Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

authparams : add the method used to matche the user

Browse Source 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5292 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2019-05-25 22:46:34 +00:00
parent 3076e88e43
commit e8517ea495
1 changed files with 22 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
authparams.php
View File

@@ -11,6 +11,8 @@ class authparams
public $email = null;
/** The password of the user when provided */
public $password = null;
/** The method used to get the authentication data */
public $method = null;
/** Parse the different authentication processes to found the email/password
* of the user.
@@ -24,6 +26,7 @@ class authparams
{
$this->email = "cli";
$this->password = "";
$this->method = null;
}
else
{
@@ -34,12 +37,14 @@ class authparams
$res = $this->$authprocess();
$this->email = $res["email"];
$this->password = $res["password"];
$this->method = $authprocess;
break;
}
catch (\Exception $e)
{
$this->email = "anonymous";
$this->password = "anonymous";
$this->method = null;
}
}
}
@@ -53,8 +58,8 @@ class authparams
{
if (!isset ($_POST["email"]) || !isset ($_POST["password"]))
throw new \Exception ("No POST provided", 403);
return array ("email"=>trim ($_POST["email"]),
"password"=>$_POST["password"]);
return array ("email" => trim ($_POST["email"]),
"password" => $_POST["password"]);
}
// }}}
@@ -63,13 +68,13 @@ class authparams
public function session ()
// {{{
{
if (!isset ($_SESSION))
throw new \Exception ("No session previously opened", 403);
if (!isset ($_SESSION) || session_id () === "")
session_start ();
if (!isset ($_SESSION["domframework"]["auth"]["email"]) ||
!isset ($_SESSION["domframework"]["auth"]["password"]))
throw new \Exception ("No previous email in session", 403);
return array ("email"=>$_SESSION["domframework"]["auth"]["email"],
"password"=>$_SESSION["domframework"]["auth"]["password"]);
return array ("email" => $_SESSION["domframework"]["auth"]["email"],
"password" => $_SESSION["domframework"]["auth"]["password"]);
}
// }}}
@@ -78,9 +83,8 @@ class authparams
public function http ()
// {{{
{
$realm = dgettext ("domframework",
"Restricted access");
if (!isset($_SERVER['PHP_AUTH_USER']))
$realm = dgettext ("domframework", "Restricted access");
if (!isset ($_SERVER['PHP_AUTH_USER']))
{
throw new \Exception ("No user defined in HTTP header", 401);
//header("WWW-Authenticate: Basic realm=\"$realm\"");
@@ -91,11 +95,11 @@ class authparams
{
if (! array_key_exists ("PHP_AUTH_PW", $_SERVER))
$_SERVER["PHP_AUTH_PW"] = null;
return array ("email"=>trim ($_SERVER["PHP_AUTH_USER"]),
"password"=>$_SERVER["PHP_AUTH_PW"]);
return array ("email" => trim ($_SERVER["PHP_AUTH_USER"]),
"password" => $_SERVER["PHP_AUTH_PW"]);
}
}
// }}}
// }}}
/** Get the information from a shibboleth provider
*/
@@ -106,18 +110,18 @@ class authparams
throw new \Exception ("No Shibboleth information available", 403);
if (! isset ($_SERVER["mail"]))
throw new \Exception ("No Shibboleth email provided", 403);
return array ("email"=>$_SERVER["mail"],
"password"=>"NONE IN SHIBBOLETH");
return array ("email" => $_SERVER["mail"],
"password" => "NONE IN SHIBBOLETH");
}
// }}}
/** Get the information from a JSON Web Token
/** Get the information from a Bearer Token
* The token MUST be set in HTTP Header :
* Authorization: Bearer <token>
* The real verification are done in authjwt, as we can not have the
* jwtServerKey defined in property : the execution is done in constructor
*/
public function jwt ()
public function bearer ()
// {{{
{
if (! isset ($_SERVER["HTTP_AUTHENTICATION"]))
@@ -125,8 +129,8 @@ class authparams
if (substr ($_SERVER["HTTP_AUTHENTICATION"], 0, 7) !== "Bearer ")
throw new \Exception ("No Bearer Authentication available", 401);
$token = substr ($_SERVER["HTTP_AUTHENTICATION"], 7);
return ["email" => "NOT YET VALID : TOKEN IN JWT",
"password" => "NONE IN JWT"];
return array ("email" => "NOT YET VALID : TOKEN IN JWT",
"password" => "NONE IN JWT");
}
// }}}
}