/**
* This method try to identicate a user
*
* @param $params array of options
* => login_name : mandatory user name
* => login_password : mandatory user password
* => other : optionnal values for post action
*@param $protocol the communication protocol used
*
* @return an response ready to be encode
* => id of the user
* => name of the user
* => realname of the user
* => firstname of the user
* => session : ID of the session for future call
**/
static function methodLogin($params, $protocol)
{
if (isset($params['help'])) {
return array('login_name' => 'string,mandatory', 'login_password' => 'string,mandatory', 'help' => 'bool,optional');
}
if (!isset($params['login_name']) || empty($params['login_name'])) {
return self::Error($protocol, WEBSERVICES_ERROR_MISSINGPARAMETER, '', 'login_name');
}
if (!isset($params['login_password']) || empty($params['login_password'])) {
return self::Error($protocol, WEBSERVICES_ERROR_MISSINGPARAMETER, '', 'login_password');
}
foreach ($params as $name => $value) {
switch ($name) {
case 'login_name':
case 'login_password':
break;
default:
// Store to Session, for post login action (retrieve_more_data_from_ldap, p.e.)
$_SESSION[$name] = $value;
}
}
$identificat = new Auth();
if ($identificat->Login($params['login_name'], $params['login_password'], true)) {
session_write_close();
return array('id' => Session::getLoginUserID(), 'name' => $_SESSION['glpiname'], 'realname' => $_SESSION['glpirealname'], 'firstname' => $_SESSION['glpifirstname'], 'session' => $_SESSION['valid_id']);
}
return self::Error($protocol, WEBSERVICES_ERROR_LOGINFAILED, '', Html::clean($identificat->getErr()));
}
/**
* Connect using the test user
*/
protected function login()
{
$auth = new Auth();
if (!$auth->Login(TU_USER, TU_PASS, true)) {
$this->markTestSkipped('No login');
}
}
protected function setUp() {
global $DB;
$DB->connect();
// Store Max(id) for each glpi tables
$result = $DB->list_tables();
while ($data=$DB->fetch_row($result)) {
$query = "SELECT MAX(`id`) AS MAXID
FROM `".$data[0]."`";
foreach ($DB->request($query) as $row) {
$this->tables[$data[0]] = (empty($row['MAXID']) ? 0 : $row['MAXID']);
}
}
$DB->free_result($result);
$tab = array();
$auth = new Auth();
// First session
$auth->Login('glpi', 'glpi') ;
// Create entity tree
$entity = new Entity();
$tab['entity'][0] = $entity->add(array('name' => 'PHP Unit root',
'entities_id' => 0));
if (!$tab['entity'][0] // Crash detection
|| !FieldExists('glpi_profiles','notification') // Schema detection
|| countElementsInTable('glpi_rules')!=6) { // Old rules
if (!$tab['entity'][0]) {
echo "Couldn't run test (previous run not cleaned)\n";
} else {
echo "Schema need to be updated\n";
}
echo "Loading a fresh empty database:";
$DB->runFile(GLPI_ROOT ."/install/mysql/glpi-0.84-empty.sql");
die(" done\nTry again\n");
}
$tab['entity'][1] = $entity->add(array('name' => 'PHP Unit Child 1',
'entities_id' => $tab['entity'][0]));
$tab['entity'][2] = $entity->add(array('name' => 'PHP Unit Child 2',
'entities_id' => $tab['entity'][0]));
$tab['entity'][3] = $entity->add(array('name' => 'PHP Unit Child 2.1',
'entities_id' => $tab['entity'][2]));
$tab['entity'][4] = $entity->add(array('name' => 'PHP Unit Child 2.2',
'entities_id' => $tab['entity'][2]));
// New session with all the entities
$auth->Login('glpi', 'glpi') or die("Login glpi/glpi invalid !\n");
// Shared this with all tests
$this->sharedFixture = $tab;
}
function Check()
{
if (isset($_GET['auth']) and $_GET['auth'] == 'logout') {
Auth::Logout();
return false;
} else {
return Auth::Login();
}
}
$_POST['login_password'] = unclean_cross_side_scripting_deep($_POST['login_password']);
} else {
$_POST['login_password'] = '';
}
// Redirect management
$REDIRECT = "";
if (isset($_POST['redirect']) && strlen($_POST['redirect']) > 0) {
$REDIRECT = "?redirect=" . $_POST['redirect'];
} else {
if (isset($_GET['redirect']) && strlen($_GET['redirect']) > 0) {
$REDIRECT = "?redirect=" . $_GET['redirect'];
}
}
$auth = new Auth();
// now we can continue with the process...
if ($auth->Login($_POST['login_name'], $_POST['login_password'], isset($_REQUEST["noAUTO"]) ? $_REQUEST["noAUTO"] : false)) {
// Redirect to Command Central if not post-only
if ($_SESSION["glpiactiveprofile"]["interface"] == "helpdesk") {
glpi_header($CFG_GLPI['root_doc'] . "/front/helpdesk.public.php{$REDIRECT}");
} else {
glpi_header($CFG_GLPI['root_doc'] . "/front/central.php{$REDIRECT}");
}
} else {
// we have done at least a good login? No, we exit.
