added ability to publish UID in each sites for authentication in mobi…

…le (it is recorded in Cookie) (refs #1113)
openpne · May 30, 2010 · b1bd42e · b1bd42e
1 parent 986e233
commit b1bd42e
Show file tree

Hide file tree

Showing 6 changed files with 127 additions and 4 deletions.
diff --git a/apps/mobile_frontend/templates/_partsLogin.php b/apps/mobile_frontend/templates/_partsLogin.php
@@ -4,7 +4,7 @@
 <tr><td bgcolor="<?php echo $op_color["core_color_11"] ?>"><font color="<?php echo $op_color["core_color_18"] ?>"><?php echo $form->getAuthAdapter()->getAuthConfig('auth_mode_caption') ? __($form->getAuthAdapter()->getAuthConfig('auth_mode_caption')) : $form->getAuthMode() ?></font></td></tr>
 
 <tr><td bgcolor="<?php echo $op_color["core_color_4"] ?>">
-<form action="<?php echo $link_to ?><?php if ($form->isUtn()) echo '?guid=on' ?>" method="post"<?php if ($form->isUtn()) echo ' utn' ?>>
+<form action="<?php echo $link_to ?><?php if (!$sf_request->hasMobileUidCookie() && $form->isUtn()) echo '?guid=on' ?>" method="post"<?php if (!$sf_request->hasMobileUidCookie() && $form->isUtn()) echo ' utn' ?>>
 <?php echo $form ?>
 
 <center>

diff --git a/config/OpenPNE.yml.sample b/config/OpenPNE.yml.sample
@@ -109,7 +109,7 @@ ssl_required_actions:
 
   # 携帯版設定
   # for mobile_frontend
-  mobile_frontend: ["member/register", "member/registerInput", "member/registerEnd", "member/editProfile", "member/config", "member/login", "member/logout", "member/invite"]
+  mobile_frontend: ["member/register", "member/registerInput", "member/registerEnd", "member/editProfile", "member/config", "member/login", "member/logout", "member/invite", "member/configUID"]
 
   # 管理画面設定
   # for pc_backend

diff --git a/lib/form/opAuthRegisterForm.class.php b/lib/form/opAuthRegisterForm.class.php
@@ -52,6 +52,9 @@ public function __construct($defaults = array(), $options = array(), $CSRFSecret
 
     parent::__construct($defaults, $options, false);
 
+    $this->setValidator('mobile_uid', new sfValidatorPass());
+    $this->setValidator('mobile_cookie_uid', new sfValidatorPass());
+
     $this->mergePostValidator(new sfValidatorCallback(array('callback' => array($this, 'validateMobileUID'))));
 
     $this->widgetSchema->setNameFormat('auth[%s]');
@@ -117,7 +120,10 @@ public function bindAll($request)
     $this->memberForm->bind($request->getParameter('member'));
     $this->profileForm->bind($request->getParameter('profile'));
     $this->configForm->bind($request->getParameter('member_config'));
-    $this->bind($request->getParameter('auth'));
+    $this->bind($request->getParameter('auth', array(
+      'mobile_uid'        => '',
+      'mobile_cookie_uid' => '',
+    )));
   }
 
   public function validateMobileUID($validator, $values, $arguments = array())
@@ -140,6 +146,12 @@ public function validateMobileUID($validator, $values, $arguments = array())
         throw new sfValidatorError($validator, 'A mobile UID is invalid.');
       }
 
+      $cookieUid = sfContext::getInstance()->getResponse()->generateMobileUidCookie();
+      if ($cookieUid)
+      {
+        $values['mobile_cookie_uid'] = $cookieUid;
+      }
+
       $values['mobile_uid'] = $uid;
     }
 
@@ -162,6 +174,11 @@ public function save()
         $this->getMember()->setConfig('mobile_uid', $this->getValue('mobile_uid'));
       }
 
