mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 23:00:56 +01:00
Trying a new way of handling login and subsequent verification
This commit is contained in:
parent
647723ccd8
commit
884232c7d0
@ -36,6 +36,8 @@
|
|||||||
var $security = '';
|
var $security = '';
|
||||||
var $mode = '';
|
var $mode = '';
|
||||||
var $authed = False;
|
var $authed = False;
|
||||||
|
var $sessionid = '';
|
||||||
|
var $kp3 = '';
|
||||||
var $urlparts = array(
|
var $urlparts = array(
|
||||||
'xmlrpc' => '/phpgroupware/xmlrpc.php',
|
'xmlrpc' => '/phpgroupware/xmlrpc.php',
|
||||||
'soap' => '/phpgroupware/soap.php'
|
'soap' => '/phpgroupware/soap.php'
|
||||||
@ -152,6 +154,8 @@
|
|||||||
$f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct');
|
$f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct');
|
||||||
$this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug);
|
$this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug);
|
||||||
$c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80);
|
$c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80);
|
||||||
|
$c->username = $this->sessionid;
|
||||||
|
$c->password = $this->kp3;
|
||||||
$c->setDebug(0);
|
$c->setDebug(0);
|
||||||
$r = $c->send($f,0,True);
|
$r = $c->send($f,0,True);
|
||||||
if (!$r)
|
if (!$r)
|
||||||
@ -191,6 +195,8 @@
|
|||||||
$f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct');
|
$f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct');
|
||||||
$this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug);
|
$this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug);
|
||||||
$c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80);
|
$c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80);
|
||||||
|
$c->username = $this->sessionid;
|
||||||
|
$c->password = $this->kp3;
|
||||||
$c->setDebug(0);
|
$c->setDebug(0);
|
||||||
$r = $c->send($f);
|
$r = $c->send($f);
|
||||||
if (!$r)
|
if (!$r)
|
||||||
@ -224,6 +230,8 @@
|
|||||||
$soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org');
|
$soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org');
|
||||||
/* print_r($soap_message);exit; */
|
/* print_r($soap_message);exit; */
|
||||||
$soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart);
|
$soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart);
|
||||||
|
$soap->username = $this->sessionid;
|
||||||
|
$soap->password = $this->kp3;
|
||||||
/* _debug_array($soap);exit; */
|
/* _debug_array($soap);exit; */
|
||||||
if($r = $soap->send($soap_message,$method_name))
|
if($r = $soap->send($soap_message,$method_name))
|
||||||
{
|
{
|
||||||
@ -251,6 +259,8 @@
|
|||||||
$soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org');
|
$soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org');
|
||||||
/* print_r($soap_message);exit; */
|
/* print_r($soap_message);exit; */
|
||||||
$soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart);
|
$soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart);
|
||||||
|
$soap->username = $this->sessionid;
|
||||||
|
$soap->password = $this->kp3;
|
||||||
/* _debug_array($soap);exit; */
|
/* _debug_array($soap);exit; */
|
||||||
if($r = $soap->send($soap_message,$method_name))
|
if($r = $soap->send($soap_message,$method_name))
|
||||||
{
|
{
|
||||||
|
@ -627,11 +627,12 @@
|
|||||||
}
|
}
|
||||||
return $r;
|
return $r;
|
||||||
}
|
}
|
||||||
|
/*
|
||||||
$GLOBALS['_xmlrpcs_listApps_sig'] = array(array(xmlrpcString, xmlrpcString));
|
$GLOBALS['_xmlrpcs_listApps_sig'] = array(array(xmlrpcString, xmlrpcString));
|
||||||
$GLOBALS['_xmlrpcs_listApps_doc'] = 'Returns a list of installed phpgw apps';
|
$GLOBALS['_xmlrpcs_listApps_doc'] = 'Returns a list of installed phpgw apps';
|
||||||
function _xmlrpcs_listApps()
|
function _xmlrpcs_listApps($server,$m)
|
||||||
{
|
{
|
||||||
|
$m->getParam(0);
|
||||||
