public function authenticate( ezcAuthentication $auth, ezcMvcRequest $request )
{
if ( !$auth->run() )
{
$aStatuses = $auth->getStatus();
$statusCode = null;
foreach ( $aStatuses as $status )
{
if ( key( $status ) === 'ezpOauthFilter' )
{
$statusCode = current( $status );
break;
}
}
$request->variables['ezpAuth_redirUrl'] = $request->uri;
$request->variables['ezpAuth_reason'] = $statusCode;
$request->uri = "{$this->prefix}/auth/oauth/login";
return new ezcMvcInternalRedirect( $request );
}
else
{
$user = eZUser::fetch( ezpOauthFilter::$tokenInfo->user_id );
if ( !$user instanceof eZUser )
{
throw new ezpUserNotFoundException( ezpOauthFilter::$tokenInfo->user_id );
}
return $user;
}
}
public function doLogin()
{
// obtain credentials from POST
$user = isset($_POST['user']) ? $_POST['user'] : null;
$password = isset($_POST['password']) ? $_POST['password'] : null;
$redirUrl = isset($_POST['redirUrl']) ? $_POST['redirUrl'] : '/';
$database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'user', array('id', 'password'));
$databaseFilter = new ezcAuthenticationDatabaseFilter($database);
$options = new ezcAuthenticationSessionOptions();
$options->validity = 86400;
$session = new ezcAuthenticationSession($options);
$session->start();
// use the options object when creating a new Session object
$credentials = new ezcAuthenticationPasswordCredentials($user, md5($password));
$authentication = new ezcAuthentication($credentials);
$authentication->session = $session;
$authentication->addFilter($databaseFilter);
if (!$authentication->run()) {
$request = clone $this->request;
$status = $authentication->getStatus();
$request->variables['redirUrl'] = $redirUrl;
$request->variables['reasons'] = $status;
$request->uri = '/login-required';
return new ezcMvcInternalRedirect($request);
}
$res = new ezcMvcResult();
$res->status = new ezcMvcExternalRedirect($redirUrl);
return $res;
}
public function authenticate(ezcAuthentication $auth, ezcMvcRequest $request)
{
if (!$auth->run()) {
// @TODO Current code block is inactive as auth is currently handled
// via exceptions rather than via auth status.
$request->variables['ezcAuth_redirUrl'] = $request->uri;
$request->variables['ezcAuth_reasons'] = $auth->getStatus();
$request->uri = '/login/oauth';
return new ezcMvcInternalRedirect($request);
}
return;
}
$authentication = new ezcAuthentication($credentials);
$authentication->session = $session;
if ($action === 'logout') {
$session->destroy();
} else {
$options = new ezcAuthenticationOpenidOptions();
$options->mode = ezcAuthenticationOpenidFilter::MODE_SMART;
$options->openidVersion = ezcAuthenticationOpenidFilter::VERSION_2_0;
$options->store = new ezcAuthenticationOpenidFileStore('/tmp/store');
$filter = new ezcAuthenticationOpenidFilter($options);
$filter->registerFetchData(array('fullname', 'gender', 'country', 'language'));
$authentication->addFilter($filter);
}
if (!$authentication->run()) {
// authentication did not succeed, so inform the user
$status = $authentication->getStatus();
$err = array();
$err["user"] = "";
$err["session"] = "";
for ($i = 0; $i < count($status); $i++) {
list($key, $value) = each($status[$i]);
switch ($key) {
case 'ezcAuthenticationOpenidFilter':
if ($value === ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT) {
$err["user"] = "******";
}
if ($value === ezcAuthenticationOpenidFilter::STATUS_CANCELLED) {
$err["user"] = "******";
}
if ($value === ezcAuthenticationOpenidFilter::STATUS_URL_INCORRECT) {
$err["user"] = "******";
public function testGeneralStatus()
{
$credentials = new ezcAuthenticationIdCredentials('john.doe');
$authentication = new ezcAuthentication($credentials);
$this->assertEquals(array(), $authentication->getStatus());
