4 include_once
'./Services/Authentication/classes/class.ilAuthBase.php';
30 define(
'AUTH_IDLED', -1);
34 define(
'AUTH_EXPIRED', -2);
38 define(
'AUTH_WRONG_LOGIN', -3);
42 define(
'AUTH_METHOD_NOT_SUPPORTED', -4);
46 define(
'AUTH_SECURITY_BREACH', -5);
50 define(
'AUTH_CALLBACK_ABORT', -6);
55 define(
'AUTH_LOG_INFO', 6);
59 define(
'AUTH_LOG_DEBUG', 7);
64 define(
'AUTH_ADV_IPCHECK', 1);
68 define(
'AUTH_ADV_USERAGENT', 2);
72 define(
'AUTH_ADV_CHALLENGE', 3);
344 include_once
'PEAR.php';
346 .
'possibly headers are already sent, try putting '
347 .
'ob_start in the beginning of your script');
352 if(!isset(
$_SESSION[$this->_sessionName])) {
358 $this->server =& $_SERVER;
370 if (is_object($storageDriver)) {
371 $this->storage =& $storageDriver;
374 $this->storage->_auth_obj =& $this;
378 $this->storage_driver = $storageDriver;
379 $this->storage_options =& $options;
398 if(is_array($options)){
399 if (!empty($options[
'sessionName'])) {
400 $this->_sessionName = $options[
'sessionName'];
401 unset($options[
'sessionName']);
403 if (isset($options[
'allowLogin'])) {
404 $this->allowLogin = $options[
'allowLogin'];
405 unset($options[
'allowLogin']);
407 if (!empty($options[
'postUsername'])) {
408 $this->_postUsername = $options[
'postUsername'];
409 unset($options[
'postUsername']);
411 if (!empty($options[
'postPassword'])) {
412 $this->_postPassword = $options[
'postPassword'];
413 unset($options[
'postPassword']);
415 if (isset($options[
'advancedsecurity'])) {
416 $this->advancedsecurity = $options[
'advancedsecurity'];
417 unset($options[
'advancedsecurity']);
419 if (isset($options[
'enableLogging'])) {
420 $this->enableLogging = $options[
'enableLogging'];
421 unset($options[
'enableLogging']);
423 if (isset($options[
'regenerateSessionId']) && is_bool($options[
'regenerateSessionId'])) {
424 $this->regenerateSessionId = $options[
'regenerateSessionId'];
445 if(!is_object($this->storage)) {
446 $this->storage =& $this->
_factory($this->storage_driver,
447 $this->storage_options);
448 $this->storage->_auth_obj =& $this;
449 $this->
log(
'Loaded storage container ('.$this->storage_driver.
')',
AUTH_LOG_DEBUG);
469 $storage_class =
'Auth_Container_' . $driver;
470 include_once
'Auth/Container/' . $driver .
'.php';
471 $obj =&
new $storage_class($options);
495 if ( isset($this->post[$this->_postUsername])
496 && $this->post[$this->_postUsername] !=
'') {
497 $this->username = (get_magic_quotes_gpc() == 1
498 ? stripslashes($this->post[$this->_postUsername])
501 if ( isset($this->post[$this->_postPassword])
503 $this->password = (get_magic_quotes_gpc() == 1
504 ? stripslashes($this->post[$this->_postPassword])
524 if ($this->regenerateSessionId) {
525 session_regenerate_id(
true);
529 if (!$this->
checkAuth() && $this->allowLogin) {
551 (isset($this->post[
'authsecret']) && $this->post[
'authsecret'] == 1)
553 : $usingChap =
false;
557 if (!empty($this->username)) {
558 if (
true === $this->storage->fetchData($this->username, $this->password, $usingChap)) {
559 $this->session[
'challengekey'] = md5($this->username.$this->password);
565 if (!empty($this->username) && $login_ok) {
566 $this->
setAuth($this->username);
567 if (is_callable($this->loginCallback)) {
569 call_user_func_array($this->loginCallback, array($this->username, &$this));
575 if (!empty($this->username) && !$login_ok) {
578 if (is_callable($this->loginFailedCallback)) {
579 $this->
log(
'Calling loginFailedCallback ('.$this->loginFailedCallback.
