/** * @return string */ protected function validateToU() { if( !self::user() ) return false; self::user()->toUValidated(true); $context = ContextTool::instance()->backUrl(); $context = isset( $_POST['context'] ) ? $_POST['context'] : '/'; // @todo: update ESB by sending validation status $esbResult = new ESBResult(); $userService = ESBFactory::getUserService(); if(SolrSafeOperatorHelper::featureIsActive('UUMP')) { $result = $userService->read(self::user()->attribute('uuid')); ServiceLoginUUMP::populateESBResult($esbResult, $result); } else { $result = ServiceLogin::readCall(self::user()->attribute('uuid'), $esbResult); ServiceLogin::populateESBResult($esbResult, $result); } $esbResult->userName = self::user()->attribute('uuid'); $esbResult->termsOfUse = 'Y'; $esbResult->privacyPolicy = 'Y'; if( SolrSafeOperatorHelper::featureIsActive('UUMP') || (ClusterTool::clusterIdentifier() == "cluster_at") ) { $esbResult->termsOfUse = '1'; $esbResult->privacyPolicy = '1'; } $esbResult->countryOfRegistration = self::user()->attribute( 'country' ); $userService->write($esbResult->toServiceAgreementTicket()); // if the ESB call fails, we still validate the user input to let him access the content $esbResult->forceToUValidated = true; $esbResult->sessionID = $_COOKIE[self::iniMerck()->variable('TIBCOCookieSettings', 'TIBCOCookieName')]; $loginResult = MMUserLogin::esbLogin( self::user()->attribute('uuid'), $esbResult, false, $context ); if ( $loginResult ) { // Stringify params $strParams = json_encode( $loginResult['params'] ); // Encrypts params $encryptedParams = MMUserLogin::encryptText( $strParams ); // Redirect to PHP-ESI $redirectURL = ContextTool::instance()->domain()."/loginActions.php?context=" . urlencode( $loginResult['destUrl'] ) . "¶ms=" . urlencode( $encryptedParams ); return $redirectURL; } }
/** * Relog the user if rememberme is checked and not logged in * @param bool $try * @throws Exception * @return boolean */ public static function relog($try = false) { $out = array('session_lifetime' => intval(eZINI::instance('merck.ini')->variable('WSMobile', 'SessionLifetime'))); $backendUrl = eZINI::instance('merck.ini')->variable('WSMobile', 'BackEndUrl'); $c = curl_init(); curl_setopt($c, CURLOPT_URL, $backendUrl.'/mobile.php'); curl_setopt($c, CURLOPT_RETURNTRANSFER, true); curl_setopt($c, CURLOPT_NOBODY, true); curl_setopt($c, CURLOPT_HEADER, true); if ( eZINI::instance('merck.ini')->hasVariable('WSMobile', 'BackEndHeader') ) { /* @type $headers array */ $headersList = array(); $headers = eZINI::instance('merck.ini')->variable('WSMobile', 'BackEndHeader'); foreach ( $headers as $header => $value ) { $headersList[] = sprintf('%s: %s', $header, $value); } curl_setopt($c, CURLOPT_HTTPHEADER, $headersList); } $headers = getallheaders(); if( isset($headers['Cookie']) ) curl_setopt($c, CURLOPT_COOKIE, $headers['Cookie']); $result = curl_exec($c); $errno = curl_errno($c); $error = curl_error($c); curl_close($c); $loggedOnBackend = true; if( preg_match( '#^HTTP/1.1 302 Found#', $result ) || ( preg_match( '#Set-Cookie: .*BSESSIONID=(?P<baksess>.*?);#m', $result, $m ) && isset( $_COOKIE['BESSIONID'] ) && $_COOKIE['BESSIONID'] != $m['baksess'] ) ){ $loggedOnBackend = false; } if ( self::isLogged() && $loggedOnBackend ) { return $out; } if ( isset($_COOKIE['remember_me']) ) { $db = MMDB::instance(); $corQuery = "SELECT r.code FROM bo_reference r JOIN bo_cluster_has_reference chr ON chr.cluster_identifier = '%s' WHERE r.type = 'country' AND r.id = chr.reference_id"; $cor = $db->arrayQuery( sprintf( $corQuery, ClusterTool::clusterIdentifier() ) ); if( count( $cor ) > 0 ) $countryOfRegistration = $cor[0]['code']; else $countryOfRegistration = eZINI::instance('site.ini')->variable('RegionalSettings', 'CountryOfRegistration'); $uuid = MMUserLogin::uncryptTicket($_COOKIE['remember_me']); $context = isset( $_REQUEST['context'] ) ? $_REQUEST['context'] : ContextTool::instance()->domain() . '/'; $readService = ESBFactory::getUserService(); $parameters = $readService->getFormParameters($uuid); $datas = $readService->read( $parameters, $uuid ); $esbResult = new ESBResult(); $isPopulated = ServiceLoginUUMP::populateESBResult( $esbResult, $datas ); if ( !