Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 115 lines (98 sloc) 4.661 kb
889e041 @craig552uk Renamed primary scripts
authored
1 <?php
2
3 include_once('settings.php');
4 include_once('lib-ldap.php');
5 include_once('lib-oauth.php');
6
7 // Get parameters
8 $param['redirect_uri'] = (isset($_GET['redirect_uri'])) ? htmlspecialchars($_GET['redirect_uri']) : "";
9 $param['client_id'] = (isset($_GET['client_id'])) ? htmlspecialchars($_GET['client_id']) : "";
10 $param['response_type'] = (isset($_GET['response_type'])) ? htmlspecialchars($_GET['response_type']) : "";
11 $param['username'] = (isset($_GET['username'])) ? htmlspecialchars($_GET['username']) : "";
12 $param['password'] = (isset($_GET['password'])) ? htmlspecialchars($_GET['password']) : "";
13
14 // Check parameters meet expected values
15 $param_ok['redirect_uri'] = ("https://rapportive.com/raplets" == substr($param['redirect_uri'],0,30)) ? true : false;
16 $param_ok['client_id'] = ("rapportive" == $param['client_id']) ? true : false;
17 $param_ok['response_type'] = ("token" == $param['response_type']) ? true : false;
18
428c48e @craig552uk Added login error message
authored
19 // Allow form if parameters are ok
889e041 @craig552uk Renamed primary scripts
authored
20 $params_ok = ($param_ok['redirect_uri'] && $param_ok['client_id'] && $param_ok['response_type']) ? true : false;
21
428c48e @craig552uk Added login error message
authored
22 // init error variable
23 $error = "";
889e041 @craig552uk Renamed primary scripts
authored
24
428c48e @craig552uk Added login error message
authored
25 // Attempt to authenticate
26 $conn = my_ldap_connect();
27 $data = my_ldap_authenticate($conn, $param['username'], $param['password']);
28 $authenticated = (isset($data['dn'])) ? true : false;
29
30 if (isset($_GET['login'])){
889e041 @craig552uk Renamed primary scripts
authored
31 if ($authenticated){
45c289a @craig552uk Added token generation logic
authored
32 // Re-bind as privileged user
33 my_ldap_bind($conn);
34
35 // Get token from user data
889e041 @craig552uk Renamed primary scripts
authored
36 $token = contains_token($data['tokens']);
45c289a @craig552uk Added token generation logic
authored
37
38 if (!is_string($token)){
39 // Create new token if needed
40 $token = gen_token($data['dn']);
41 // Save new token in LDAP directory
42 my_ldap_add_token($conn, $data['dn'], $token);
43 }
428c48e @craig552uk Added login error message
authored
44 }else{
45 $error = "Invalid user name and/or password";
46 }
889e041 @craig552uk Renamed primary scripts
authored
47 }
48
49 ?>
50
51
52 <?php if($params_ok): /* Safe to show form */ ?>
53 <?php if (!$authenticated): /* Not authenticated */ ?>
54 <!DOCTYPE html>
55 <html lang="en">
56 <head>
57 <title>Authenticate</title>
58 <meta charset="utf-8">
59 <style>
60 body {font-family: ariel, helvetica, sans-serif;}
61 legend {font-weight: bold;}
62 input, label {float: left; padding: 3px; margin: 5px 0;}
63 label {clear: left; width: 200px;}
64 input[type=submit] {clear: left; margin-left: 205px; margin-right: 10px;}
428c48e @craig552uk Added login error message
authored
65 .error {font-weight: bold; color: #F33;}
889e041 @craig552uk Renamed primary scripts
authored
66 </style>
67 <head>
68 <body>
69
70 <fieldset>
71 <legend>Authenticate</legend>
72 <form method="get" action="raplet-login.php">
428c48e @craig552uk Added login error message
authored
73 <?php if ($error != ""): ?>
74 <p class="error"><?php echo $error; ?></p>
75 <?php endif; ?>
889e041 @craig552uk Renamed primary scripts
authored
76 <label for="username">User Name</label> <input type="text" id="username" name="username" value="<?php echo $param['username'];?>" />
77 <label for="password">Password</label> <input type="password" id="password" name="password" />
78
166b3a4 @craig552uk Modified redirect url
authored
79 <input type="hidden" id="redirect_uri" name="redirect_uri" value="<?php echo $param['redirect_uri'];?>" />
80 <input type="hidden" id="client_id" name="client_id" value="<?php echo $param['client_id'];?>" />
81 <input type="hidden" id="response_type" name="response_type" value="<?php echo $param['response_type'];?>" />
889e041 @craig552uk Renamed primary scripts
authored
82
428c48e @craig552uk Added login error message
authored
83 <input type="submit" id="login" name="login" value="Login" />
889e041 @craig552uk Renamed primary scripts
authored
84 <input type="button" id="cancel" name="cancel" value="Cancel" onClick="window.close();"/>
85 </form>
86 </fieldset>
87 </body>
88 </html>
89 <?php else: /* Redirect back to Rapportive */ ?>
90 <!DOCTYPE html>
91 <html lang="en">
92 <head>
93 <title>Authenticate</title>
94 <meta charset="utf-8">
166b3a4 @craig552uk Modified redirect url
authored
95 <meta http-equiv="refresh" content="0; url=<?php echo $param['redirect_uri'] . '#access_token=' . urlencode($token);?>">
889e041 @craig552uk Renamed primary scripts
authored
96 <head>
97 <body>
428c48e @craig552uk Added login error message
authored
98 <p>If you are not redirected <a href="<?php echo $param['redirect_uri'] . '#access_token=' . urlencode($token);?>">click here</a>.<p>
889e041 @craig552uk Renamed primary scripts
authored
99 </body>
100 </html>
101 <?php endif; ?>
102 <?php else: /* Invalid query string data */ ?>
103 <!DOCTYPE html>
104 <html lang="en">
105 <head>
106 <title>Authenticate</title>
107 <meta charset="utf-8">
108 <head>
109 <body>
110 <h1>Invalid Request</h1>
111 </body>
112 </html>
113 <?php endif; ?>
114
Something went wrong with that request. Please try again.