/**
* Call after dispatcher is executer
*
* @param \Tk\FrontController $obs
*/
public function update($obs)
{
tklog($this->getClassName() . '::update()');
// Discover page Template if not set yet
//$this->getConfig()->set('system.theme.selected.themeFile', $this->getConfig()->get('system.theme.default.themeFile'));
if (!$this->getConfig()->exists('res.pageClass')) {
$this->getConfig()->set('res.pageClass', '\\Ext\\PagePublic');
if (preg_match('/^\\/admin/', $this->getUri()->getPath(true))) {
$this->getConfig()->set('res.pageClass', '\\Ext\\PageAdmin');
$this->getConfig()->set('res.system.permission', \Tk\Auth\Auth::P_ADMIN);
$this->getConfig()->set('system.theme.selected.themeFile', 'admin.tpl');
}
if (preg_match('/^\\/user/', $this->getUri()->getPath(true))) {
$this->getConfig()->set('res.pageClass', '\\Ext\\PageUser');
$this->getConfig()->set('res.system.permission', \Tk\Auth\Auth::P_USER);
$this->getConfig()->set('system.theme.selected.themeFile', 'admin.tpl');
}
if (preg_match('/^\\/lti/', $this->getUri()->getPath(true))) {
$this->getConfig()->set('res.pageClass', '\\Ext\\PageLti');
$this->getConfig()->set('system.theme.selected.themeFile', 'clean.tpl');
// Deprecated
// if (preg_match('/^\/lti\/student/', $this->getUri()->getPath(true))) {
// $this->getConfig()->set('res.system.permission', \Ext\LtiSession::ROLE_STUDENT);
// } else if (preg_match('/^\/lti\/staff/', $this->getUri()->getPath(true))) {
// $this->getConfig()->set('res.system.permission', \Ext\LtiSession::ROLE_STAFF);
// } else if (preg_match('/^\/lti\/admin/', $this->getUri()->getPath(true))) {
// $this->getConfig()->set('res.system.permission', \Ext\LtiSession::ROLE_ADMIN);
// }
}
}
}
/**
* Get the response from an HTTP POST request.
*
* @param string $url URL to send request to
* @param array $params Associative array of parameter values to be passed
* @param string $header Values to include in the request header (optional, default is none)
* @return string response contents, empty if the request was not successfull
*/
private function do_post_request($url, $params, $header = NULL)
{
$ok = FALSE;
if (is_array($params)) {
$data = http_build_query($params);
} else {
$data = $params;
}
$this->ext_request = $data;
// Try using curl if available
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
if (!empty($header)) {
$headers = explode("\n", $header);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
}
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
tklog('PROXY: ' . \Tk\Config::getInstance()->get('system.site.proxy'));
if (\Tk\Config::getInstance()->get('system.site.proxy')) {
tklog('PROXY: ' . \Tk\Config::getInstance()->get('system.site.proxy'));
curl_setopt($ch, CURLOPT_PROXY, \Tk\Config::getInstance()->get('system.site.proxy'));
}
$resp = curl_exec($ch);
$ok = $resp !== FALSE;
curl_close($ch);
}
// Try using fopen if curl was not available or did not work (could have been an SSL certificate issue)
if (!$ok) {
$opts = array('method' => 'POST', 'content' => $data);
if (!empty($header)) {
$opts['header'] = $header;
}
$ctx = stream_context_create(array('http' => $opts));
$fp = @fopen($url, 'rb', false, $ctx);
if ($fp) {
$resp = @stream_get_contents($fp);
$ok = $resp !== FALSE;
}
}
if ($ok) {
$response = $resp;
} else {
$response = '';
}
return $response;
}
private function getLdapUser($email)
{
if (!$this->getConfig()->get('system.auth.ldap.enable')) {
return;
}
$username = '******';
$password = '';
$ldapUri = $this->getConfig()->get('system.auth.ldap.uri');
$ldapPort = $this->getConfig()->get('system.auth.ldap.port');
$ldapBaseDn = $this->getConfig()->get('system.auth.ldap.baseDn');
$ldapFilter = 'mail=' . $email;
// LDAP Bind RDN filter
$ldapBindRdn = 'uid=$username,' . $ldapBaseDn;
$ldapBindRdn = str_replace('$username', $username, $ldapBindRdn);
$ldap = ldap_connect($ldapUri, $ldapPort);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if (!$ldap) {
throw new \Tk\Auth\Exception('Failed to connect to LDAP service: ' . $ldapUri);
}
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if (!ldap_start_tls($ldap)) {
$e = new \Tk\Auth\Exception('Failed to secure LDAP service ' . $ldapUri);
tklog('LDAP: ' . ldap_error($ldap));
throw $e;
}
if ($password && $username) {
if (!ldap_bind($ldap, $ldapBindRdn, $password)) {
$e = new \Tk\Auth\Exception('Failed to authenticate to LDAP service ' . $ldapUri);
tklog('LDAP: ' . ldap_error($ldap));
throw $e;
}
}
$results = ldap_search($ldap, $ldapBaseDn, $ldapFilter);
$entries = ldap_get_entries($ldap, $results);
$entries = $this->ldapProcessEntries($entries);
if (isset($entries[0])) {
return $entries[0];
}
}