$isPopulated ) { // error log caught on WS stack return null; } $loginResult = MMUserLogin::esbLogin( $uuid, $esbResult, true, $context ); if( is_null( $loginResult )) { $out['status'] = 'failed'; $out['errorCode'] = 9; $out['msg'] = 'User not found.'; return $out; } $user = MMUsers::fetchByIdAndCountry($loginResult['params']['Username'], $countryOfRegistration); $loginResult['params']['mmSettings'] = $user->getMMSettings(); $loginResult['params']['unorderedAppList'] = $user->getApplicationList(); $loginResult['params']['alterboxMsgReset'] = $user->hasPreference('alterboxMsgReset') ? $user->getPreferences('alterboxMsgReset') : true; $logged = self::backendLog($loginResult['params']); if ( $logged ) { return $out; } } if ( $try !== true ) { throw new Exception('Missing "remember_me" cookie', 30); } return false; }
/** * Reset password * * @return array */ public function r() { $http = BlockDefault::http(); $tokenData = self::decryptToken($http->postVariable('Token')); $token = $tokenData['token']; $userId = $tokenData['userId']; $expirationDate = strtotime('+1day',(integer)($tokenData['expirationDate'] / 1000)); $password = $http->postVariable('new_password'); $confirmedPassword = $http->postVariable('new_password_check'); $now = time(); $isConsult = (bool) $http->postVariable('consult'); if ($now > $expirationDate) { if ( $isConsult ) { $redirectUrl = $this->getCustomParameter('ConsultExpiredUrl'); } else { $redirectUrl = $this->getCustomParameter('ExpiredUrl'); } return array( 'errorCode' => ResponseError::ERROR_TOKEN_EXPIRED, 'redirectUrl' => $redirectUrl ); } $esbClient = self::getEsbClient(); $isTokenValid = $esbClient->checkToken($userId, $token, $tokenData['expirationDate']); if (!$isTokenValid) { if ( $isConsult ) { $redirectUrl = $this->getCustomParameter('ConsultAlreadyChangedUrl'); } else { $redirectUrl = $this->getCustomParameter('AlreadyChangedUrl'); } return array( 'errorCode' => ResponseError::ERROR_INVALID_TOKEN, 'redirectUrl' => $redirectUrl ); } try { $response = $esbClient->changePassword($userId, $password, $confirmedPassword); if ($response === true) { if( SolrSafeOperatorHelper::featureIsActive( 'ExactTarget' ) && SolrSafeOperatorHelper::featureIsActive( 'UUMP' ) ) { self::sendSuccessMail($tokenData['email'], $userId, $isConsult); } else { self::sendSuccessMail($tokenData['userId'], $userId); } } $esbResult = new ESBResult(); $userService = ESBFactory::getUserService(); $result = $userService->read(null, $userId); ServiceLoginUUMP::populateESBResult($esbResult, $result); $loginResult = MMUserLogin::esbLogin($userId, $esbResult); if ( $isConsult ) { $redirectUrl = $this->getCustomParameter('ConsultSuccessUrl'); } else { $redirectUrl = $this->getCustomParameter('SuccessUrl'); } $params = array( 'uuid' => $userId, 'h' => sha1( eZINI::instance( 'merck.ini' )->variable( 'TicketLogin', 'DESKey' ) . $userId ), 'context' => $redirectUrl ); //CookieTool::setCookie('h', sha1( eZINI::instance( 'merck.ini' )->variable( 'TicketLogin', 'DESKey' ) . $userId ), time() + 3600); $url = '/service/relog?' . http_build_query($params); return array( 'errorCode' => ResponseError::SUCCESS, 'redirectUrl' => $url, ); } catch (\Exception $e) { return array( 'errorCode' => ResponseError::ERROR_REQUEST_EXECUTION, 'msg' => $e->getMessage() ); } }