$GLOBALS['phpgw']->db->query("SELECT * FROM phpgw_applications WHERE app_enabled<3",__LINE__,__FILE__);
|
$GLOBALS['phpgw']->db->query("SELECT * FROM phpgw_applications WHERE app_enabled<3",__LINE__,__FILE__);
|
||||||
if($GLOBALS['phpgw']->db->num_rows())
|
if($GLOBALS['phpgw']->db->num_rows())
|
||||||
{
|
{
|
||||||
@ -646,14 +647,31 @@
|
|||||||
'status' => $status
|
'status' => $status
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
$r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$apps, 'struct'));
|
|
||||||
}
|
}
|
||||||
return $r;
|
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$apps, 'struct'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$GLOBALS['_xmlrpcs_listUsers_sig'] = array(array(xmlrpcString, xmlrpcString));
|
||||||
|
$GLOBALS['_xmlrpcs_listUsers_doc'] = 'Returns a list of phpgw users';
|
||||||
|
function _xmlrpcs_listUsers($server,$m)
|
||||||
|
{
|
||||||
|
$m->getParam(0);
|
||||||
|
$accounts = $GLOBALS['phpgw']->accounts->get_list('accounts');
|
||||||
|
while(list($key,$acct) = @each($accounts))
|
||||||
|
{
|
||||||
|
$r = CreateObject('phpgwapi.xmlrpcval','account_lid','string');
|
||||||
|
$s = CreateObject('phpgwapi.xmlrpcval',$acct['account_lid'],'string');
|
||||||
|
$acct_data[] = $r;
|
||||||
|
$acct_data[] = $s;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$acct_data, 'struct'));
|
||||||
|
}
|
||||||
|
*/
|
||||||
$GLOBALS['_xmlrpcs_auth_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
|
$GLOBALS['_xmlrpcs_auth_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
|
||||||
$GLOBALS['_xmlrpcs_auth_doc'] = 'Server authentication';
|
$GLOBALS['_xmlrpcs_auth_doc'] = 'phpGroupWare client or server login via XML-RPC';
|
||||||
function _xmlrpcs_auth($server,$m)
|
function _xmlrpcs_login($server,$m)
|
||||||
{
|
{
|
||||||
$server_name = $m->getParam(0);
|
$server_name = $m->getParam(0);
|
||||||
$username = $m->getParam(1);
|
$username = $m->getParam(1);
|
||||||
@ -662,7 +680,15 @@
|
|||||||
$serverdata['username'] = $username->scalarval();
|
$serverdata['username'] = $username->scalarval();
|
||||||
$serverdata['password'] = $password->scalarval();
|
$serverdata['password'] = $password->scalarval();
|
||||||
|
|
||||||
|
if($serverdata['server_name'])
|
||||||
|
{
|
||||||
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create_server($serverdata['username'].'@'.$serverdata['server_name'],$serverdata['password']);
|
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create_server($serverdata['username'].'@'.$serverdata['server_name'],$serverdata['password']);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
// Milosch - jengo, how do we do this?
|
||||||
|
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create($serverdata['username'],$serverdata['password']);
|
||||||
|
}
|
||||||
|
|
||||||
if($sessionid && $kp3)
|
if($sessionid && $kp3)
|
||||||
{
|
{
|
||||||
@ -676,38 +702,10 @@
|
|||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','GOAWAY','string');
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','GOAWAY','string');
|
||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','XOXO','string');
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','XOXO','string');
|
||||||
}
|
}
|
||||||
$r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
|
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
|
||||||
return $r;
|
|
||||||
}
|
|
||||||
|
|
||||||
$GLOBALS['_xmlrpcs_auth_verify_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
|
|
||||||
$GLOBALS['_xmlrpcs_auth_verify_doc'] = 'Verify Server authentication';
|
|
||||||
function _xmlrpcs_auth_verify($server,$m)
|
|
||||||
{
|
|
||||||
$xserver_name = $m->getParam(0);
|
|
||||||
$xsessionid = $m->getParam(1);
|
|
||||||
$xkp3 = $m->getParam(2);
|
|
||||||
|
|
||||||
$server_name = $xserver_name->scalarval();
|
|
||||||
$sessionid = $xsessionid->scalarval();
