141 Swekey_SetCAFile($caFile);
142 else if (! empty($caFile) && (substr($_SESSION['SWEKEY']['CONF_SERVER_CHECK'], 0, 8) == "https://"))
143 return "Internal Error: CA File $caFile not found";
144
145 $result = null;
146 parse_str($_SERVER['QUERY_STRING']);
147 if (isset($swekey_id)) {
148 unset($_SESSION['SWEKEY']['AUTHENTICATED_SWEKEY']);
149 if (! isset($_SESSION['SWEKEY']['RND_TOKEN'])) {
150 unset($swekey_id);
151 }
152 else {
153 if (strlen($swekey_id) == 32) {
154 $res = Swekey_CheckOtp($swekey_id, $_SESSION['SWEKEY']['RND_TOKEN'], $swekey_otp);
155 unset($_SESSION['SWEKEY']['RND_TOKEN']);
156 if (! $res) {
157 $result = $GLOBALS['strSwekeyAuthFailed'] . ' (' . Swekey_GetLastError() . ')';
158 }
159 else {
160 $_SESSION['SWEKEY']['AUTHENTICATED_SWEKEY'] = $swekey_id;
161 $_SESSION['SWEKEY']['FORCE_USER'] = $_SESSION['SWEKEY']['VALID_SWEKEYS'][$swekey_id];
162 return null;
163 }
164 }
165 else {
166 $result = $GLOBALS['strSwekeyNoKey'];
167 if ($_SESSION['SWEKEY']['CONF_DEBUG'])
168 {
169 $result .= "<br>".$swekey_id;
170 }
171 unset($_SESSION['SWEKEY']['CONF_LOADED']); // reload the conf file
172 }
173 }
174 }
175 else
176 unset($_SESSION['SWEKEY']);
177
178 $_SESSION['SWEKEY']['RND_TOKEN'] = Swekey_GetFastRndToken();
179 if (strlen($_SESSION['SWEKEY']['RND_TOKEN']) != 64) {
180 $result = $GLOBALS['strSwekeyAuthFailed'] . ' (' . Swekey_GetLastError() . ')';
181 unset($_SESSION['SWEKEY']['CONF_LOADED']); // reload the conf file
182 }
183
184 if (! isset($swekey_id)) {
185 ?>
186 <script>
187 if (key.length != 32)
188 {
189 window.location.search="?swekey_id=" + key;
190 }
191 else
192 {
193 var url = "" + window.location;
194 if (url.indexOf("?") > 0)
195 url = url.substr(0, url.indexOf("?"));
196 Swekey_SetUnplugUrl(key, "pma_login", url + "?session_to_unset=<?php echo session_id();?>");
197 var otp = Swekey_GetOtp(key, <?php echo '"'.$_SESSION['SWEKEY']['RND_TOKEN'].'"';?>);
198 window.location.search="?swekey_id=" + key + "&swekey_otp=" + otp;
199 }
200 </script>
201 <?php
202 return $GLOBALS['strSwekeyAuthenticating'];
203 }
204
205 return $result;
206 }
207
208
209 /**
210 * Perform login using Swekey.
211 */
212 function Swekey_login($input_name, $input_go)
213 {
214 $swekeyErr = Swekey_auth_error();
215 if ($swekeyErr != null) {
216 PMA_Message::error($swekeyErr)->display();
217 if ($GLOBALS['error_handler']->hasDisplayErrors()) {
218 echo '<div>';
219 $GLOBALS['error_handler']->dispErrors();
220 echo '</div>';
221 }
222 }
223
224 if (isset($_SESSION['SWEKEY']) && $_SESSION['SWEKEY']['ENABLED']) {
225 echo '<script type="text/javascript">';
226 if (empty($_SESSION['SWEKEY']['FORCE_USER']))
227 echo 'var user = null;';
228 else
229 echo 'var user = "'.$_SESSION['SWEKEY']['FORCE_USER'].'";';
230
231 ?>
232 function open_swekey_site()
233 {
234 window.open("http://phpmyadmin.net/auth_key");
235 }
236
237 var input_username = document.getElementById("<?php echo $input_name; ?>");
238 var input_go = document.getElementById("<?php echo $input_go; ?>");
239 var swekey_status = document.createElement('img');
240 swekey_status.setAttribute('onClick', 'open_swekey_site()');
241 swekey_status.setAttribute('style', 'width:8px; height:16px; border:0px; vspace:0px; hspace:0px; frameborder:no');
242 if (user == null)
243 {
244 swekey_status.setAttribute('src', 'http://artwork.swekey.com/unplugged-8x16.png');
245 //swekey_status.setAttribute('title', 'No swekey plugged');
246 input_go.disabled = true;
247 }
248 else
249 {
250 swekey_status.setAttribute('src', 'http://artwork.swekey.com/plugged-8x16.png');
251 //swekey_status.setAttribute('title', 'swekey plugged');
252 input_username.value = user;
253 }
254 input_username.readOnly = true;
255
256 if (input_username.nextSibling == null)
257 input_username.parentNode.appendChild(swekey_status);
258 else
259 input_username.parentNode.insertBefore(swekey_status, input_username.nextSibling);
260
261 <?php
262 echo '</script>';
263 }
264 }
265
266 if (strstr($_SERVER['QUERY_STRING'],'session_to_unset') != false)
267 {
268 parse_str($_SERVER['QUERY_STRING']);
269 session_write_close();
270 session_id($session_to_unset);
271 session_start();
272 $_SESSION = array();
273 session_write_close();
274 session_destroy();
275 exit;
276 }
277
278 if (isset($_GET['swekey_reset']))
279 {
280 unset($_SESSION['SWEKEY']);
281 }
282
283 ?>
Browse-mode Improvements ++