public function executeGenerateAuthToken(sfWebRequest $request) { $this->auth_token = new AuthToken(); $this->auth_token->User = $this->getUser()->getGuardUser(); $pathInfo = $request->getPathInfoArray(); $this->auth_token->remote_address = $pathInfo['REMOTE_ADDR']; $this->auth_token->remote_port = $pathInfo['REMOTE_PORT']; $this->auth_token->save(); $this->user_id = $this->getUser()->getGuardUser()->getId(); $this->username = $this->getUser()->getGuardUser()->getUsername(); switch ($request->getRequestFormat()) { case 'yaml': $this->setLayout(false); $this->getResponse()->setContentType('text/yaml'); break; } }
/** * Renders the login dialog, * calls the login action if Shibboleth data is present * or POST data is sent as a fall back, * redirects the user after successful authentication * * @param sfWebRequest $request The current web request. * * @return void */ public function execute($request) { $this->form = new sfForm(); $this->form->getValidatorSchema()->setOption('allow_extra_fields', true); // Redirect to @homepage if the user is already authenticated if ($this->context->user->isAuthenticated()) { $this->redirect('@homepage'); } // Redirect to the current URI in case we're forwarded to the login page $this->form->setDefault('next', $request->getUri()); if ('user' == $request->module && 'login' == $request->action) { // Redirect to our referer otherwise $this->form->setDefault('next', $request->getReferer()); } $apache_params = $request->getPathInfoArray(); $this->form->setValidator('next', new sfValidatorString()); $this->form->setWidget('next', new sfWidgetFormInputHidden()); $this->form->setValidator('email', new sfValidatorEmail(array('required' => true), array('required' => $this->context->i18n->__('You must enter your email address'), 'invalid' => $this->context->i18n->__('This isn\'t a valid email address')))); $this->form->setWidget('email', new sfWidgetFormInput()); $this->form->setValidator('password', new sfValidatorString(array('required' => true), array('required' => $this->context->i18n->__('You must enter your password')))); $this->form->setWidget('password', new sfWidgetFormInputPassword()); if (strlen($apache_params['Shib-Session-Index']) >= 8) { if ($this->context->user->authenticate($apache_params['mail'], '', $request)) { if (null !== ($next = $this->form->getValue('next'))) { $this->redirect($next); } $this->redirect('@homepage'); } } if ($request->isMethod('post')) { $this->form->bind($request->getPostParameters()); if ($this->form->isValid()) { if ($this->context->user->authenticate($this->form->getValue('email'), $this->form->getValue('password'))) { if (null !== ($next = $this->form->getValue('next'))) { $this->redirect($next); } $this->redirect('@homepage'); } $this->form->getErrorSchema()->addError(new sfValidatorError(new sfValidatorPass(), 'Sorry, unrecognized email or password')); } } }
/** * getProxyHeaders * * @param sfWebRequest $request * @param boolean $isStripUid * @return array */ public static function getProxyHeaders($request, $isStripUid = true) { $results = array(); if ($request->getHttpHeader('User-Agent')) { $userAgent = $request->getHttpHeader('User-Agent'); if ($isStripUid) { if (preg_match('#^(DoCoMo/1\\.0.*)/(ser.*)$#', $userAgent, $match)) { $userAgent = $match[1]; } elseif (preg_match('#^(DoCoMo/2\\.0) (.*)\\((.*);(ser.*)\\)$#', $userAgent, $match)) { $userAgent = $match[1] . ' ' . $match[2] . '(' . $match[3] . ')'; } elseif (preg_match('#^((SoftBank|Vodafone|J-PHONE)/.*/.*)(/SN\\S*) (.*)$#', $userAgent, $match)) { $userAgent = $match[1] . ' ' . $match[4]; } } $results['User-Agent'] = $userAgent; } if (!$isStripUid) { $headerNames = array('X-DCMGUID', 'X-UP-SUBNO', 'X-JPHONE-UID'); foreach ($headerNames as $name) { if ($request->getHttpHeader($name)) { $results[$name] = $request->getHttpHeader($name); } } } $pathArray = $request->getPathInfoArray(); foreach ($pathArray as $name => $value) { if (preg_match('/^HTTP_(X_(UP|JPHONE)_.*)$/', $name, $match)) { $name = strtr($match[1], '_', '-'); if ($name !== 'X-JPHONE-UID' && $name !== 'X-UP-SUBNO') { $results[$name] = $value; } } } $name = 'X-S-DISPLAY-INFO'; if ($request->getHttpHeader($name)) { $results[$name] = $request->getHttpHeader($name); } return $results; }
/** * Process a file upload * * @param sfWebRequest $request */ public function executeUpload(sfWebRequest $request) { $this->setTemplate(false); set_time_limit(15 * 60); $targetDir = sfConfig::get('sf_upload_dir'); $chunk = $request->getParameter('chunk', 0); $chunks = $request->getParameter('chunks', 0); $fileName = $request->getParameter('name', ''); $fileName = preg_replace('/[^\\w\\._]+/', '', $fileName); // Make sure the fileName is unique but only if chunking is disabled if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) { $ext = strrpos($fileName, '.'); $fileName_a = substr($fileName, 0, $ext); $fileName_b = substr($fileName, $ext); $count = 1; while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b)) { $count++; } $fileName = $fileName_a . '_' . $count . $fileName_b; } // Look for the content type header $pathInfo = $request->getPathInfoArray(); $contentType = ''; if (isset($pathInfo["CONTENT_TYPE"])) { $contentType = $pathInfo["CONTENT_TYPE"]; } elseif (isset($pathInfo["HTTP_CONTENT_TYPE"])) { $contentType = $pathInfo["HTTP_CONTENT_TYPE"]; } $files = $request->getFiles(); $files = $files['file']; // Handle non multipart uploads older WebKit versions didn't support multipart in HTML5 if (strpos($contentType, "multipart") !== false) { if (isset($files['error']) && $files['error']) { echo sprintf('{"jsonrpc": "2.0", "error" : { "message": "%s" }}', $files['error']); } if (isset($files['tmp_name']) && is_uploaded_file($files['tmp_name'])) { // Open temp file $out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab"); if ($out) { // Read binary input stream and append it to temp file $in = fopen($files['tmp_name'], "rb"); if ($in) { while ($buff = fread($in, 4096)) { fwrite($out, $buff); } } else { echo '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}'; } fclose($in); fclose($out); unlink($files['tmp_name']); } else { echo '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}'; } } else { echo '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}'; } } else { // Open temp file $out = fopen($targetDir . DIRECTORY_SEPARATOR . $fileName, $chunk == 0 ? "wb" : "ab"); if ($out) { // Read binary input stream and append it to temp file $in = fopen("php://input", "rb"); if ($in) { while ($buff = fread($in, 4096)) { fwrite($out, $buff); } } else { echo '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}'; } fclose($in); fclose($out); } else { echo '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}'; } } if ($chunks == $chunk + 1) { echo '{"jsonrpc" : "2.0", "result" : "complete", "id" : "id"}'; } echo '{"jsonrpc" : "2.0", "result" : null, "id" : "id"}'; return sfView::NONE; }
/** * Generate a username from the Shibboleth ePPN * * @param sfWebRequest $request the current web request * @return string $username the local part of the ePPN as username * */ protected function generateUserNameFromShibInfo($request) { $params = $request->getPathInfoArray(); // Warning: does not support federation! $usernameparts = explode("@", $params['eppn']); $username = $usernameparts[0]; return $username; }