Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
New parameters LOCAL_PREFIX and ROLE_MAP for auth.remote plugin : map…
Browse files Browse the repository at this point in the history 
… CMS roles to ajaxplorer Roles. Remote plugin must pass the "role" key in the user array.

Implement pagination, as the plugin is finally serial based.
  • Loading branch information
@cdujeu
cdujeu committed Aug 22, 2013
1 parent 5239828 commit 23b1973
Show file tree
Hide file tree
Showing 5 changed files with 250 additions and 160 deletions.
53 changes: 50 additions & 3 deletions core/src/plugins/auth.remote/class.remoteAuthDriver.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ function init($options){
$logoutAction = $cmsOpts["LOGOUT_ACTION"];
switch($cmsOpts["cms"]){
case "wp":
$cmsOpts["LOGOUT_URL"] = ($logoutAction == "back" ? $cmsOpts["LOGIN_URL"] : $cmsOpts["MASTER_URL"]."/wp-login.php?action=logout");
$cmsOpts["LOGOUT_URL"] = ($logoutAction == "back" ? $cmsOpts["MASTER_URL"] : $cmsOpts["MASTER_URL"]."/wp-login.php?action=logout");
break;
case "joomla":
$cmsOpts["LOGOUT_URL"] = $cmsOpts["LOGIN_URL"];
Expand Down Expand Up @@ -108,14 +108,42 @@ function init($options){
$this->secret = $options["SECRET"];
$this->urls = array($options["LOGIN_URL"], $options["LOGOUT_URL"]);
}


function supportsUsersPagination(){
return true;
}

function listUsers(){
$users = AJXP_Utils::loadSerialFile($this->usersSerFile);
if(AuthService::ignoreUserCase()){
$users = array_combine(array_map("strtolower", array_keys($users)), array_values($users));
}
ksort($users);
return $users;
}

function listUsersPaginated($baseGroup = "/", $regexp, $offset = -1 , $limit = -1){
$users = $this->listUsers($baseGroup);
$result = array();
$index = 0;
foreach($users as $usr => $pass){
if(!empty($regexp) && !preg_match("/$regexp/i", $usr)){
continue;
}
if($offset != -1 && $index < $offset) {
$index ++;
continue;
}
$result[$usr] = $pass;
$index ++;
if($limit != -1 && count($result) >= $limit) break;
}
return $result;
}
function getUsersCount($baseGroup = "/", $regexp = ""){
return count($this->listUsersPaginated($baseGroup, $regexp));
}


function userExists($login){
$users = $this->listUsers();
Expand All @@ -128,7 +156,7 @@ function checkPassword($login, $pass, $seed){

if(AuthService::ignoreUserCase()) $login = strtolower($login);
global $AJXP_GLUE_GLOBALS;
if(isSet($AJXP_GLUE_GLOBALS)){
if(isSet($AJXP_GLUE_GLOBALS) || (isSet($this->options["LOCAL_PREFIX"]) && strpos($login, $this->options["LOCAL_PREFIX"]) === 0) ){
$userStoredPass = $this->getUserPass($login);
if(!$userStoredPass) return false;
if($seed == "-1"){ // Seed = -1 means that password is not encoded.
Expand All @@ -153,6 +181,25 @@ function checkPassword($login, $pass, $seed){
$funcName = $this->options["MASTER_AUTH_FUNCTION"];
require_once 'cms_auth_functions.php';
if(function_exists($funcName)){
$sessCookies = call_user_func($funcName, $host, $uri, $login, $pass, $formId);
if($sessCookies != ""){
if(is_array($sessCookies)){
$sessid = $sessCookies["AjaXplorer"];
session_id($sessid);
session_start();
if(!$this->slaveMode){
foreach($sessCookies as $k => $v){
if($k == "AjaXplorer") continue;
setcookie($k, urldecode($v), 0, $uri);
}
}
}else if(is_string($sessCookies)){
session_id($sessCookies);
session_start();
}
return true;
}

$sessid = call_user_func($funcName, $host, $uri, $login, $pass, $formId);
if($sessid != ""){
session_id($sessid);
Expand Down
306 changes: 153 additions & 153 deletions core/src/plugins/auth.remote/cms_auth_functions.php
View file
Original file line number Diff line number Diff line change
@@ -1,154 +1,154 @@
<?php
/*
* Copyright 2007-2011 Charles du Jeu <contact (at) cdujeu.me>
* This file is part of AjaXplorer.
*
* AjaXplorer is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* AjaXplorer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with AjaXplorer. If not, see <http://www.gnu.org/licenses/>.
*
* The latest code can be found at <http://www.ajaxplorer.info/>.
*
* This functions are necessary to implement the bridge between Ajaxplorer
* and other CMS's.
*/