nullHeader("Login", $CFG_GLPI["root_doc"] . '/index.php');
echo '<div class="center b">' . $auth->getErr() . '<br><br>';
// Logout whit noAUto to manage auto_login with errors
echo '<a href="' . $CFG_GLPI["root_doc"] . '/logout.php?noAUTO=1' . str_replace("?", "&", $REDIRECT) . '">' . $LANG['login'][1] . '</a></div>';
nullFooter();
exit;
}
/**
* Init GLPI Session
*
* @param $params array with theses options :
* - a couple 'name' & 'password' : 2 parameters to login with user auhentication
* OR
* - an 'user_token' defined in User Configuration
*
* @return array with session_token
**/
protected function initSession($params = array())
{
global $CFG_GLPI;
$this->checkAppToken();
$this->logEndpointUsage(__FUNCTION__);
if ((!isset($params['login']) || empty($params['login']) || !isset($params['password']) || empty($params['password'])) && (!isset($params['user_token']) || empty($params['user_token']))) {
$this->returnError(__("parameter(s) login, password or user_token are missing"), 400, "ERROR_LOGIN_PARAMETERS_MISSING");
}
$auth = new Auth();
// fill missing params (in case of user_token)
if (!isset($params['login'])) {
$params['login'] = '';
}
if (!isset($params['password'])) {
$params['password'] = '';
}
$noAuto = true;
if (isset($params['user_token']) && !empty($params['user_token'])) {
$_REQUEST['user_token'] = $params['user_token'];
$noAuto = false;
} else {
if (!$CFG_GLPI['enable_api_login_credentials']) {
$this->returnError(__("usage of initSession resource with credentials is disabled"), 400, "ERROR_LOGIN_WITH_CREDENTIALS_DISABLED", false);
}
}
// login on glpi
if (!$auth->Login($params['login'], $params['password'], $noAuto)) {
$err = Html::clean($auth->getErr());
if (isset($params['user_token']) && !empty($params['user_token'])) {
return $this->returnError(__("parameter user_token seems invalid"), 401, "ERROR_GLPI_LOGIN_USER_TOKEN", false);
}
return $this->returnError($err, 401, "ERROR_GLPI_LOGIN", false);
}
// stop session and return session key
session_write_close();
return array('session_token' => $_SESSION['valid_id']);
}
exit;
}
$token = $_SESSION['facebook_access_token'];
try {
// Returns a `Facebook\FacebookResponse` object
$response = $fb->get('/me?fields=id,name,first_name,last_name,gender,link,birthday,location,picture', $token);
} catch (Facebook\Exceptions\FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
session_destroy();
header("Location: index.php");
exit;
} catch (Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
$user = $response->getGraphUser();
$body = "";
$head = "";
$pg = "search";
if (isset($_GET['pg'])) {
$pg = $_GET['pg'];
}
if (!file_exists("pages/{$pg}.php")) {
$pg = "search";
}
$user_data = Auth::Login($user->getId());
if ($user_data == null) {
$pg = "register";
}
require_once "pages/{$pg}.php";
require_once "template/body.php";
$password = Toolbox::unclean_cross_side_scripting_deep($_POST[$_SESSION['pwdfield']]);
} else {
$password = '';
}
// Redirect management
$REDIRECT = "";
if (isset($_POST['redirect']) && strlen($_POST['redirect']) > 0) {
$REDIRECT = "?redirect=" . rawurlencode($_POST['redirect']);
} else {
if (isset($_GET['redirect']) && strlen($_GET['redirect']) > 0) {
$REDIRECT = "?redirect=" . rawurlencode($_GET['redirect']);
}
}
$auth = new Auth();
// now we can continue with the process...
if ($auth->Login($login, $password, isset($_REQUEST["noAUTO"]) ? $_REQUEST["noAUTO"] : false)) {
// Redirect to Command Central if not post-only
if ($_SESSION["glpiactiveprofile"]["interface"] == "helpdesk") {
if ($_SESSION['glpiactiveprofile']['create_ticket_on_login'] && empty($REDIRECT)) {
Html::redirect($CFG_GLPI['root_doc'] . "/front/helpdesk.public.php?create_ticket=1");
}
Html::redirect($CFG_GLPI['root_doc'] . "/front/helpdesk.public.php{$REDIRECT}");
} else {
if ($_SESSION['glpiactiveprofile']['create_ticket_on_login'] && empty($REDIRECT)) {
Html::redirect($CFG_GLPI['root_doc'] . "/front/ticket.form.php");
}
Html::redirect($CFG_GLPI['root_doc'] . "/front/central.php{$REDIRECT}");
}
} else {
// we have done at least a good login? No, we exit.
Html::nullHeader("Login", $CFG_GLPI["root_doc"] . '/index.php');
if (is_dir($dir . DIRECTORY_SEPARATOR . $node)) {
# Add directory recursively, be sure to pass a valid path
# to the function, not just the folder's name
$contents[$node] = dirToArray($dir . DIRECTORY_SEPARATOR . $node);
} else {
# Add node, the keys will be updated automatically
$contents[] = $node;
}
}
# done
return $contents;
}
$app->post('/api/connect', function (Request $request) use($app, $db, $auth) {
$login = $request->get('username');
$password = $request->get('password');
if ($auth->Login($login, $password)) {
return $_COOKIE['session'];
}
return '';
});
$app->post('/api/disconnect', function (Request $request) use($app, $db, $auth) {
if ($auth->Check($_COOKIE['session'])) {
$date = new DateTime();
$hash = sha1(rand() * 992301230 . $date->getTimestamp());
setcookie('session', null, -1, '/');
$results = $db->query('UPDATE accounts SET hash="' . $hash . '" WHERE hash="' . $_COOKIE['session'] . '"');
session_destroy();
return '1';
}
return '';
});
