public function doLogin() { // obtain credentials from POST $user = isset($_POST['user']) ? $_POST['user'] : null; $password = isset($_POST['password']) ? $_POST['password'] : null; $redirUrl = isset($_POST['redirUrl']) ? $_POST['redirUrl'] : '/'; $database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'user', array('id', 'password')); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); $options = new ezcAuthenticationSessionOptions(); $options->validity = 86400; $session = new ezcAuthenticationSession($options); $session->start(); // use the options object when creating a new Session object $credentials = new ezcAuthenticationPasswordCredentials($user, md5($password)); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter($databaseFilter); if (!$authentication->run()) { $request = clone $this->request; $status = $authentication->getStatus(); $request->variables['redirUrl'] = $redirUrl; $request->variables['reasons'] = $status; $request->uri = '/login-required'; return new ezcMvcInternalRedirect($request); } $res = new ezcMvcResult(); $res->status = new ezcMvcExternalRedirect($redirUrl); return $res; }
public function testTokenExternCallbackFail() { $credentials = new ezcAuthenticationIdCredentials('foobar'); $authentication = new ezcAuthentication($credentials); $authentication->addFilter(new ezcAuthenticationTokenFilter('wrong value', array('EncryptionTest', 'uncrackable'))); $this->assertEquals(false, $authentication->run()); }
public function authenticate( ezcAuthentication $auth, ezcMvcRequest $request ) { if ( !$auth->run() ) { $aStatuses = $auth->getStatus(); $statusCode = null; foreach ( $aStatuses as $status ) { if ( key( $status ) === 'ezpOauthFilter' ) { $statusCode = current( $status ); break; } } $request->variables['ezpAuth_redirUrl'] = $request->uri; $request->variables['ezpAuth_reason'] = $statusCode; $request->uri = "{$this->prefix}/auth/oauth/login"; return new ezcMvcInternalRedirect( $request ); } else { $user = eZUser::fetch( ezpOauthFilter::$tokenInfo->user_id ); if ( !$user instanceof eZUser ) { throw new ezpUserNotFoundException( ezpOauthFilter::$tokenInfo->user_id ); } return $user; } }
/** * @see ezpRestAuthenticationStyleInterface::authenticate() */ public function authenticate(ezcAuthentication $auth, ezcMvcRequest $request) { if (!$auth->run() && $request->uri !== "{$this->prefix}/fatal") { throw new ezpUserNotFoundException($auth->credentials->id); } else { return eZUser::fetch($auth->credentials->id); } }
public function authenticate(ezcAuthentication $auth, ezcMvcRequest $request) { if (!$auth->run()) { $request->uri = "{$this->prefix}/auth/http-basic-auth"; return new ezcMvcInternalRedirect($request); } else { // We're in. Get the ezp user and return it return eZUser::fetchByName($auth->credentials->id); } }
public function authenticate(ezcAuthentication $auth, ezcMvcRequest $request) { if (!$auth->run()) { // @TODO: Proper error messages required of course. $request->uri = '/http-basic-auth'; return new ezcMvcInternalRedirect($request); } else { // We're in $logger->log("Authentication successful", ezcLog::DEBUG); // $logger->log( var_export( $request->raw, true), ezcLog::DEBUG ); } }
public function authenticate(ezcAuthentication $auth, ezcMvcRequest $request) { if (!$auth->run()) { // @TODO Current code block is inactive as auth is currently handled // via exceptions rather than via auth status. $request->variables['ezcAuth_redirUrl'] = $request->uri; $request->variables['ezcAuth_reasons'] = $auth->getStatus(); $request->uri = '/login/oauth'; return new ezcMvcInternalRedirect($request); } return; }