+      if ($this->getValue('mobile_cookie_uid'))
+      {
+        $this->getMember()->setConfig('mobile_cookie_uid', $this->getValue('mobile_cookie_uid'));
+      }
+
       $communities = Doctrine::getTable('Community')->getDefaultCommunities();
       foreach ($communities as $community)
       {

diff --git a/lib/request/opWebRequest.class.php b/lib/request/opWebRequest.class.php
@@ -19,6 +19,7 @@ class opWebRequest extends sfWebRequest
 {
   const SB_GW_COOKIE_NAME = 'is_sb_gw';
   const SB_GW_BASE_URL = 'https://secure.softbank.ne.jp/';
+  const MOBILE_UID_COOKIE_NAME = 'op_mobile_uid';
 
   protected 
     $userAgentMobileInstance = null;
@@ -140,7 +141,8 @@ public function isMobileIPAddress()
   */
   public function getMobileUID()
   {
-    if (!$this->isMobile()) {
+    if (!$this->isMobile())
+    {
       return false;
     }
 
@@ -166,6 +168,16 @@ public function getMobileUID()
     return false;
   }
 
+  public function getMobileUidCookie()
+  {
+    return $this->getCookie(self::MOBILE_UID_COOKIE_NAME);
+  }
+
+  public function hasMobileUidCookie()
+  {
+    return (bool)$this->getCookie(self::MOBILE_UID_COOKIE_NAME);
+  }
+
  /**
   * Checks whether the mobile UID is a valid or not.
   *

diff --git a/lib/response/opWebResponse.class.php b/lib/response/opWebResponse.class.php
@@ -26,4 +26,18 @@ public function getTitle()
 
     return $result;
   }
+
+  public function generateMobileUidCookie()
+  {
+    $request = sfContext::getInstance()->getRequest();
+    if (!$request->isMobile() || !$request->isCookie())
+    {
+      return false;
+    }
+
+    $value = opToolkit::getRandom();
+    $this->setCookie(opWebRequest::MOBILE_UID_COOKIE_NAME, $value, strtotime('+20years'));
+
+    return $value;
+  }
 }
diff --git a/lib/util/opToolkit.class.php b/lib/util/opToolkit.class.php
@@ -475,4 +475,84 @@ public static function calculateUsableMemorySize()
 
     return ($limit - $usage);
   }
+
+  /**
+   * Generates a randomized hash (from Ethna 2.5.0)
+   *
+   * Licensed under The BSD License. Original is the Ethna_Util::getRandom() method.
+   *
+   * Copyright (c) 2004-2006, Masaki Fujimoto
+   * All rights reserved.
+   *
+   * @author  Masaki Fujimoto <fujimoto@php.net>
+   * @license http://www.opensource.org/licenses/bsd-license.php The BSD License
+   *
+   * @param  int    $length  Length of a hash
+   * @return string
+   */
+  public function getRandom($length = 64)
+  {
+    static $srand = false;
+
+    if ($srand == false)
+    {
+      list($usec, $sec) = explode(' ', microtime());
+      mt_srand((float) $sec + ((float) $usec * 100000) + getmypid());
+      $srand = true;
+    }
+
+    // Is the "open_basedir" is on, and accessing to /proc is allowed?
+    // If the "open_basedir" is empty, this method consider that accessing to it is allowed.
+    $devfile = '/proc/net/dev';
+    $open_basedir_conf = ini_get('open_basedir');
+    $devfile_enabled = (empty($open_basedir_conf)
+      || (preg_match('#:/proc#', $open_basedir_conf) > 0
+      ||  preg_match('#^/proc#', $open_basedir_conf) > 0));
+
+    $value = '';
+    for ($i = 0; $i < 2; $i++)
+    {
+      // for Linux
+      if ($devfile_enabled && file_exists($devfile))
+      {
+        $rx = $tx = 0;
+        $fp = fopen($devfile, 'r');
+        if ($fp != null)
+        {
+          $header = true;
+          while (feof($fp) === false)
+          {
+            $s = fgets($fp, 4096);
+            if ($header)
+            {
+              $header = false;
+              continue;
+            }
+            $v = preg_split('/[:\s]+/', $s);
+            if (is_array($v) && count($v) > 10)
+            {
+              $rx += $v[2];
+              $tx += $v[10];
+            }
+          }
+        }
+        $platform_value = $rx.$tx.mt_rand().getmypid();
+      }
+      else
+      {
+        $platform_value = mt_rand().getmypid();
+      }
+      $now = strftime('%Y%m%d %T');
+      $time = gettimeofday();
+      $v = $now.$time['usec'].$platform_value.mt_rand(0, time());
+      $value .= md5($v);
+    }
+
+    if ($length < 64)
+    {
+      $value = substr($value, 0, $length);
+    }
+
+    return $value;
+  }
 }