3 * External authentication via HTTPD for FusionForge
4 * Copyright 2011, Roland Mas
5 * Copyright 2016, Franck Villaume - TrivialDev
7 * This file is part of FusionForge. FusionForge is free software;
8 * you can redistribute it and/or modify it under the terms of the
9 * GNU General Public License as published by the Free Software
10 * Foundation; either version 2 of the Licence, or (at your option)
13 * FusionForge is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 require_once $gfcommon.'include/User.class.php';
24 require_once $gfcommon.'include/AuthPlugin.class.php';
27 * Authentication manager for FusionForge
30 class AuthHTTPDPlugin extends ForgeAuthPlugin {
31 function __construct() {
33 parent::__construct();
34 $this->name = "authhttpd";
35 $this->text = _("HTTPD authentication");
37 _("This plugin contains an HTTPD authentication mechanism for
38 FusionForge. It allows Apache authentication to be reused for
39 FusionForge, for instance where Kerberos is used.");
40 $this->_addHook('display_auth_form');
41 $this->_addHook("check_auth_session");
42 $this->_addHook("fetch_authenticated_user");
43 $this->_addHook("close_auth_session");
45 $this->saved_login = '';
46 $this->saved_user = NULL;
48 $this->declareConfigVars();
51 private static $init = false;
54 * Display a form to input credentials
55 * @param unknown_type $params
58 function displayAuthForm(&$params) {
60 if (!$this->isRequired() && !$this->isSufficient()) {
63 $return_to = $params['return_to'];
65 $result = html_e('p', array(), _('Cookies must be enabled past this point.'));
67 $result .= $HTML->openForm(array('action' => '/plugins/'.$this->name.'/post-login.php', 'method' => 'get'));
68 $result .= '<input type="hidden" name="form_key" value="' . form_generate_key() . '"/>
69 <input type="hidden" name="return_to" value="' . htmlspecialchars(stripslashes($return_to)) . '" />
70 <p><input type="submit" name="login" value="' . _('Login via HTTP authentication') . '" />
72 $result .= $HTML->closeForm();
73 $params['html_snippets'][$this->name] = $result;
75 $params['transparent_redirect_urls'][$this->name] = util_make_url('/plugins/'.$this->name.'/post-login.php?return_to='.htmlspecialchars(stripslashes($return_to)));
79 * Is there a valid session?
80 * @param unknown_type $params
82 function checkAuthSession(&$params) {
83 $this->saved_user = NULL;
86 if (isset($GLOBALS['REMOTE_USER'])) {
87 $username = $GLOBALS['REMOTE_USER'];
93 $user = user_get_object_by_name($username);
96 // TODO : shouldn't this part be factorized as it seems quite common for many plugins ?
98 if ($this->isSufficient()) {
99 $this->saved_user = $user;
100 $params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_ACCEPT;
103 $params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
106 if ($this->isRequired()) {
107 $params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_REJECT;
109 $params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
115 * What FFUser is logged in?
116 * @param unknown_type $params
118 function fetchAuthUser(&$params) {
119 if ($this->saved_user && $this->isSufficient()) {
120 $params['results'] = $this->saved_user;
124 function closeAuthSession($params) {
125 // No way to close an HTTPD session from the server, unfortunately
132 // c-file-style: "bsd"