').',
AUTH_LOG_DEBUG);
580 call_user_func_array($this->loginFailedCallback, array($this->username, &$this));
584 if ((empty($this->username) || !$login_ok) && $this->showLogin) {
586 if (is_callable($this->loginFunction)) {
588 call_user_func_array($this->loginFunction, array($this->username, $this->status, &$this));
592 if (is_callable(array($this,
'drawLogin'))) {
594 return $this->drawLogin($this->username, $this);
600 include_once
'Auth/Frontend/Html.php';
621 $add ? $this->expire += $time : $this->expire = $time;
637 $add ? $this->idle += $time : $this->idle = $time;
658 $this->_sessionName =
'_auth_'.$name;
660 if(!isset(
$_SESSION[$this->_sessionName])) {
779 if (!empty($this->session[
'data'][$name]) && $overwrite ==
false) {
782 $this->session[
'data'][$name] = $value;
800 if (!isset($this->session[
'data'])) {
804 return $this->session[
'data'];
806 if (isset($name) && isset($this->session[
'data'][$name])) {
807 return $this->session[
'data'][$name];
830 if (!$this->regenerateSessionId) {
832 session_regenerate_id(
true);
835 if (!isset($this->session) || !is_array($this->session)) {
836 $this->session = array();
839 if (!isset($this->session[
'data'])) {
840 $this->session[
'data'] = array();
843 $this->session[
'sessionip'] = isset($this->server[
'REMOTE_ADDR'])
844 ? $this->server[
'REMOTE_ADDR']
846 $this->session[
'sessionuseragent'] = isset($this->server[
'HTTP_USER_AGENT'])
847 ? $this->server[
'HTTP_USER_AGENT']
849 $this->session[
'sessionforwardedfor'] = isset($this->server[
'HTTP_X_FORWARDED_FOR'])
850 ? $this->server[
'HTTP_X_FORWARDED_FOR']
855 if(empty($this->session[
'challengekey'])) {
856 $this->session[
'challengekey'] = md5(
$username.microtime());
859 $this->session[
'challengecookie'] = md5($this->session[
'challengekey'].microtime());
860 setcookie(
'authchallenge', $this->session[
'challengecookie'], 0,
'/');
862 $this->session[
'registered'] =
true;
864 $this->session[
'timestamp'] = time();
865 $this->session[
'idle'] = time();
885 $this->advancedsecurity = $flag;
901 if (isset($this->session)) {
903 if ( $this->expire > 0
904 && isset($this->session[
'timestamp'])
905 && ($this->session[
'timestamp'] + $this->expire) < time()) {
907 $this->expired =
true;
915 && isset($this->session[
'idle'])
916 && ($this->session[
'idle'] + $this->idle) < time()) {
924 if ( isset($this->session[
'registered'])
925 && isset($this->session[
'username'])
926 && $this->session[
'registered'] ==
true
927 && $this->session[
'username'] !=
'') {
934 if ( $this->authChecks == 1
937 $this->session[
'challengecookieold'] = $this->session[
'challengecookie'];
938 $this->session[
'challengecookie'] = md5($this->session[
'challengekey'].microtime());
939 setcookie(
'authchallenge', $this->session[
'challengecookie'], 0,
'/');
944 && isset($this->server[
'REMOTE_ADDR'])
945 && $this->session[
'sessionip'] != $this->server[
'REMOTE_ADDR']) {
949 $this->expired =
true;
957 && isset($this->server[
'HTTP_X_FORWARDED_FOR'])
958 && $this->session[
'sessionforwardedfor'] != $this->server[
'HTTP_X_FORWARDED_FOR']) {
959 $this->
log(
'Security Breach. Forwarded For IP Address changed.',
AUTH_LOG_INFO);
963 $this->expired =
true;
971 && isset($this->server[
'HTTP_USER_AGENT'])
972 && $this->session[
'sessionuseragent'] != $this->server[
'HTTP_USER_AGENT']) {
976 $this->expired =
true;
987 && isset($this->session[
'challengecookieold'])
988 && $this->session[
'challengecookieold'] != $this->cookie[
'authchallenge']) {
990 $this->expired =
true;
998 if (is_callable($this->checkAuthCallback)) {
999 $this->
log(
'Calling checkAuthCallback ('.$this->checkAuthCallback.
').',
AUTH_LOG_DEBUG);
1000 $checkCallback = call_user_func_array($this->checkAuthCallback, array($this->username, &$this));
1001 if ($checkCallback ==
false) {
1003 $this->expired =
true;
1035 if(!isset($staticAuth)) {
1036 $staticAuth =
new Auth(
'null', $options);
1038 $staticAuth->log(
'Auth::staticCheckAuth() called',
AUTH_LOG_DEBUG);
1039 return $staticAuth->checkAuth();
1077 if (is_callable($this->logoutCallback) && isset($this->session[
'username'])) {
1078 $this->
log(
'Calling logoutCallback ('.$this->logoutCallback.
').',
AUTH_LOG_DEBUG);
1079 call_user_func_array($this->logoutCallback, array($this->session[
'username'], &$this));
1082 $this->username =
'';
1083 $this->password =
'';
1085 $this->session = null;
1099 $this->session[
'idle'] = time();
1113 if (isset($this->session[
'username'])) {
1114 return($this->session[
'username']);
1144 return($this->_postUsername);
1158 return($this->_postPassword);
1172 if (!isset($this->session[
'idle'])) {
1175 if ($this->idle == 0) {
1178 return ($this->session[
'idle'] + $this->idle);
1195 return $this->storage->listUsers();
1233 return $this->storage->removeUser(
$username);
1268 if (!$this->enableLogging)
return false;
1272 $this->logger->log(
'AUTH: '.$message, $level);
1290 if(is_null($this->logger)) {
1291 if (!class_exists(
'Log')) {
1292 include_once
'Log.php';
1296 'auth['.getmypid().
']',
1317 return $this->logger->attach($observer);
1335 if (is_null($feature)) {
1337 if ($this->advancedsecurity ===
true)
1340 if ( is_array($this->advancedsecurity)
1341 && in_array(
true, $this->advancedsecurity,
true))
1348 if (is_array($this->advancedsecurity)) {
1350 if ( isset($this->advancedsecurity[$feature])
1351 && $this->advancedsecurity[$feature] ==
true)