}
public function testOpenidMockImmediateCaseNullFailHostInaccessible()
{
$credentials = new ezcAuthenticationIdCredentials(self::$url);
$authentication = new ezcAuthentication($credentials);
$options = new ezcAuthenticationOpenidOptions();
$options->immediate = true;
$filter = $this->getMock('ezcAuthenticationOpenidFilter', array('generateNonce', 'discover'), array($options));
$filter->expects($this->any())->method('generateNonce')->will($this->returnValue('123456'));
$filter->expects($this->any())->method('discover')->will($this->returnValue(array('openid.server' => array(''))));
$authentication->addFilter($filter);
$authentication->run();
$status = $authentication->getStatus();
$status = array_values($status[0]);
$status = $status[0];
$this->assertEquals(ezcAuthenticationOpenidFilter::STATUS_URL_INCORRECT, $status);
}
private function runAuthRequiredFilter($request)
{
$database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'user', array('id', 'password'));
$databaseFilter = new ezcAuthenticationDatabaseFilter($database);
// use the options object when creating a new Session object
$options = new ezcAuthenticationSessionOptions();
$options->validity = 86400;
$session = new ezcAuthenticationSession($options);
$session->start();
$user = $session->load();
$password = null;
$loginWithForm = true;
$credentials = new ezcAuthenticationPasswordCredentials($user, md5($password));
$authentication = new ezcAuthentication($credentials);
$authentication->session = $session;
$authentication->addFilter($databaseFilter);
if (!$authentication->run()) {
$status = $authentication->getStatus();
$request->variables['redirUrl'] = $request->uri;
$request->variables['reasons'] = $status;
$request->uri = '/login-required';
debugLogger::log(var_export($status, true), ezcLog::DEBUG, array("source" => __METHOD__));
return new ezcMvcInternalRedirect($request);
}
if (isset($_SESSION['ezcAuth_id'])) {
/*
$q = ezcDbInstance::get()->createSelectQuery();
$q->select( '*' )
->from( 'user' )
->leftJoin( 'user_pref', 'user.id', 'user_pref.user_id' )
->where( $q->expr->eq( 'id', $q->bindValue( $_SESSION['ezcAuth_id'] ) ) );
$s = $q->prepare();
$s->execute();
$r = $s->fetchAll();
$userName = $r[0]['fullname'];
*/
$q = ezcDbInstance::get()->createSelectQuery();
$q->select('*')->from('user')->where($q->expr->eq('id', $q->bindValue($_SESSION['ezcAuth_id'])));
$s = $q->prepare();
$s->execute();
$r = $s->fetchAll();
$userName = $r[0]['fullname'];
date_default_timezone_set($r[0]['timezone']);
}
$request->variables['user'] = $userName;
}
/**
* Returns either an internal or external redirect depending on whether the
* user authenticated succesfully.
*
* This method is run from the "login" action just after login() has been
* called. It takes the $authentication object, the $request and the form
* provided $redirUrl. It redirects upon failure to the configured
* loginRequiredUri and upon succes to the provided $redirUrl. The
* redirection happens by returning an ezcMvcInternalRedirect or
* ezcMvcResult with a ezcMvcExternalRedirect status.
*
* @param ezcAuthentication $authentication
* @param ezcMvcRequest $request
* @param string $redirUrl
* @return ezcMvcInternalRedirect|ezcMvcResult
*/
function returnLoginRedirect(ezcAuthentication $authentication, ezcMvcRequest $request, $redirUrl)
{
if (!$authentication->run()) {
$request = clone $request;
$status = $authentication->getStatus();
$request->variables['ezcAuth_redirUrl'] = $redirUrl;
$request->variables['ezcAuth_reasons'] = $status;
$request->uri = $this->options->loginRequiredUri;
return new ezcMvcInternalRedirect($request);
}
$res = new ezcMvcResult();
$res->status = new ezcMvcExternalRedirect($redirUrl);
return $res;
}
