Example #1
0
 /**
  * check the credentials sent from the voter
  */
 function checkCredentials($credentials, $electionId, $phase)
 {
     $inDateRange = parent::checkCredentials($credentials, $electionId, $phase);
     //checks the phase time frame
     if ($inDateRange !== true) {
         return false;
     }
     return $this->db->checkCredentials($electionId, $credentials['voterId'], $credentials['secret']);
 }
Example #2
0
 function checkCredentials($credentials, $completeElectionId, $phase)
 {
     $electionIdParts = self::splitElectionId($completeElectionId);
     $mainElectionId = $electionIdParts['mainElectionId'];
     $inDateRange = parent::checkCredentials($credentials, $electionId, $phase);
     //checks the phase time frame
     if ($inDateRange !== true) {
         return false;
     }
     /* is the result already in the cache? */
     if (isset($this->credentials) && $this->credentials === $credentials && $this->{$mainElectionId} === $mainElectionId && isset($this->credentialsCheckAnswer)) {
         return $this->credentialsCheckAnswer;
     }
     /* put the query and answer in the cache */
     $this->mainElectionId = $mainElectionId;
     $this->credentials = $credentials;
     $this->credentialsCheckAnswer = $this->subAuthModule->checkCredentials($credentials, $mainElectionId);
     return $this->credentialsCheckAnswer;
 }
Example #3
0
 /**
  * check the credentials sent from the voter
  */
 function checkCredentials($credentials, $electionId, $phase)
 {
     $inDateRange = parent::checkCredentials($credentials, $electionId, $phase);
     //checks the phase time frame
     if ($inDateRange !== true) {
         return false;
     }
     global $externalTokenConfig;
     $curExternalTokenConfig = $this->getExternalTokenConfig();
     if ($curExternalTokenConfig !== false) {
         $url = $curExternalTokenConfig['checkTokenUrl'];
         $verifierPassw = $curExternalTokenConfig['verifierPassw'];
         $verifyCert = $curExternalTokenConfig['verifyCertificate'];
     } else {
         // the election was created with tokenUrl instead of configId
         $url = $this->db->getCheckTokenUrl($electionId);
         $verifierPassw = '';
         $verifyCert = false;
     }
     // $url = 'http://www.webhod.ra/vvvote2/test/externaltoken.html';
     $fieldsToJson = array('token' => $credentials['voterId'], 'electionId' => $electionId, 'verifierPassw' => $verifierPassw);
     $result = $this->httpPost($url, $fieldsToJson, $verifyCert);
     if (isset($result['allowed']) && $result['allowed'] === true) {
         return true;
     }
     return false;
 }
Example #4
0
 /**
  * check the credentials sent from the voter
  * @param array $credentials: ['secret'] ['identifier']
  */
 function checkCredentials($credentials, $electionId, $phase)
 {
     global $oauthConfig;
     // TODO move this to __construct?
     // load necessary data
     //$configHash = $this->electionsDB->electionIdToConfigHash($electionId);
     $oAuthServerId = $this->db->getOAuthServerIdByElectionId($electionId);
     // $Ids['serverId'] und $Ids['listId']
     // verify transaction credentials
     $webclientAuthFromDb = $this->db->loadAuthData($electionId, $credentials['identifier']);
     // TODO error handling $webclientAuthFromDb empty // TODO error handling if not set (or not string)
     if (!isset($webclientAuthFromDb['username'])) {
         return false;
     }
     // did not log in in OAuth2 / BEO server
     $secretFromDb = hash('sha256', $electionId . $oauthConfig[$oAuthServerId]['client_id'] . $webclientAuthFromDb['username'] . $credentials['identifier']);
     if ($secretFromDb !== $credentials['secret']) {
         return false;
     }
     $inDateRange = parent::checkCredentials($credentials, $electionId, $phase);
     //checks the phase time frame
     if ($inDateRange !== true) {
         return false;
     }
     // $authInfos = $this->db->loadAuthData($configHash, $Ids['serverId'], $credentials['identifier']);
     // connect to OAuth2 server
     $this->oAuthConnection = new FetchFromOAuth2Server($oAuthServerId, $webclientAuthFromDb['authInfos']);
     // verify if the user may take part in this voting //
     $eligCrit = $this->db->getEligibaleCriteria($electionId);
     if (!isset($eligCrit)) {
         WrongRequestException::throwException(12100, 'internal server error: authModule: OAuth2 could not load the config', 'electionId: ' . $electionId);
     }
     // TODO check date
     // is not a fake/test/admin/dummy account
     if ($eligCrit['verified'] === false) {
         $isVerified = true;
     } else {
         $isVerified = $this->oAuthConnection->isVerified();
         if ($isVerified !== true) {
             return false;
         }
     }
     // is a member and entitled for voting (stimmberechtigt)
     if ($eligCrit['eligible'] === false) {
         $isEntitled = true;
     } else {
         $isEntitled = $this->oAuthConnection->isEntitled();
         if ($isEntitled !== true) {
             return false;
         }
     }
     // check if in list of allowed voters
     if (isset($eligCrit['listId'])) {
         if ($eligCrit['listId'] === '') {
             $isInVoterList = true;
         } else {
             $isInVoterList = $this->oAuthConnection->isInVoterList($eligCrit['listId']);
             if ($isInVoterList !== true) {
                 return false;
             }
         }
     } else {
         $isInVoterList = true;
     }
     // test not requiered
     // is a member and entitled for voting (stimmberechtigt)
     if (isset($eligCrit['nested_groups']) && count($eligCrit['nested_groups']) > 0) {
         $isInGroup = $this->oAuthConnection->isInGroup($eligCrit['nested_groups']);
         if ($isInGroup !== true) {
             return false;
         }
     } else {
         $isInGroup = true;
     }
     // test not requiered
     // voter is in voter list --> fetch identity information
     // load auid, username, public_id auth-infos, already_used by electionId, tmp-secret
     // $displayname = $this->oAuthConnection->fetchAuid();
     // return auid and public_id if everthing is ok.
     if ($isInVoterList === true && $isVerified === true && $isEntitled === true && $isInVoterList === true && $isInGroup === true) {
         return true;
     } else {
         return false;
     }
 }