public function testSessionRunValidExpired() { $_SESSION[self::$timestampKey] = time() - 5; $_SESSION[self::$idKey] = self::$id; $credentials = new ezcAuthenticationIdCredentials(self::$id); $authentication = new ezcAuthentication($credentials); $options = new ezcAuthenticationSessionOptions(); $options->validity = 1; $authentication->session = new ezcAuthenticationSession($options); $this->assertEquals(true, isset($_SESSION[self::$timestampKey])); $this->assertEquals(true, isset($_SESSION[self::$idKey])); $this->assertEquals(false, $authentication->run()); $this->assertEquals(false, isset($_SESSION[self::$timestampKey])); $this->assertEquals(false, isset($_SESSION[self::$idKey])); }
public function testGroupMultipleCredentialsConstructor() { foreach (self::$results as $result) { $credentials1 = new ezcAuthenticationIdCredentials(self::$data1[$result[0]][0]); $credentials2 = new ezcAuthenticationIdCredentials(self::$data2[$result[1]][0]); $authentication = new ezcAuthentication($credentials1); $filter1 = new ezcAuthenticationTokenFilter(self::$data1[$result[0]][1], self::$data1[$result[0]][2]); $filter2 = new ezcAuthenticationTokenFilter(self::$data2[$result[1]][1], self::$data2[$result[1]][2]); $options = new ezcAuthenticationGroupOptions(); $options->multipleCredentials = true; $options->mode = $result[2]; $group = new ezcAuthenticationGroupFilter(array(array($filter1, $credentials1), array($filter2, $credentials2)), $options); $authentication->addFilter($group); $this->assertEquals($result[3], $authentication->run(), "Test failed for ({$result[0]}, {$result[1]}, {$result[2]})."); } }
$action = isset($_GET['action']) ? strtolower($_GET['action']) : null; $credentials = new ezcAuthenticationIdCredentials($url); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; if ($action === 'logout') { $session->destroy(); } else { $options = new ezcAuthenticationOpenidOptions(); $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART; $options->openidVersion = ezcAuthenticationOpenidFilter::VERSION_2_0; $options->store = new ezcAuthenticationOpenidFileStore('/tmp/store'); $filter = new ezcAuthenticationOpenidFilter($options); $filter->registerFetchData(array('fullname', 'gender', 'country', 'language')); $authentication->addFilter($filter); } if (!$authentication->run()) { // authentication did not succeed, so inform the user $status = $authentication->getStatus(); $err = array(); $err["user"] = ""; $err["session"] = ""; for ($i = 0; $i < count($status); $i++) { list($key, $value) = each($status[$i]); switch ($key) { case 'ezcAuthenticationOpenidFilter': if ($value === ezcAuthenticationOpenidFilter::STATUS_SIGNATURE_INCORRECT) { $err["user"] = "******"; } if ($value === ezcAuthenticationOpenidFilter::STATUS_CANCELLED) { $err["user"] = "******"; }
/** * Returns either an internal or external redirect depending on whether the * user authenticated succesfully. * * This method is run from the "login" action just after login() has been * called. It takes the $authentication object, the $request and the form * provided $redirUrl. It redirects upon failure to the configured * loginRequiredUri and upon succes to the provided $redirUrl. The * redirection happens by returning an ezcMvcInternalRedirect or * ezcMvcResult with a ezcMvcExternalRedirect status. * * @param ezcAuthentication $authentication * @param ezcMvcRequest $request * @param string $redirUrl * @return ezcMvcInternalRedirect|ezcMvcResult */ function returnLoginRedirect(ezcAuthentication $authentication, ezcMvcRequest $request, $redirUrl) { if (!$authentication->run()) { $request = clone $request; $status = $authentication->getStatus(); $request->variables['ezcAuth_redirUrl'] = $redirUrl; $request->variables['ezcAuth_reasons'] = $status; $request->uri = $this->options->loginRequiredUri; return new ezcMvcInternalRedirect($request); } $res = new ezcMvcResult(); $res->status = new ezcMvcExternalRedirect($redirUrl); return $res; }
