* @license BSD */ namespace Domframework; /** User authentication against SYMPA server Sympa is a mailling list server. It can handle authentication with - a username (a email adress) - a password - a list to check if the user is recorded in - a Sympa SOAP server WSDL - the part of list which should be test : subscriber, owner, editor It use the SOAP protocol. So the PHP SOAP library is needed and the network must be open between the Web server and the Sympa server. POC : $auth = new Authsympa (); $auth->wsdl = "https://lists.domain.tld/sympa/wsdl"; $auth->list = "listtest@lists.domain.tld"; $auth->connect (); var_dump ($auth->authentication ("user@domain.tld", "Pa$$word!")); */ class Authsympa extends Auth { /** URL of the WSDL Sympa server */ public $wsdl = null; /** Mailling list to be checked if user is present */ public $list = null; /** Function of the user in the mailling list can be subscriber, owner, editor */ public $function = "subscriber"; /** Soap Client identifier */ private $client = null; /** Temporary auth key used betwwen commands */ private $authkey = null; /** Email of the user if the authentication is correct */ private $details = null; /** Check if the SOAP module is available in PHP */ public function __construct() { if (! class_exists("SoapClient")) { throw new \Exception(dgettext( "domframework", "No SOAP PHP library available" ), 500); } } /** Connect to the Sympa server */ public function connect() { if ($this->wsdl === null) { throw new \Exception(dgettext( "domframework", "No WSDL provided to Sympa auth" ), 401); } $this->client = new \SoapClient($this->wsdl); } /** Try to authenticate the email/password of the user @param string $email Email to authenticate @param string $password Password to authenticate */ public function authentication($email, $password) { if ($this->client === null) { throw new \Exception(dgettext( "domframework", "The SOAP connection is not opened" ), 401); } if ($this->list === null) { throw new \Exception(dgettext( "domframework", "The list to check is not defined" ), 401); } $this->authkey = $this->client->login($email, $password); if ($this->authkey === null) { throw new \Exception( dgettext( "domframework", "Can't connect with provided email/password to sympa" ), 401 ); } $rc = $this->client->authenticateAndRun( $email, $this->authkey, 'amI', array($this->list, $this->function, $email) ); if ($rc === null || $rc === false) { throw new \Exception(dgettext( "domframework", "User not in Sympa list or bad password" ), 401); } $this->details = array("email" => $email); return $rc; } /** Return all the parameters recorded for the authenticate user */ public function getdetails() { return $this->details; } /** Method to change the password @param string $oldpassword The old password (to check if the user have the rights to change the password) @param string $newpassword The new password to be recorded */ public function changepassword($oldpassword, $newpassword) { throw new \Exception( dgettext( "domframework", "The password can't be change for SYMPA users" ), 405 ); } /** Method to overwrite the password (without oldpassword check) Must be reserved to the administrators. For the users, use changepassword method @param string $email the user identifier to select @param string $newpassword The new password to be recorded */ public function overwritepassword($email, $newpassword) { throw new \Exception( dgettext( "domframework", "The password can't be overwrite for Sympa users" ), 405 ); } }