/**
* @package AjaXplorer_Plugins
* @subpackage Auth
*
* @param HttpClient $client
* @return array
*/
function extractResponseCookies($client){
//AJXP_Logger::debug(print_r($client, true));
$cooks = $client->getHeader("set-cookie");
if(empty($cooks)) return array();
if(is_string($cooks)){
$cooks = array($cooks);
}
$cookies = array();
foreach ($cooks as $cookieString){
list($name,$value) = explode("=", $cookieString);
$ar = explode(";", $value);
$value = array_shift($ar);
$cookies[$name] = $value;
}
return $cookies;
}

function wordpress_remote_auth($host, $uri, $login, $pass, $formId = ""){
$client = new HttpClient($host);
$client->setHandleRedirects(false);
$client->setHeadersOnly(true);
$res = $client->post($uri."/wp-login.php", array(
"log" => $login,
"pwd" => $pass,
"wp-submit" => "Log In",
"testcookie" => 1)
);
$newCookies = extractResponseCookies($client);
if(isSet($newCookies["AjaXplorer"])){
return $newCookies["AjaXplorer"];
}
return "";
}

function joomla_remote_auth($host, $uri, $login, $pass, $formId = ""){

$client = new HttpClient($host);
$client->setHandleRedirects(false);
$res = $client->get($uri);
$content = $client->getContent();
$postData = array(
"username" => $login,
"password" => $pass,
"Submit" => "Log in",
"remember" => "yes"
);
$xmlDoc = @DOMDocument::loadHTML($content);
if($xmlDoc === false){
$pos1 = strpos($content, "<form ");
$pos2 = strpos($content, "</form>", $pos1);
$content = substr($content, $pos1, $pos2 + "7" - $pos1);
$xmlDoc = @DOMDocument::loadHTML($content);
}
if($xmlDoc !== false){
$xPath = new DOMXPath($xmlDoc);
if($formId == "") $formId = "login-form";
$nodes = $xPath->query('//form[@id="'.$formId.'"]');
if(!$nodes->length) {
return "";
}
$form = $nodes->item(0);
$postUri = $form->getAttribute("action");
$hiddens = $xPath->query('//input[@type="hidden"]', $form);
foreach($hiddens as $hiddenNode){
$postData[$hiddenNode->getAttribute("name")] = $hiddenNode->getAttribute("value");
}
}else{
// Grab all inputs and hardcode $postUri.
if(preg_match_all("<input type=\"hidden\" name=\"(.*)\" value=\"(.*)\">", $content, $matches)){
foreach($matches[0] as $key => $match){
$postData[$matches[1][$key]] = $matches[2][$key];
}
$postUri = "/login-form";
}
}
//AJXP_Logger::debug("Carry on ". $hiddens->length);
$client->setHandleRedirects(false);
$client->setHeadersOnly(true);
$client->setCookies(extractResponseCookies($client));
$res2 = $client->post($postUri, $postData);
$newCookies = extractResponseCookies($client);
if(isSet($newCookies["AjaXplorer"])){
return $newCookies["AjaXplorer"];
}
return "";
}

function drupal_remote_auth($host, $uri, $login, $pass, $formId = ""){

$client = new HttpClient($host);
$client->setHandleRedirects(false);
$res = $client->get($uri);
$content = $client->getContent();
$xmlDoc = DOMDocument::loadHTML($content);
$xPath = new DOMXPath($xmlDoc);
if($formId == "") $formId = "user-login-form";
$nodes = $xPath->query('//form[@id="'.$formId.'"]');
if(!$nodes->length) {
return "";
}
$form = $nodes->item(0);
$postUri = $form->getAttribute("action");
$hiddens = $xPath->query('//input[@type="hidden"]', $form);
AJXP_Logger::debug("Carry on Drupal hiddens ". $hiddens->length);
$postData = array(
"name" => $login,
"pass" => $pass,
"Submit" => "Log in"
);
foreach($hiddens as $hiddenNode){
$postData[$hiddenNode->getAttribute("name")] = $hiddenNode->getAttribute("value");
}
$client->setHandleRedirects(false);
$client->setHeadersOnly(true);
$client->setCookies(extractResponseCookies($client));
$res2 = $client->post($postUri, $postData);
$newCookies = extractResponseCookies($client);
if(isSet($newCookies["AjaXplorer"])){
return $newCookies["AjaXplorer"];
}
return "";
}
<?php
/*
* Copyright 2007-2011 Charles du Jeu <contact (at) cdujeu.me>
* This file is part of AjaXplorer.
*
* AjaXplorer is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* AjaXplorer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with AjaXplorer. If not, see <http://www.gnu.org/licenses/>.
*
* The latest code can be found at <http://www.ajaxplorer.info/>.
*
* This functions are necessary to implement the bridge between Ajaxplorer
* and other CMS's.
*/

