2 /** External authentication via OpenID for FusionForge
3 * Copyright 2011, Roland Mas
4 * Copyright 2011, Olivier Berger & Institut Telecom
6 * This program was developped in the frame of the COCLICO project
7 * (http://www.coclico-project.org/) with financial support of the Paris
10 * This file is part of FusionForge. FusionForge is free software;
11 * you can redistribute it and/or modify it under the terms of the
12 * GNU General Public License as published by the Free Software
13 * Foundation; either version 2 of the Licence, or (at your option)
16 * FusionForge is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License along
22 * with FusionForge; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 require_once $GLOBALS['gfcommon'].'include/User.class.php';
28 // from lightopenid (http://code.google.com/p/lightopenid/)
29 //require_once 'openid.php';
32 * Authentication manager for FusionForge CASification
35 class AuthOpenIDPlugin extends ForgeAuthPlugin {
40 function AuthOpenIDPlugin () {
42 $this->ForgeAuthPlugin() ;
43 $this->name = "authopenid";
44 $this->text = "OpenID authentication";
46 $this->_addHook('display_auth_form');
47 $this->_addHook("check_auth_session");
48 $this->_addHook("fetch_authenticated_user");
49 $this->_addHook("close_auth_session");
50 $this->_addHook("usermenu") ;
51 $this->_addHook("userisactivecheckbox") ; // The "use ..." checkbox in user account
52 $this->_addHook("userisactivecheckboxpost") ; //
54 $this->saved_login = '';
55 $this->saved_user = NULL;
57 $this->openid = FALSE;
59 $this->openid_identity = FALSE;
61 $this->declareConfigVars();
66 * Display a form to input credentials
67 * @param unknown_type $params
70 function displayAuthForm(&$params) {
71 if (!$this->isRequired() && !$this->isSufficient()) {
74 $return_to = $params['return_to'];
79 $result .= _('Cookies must be enabled past this point.');
82 $result .= '<form action="' . util_make_url('/plugins/authopenid/post-login.php') . '" method="post">
83 <input type="hidden" name="form_key" value="' . form_generate_key() . '"/>
84 <input type="hidden" name="return_to" value="' . htmlspecialchars(stripslashes($return_to)) . '" />
85 Your OpenID identifier: <input type="text" name="openid_identifier" />
86 <input type="submit" name="login" value="' . _('Login via OpenID') . '" />
89 $params['html_snippets'][$this->name] = $result;
94 * Is there a valid session?
95 * @param unknown_type $params
98 function checkAuthSession(&$params) {
99 $this->saved_user = NULL;
102 if (isset($params['auth_token']) && $params['auth_token'] != '') {
103 $user_id = $this->checkSessionToken($params['auth_token']);
105 $user_id = $this->checkSessionCookie();
108 $user = user_get_object($user_id);
110 if ($this->openid && $this->openid->identity) {
111 $username = $this->getUserNameFromOpenIDIdentity($this->openid->identity);
113 $user = $this->startSession($username);
119 if ($this->isSufficient()) {
120 $this->saved_user = $user;
121 $params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_ACCEPT;
124 $params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
127 if ($this->isRequired()) {
128 $params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_REJECT;
130 $params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;
136 * Enter description here ...
137 * @param unknown_type $openid_identity
138 * @return Ambigous <boolean, associative>
140 public function getUserNameFromOpenIDIdentity($openid_identity) {
142 $res = db_query_params('SELECT users.user_name FROM users, plugin_authopenid_user_identities WHERE users.user_id = plugin_authopenid_user_identities.user_id AND openid_identity=$1',
143 array($openid_identity));
145 $row = db_fetch_array_by_row($res, 0);
147 $user_name = $row['user_name'];
154 * Terminate an authentication session
155 * @param unknown_type $params
158 protected function declareConfigVars() {
159 parent::declareConfigVars();
162 forge_define_config_item ('required', $this->name, 'no');
163 forge_set_config_item_bool ('required', $this->name) ;
166 forge_define_config_item ('sufficient', $this->name, 'no');
167 forge_set_config_item_bool ('sufficient', $this->name) ;
171 * Displays link to OpenID identities management tab in user's page ('usermenu' hook)
172 * @param unknown_type $params
174 public function usermenu($params) {
175 global $G_SESSION, $HTML;
176 $text = $this->text; // this is what shows in the tab
177 if ($G_SESSION->usesPlugin($this->name)) {
178 //$param = '?type=user&id=' . $G_SESSION->getId() . "&pluginname=" . $this->name; // we indicate the part we�re calling is the user one
179 echo $HTML->PrintSubMenu (array ($text), array ('/plugins/authopenid/index.php'), array(_('coin pan')));
186 // c-file-style: "bsd"