public function bootstrap()
{
$config = $this->getConfig();
$enabled = $config->get('cas-enabled');
if (in_array($enabled, array('all', 'staff'))) {
require_once 'cas.php';
CasStaffAuthBackend::bootstrap($this->getConfig());
StaffAuthenticationBackend::register(new CasStaffAuthBackend());
}
if (in_array($enabled, array('all', 'client'))) {
require_once 'cas.php';
CasClientAuthBackend::bootstrap($this->getConfig());
UserAuthenticationBackend::register(new CasClientAuthBackend());
}
}
define('ASSETS_PATH', ROOT_PATH . 'assets/default/');
//Check the status of the HelpDesk.
if (!in_array(strtolower(basename($_SERVER['SCRIPT_NAME'])), array('logo.php', 'file.php')) && !(is_object($ost) && $ost->isSystemOnline())) {
include ROOT_DIR . 'offline.php';
exit;
}
/* include what is needed on client stuff */
require_once INCLUDE_DIR . 'class.client.php';
require_once INCLUDE_DIR . 'class.ticket.php';
require_once INCLUDE_DIR . 'class.dept.php';
//clear some vars
$errors = array();
$msg = '';
$nav = null;
//Make sure the user is valid..before doing anything else.
$thisclient = UserAuthenticationBackend::getUser();
if (isset($_GET['lang']) && $_GET['lang']) {
if (Internationalization::getLanguageInfo($_GET['lang'])) {
$_SESSION['client:lang'] = $_GET['lang'];
}
}
// Bootstrap gettext translations as early as possible, but after attempting
// to sign on the agent
TextDomain::configureForUser($thisclient);
//is the user logged in?
if ($thisclient && $thisclient->getId() && $thisclient->isValid()) {
$thisclient->refreshSession();
} else {
$thisclient = null;
}
/******* CSRF Protectin *************/
function getAuthBackend()
{
list($authkey, ) = explode(':', $this->getAuthKey());
return UserAuthenticationBackend::getBackend($authkey);
}
} else {
if (!($acct = ClientAccount::createForUser($user))) {
$errors['err'] = __('Internal error. Unable to create new account');
} elseif (!$acct->update($_POST, $errors)) {
$errors['err'] = __('Errors configuring your profile. See messages below');
}
}
if (!$errors) {
switch ($_POST['do']) {
case 'create':
$content = Page::lookup(Page::getIdByType('registration-confirm'));
$inc = 'register.confirm.inc.php';
$acct->sendConfirmEmail();
break;
case 'import':
if ($bk = UserAuthenticationBackend::getBackend($_POST['backend'])) {
$cl = new ClientSession(new EndUser($user));
if (!$bk->supportsInteractiveAuthentication()) {
$acct->set('backend', null);
}
$acct->confirm();
if ($user = $bk->login($cl, $bk)) {
Http::redirect('tickets.php');
}
}
break;
}
}
if ($errors && $user && $user != $thisclient) {
$user->delete();
}
<td>
<select name="backend" id="backend-selection" onchange="javascript:
if (this.value != '' && this.value != 'client') {
$('#activation').hide();
$('#password').hide();
}
else {
$('#activation').show();
if ($('#sendemail').is(':checked'))
$('#password').hide();
else
$('#password').show();
}
">
<option value="">— Use any available backend —</option>
<?php foreach (UserAuthenticationBackend::allRegistered() as $ab) {
if (!$ab->supportsInteractiveAuthentication()) continue; ?>
<option value="<?php echo $ab::$id; ?>" <?php
if ($info['backend'] == $ab::$id)
echo 'selected="selected"'; ?>><?php
echo $ab::$name; ?></option>
<?php } ?>
</select>
</td>
</tr>
<tr>
<td width="180">
Username:
</td>
<td>
<input type="text" size="35" name="username" value="<?php echo $info['username'] ?: $user->getEmail(); ?>">
</div>
<p>
<input class="btn" type="submit" value="Sign In">
<?php
if ($suggest_pwreset) {
?>
<a style="padding-top:4px;display:inline-block;" href="pwreset.php">Forgot My Password</a>
<?php
}
?>
</p>
</div>
<div style="display:table-cell;padding: 15px;vertical-align:top">
<?php
$ext_bks = array();
foreach (UserAuthenticationBackend::allRegistered() as $bk) {
if ($bk instanceof ExternalAuthentication) {
$ext_bks[] = $bk;
}
}
if (count($ext_bks)) {
foreach ($ext_bks as $bk) {
?>
<div class="external-auth"><?php
$bk->renderExternalLink();
?>
</div><?php
}
}
if ($cfg && $cfg->isClientRegistrationEnabled()) {
if (count($ext_bks)) {
Http::redirect('index.php');
} elseif (isset($errors['msg'])) {
$banner = $errors['msg'];
}
break;
}
} elseif ($_GET['token']) {
$banner = __('Re-enter your username or email');
$inc = 'pwreset.login.php';
$_config = new Config('pwreset');
if (($id = $_config->get($_GET['token'])) && ($acct = ClientAccount::lookup(array('user_id' => $id)))) {
if (!$acct->isConfirmed()) {
$inc = 'register.confirmed.inc.php';
$acct->confirm();
// TODO: Log the user in
if ($client = UserAuthenticationBackend::processSignOn($errors)) {
if ($acct->hasPassword() && !$acct->get('backend')) {
$acct->cancelResetTokens();
} else {
$_SESSION['_client']['reset-token'] = $_GET['token'];
$acct->forcePasswdReset();
}
Http::redirect('account.php?confirmed');
}
}
} elseif ($id && ($user = User::lookup($id))) {
$inc = 'pwreset.create.php';
} else {
Http::redirect('index.php');
}
} elseif ($cfg->allowPasswordReset()) {
// force attempts (which doesn't buy much since the link is emailed)
$user->sendAccessLink();
$msg = sprintf(__("%s - access link sent to your email!"), Format::htmlchars($user->getName()->getFirst()));
$_POST = null;
} elseif (!$errors['err']) {
$errors['err'] = __('Invalid email or ticket number - try again!');
}
} elseif (isset($_GET['do'])) {
switch ($_GET['do']) {
case 'ext':
// Lookup external backend
if ($bk = UserAuthenticationBackend::getBackend($_GET['bk'])) {
$bk->triggerAuth();
}
}
} elseif ($user = UserAuthenticationBackend::processSignOn($errors, false)) {
// Users from the ticket access link
if ($user && $user instanceof TicketUser && $user->getTicketId()) {
Http::redirect('tickets.php?id=' . $user->getTicketId());
} elseif ($user instanceof ClientCreateRequest) {
if ($cfg && $cfg->isClientRegistrationEnabled()) {
// Attempt to automatically register
if ($user->attemptAutoRegister()) {
Http::redirect('tickets.php');
}
// Unable to auto-register. Fill in what we have and let the
// user complete the info
$inc = 'register.inc.php';
} else {
$errors['err'] = __('Access Denied. Contact your help desk administrator to have an account registered for you');
// fall through to show login page again
function login($client, $bk)
{
$_SESSION['_client']['reset-token'] = $_POST['token'];
Signal::send('auth.pwreset.login', $client);
return parent::login($client, $bk);
}
function bootstrap()
{
$config = $this->getConfig();
if ($config->get('multiauth-staff')) {
StaffAuthenticationBackend::register(new StaffLDAPMultiAuthentication($config));
}
if ($config->get('multiauth-client')) {
UserAuthenticationBackend::register(new ClientLDAPMultiAuthentication($config));
}
}
