public function executeGenerateAuthToken(sfWebRequest $request)
{
$this->auth_token = new AuthToken();
$this->auth_token->User = $this->getUser()->getGuardUser();
$pathInfo = $request->getPathInfoArray();
$this->auth_token->remote_address = $pathInfo['REMOTE_ADDR'];
$this->auth_token->remote_port = $pathInfo['REMOTE_PORT'];
$this->auth_token->save();
$this->user_id = $this->getUser()->getGuardUser()->getId();
$this->username = $this->getUser()->getGuardUser()->getUsername();
switch ($request->getRequestFormat()) {
case 'yaml':
$this->setLayout(false);
$this->getResponse()->setContentType('text/yaml');
break;
}
}
/**
* Renders the login dialog,
* calls the login action if Shibboleth data is present
* or POST data is sent as a fall back,
* redirects the user after successful authentication
*
* @param sfWebRequest $request The current web request.
*
* @return void
*/
public function execute($request)
{
$this->form = new sfForm();
$this->form->getValidatorSchema()->setOption('allow_extra_fields', true);
// Redirect to @homepage if the user is already authenticated
if ($this->context->user->isAuthenticated()) {
$this->redirect('@homepage');
}
// Redirect to the current URI in case we're forwarded to the login page
$this->form->setDefault('next', $request->getUri());
if ('user' == $request->module && 'login' == $request->action) {
// Redirect to our referer otherwise
$this->form->setDefault('next', $request->getReferer());
}
$apache_params = $request->getPathInfoArray();
$this->form->setValidator('next', new sfValidatorString());
$this->form->setWidget('next', new sfWidgetFormInputHidden());
$this->form->setValidator('email', new sfValidatorEmail(array('required' => true), array('required' => $this->context->i18n->__('You must enter your email address'), 'invalid' => $this->context->i18n->__('This isn\'t a valid email address'))));
$this->form->setWidget('email', new sfWidgetFormInput());
$this->form->setValidator('password', new sfValidatorString(array('required' => true), array('required' => $this->context->i18n->__('You must enter your password'))));
$this->form->setWidget('password', new sfWidgetFormInputPassword());
if (strlen($apache_params['Shib-Session-Index']) >= 8) {
if ($this->context->user->authenticate($apache_params['mail'], '', $request)) {
if (null !== ($next = $this->form->getValue('next'))) {
$this->redirect($next);
}
$this->redirect('@homepage');
}
}
if ($request->isMethod('post')) {
$this->form->bind($request->getPostParameters());
if ($this->form->isValid()) {
if ($this->context->user->authenticate($this->form->getValue('email'), $this->form->getValue('password'))) {
if (null !== ($next = $this->form->getValue('next'))) {
$this->redirect($next);
}
$this->redirect('@homepage');
}
$this->form->getErrorSchema()->addError(new sfValidatorError(new sfValidatorPass(), 'Sorry, unrecognized email or password'));
}
}
}
/**
* getProxyHeaders
*
* @param sfWebRequest $request
* @param boolean $isStripUid
* @return array
*/
public static function getProxyHeaders($request, $isStripUid = true)
{
$results = array();
if ($request->getHttpHeader('User-Agent')) {
$userAgent = $request->getHttpHeader('User-Agent');
if ($isStripUid) {
if (preg_match('#^(DoCoMo/1\\.0.*)/(ser.*)$#', $userAgent, $match)) {
$userAgent = $match[1];
} elseif (preg_match('#^(DoCoMo/2\\.0) (.*)\\((.*);(ser.*)\\)$#', $userAgent, $match)) {
$userAgent = $match[1] . ' ' . $match[2] . '(' . $match[3] . ')';
} elseif (preg_match('#^((SoftBank|Vodafone|J-PHONE)/.*/.*)(/SN\\S*) (.*)$#', $userAgent, $match)) {
$userAgent = $match[1] . ' ' . $match[4];
}
}
$results['User-Agent'] = $userAgent;
}
if (!$isStripUid) {
$headerNames = array('X-DCMGUID', 'X-UP-SUBNO', 'X-JPHONE-UID');
foreach ($headerNames as $name) {
if ($request->getHttpHeader($name)) {
$results[$name] = $request->getHttpHeader($name);
}
}
}
$pathArray = $request->getPathInfoArray();
foreach ($pathArray as $name => $value) {
if (preg_match('/^HTTP_(X_(UP|JPHONE)_.*)$/', $name, $match)) {
$name = strtr($match[1], '_', '-');
if ($name !== 'X-JPHONE-UID' && $name !== 'X-UP-SUBNO') {
$results[$name] = $value;
}
}
}
$name = 'X-S-DISPLAY-INFO';
if ($request->getHttpHeader($name)) {
$results[$name] = $request->getHttpHeader($name);
}
return $results;
}
/**
* Process a file upload
*
* @param sfWebRequest $request
*/
public function executeUpload(sfWebRequest $request)
{
$this->setTemplate(false);
set_time_limit(15 * 60);
$targetDir = sfConfig::get('sf_upload_dir');
$chunk = $request->getParameter('chunk', 0);
$chunks = $request->getParameter('chunks', 0);
$fileName = $request->getParameter('name', '');
$fileName = preg_replace('/[^\\w\\._]+/', '', $fileName);
// Make sure the fileName is unique but only if chunking is disabled
if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) {
$ext = strrpos($fileName, '.');
$fileName_a = substr($fileName, 0, $ext);
$fileName_b = substr($fileName, $ext);
$count = 1;
while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b)) {
$count++;
}
$fileName = $fileName_a . '_' . $count . $fileName_b;
}
// Look for the content type header
$pathInfo = $request->getPathInfoArray();
$contentType = '';
if (isset($pathInfo["CONTENT_TYPE"])) {
$contentType = $pathInfo["CONTENT_TYPE"];
} elseif (isset($pathInfo["HTTP_CONTENT_TYPE"])) {
$contentType = $pathInfo["HTTP_CONTENT_TYPE"];
}
$files = $request->getFiles();
$files = $files['file'];
// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
if (strpos($contentType, "multipart") !== false) {
if (isset($files['error']) && $files['error']) {
echo sprintf('{"jsonrpc": "2.0", "error" : { "message": "%s" }}', $files['error']);
}
if (isset($files['tmp_name']) && is_uploaded_file($files['tmp_name'])) {
// Open temp file
$out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab");
if ($out) {
// Read binary input stream and append it to temp file
$in = fopen($files['tmp_name'], "rb");
if ($in) {
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
} else {
echo '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}';
}
fclose($in);
fclose($out);
unlink($files['tmp_name']);
} else {
echo '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}';
}
} else {
echo '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}';
}
} else {
// Open temp file
$out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab");
if ($out) {
// Read binary input stream and append it to temp file
$in = fopen("php://input", "rb");
if ($in) {
while ($buff = fread($in, 4096)) {
fwrite($out, $buff);
}
} else {
echo '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}';
}
fclose($in);
fclose($out);
} else {
echo '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}';
}
}
if ($chunks == $chunk + 1) {
echo '{"jsonrpc" : "2.0", "result" : "complete", "id" : "id"}';
}
echo '{"jsonrpc" : "2.0", "result" : null, "id" : "id"}';
return sfView::NONE;
}
/**
* Generate a username from the Shibboleth ePPN
*
* @param sfWebRequest $request the current web request
* @return string $username the local part of the ePPN as username
*
*/
protected function generateUserNameFromShibInfo($request)
{
$params = $request->getPathInfoArray();
// Warning: does not support federation!
$usernameparts = explode("@", $params['eppn']);
$username = $usernameparts[0];
return $username;
}