|
|
||||||
$kp3 = $xkp3->scalarval();
|
|
||||||
|
|
||||||
$verified = $GLOBALS['phpgw']->session->verify_server($sessionid,$kp3);
|
|
||||||
|
|
||||||
if($verified)
|
|
||||||
{
|
|
||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','HELO','string');
|
|
||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval',$sessionid,'string');
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','GOAWAY','string');
|
|
||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','XOXO','string');
|
|
||||||
}
|
|
||||||
$r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
|
|
||||||
return $r;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
$GLOBALS['_xmlrpcs_dmap'] = array(
|
$GLOBALS['_xmlrpcs_dmap'] = array(
|
||||||
'system.listMethods' => array(
|
'system.listMethods' => array(
|
||||||
'function' => '_xmlrpcs_listMethods',
|
'function' => '_xmlrpcs_listMethods',
|
||||||
@ -729,15 +727,39 @@
|
|||||||
'signature' => $GLOBALS['_xmlrpcs_listApps_sig'],
|
'signature' => $GLOBALS['_xmlrpcs_listApps_sig'],
|
||||||
'docstring' => $GLOBALS['_xmlrpcs_listApps_doc']
|
'docstring' => $GLOBALS['_xmlrpcs_listApps_doc']
|
||||||
),
|
),
|
||||||
'system.auth' => array(
|
'system.listUsers' => array(
|
||||||
'function' => '_xmlrpcs_auth',
|
'function' => '_xmlrpcs_listUsers',
|
||||||
'signature' => $GLOBALS['_xmlrpcs_auth_sig'],
|
'signature' => $GLOBALS['_xmlrpcs_listUsers_sig'],
|
||||||
'docstring' => $GLOBALS['_xmlrpcs_auth_doc']
|
'docstring' => $GLOBALS['_xmlrpcs_listUsers_doc']
|
||||||
),
|
),
|
||||||
'system.auth_verify' => array(
|
'system.login' => array(
|
||||||
'function' => '_xmlrpcs_auth_verify',
|
'function' => '_xmlrpcs_login',
|
||||||
'signature' => $GLOBALS['_xmlrpcs_auth_verify_sig'],
|
'signature' => $GLOBALS['_xmlrpcs_login_sig'],
|
||||||
'docstring' => $GLOBALS['_xmlrpcs_auth_verify_doc']
|
'docstring' => $GLOBALS['_xmlrpcs_login_doc']
|
||||||
|
)
|
||||||
|
);
|
||||||
|
*/
|
||||||
|
|
||||||
|
$GLOBALS['_xmlrpcs_dmap'] = array(
|
||||||
|
'system.listMethods' => array(
|
||||||
|
'function' => '_xmlrpcs_listMethods',
|
||||||
|
'signature' => $GLOBALS['_xmlrpcs_listMethods_sig'],
|
||||||
|
'docstring' => $GLOBALS['_xmlrpcs_listMethods_doc']
|
||||||
|
),
|
||||||
|
'system.methodHelp' => array(
|
||||||
|
'function' => '_xmlrpcs_methodHelp',
|
||||||
|
'signature' => $GLOBALS['_xmlrpcs_methodHelp_sig'],
|
||||||
|
'docstring' => $GLOBALS['_xmlrpcs_methodHelp_doc']
|
||||||
|
),
|
||||||
|
'system.methodSignature' => array(
|
||||||
|
'function' => '_xmlrpcs_methodSignature',
|
||||||
|
'signature' => $GLOBALS['_xmlrpcs_methodSignature_sig'],
|
||||||
|
'docstring' => $GLOBALS['_xmlrpcs_methodSignature_doc']
|
||||||
|
),
|
||||||
|
'system.login' => array(
|
||||||
|
'function' => '_xmlrpcs_login',
|
||||||
|
'signature' => $GLOBALS['_xmlrpcs_login_sig'],
|
||||||
|
'docstring' => $GLOBALS['_xmlrpcs_login_doc']
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
20
xmlrpc.php
20
xmlrpc.php
@ -21,8 +21,24 @@
|
|||||||
|
|
||||||
$server = CreateObject('phpgwapi.xmlrpc_server');
|
$server = CreateObject('phpgwapi.xmlrpc_server');
|
||||||
/* _debug_array($server);exit; */
|
/* _debug_array($server);exit; */
|
||||||
|
//include(PHPGW_API_INC . '/xmlrpc.interop.php');
|
||||||
|
|
||||||
include(PHPGW_API_INC . '/xmlrpc.interop.php');
|
if($PHP_AUTH_USER && $PHP_AUTH_PW)
|
||||||
|
{
|
||||||
|
if($HTTP_X_PHPGW_SERVER)
|
||||||
|
{
|
||||||
|
if(!@$phpgw->session->verify_server($PHP_AUTH_USER,$PHP_AUTH_PW))
|
||||||
|
{
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if(!@$phpgw->session->verify($PHP_AUTH_USER,$PHP_AUTH_PW))
|
||||||
|
{
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
$server->service($HTTP_RAW_POST_DATA);
|
$server->service($HTTP_RAW_POST_DATA);
|
||||||
?>
|
?>
|
||||||
|
Loading…
Reference in New Issue
Block a user