Trying a new way of handling login and subsequent verification

This commit is contained in:
Miles Lott 2001-08-19 23:55:58 +00:00
parent 647723ccd8
commit 884232c7d0
3 changed files with 95 additions and 47 deletions

View File

@ -36,6 +36,8 @@
var $security = ''; var $security = '';
var $mode = ''; var $mode = '';
var $authed = False; var $authed = False;
var $sessionid = '';
var $kp3 = '';
var $urlparts = array( var $urlparts = array(
'xmlrpc' => '/phpgroupware/xmlrpc.php', 'xmlrpc' => '/phpgroupware/xmlrpc.php',
'soap' => '/phpgroupware/soap.php' 'soap' => '/phpgroupware/soap.php'
@ -152,6 +154,8 @@
$f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct'); $f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct');
$this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug); $this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug);
$c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80); $c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80);
$c->username = $this->sessionid;
$c->password = $this->kp3;
$c->setDebug(0); $c->setDebug(0);
$r = $c->send($f,0,True); $r = $c->send($f,0,True);
if (!$r) if (!$r)
@ -191,6 +195,8 @@
$f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct'); $f = CreateObject('phpgwapi.xmlrpcmsg', $method_name, $arr,'struct');
$this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug); $this->debug("<pre>" . htmlentities($f->serialize()) . "</pre>\n",$debug);
$c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80); $c = CreateObject('phpgwapi.xmlrpc_client',$this->urlparts['xmlrpc'], $hostpart, 80);
$c->username = $this->sessionid;
$c->password = $this->kp3;
$c->setDebug(0); $c->setDebug(0);
$r = $c->send($f); $r = $c->send($f);
if (!$r) if (!$r)
@ -224,6 +230,8 @@
$soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org'); $soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org');
/* print_r($soap_message);exit; */ /* print_r($soap_message);exit; */
$soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart); $soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart);
$soap->username = $this->sessionid;
$soap->password = $this->kp3;
/* _debug_array($soap);exit; */ /* _debug_array($soap);exit; */
if($r = $soap->send($soap_message,$method_name)) if($r = $soap->send($soap_message,$method_name))
{ {
@ -251,6 +259,8 @@
$soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org'); $soap_message = CreateObject('phpgwapi.soapmsg',$method_name,$arr,'http://soapinterop.org');
/* print_r($soap_message);exit; */ /* print_r($soap_message);exit; */
$soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart); $soap = CreateObject('phpgwapi.soap_client',$uri,$hostpart);
$soap->username = $this->sessionid;
$soap->password = $this->kp3;
/* _debug_array($soap);exit; */ /* _debug_array($soap);exit; */
if($r = $soap->send($soap_message,$method_name)) if($r = $soap->send($soap_message,$method_name))
{ {

