| [ Index ] |
|
Code source de Horde 3.1.3 |
1 <?php 2 /** 3 * The Auth_http class transparently logs users in to Horde using 4 * already present HTTP authentication headers. 5 * 6 * The 'encryption' parameter specifies what kind of passwords are in 7 * the .htpasswd file. The supported options are 'crypt-des' (standard 8 * crypted htpasswd entries) and 'aprmd5'. This information is used if 9 * you want to directly authenticate users with this driver, instead 10 * of relying on transparent auth. 11 * 12 * $Horde: framework/Auth/Auth/http.php,v 1.21.10.9 2006/01/01 21:28:07 jan Exp $ 13 * 14 * Copyright 1999-2006 Chuck Hagenbuch <chuck@horde.org> 15 * 16 * See the enclosed file COPYING for license information (LGPL). If you 17 * did not receive this file, see http://www.fsf.org/copyleft/lgpl.html. 18 * 19 * @author Chuck Hagenbuch <chuck@horde.org> 20 * @since Horde 3.0 21 * @package Horde_Auth 22 */ 23 class Auth_http extends Auth { 24 25 /** 26 * An array of capabilities, so that the driver can report which 27 * operations it supports and which it doesn't. 28 * 29 * @var array 30 */ 31 var $capabilities = array('add' => false, 32 'update' => false, 33 'resetpassword' => false, 34 'remove' => false, 35 'list' => false, 36 'transparent' => true); 37 38 /** 39 * Array of usernames and hashed passwords. 40 * 41 * @var array 42 */ 43 var $_users = array(); 44 45 /** 46 * Constructs a new HTTP authentication object. 47 * 48 * @param array $params A hash containing parameters. 49 */ 50 function Auth_http($params = array()) 51 { 52 $this->_params = $params; 53 54 // Default to DES passwords. 55 if (empty($this->_params['encryption'])) { 56 $this->_params['encryption'] = 'crypt-des'; 57 } 58 59 if (!empty($this->_params['htpasswd_file'])) { 60 $users = @file($this->_params['htpasswd_file']); 61 if (is_array($users)) { 62 // Enable the list users capability. 63 $this->capabilities['list'] = true; 64 65 // Put users into alphabetical order. 66 sort($users); 67 68 foreach ($users as $line) { 69 list($user, $pass) = explode(':', $line, 2); 70 $this->_users[trim($user)] = trim($pass); 71 } 72 } 73 } 74 } 75 76 /** 77 * Find out if a set of login credentials are valid. Only supports 78 * htpasswd files with DES passwords right now. 79 * 80 * @access private 81 * 82 * @param string $userId The userId to check. 83 * @param array $credentials An array of login credentials. For IMAP, 84 * this must contain a password entry. 85 * 86 * @return boolean Whether or not the credentials are valid. 87 */ 88 function _authenticate($userId, $credentials) 89 { 90 if (empty($credentials['password'])) { 91 Horde::fatal(_("No password provided for HTTP authentication."), __FILE__, __LINE__); 92 } 93 94 if (empty($this->_users[$userId])) { 95 $this->_setAuthError(AUTH_REASON_BADLOGIN); 96 return false; 97 } 98 99 $hash = $this->getCryptedPassword($credentials['password'], $this->_users[$userId], $this->_params['encryption'], !empty($this->_params['show_encryption'])); 100 if ($hash == $this->_users[$userId]) { 101 return true; 102 } else { 103 $this->_setAuthError(AUTH_REASON_BADLOGIN); 104 return false; 105 } 106 } 107 108 /** 109 * Return the URI of the login screen for this authentication object. 110 * 111 * @access private 112 * 113 * @param string $app The application to use. 114 * @param string $url The URL to redirect to after login. 115 * 116 * @return string The login screen URI. 117 */ 118 function _getLoginScreen($app = 'horde', $url = '') 119 { 120 if (!empty($this->_params['loginScreen'])) { 121 if ($url) { 122 return Util::addParameter($this->_params['loginScreen'], 'url', $url); 123 } else { 124 return $this->_params['loginScreen']; 125 } 126 } else { 127 return parent::_getLoginScreen($app, $url); 128 } 129 } 130 131 /** 132 * List all users in the system. 133 * 134 * @return mixed The array of userIds, or a PEAR_Error object on failure. 135 */ 136 function listUsers() 137 { 138 return array_keys($this->_users); 139 } 140 141 /** 142 * Automatic authentication: Find out if the client has HTTP 143 * authentication info present. 144 * 145 * @return boolean Whether or not the client is allowed. 146 */ 147 function transparent() 148 { 149 if (!empty($_SERVER['PHP_AUTH_USER']) && 150 !empty($_SERVER['PHP_AUTH_PW'])) { 151 $this->setAuth(Util::dispelMagicQuotes($_SERVER['PHP_AUTH_USER']), 152 array('password' => Util::dispelMagicQuotes($_SERVER['PHP_AUTH_PW']), 153 'transparent' => 1)); 154 return true; 155 } 156 157 $this->_setAuthError(AUTH_REASON_MESSAGE, _("HTTP Authentication not found.")); 158 return false; 159 } 160 161 }
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Feb 25 18:01:28 2007 | par Balluche grâce à PHPXref 0.7 |