Skip to content
Snippets Groups Projects
Select Git revision
  • 8318f35c44653ea9548395502f507058b6ed31cb
  • master default protected
  • niels-master-patch-97334
  • igor-compat
4 results

auth.php

Blame
    • Forked from uffd / dokuwiki-plugin-authuffd
    Source project has a limited visibility.
    auth.php 5.61 KiB 
    <?php

use dokuwiki\HTTP\DokuHTTPClient;

if(!defined('DOKU_INC')) die();

class auth_plugin_authuffd extends DokuWiki_Auth_Plugin
{
	function __construct()
	{
		parent::__construct();
		$this->cando['external'] = true;
		$this->api_client = null;
		$this->api_user_cache = array();
	}

	private function getOAuth2RedirectURI()
	{
		if ($this->getConf('oauth2_redirect_uri') !== '')
			return $this->getConf('oauth2_redirect_uri');
		else
			return DOKU_URL . DOKU_SCRIPT;
	}

	private function requestOAuth2AccessToken()
	{
		global $INPUT;
		if (!isset($_SESSION[DOKU_COOKIE]['uffd-auth-state']))
			return false;
		if (!$INPUT->get->has('code'))
			return false;
		if ($INPUT->get->str('state', null) != $_SESSION[DOKU_COOKIE]['uffd-auth-state'])
			return false;
		unset($_SESSION[DOKU_COOKIE]['uffd-auth-state']);
		$http = new DokuHTTPClient;
		$http->keep_alive = false;
		$http->user = $this->getConf('oauth2_client_id');
		$http->pass = $this->getConf('oauth2_client_secret');
		$params = array(
			'grant_type' => 'authorization_code',
			'code' => $INPUT->get->str('code'),
			'redirect_uri' => $this->getOAuth2RedirectURI()
		);
		$ok = $http->post($this->getConf('baseurl') . '/oauth2/token', $params);
		if (!$ok || $http->status != 200)
			return false;
		return json_decode($http->resp_body)->access_token;
	}

	/* This is essentially a copy of auth_logoff but without the final call to $auth->logOff so logOff is only called for user-initiated logouts. */
	private function clearSession($keepbc = false)
	{
		global $conf;
		global $USERINFO;
		global $auth;
		global $INPUT;
		// make sure the session is writable (it usually is)
		@session_start();
		if(isset($_SESSION[DOKU_COOKIE]['auth']))
			unset($_SESSION[DOKU_COOKIE]['auth']);
		if (isset($_SESSION[DOKU_COOKIE]['uffd-auth-state']))
			unset($_SESSION[DOKU_COOKIE]['uffd-auth-state']);
		if (isset($_SESSION[DOKU_COOKIE]['uffd-auth-redirect']))
			unset($_SESSION[DOKU_COOKIE]['uffd-auth-redirect']);
		if (isset($_SESSION[DOKU_COOKIE]['auth']))
			unset($_SESSION[DOKU_COOKIE]['auth']);
		if(!$keepbc && isset($_SESSION[DOKU_COOKIE]['bc']))
			unset($_SESSION[DOKU_COOKIE]['bc']);
		$INPUT->server->remove('REMOTE_USER');
		$USERINFO = null;

    Impressum - Datenschutzerklärung