View File

@ -627,11 +627,12 @@
} }
return $r; return $r;
} }
/*
$GLOBALS['_xmlrpcs_listApps_sig'] = array(array(xmlrpcString, xmlrpcString)); $GLOBALS['_xmlrpcs_listApps_sig'] = array(array(xmlrpcString, xmlrpcString));
$GLOBALS['_xmlrpcs_listApps_doc'] = 'Returns a list of installed phpgw apps'; $GLOBALS['_xmlrpcs_listApps_doc'] = 'Returns a list of installed phpgw apps';
function _xmlrpcs_listApps() function _xmlrpcs_listApps($server,$m)
{ {
$m->getParam(0);
$GLOBALS['phpgw']->db->query("SELECT * FROM phpgw_applications WHERE app_enabled<3",__LINE__,__FILE__); $GLOBALS['phpgw']->db->query("SELECT * FROM phpgw_applications WHERE app_enabled<3",__LINE__,__FILE__);
if($GLOBALS['phpgw']->db->num_rows()) if($GLOBALS['phpgw']->db->num_rows())
{ {
@ -646,14 +647,31 @@
'status' => $status 'status' => $status
); );
} }
$r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$apps, 'struct'));
} }
return $r; return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$apps, 'struct'));
} }
$GLOBALS['_xmlrpcs_listUsers_sig'] = array(array(xmlrpcString, xmlrpcString));
$GLOBALS['_xmlrpcs_listUsers_doc'] = 'Returns a list of phpgw users';
function _xmlrpcs_listUsers($server,$m)
{
$m->getParam(0);
$accounts = $GLOBALS['phpgw']->accounts->get_list('accounts');
while(list($key,$acct) = @each($accounts))
{
$r = CreateObject('phpgwapi.xmlrpcval','account_lid','string');
$s = CreateObject('phpgwapi.xmlrpcval',$acct['account_lid'],'string');
$acct_data[] = $r;
$acct_data[] = $s;
}
return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$acct_data, 'struct'));
}
*/
$GLOBALS['_xmlrpcs_auth_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString)); $GLOBALS['_xmlrpcs_auth_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
$GLOBALS['_xmlrpcs_auth_doc'] = 'Server authentication'; $GLOBALS['_xmlrpcs_auth_doc'] = 'phpGroupWare client or server login via XML-RPC';
function _xmlrpcs_auth($server,$m) function _xmlrpcs_login($server,$m)
{ {
$server_name = $m->getParam(0); $server_name = $m->getParam(0);
$username = $m->getParam(1); $username = $m->getParam(1);
@ -662,7 +680,15 @@
$serverdata['username'] = $username->scalarval(); $serverdata['username'] = $username->scalarval();
$serverdata['password'] = $password->scalarval(); $serverdata['password'] = $password->scalarval();
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create_server($serverdata['username'].'@'.$serverdata['server_name'],$serverdata['password']); if($serverdata['server_name'])
{
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create_server($serverdata['username'].'@'.$serverdata['server_name'],$serverdata['password']);
}
else
{
// Milosch - jengo, how do we do this?
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create($serverdata['username'],$serverdata['password']);
}
if($sessionid && $kp3) if($sessionid && $kp3)
{ {
@ -676,38 +702,10 @@
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','GOAWAY','string'); $rtrn[] = CreateObject('phpgwapi.xmlrpcval','GOAWAY','string');
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','XOXO','string'); $rtrn[] = CreateObject('phpgwapi.xmlrpcval','XOXO','string');
} }
$r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct')); return CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
return $r;
}
$GLOBALS['_xmlrpcs_auth_verify_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
$GLOBALS['_xmlrpcs_auth_verify_doc'] = 'Verify Server authentication';
function _xmlrpcs_auth_verify($server,$m)
{
$xserver_name = $m->getParam(0);
$xsessionid = $m->getParam(1);
$xkp3 = $m->getParam(2);
$server_name = $xserver_name->scalarval();
$sessionid = $xsessionid->scalarval();
$kp3 = $xkp3->scalarval();
$verified = $GLOBALS['phpgw']->session->verify_server($sessionid,$kp3);
if($verified)
{
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','HELO','string');
$rtrn[] = CreateObject('phpgwapi.xmlrpcval',$sessionid,'string');
}
else
{
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','GOAWAY','string');
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','XOXO','string');
}
$r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
return $r;
} }
/*
$GLOBALS['_xmlrpcs_dmap'] = array( $GLOBALS['_xmlrpcs_dmap'] = array(
'system.listMethods' => array( 'system.listMethods' => array(
'function' => '_xmlrpcs_listMethods', 'function' => '_xmlrpcs_listMethods',
@ -729,15 +727,39 @@
'signature' => $GLOBALS['_xmlrpcs_listApps_sig'], 'signature' => $GLOBALS['_xmlrpcs_listApps_sig'],
'docstring' => $GLOBALS['_xmlrpcs_listApps_doc'] 'docstring' => $GLOBALS['_xmlrpcs_listApps_doc']
), ),
'system.auth' => array( 'system.listUsers' => array(
'function' => '_xmlrpcs_auth', 'function' => '_xmlrpcs_listUsers',
'signature' => $GLOBALS['_xmlrpcs_auth_sig'], 'signature' => $GLOBALS['_xmlrpcs_listUsers_sig'],
'docstring' => $GLOBALS['_xmlrpcs_auth_doc'] 'docstring' => $GLOBALS['_xmlrpcs_listUsers_doc']
), ),
'system.auth_verify' => array( 'system.login' => array(
'function' => '_xmlrpcs_auth_verify', 'function' => '_xmlrpcs_login',
'signature' => $GLOBALS['_xmlrpcs_auth_verify_sig'], 'signature' => $GLOBALS['_xmlrpcs_login_sig'],
'docstring' => $GLOBALS['_xmlrpcs_auth_verify_doc'] 'docstring' => $GLOBALS['_xmlrpcs_login_doc']
)
);
*/
$GLOBALS['_xmlrpcs_dmap'] = array(
'system.listMethods' => array(
'function' => '_xmlrpcs_listMethods',
'signature' => $GLOBALS['_xmlrpcs_listMethods_sig'],
'docstring' => $GLOBALS['_xmlrpcs_listMethods_doc']
),
'system.methodHelp' => array(
'function' => '_xmlrpcs_methodHelp',
'signature' => $GLOBALS['_xmlrpcs_methodHelp_sig'],
'docstring' => $GLOBALS['_xmlrpcs_methodHelp_doc']
),
'system.methodSignature' => array(
'function' => '_xmlrpcs_methodSignature',
'signature' => $GLOBALS['_xmlrpcs_methodSignature_sig'],
'docstring' => $GLOBALS['_xmlrpcs_methodSignature_doc']
),
'system.login' => array(
'function' => '_xmlrpcs_login',
'signature' => $GLOBALS['_xmlrpcs_login_sig'],
'docstring' => $GLOBALS['_xmlrpcs_login_doc']
) )
); );

View File

@ -21,8 +21,24 @@
$server = CreateObject('phpgwapi.xmlrpc_server'); $server = CreateObject('phpgwapi.xmlrpc_server');
/* _debug_array($server);exit; */ /* _debug_array($server);exit; */
//include(PHPGW_API_INC . '/xmlrpc.interop.php');
include(PHPGW_API_INC . '/xmlrpc.interop.php'); if($PHP_AUTH_USER && $PHP_AUTH_PW)
{
if($HTTP_X_PHPGW_SERVER)
{
if(!@$phpgw->session->verify_server($PHP_AUTH_USER,$PHP_AUTH_PW))
{
exit;
}
}
else
{
if(!@$phpgw->session->verify($PHP_AUTH_USER,$PHP_AUTH_PW))
{
exit;
}
}
}
$server->service($HTTP_RAW_POST_DATA); $server->service($HTTP_RAW_POST_DATA);
?> ?>