178 lines
5.9 KiB
PHP
178 lines
5.9 KiB
PHP
<?php
|
|
if (!defined('WIKINI_VERSION')) {
|
|
die('accès direct interdit');
|
|
}
|
|
|
|
// Verification si le fichier de conf est bien renseigné
|
|
if (!isset($this->config['discourse_connect_url']) or empty($this->config['discourse_connect_url'])) {
|
|
echo '<div class="alert alert-danger">'._t('action {{login}} for discourse : valeur de <code>discourse_connect_url</code> manquante dans wakka.config.php.').'</div>';
|
|
return;
|
|
}
|
|
if (!isset($this->config['discourse_connect_secret']) or empty($this->config['discourse_connect_secret'])) {
|
|
echo '<div class="alert alert-danger">'._t('action {{login}} for discourse : valeur de <code>discourse_connect_secret</code> manquante dans wakka.config.php.').'</div>';
|
|
return;
|
|
}
|
|
|
|
// Lecture des parametres de l'action
|
|
|
|
// url d'inscription
|
|
$signupurl = 'http'.((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? 's' : '') . '://' . "{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
|
|
|
|
// url du profil
|
|
$profileurl = $this->GetParameter('profileurl');
|
|
|
|
// sauvegarde de l'url d'ou on vient
|
|
$incomingurl = $this->GetParameter('incomingurl');
|
|
if (empty($incomingurl)) {
|
|
$incomingurl = 'http'.((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? 's' : '') . '://' . "{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
|
|
}
|
|
|
|
$userpage = $this->GetParameter("userpage");
|
|
// si pas d'url de page de sortie renseignée, on retourne sur la page courante
|
|
if (empty($userpage)) {
|
|
$userpage = $incomingurl;
|
|
// si l'url de sortie contient le passage de parametres de déconnexion, on l'efface
|
|
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "logout") {
|
|
$userpage = str_replace('&action=logout', '', $userpage);
|
|
}
|
|
} else {
|
|
if ($this->IsWikiName($userpage)) {
|
|
$userpage = $this->href('', $userpage);
|
|
}
|
|
}
|
|
|
|
// classe css pour l'action
|
|
$class = $this->GetParameter("class");
|
|
|
|
// classe css pour les boutons
|
|
$btnclass = $this->GetParameter("btnclass");
|
|
if (empty($btnclass)) {
|
|
$btnclass = 'btn-default';
|
|
}
|
|
$nobtn = $this->GetParameter("nobtn");
|
|
|
|
// template par défaut
|
|
$template = "discourse-login.tpl.html";
|
|
|
|
$error = '';
|
|
$PageMenuUser = '';
|
|
|
|
// on initialise la valeur vide si elle n'existe pas
|
|
if (!isset($_REQUEST["action"])) {
|
|
$_REQUEST["action"] = '';
|
|
}
|
|
|
|
// cas de la déconnexion
|
|
if ($_REQUEST["action"] == "logout") {
|
|
$this->LogoutUser();
|
|
$this->SetMessage(_t('LOGIN_YOU_ARE_NOW_DISCONNECTED'));
|
|
$this->Redirect(str_replace('&action=logout', '', $incomingurl));
|
|
exit;
|
|
}
|
|
|
|
// cas de l'identification
|
|
if (!empty($_GET["sso"])) {
|
|
$sso = $_GET['sso'];
|
|
$sig = $_GET['sig'];
|
|
|
|
// validate sso
|
|
if(hash_hmac('sha256', urldecode($sso), $GLOBALS['wiki']->config['discourse_connect_secret']) !== $sig){
|
|
header("HTTP/1.1 404 Not Found");
|
|
die();
|
|
}
|
|
|
|
$sso = urldecode($sso);
|
|
$query = array();
|
|
parse_str(base64_decode($sso), $query);
|
|
dump($query);
|
|
// verify nonce with generated nonce
|
|
if($_SESSION['nonce'] != $query['nonce']){
|
|
header("HTTP/1.1 404 Not Found");
|
|
die();
|
|
}
|
|
$user = $this->LoadUser($query['username']);
|
|
if ($user) {
|
|
$this->SetUser($user, 1);
|
|
} else {
|
|
$this->Query("insert into ".$this->config["table_prefix"]."users set ".