public function testGeneralNoFilters() { $credentials = new ezcAuthenticationIdCredentials('john.doe'); $authentication = new ezcAuthentication($credentials); $this->assertEquals(true, $authentication->run()); }
public function testGroupConstructorArrayArrayFilters() { $optionsGroup = new ezcAuthenticationGroupOptions(); $optionsGroup->mode = ezcAuthenticationGroupFilter::MODE_AND; $credentials = new ezcAuthenticationPasswordCredentials('john.doe', 'foobar'); $authentication = new ezcAuthentication($credentials); $options = new ezcAuthenticationHtpasswdOptions(); $options->plain = true; $authentication->addFilter(new ezcAuthenticationGroupFilter(array(array(new ezcAuthenticationHtpasswdFilter(self::$empty, $options)), array(new ezcAuthenticationHtpasswdFilter(self::$empty, $options))), $optionsGroup)); $this->assertEquals(false, $authentication->run()); }
/** * Modified test for issue #12992 (case-sensitivity problems for LDAP registerFetchData()). * * Modified 'objectclass' into 'objectClass'. */ public function testLdapFetchExtraDataObjectClass() { $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'qwerty'); $ldap = new ezcAuthenticationLdapInfo(self::$host, self::$format, self::$base, self::$port); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationLdapFilter($ldap); $filter->registerFetchData(array('uid', 'objectClass')); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('uid' => array('jan.modaal'), 'objectClass' => array('account', 'simpleSecurityObject', 'top')); $this->assertEquals($expected, $filter->fetchData()); }
public function testOpenidMockImmediateCaseNullSmartModeFileStore() { if (!ezcBaseFeatures::hasExtensionSupport('bcmath') && !ezcBaseFeatures::hasExtensionSupport('gmp')) { $this->markTestSkipped('PHP must be compiled with --enable-bcmath or --with-gmp.'); } $credentials = new ezcAuthenticationIdCredentials(self::$url); $authentication = new ezcAuthentication($credentials); $options = new ezcAuthenticationOpenidOptions(); $options->mode = ezcAuthenticationOpenidFilter::MODE_SMART; $path = $this->createTempDir(get_class($this)); $options->store = new ezcAuthenticationOpenidFileStore($path); $options->immediate = true; $filter = $this->getMock('ezcAuthenticationOpenidFilter', array('generateNonce'), array($options)); $filter->expects($this->any())->method('generateNonce')->will($this->returnValue('123456')); $authentication->addFilter($filter); $authentication->run(); $this->removeTempDir(); $setupUrl = $filter->getSetupUrl(); $expected = "http://www.myopenid.com/server?action=login&openid_identifier=http%3A%2F%2Fezc.myopenid.com&nonce=123456&openid.assoc_handle=%7BHMAC-SHA1%7D%7B46c3086c%7D%7B%2F3r4xA%3D%3D%7D&openid.mode=checkid_setup&openid.sig=miZkmdlb3%2BPDCASwZzAqxQfZqn4%3D&openid.claimed_id%3Dhttp%253A%252F%252Fezc.myopenid.com%252F%26openid.identity%3Dhttp%253A%252F%252Fezc.myopenid.com%252F%26openid.mode%3Dcheckid_setup%26openid.return_to%3Dhttp%253A%252F%252Flocalhost%252Fopenid.php%253Faction%253Dlogin%2526openid_identifier%253Dhttp%25253A%25252F%25252Fezc.myopenid.com%2526nonce%253D123456%26openid.trust_root%3Dhttp%253A%252F%252Flocalhost&openid.claimed_id=http%3A%2F%2Fezc.myopenid.com%2F&openid.identity=http%3A%2F%2Fezc.myopenid.com%2F&openid.return_to=http%3A%2F%2Flocalhost%2Fopenid.php%3Faction%3Dlogin%26openid_identifier%3Dhttp%253A%252F%252Fezc.myopenid.com%26nonce%3D123456&openid.trust_root=http%3A%2F%2Flocalhost"; $this->assertEquals(substr($expected, 0, 138), substr($setupUrl, 0, 138)); $this->assertEquals(substr($expected, strpos($expected, 'openid.claimed_id')), substr($setupUrl, strpos($setupUrl, 'openid.claimed_id'))); }
