3 * External authentication via HTTPD for FusionForge
4 * Copyright 2011, Roland Mas
5 * Copyright 2016, Franck Villaume - TrivialDev
7 * This file is part of FusionForge. FusionForge is free software;
8 * you can redistribute it and/or modify it under the terms of the
9 * GNU General Public License as published by the Free Software
10 * Foundation; either version 2 of the Licence, or (at your option)
13 * FusionForge is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 require_once $gfcommon.'include/User.class.php';
24 require_once $gfcommon.'include/AuthPlugin.class.php';
27 * Authentication manager for FusionForge
30 class AuthHTTPDPlugin extends ForgeAuthPlugin {
31 function __construct() {
32 parent::__construct();
33 $this->name = "authhttpd";
34 $this->text = _("HTTPD authentication");
36 _("This plugin contains an HTTPD authentication mechanism for
37 FusionForge. It allows Apache authentication to be reused for
38 FusionForge, for instance where Kerberos is used.");
39 $this->_addHook('display_auth_form');
40 $this->_addHook("check_auth_session");
41 $this->_addHook("fetch_authenticated_user");
42 $this->_addHook("close_auth_session");
43 $this->_addHook('session_login_valid');
45 $this->saved_login = '';
46 $this->saved_user = NULL;
48 $this->declareConfigVars();
51 private static $init = false;
54 * Display a form to input credentials
55 * @param array $params
58 function displayAuthForm(&$params) {
60 if (!$this->isRequired() && !$this->isSufficient()) {
63 $return_to = $params['return_to'];
65 $result = html_e('p', array(), _('Cookies must be enabled past this point.'));
67 $result .= $HTML->openForm(array('action' => '/plugins/'.$this->name.'/post-login.php', 'method' => 'get'));
68 $result .= '<input type="hidden" name="form_key" value="' . form_generate_key() . '"/>
69 <input type="hidden" name="return_to" value="' . htmlspecialchars(stripslashes($return_to)) . '" />
70 <p><input type="submit" name="login" value="' . _('Login via HTTP authentication') . '" />
72 $result .= $HTML->closeForm();
73 $params['html_snippets'][$this->name] = $result;
75 $params['transparent_redirect_urls'][$this->name] = util_make_url('/plugins/'.$this->name.'/post-login.php?return_to='.htmlspecialchars(stripslashes($return_to)));
79 function session_login_valid($params) {
80 $user = user_get_object_by_name($params['loginname']);
81 $this->setAuthStateResult($params, $user);
86 * checkAuthSession - Is there a valid session?
87 * @param array $params
89 function checkAuthSession(&$params) {
90 $this->saved_user = NULL;
93 if (isset($GLOBALS['REMOTE_USER'])) {
94 $username = $GLOBALS['REMOTE_USER'];
100 $user = user_get_object_by_name($username);
103 $this->saved_user = $user;
104 $this->setAuthStateResult($params, $user);
108 * fetchAuthUser - What FFUser is logged in?
109 * @param array $params
111 function fetchAuthUser(&$params) {
112 if ($this->saved_user && $this->isSufficient()) {
113 $params['results'] = $this->saved_user;
117 function closeAuthSession($params) {
118 // No way to close an HTTPD session from the server, unfortunately
125 // c-file-style: "bsd"
projects / fusionforge / fusionforge.git / blob