|
|
"signuptime = now(), ".
|
|
"motto = '', ".
|
|
"name = '".mysqli_real_escape_string($this->dblink, $query['username'])."', ".
|
|
"email = '".mysqli_real_escape_string($this->dblink, $query['email'])."', ".
|
|
"password = md5('generated_by_discourse')");
|
|
|
|
// log in
|
|
$this->SetUser($this->LoadUser($query['username']));
|
|
}
|
|
}
|
|
|
|
// cas d'une personne connectée déjà
|
|
if ($user = $this->GetUser()) {
|
|
$connected = true;
|
|
if ($this->LoadPage("PageMenuUser")) {
|
|
$PageMenuUser.= $this->Format("{{include page=\"PageMenuUser\"}}");
|
|
}
|
|
|
|
// si pas de pas d'url de profil renseignée, on utilise ParametresUtilisateur
|
|
if (empty($profileurl)) {
|
|
//TODO : clean up your cochoneries
|
|
$profileurl = str_replace('/session/sso_provider', '/u/'.$user['name'].'/preferences/account', $GLOBALS['wiki']->config['discourse_connect_url']);
|
|
} elseif ($profileurl == 'WikiName') {
|
|
$profileurl = $this->href("edit", $user['name'], "");
|
|
} else {
|
|
if ($this->IsWikiName($profileurl)) {
|
|
$profileurl = $this->href('', $profileurl);
|
|
}
|
|
}
|
|
} else {
|
|
// cas d'une personne non connectée
|
|
$connected = false;
|
|
|
|
// si l'authentification passe mais la session n'est pas créée, on a un problème de cookie
|
|
if ($_REQUEST['action'] == 'checklogged') {
|
|
$error = 'Vous devez accepter les cookies pour pouvoir vous connecter.';
|
|
}
|
|
}
|
|
|
|
|
|
$nonce = hash('sha512', mt_rand());
|
|
$_SESSION['nonce'] = $nonce;
|
|
|
|
$payload = base64_encode( http_build_query( array (
|
|
'nonce' => $nonce,
|
|
'return_sso_url' => $incomingurl
|
|
)
|
|
) );
|
|
|
|
$request = array(
|
|
'sso' => $payload,
|
|
'sig' => hash_hmac('sha256', $payload, $GLOBALS['wiki']->config['discourse_connect_secret'] )
|
|
);
|
|
|
|
$query = http_build_query($request);
|
|
|
|
$discourse_url = $GLOBALS['wiki']->config['discourse_connect_url'].'?'.$query;
|
|
|
|
|
|
//
|
|
// on affiche le template
|
|
//
|
|
$html = $this->render('@login/'.$template, [
|
|
"connected" => $connected,
|
|
"user" => ((isset($user["name"])) ? $user["name"] : ((isset($_POST["name"])) ? $_POST["name"] : '')),
|
|
"email" => ((isset($user["email"])) ? $user["email"] : ((isset($_POST["email"])) ? $_POST["email"] : '')),
|
|
"incomingurl" => $incomingurl,
|
|
"discourseurl" => $discourse_url,
|
|
"signupurl" => $signupurl,
|
|
"profileurl" => $profileurl,
|
|
"userpage" => $userpage,
|
|
"PageMenuUser" => $PageMenuUser,
|
|
"btnclass" => $btnclass,
|
|
"nobtn" => $nobtn,
|
|
"error" => $error
|
|
]);
|
|
|
|
$output = (!empty($class)) ? '<div class="'.$class.'">'."\n".$html."\n".'</div>'."\n" : $html;
|
|
|
|
echo $output;
|