/**
* @package AjaXplorer_Plugins
* @subpackage Auth
*
* @param HttpClient $client
* @return array
*/
function extractResponseCookies($client){
//AJXP_Logger::debug(print_r($client, true));
$cooks = $client->getHeader("set-cookie");
if(empty($cooks)) return array();
if(is_string($cooks)){
$cooks = array($cooks);
}
$cookies = array();
foreach ($cooks as $cookieString){
list($name,$value) = explode("=", $cookieString);
$ar = explode(";", $value);
$value = array_shift($ar);
$cookies[$name] = $value;
}
return $cookies;
}

function wordpress_remote_auth($host, $uri, $login, $pass, $formId = ""){
$client = new HttpClient($host);
$client->setHandleRedirects(false);
$client->setHeadersOnly(true);
$res = $client->post($uri."/wp-login.php", array(
"log" => $login,
"pwd" => $pass,
"wp-submit" => "Log In",
"testcookie" => 1)
);
$newCookies = extractResponseCookies($client);
if(isSet($newCookies["AjaXplorer"])){
return $newCookies;
}
return "";
}

function joomla_remote_auth($host, $uri, $login, $pass, $formId = ""){

$client = new HttpClient($host);
$client->setHandleRedirects(false);
$res = $client->get($uri);
$content = $client->getContent();
$postData = array(
"username" => $login,
"password" => $pass,
"Submit" => "Log in",
"remember" => "yes"
);
$xmlDoc = @DOMDocument::loadHTML($content);
if($xmlDoc === false){
$pos1 = strpos($content, "<form ");
$pos2 = strpos($content, "</form>", $pos1);
$content = substr($content, $pos1, $pos2 + "7" - $pos1);
$xmlDoc = @DOMDocument::loadHTML($content);
}
if($xmlDoc !== false){
$xPath = new DOMXPath($xmlDoc);
if($formId == "") $formId = "login-form";
$nodes = $xPath->query('//form[@id="'.$formId.'"]');
if(!$nodes->length) {
return "";
}
$form = $nodes->item(0);
$postUri = $form->getAttribute("action");
$hiddens = $xPath->query('//input[@type="hidden"]', $form);
foreach($hiddens as $hiddenNode){
$postData[$hiddenNode->getAttribute("name")] = $hiddenNode->getAttribute("value");
}
}else{
// Grab all inputs and hardcode $postUri.
if(preg_match_all("<input type=\"hidden\" name=\"(.*)\" value=\"(.*)\">", $content, $matches)){
foreach($matches[0] as $key => $match){
$postData[$matches[1][$key]] = $matches[2][$key];
}
$postUri = "/login-form";
}
}
//AJXP_Logger::debug("Carry on ". $hiddens->length);
$client->setHandleRedirects(false);
$client->setHeadersOnly(true);
$client->setCookies(extractResponseCookies($client));
$res2 = $client->post($postUri, $postData);
$newCookies = extractResponseCookies($client);
if(isSet($newCookies["AjaXplorer"])){
return $newCookies;
}
return "";
}

function drupal_remote_auth($host, $uri, $login, $pass, $formId = ""){

$client = new HttpClient($host);
$client->setHandleRedirects(false);
$res = $client->get($uri);
$content = $client->getContent();
$xmlDoc = DOMDocument::loadHTML($content);
$xPath = new DOMXPath($xmlDoc);
if($formId == "") $formId = "user-login-form";
$nodes = $xPath->query('//form[@id="'.$formId.'"]');
if(!$nodes->length) {
return "";
}
$form = $nodes->item(0);
$postUri = $form->getAttribute("action");
$hiddens = $xPath->query('//input[@type="hidden"]', $form);
AJXP_Logger::debug("Carry on Drupal hiddens ". $hiddens->length);
$postData = array(
"name" => $login,
"pass" => $pass,
"Submit" => "Log in"
);
foreach($hiddens as $hiddenNode){
$postData[$hiddenNode->getAttribute("name")] = $hiddenNode->getAttribute("value");
}
$client->setHandleRedirects(false);
$client->setHeadersOnly(true);
$client->setCookies(extractResponseCookies($client));
$res2 = $client->post($postUri, $postData);
$newCookies = extractResponseCookies($client);
if(isSet($newCookies["AjaXplorer"])){
return $newCookies;
}
return "";
}
?>
Loading

0 comments on commit 23b1973

Please sign in to comment.