first incomplete step for querying for User Profile needed fpr Grid

git-svn-id: https://textgridlab.org/svn/textgrid/trunk/middleware/tgauth@7269 7c539038-3410-0410-b1ec-0f2a7bf1c452

first incomplete step for querying for User Profile needed fpr Grid
416a15cf · Martin Haase · 3d4ff5c0 · 416a15cf · 416a15cf · 416a15cf
Commit 416a15cf authored 14 years ago by Martin Haase
--- a/info.textgrid.middleware.tgauth.webauth/WebAuthN/TextGrid-WebAuth-Community.php
+++ b/info.textgrid.middleware.tgauth.webauth/WebAuthN/TextGrid-WebAuth-Community.php
+<?php
+// #######################################################
+// Author: Martin Haase / DAASI International GmbH / TextGrid
+// Creation date: 2010-09-23
+// Modification date: 2010-09-03
+// Version: 0.1
+// #######################################################
+include("../tglib/LDAP.class.php");
+include("../tglib/RBAC.class.php");
+include("../tglib/WebUtils.class.php");
+$configfile = "../../../config_tgwebauth.xml";
+$util = WebUtils->new();
+$authZinstance = $_REQUEST["authZinstance"];
+if ( !isset($authZinstance) || $authZinstance->length <= 0 ) {
+  $util->printFailure("No TgAuth Instance provided", 
+		      "Please provide a valid string in the authZinstance variable.", 
+		      null, 
+		      null );
+  exit;
+}
+if (isset ($_REQUEST["loginname"]) && $_REQUEST["loginname"]->length > 0
+    && isset ($_REQUEST["password"]) && $_REQUEST["password"]->length > 0) {
+  // now authenticating
+  $ldap = LDAP->new($configfile);
+  $AuthResult = $ldap->authenticate($_REQUEST["loginname"], $_REQUEST["password"]);
+  if (! $AuthResult["success"]) {
+    $util->printFailure("Failure authenticating at TextGrid Community Account Server", 
+			$AuthResult["detail"], 
+			$_REQUEST["loginname"], 
+			null ); 
+    exit;
+  } else {
+  }
+} else if (isset ($_REQUEST["sid"]) && $_REQUEST["sid"]->length > 0  ) {
+  // displaySID or completeDetails
+}
+?>
\ No newline at end of file
--- a/info.textgrid.middleware.tgauth.webauth/tglib/LDAP.class.php
+++ b/info.textgrid.middleware.tgauth.webauth/tglib/LDAP.class.php
+<?php
+// #######################################################
+// Author: Martin Haase / DAASI International GmbH / TextGrid
+// Creation date: 2010-09-23
+// Modification date: 2010-09-03
+// Version: 0.1
+// based on authenticate.php
+// #######################################################
+mb_internal_encoding("UTF-8");
+class LDAP {
+  // Global variables
+  $UserAttributes = array();
+  public function __construct( $configfilepath ) {
+    $config = new DOMDocument();
+    $config->load($configfilepath);
+    $xpath = new DOMXPath($config);
+    $xpath->registerNamespace("c", "http://textgrid.info/namespaces/middleware/tgwebauth");
+    $ldaphost = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='host']")->item(0)->nodeValue;
+    $ldapport = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='port']")->item(0)->nodeValue;
+    $binddn = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='binddn']")->item(0)->nodeValue;
+    $basedn = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='basedn']")->item(0)->nodeValue;
+    $filter = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='filter']")->item(0)->nodeValue;
+    $IDattribute = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='IDattribute']")->item(0)->nodeValue;
+    $LDAPname = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='name']")->item(0)->nodeValue;
+  }
+  public function authenticate ($login, $password) {
+    $ldapconn = ldap_connect( $ldaphost, $ldapport ) 
+      or return array("success" => FALSE, "detail" => "Cannot connect to {$ldaphost}!");
+    ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
+    //ldap_start_tls( $ldapconn );
+    $binddn = preg_replace ('/\${login}/', $login, $binddn);
+    $bound = ldap_bind($ldapconn, $binddn , $password);
+    if (!$bound) {
+      return array("success" => FALSE, 
+		   "detail" => "Authentication failed, wrong login and/or password.");
+    } else {
+      //echo "Could bind as user ${login}!";
+      $filter = preg_replace ('/\${login}/', $login, $filter);
+      $result = ldap_search( $ldapconn, $basedn, $filter);
+      $entry  = ldap_first_entry( $ldapconn  , $result  );
+      $UserAttributes = ldap_get_attributes ($ldapconn , $entry);
+      $TGID = $attrs[$IDattribute][0];
+      return array("success" => TRUE, "TGID" => $TGID);
+    }
+  }
+  public function getUserAttributes () {
+    $rethash = array();
+    foreach (array("o", "sn", "givenName", "cn", "mail") as $a) {
+      if ( isset($UserAttributes[$a])) {
+	$vals = array();
+	for ($i=0; $i<$UserAttributes[$a]['count']; $i++) {
+	  $vals[] = $UserAttributes[$a][$i];
+	}
+	$rethash[$a] =  implode (';', $vals);
+      }
+    }
+    return $rethash;
+  }
+}
\ No newline at end of file
--- a/info.textgrid.middleware.tgauth.webauth/tglib/LDAP.class.php~