/** * Test for issue #15244 (DN can not be retrieved from the LDAP filter (patch)). */ public function testLdapFetchExtraDataDN() { $credentials = new ezcAuthenticationPasswordCredentials('jan.modaal', 'qwerty'); $ldap = new ezcAuthenticationLdapInfo(self::$host, self::$format, self::$base, self::$port); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationLdapFilter($ldap); $filter->registerFetchData(array('uid', 'dn')); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('uid' => array('jan.modaal'), 'dn' => 'uid=jan.modaal,dc=ezctest,dc=ez,dc=no'); $this->assertEquals($expected, $filter->fetchData()); }
public function testHtpasswdFileNoPasswords() { $credentials = new ezcAuthenticationPasswordCredentials('john.doe', ''); $authentication = new ezcAuthentication($credentials); $options = new ezcAuthenticationHtpasswdOptions(); $options->plain = true; $authentication->addFilter(new ezcAuthenticationHtpasswdFilter(self::$nopass, $options)); $this->assertEquals(false, $authentication->run()); }
public function testDatabaseFetchData() { $credentials = new ezcAuthenticationPasswordCredentials('john.doe', 'joB9EZ4O1cXDk'); $database = new ezcAuthenticationDatabaseInfo($this->db, self::$table, array(self::$fieldUser, self::$fieldPassword)); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationDatabaseFilter($database); $filter->registerFetchData(array('name', 'country')); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('name' => array('John Doe'), 'country' => array('US')); $this->assertEquals($expected, $filter->fetchData()); }
public function testTypeKeyFetchExtraDataWithEmail() { if (!ezcBaseFeatures::hasExtensionSupport('gmp')) { $this->markTestSkipped('PHP must be compiled with --with-gmp.'); } $_GET = self::$responseWithEmail; $credentials = new ezcAuthenticationIdCredentials(self::$token); $authentication = new ezcAuthentication($credentials); $filter = new ezcAuthenticationTypekeyFilter(); $filter->lib = ezcAuthenticationMath::createBignumLibrary('gmp'); $authentication->addFilter($filter); $this->assertEquals(true, $authentication->run()); $expected = array('name' => array('ezc'), 'nick' => array('ezctest'), 'email' => array('*****@*****.**')); $this->assertEquals($expected, $filter->fetchData()); }
private function runAuthRequiredFilter($request) { $database = new ezcAuthenticationDatabaseInfo(ezcDbInstance::get(), 'user', array('id', 'password')); $databaseFilter = new ezcAuthenticationDatabaseFilter($database); // use the options object when creating a new Session object $options = new ezcAuthenticationSessionOptions(); $options->validity = 86400; $session = new ezcAuthenticationSession($options); $session->start(); $user = $session->load(); $password = null; $loginWithForm = true; $credentials = new ezcAuthenticationPasswordCredentials($user, md5($password)); $authentication = new ezcAuthentication($credentials); $authentication->session = $session; $authentication->addFilter($databaseFilter); if (!$authentication->run()) { $status = $authentication->getStatus(); $request->variables['redirUrl'] = $request->uri; $request->variables['reasons'] = $status; $request->uri = '/login-required'; debugLogger::log(var_export($status, true), ezcLog::DEBUG, array("source" => __METHOD__)); return new ezcMvcInternalRedirect($request); } if (isset($_SESSION['ezcAuth_id'])) { /* $q = ezcDbInstance::get()->createSelectQuery(); $q->select( '*' ) ->from( 'user' ) ->leftJoin( 'user_pref', 'user.id', 'user_pref.user_id' ) ->where( $q->expr->eq( 'id', $q->bindValue( $_SESSION['ezcAuth_id'] ) ) ); $s = $q->prepare(); $s->execute(); $r = $s->fetchAll(); $userName = $r[0]['fullname']; */ $q = ezcDbInstance::get()->createSelectQuery(); $q->select('*')->from('user')->where($q->expr->eq('id', $q->bindValue($_SESSION['ezcAuth_id']))); $s = $q->prepare(); $s->execute(); $r = $s->fetchAll(); $userName = $r[0]['fullname']; date_default_timezone_set($r[0]['timezone']); } $request->variables['user'] = $userName; }