+++ b/info.textgrid.middleware.tgauth.webauth/tglib/LDAP.class.php~
+<?php
+// #######################################################
+// Author: Martin Haase / DAASI International GmbH / TextGrid
+// Creation date: 2010-09-23
+// Modification date: 2010-09-03
+// Version: 0.1
+// based on authenticate.php
+// #######################################################
+mb_internal_encoding("UTF-8");
+class LDAP {
+  // Global variables
+  public function __construct( $a, $b ) {
+  }
+}
\ No newline at end of file
--- a/info.textgrid.middleware.tgauth.webauth/tglib/WebUtils.class.php
+++ b/info.textgrid.middleware.tgauth.webauth/tglib/WebUtils.class.php
+<?php
+// #######################################################
+// Author: Martin Haase / DAASI International GmbH / TextGrid
+// Creation date: 2010-09-23
+// Modification date: 2010-09-03
+// Version: 0.1
+// #######################################################
+mb_internal_encoding("UTF-8");
+class WebUtils {
+  // Global variables
+  public function __construct() {
+  }
+  public function printFailure($heading,$detail,$loginname,$rbachash) {
+    printHeader("Authentication failed");
+    if (isset($rbachash)) {
+      echo "<meta name=\"remote_principal\" content=\"". $rbachash->remote_user."\"/>\n";
+      echo "<meta name=\"rbac_session_status\" content=\"". $rbachash->scstatus."\"/>\n";
+      echo "<meta name=\"rbac_sessionid\" content=\"". $rbachash->newSid."\"/>\n";
+    }
+    echo "<style type=\"text/css\">";
+    echo "#d123 {display:none;}";
+    echo "</style>";
+    echo "<script type=\"text/javascript\">\n";
+    echo "<!--\n";
+    echo "function toggle (target) {\n";
+    echo "  var obj=document.getElementById(target);\n";
+    echo "  obj.style.display=\"block\";\n";
+    echo "}\n";
+    echo "-->\n";
+    echo "</script>\n";
+    echo "</head>\n\n<body>\n";
+    echo "<h2>Authentication Failure, $heading</h2>\n";
+    echo "<p>The Authentication system could not authenticate you.</p>\n";
+    echo "<p>More <a href=\"javascript:toggle('d123')\">Details</a>.</p>\n";
+    echo "<div id=\"d123\">"; 
+    echo "<h2>Error Details</h2>\n";
+    echo "<p>". $detail ."</p>" ;
+    echo "<h2>Authentication Details</h2>\n";
+    echo "<table>\n";
+    echo "<tr><td>Login Name</td><td>". $loginname ."</td></tr>\n";
+    if (isset($rbachash->rbacbase)) {
+      echo "<tr><td>TgAuth Instance</td><td>". $rbachash->rbacbase ."</td></tr>\n";
+    }
+    if (isset($rbachash->identity_provider)) {
+      echo "<tr><td>Shibboleth Identity ProviderID</td><td>". $rbachash->identity_provider  ."</td></tr>\n";
+    }
+    if (isset($rbachash->$identified_user['authnmethod'] )) {
+      echo "<tr><td>User ID Attribute Name</td><td>". $rbachash->identified_user['authnmethod'] ."</td></tr>\n";
+    }
+    if (isset($rbachash->remote_user.)) {
+      echo "<tr><td>User ID Value </td><td>".$rbachash->remote_user."</td></tr>\n";
+    }
+    if (isset($rbachash->newSid.)) {
+      echo "<tr><td>TgAuth Session ID</td><td>".$rbachash->newSid."</td></tr>\n";
+    }
+    echo "</table>\n";
+    echo "</div>";
+    echo "<p>If not indicated otherwise in the <a href=\"javascript:toggle('d123')\">details</a>, it could be that some service is not responding temporarily. In this case, please <a href=\"javascript:history.back()\">go back</a> or re-open the TextGridLab and try again.</p>";
+    echo "<p>If the problem persists, please report this bug together with its time of occurence (" . date("Y-m-d H:i:s") .  "). In the TextGridLab, choose 'Help-&gt;Report Bug'.</p>" ;
+    echo "\n</body>\n</html>";
+  }
+  public function printHeader ($title) {
+    echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n";
+    echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n";
+    echo "<head>\n";
+    echo "<title>" . $title . "</title>\n";
+    echo "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\" />\n";
+  }
+}
--- a/info.textgrid.middleware.tgauth.webauth/tglib/WebUtils.class.php~
+++ b/info.textgrid.middleware.tgauth.webauth/tglib/WebUtils.class.php~
+<?php
+// #######################################################
+// Author: Martin Haase / DAASI International GmbH / TextGrid
+// Creation date: 2010-09-23
+// Modification date: 2010-09-03
+// Version: 0.1
+// #######################################################
+mb_internal_encoding("UTF-8");
+class WebUtils {
+  // Global variables
+  public function __construct() {
+  }
+  public function printFailure($heading,$detail,$rbachash) {
+}
+  public function printHeader ($title) {
+    echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n";
+    echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n";
+    echo "<head>\n";
+    echo "<title>" . $title . "</title>\n";
+    echo "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\" />\n";
+  }
+}