add authentication service

2024-11-26 15:32:13 +00:00 · 2022-11-28 21:40:42 +01:00 · 2022-11-28 21:40:42 +01:00 · f7ebe88822
commit f7ebe88822
parent 28a4a24613
5 changed files with 137 additions and 0 deletions
--- a/controllers/class.Login.php
+++ b/controllers/class.Login.php
@ -35,6 +35,7 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
 		$dms = $this->params['dms'];
 		$settings = $this->params['settings'];
 		$session = $this->params['session'];
+		$authenticator = $this->params['authenticator'];
 		$source = isset($this->params['source']) ? $this->params['source'] : '';
 		$sesstheme = $this->getParam('sesstheme');
 		$referuri = $this->getParam('referuri');
@ -98,6 +99,9 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
 			}
 		}

+		$user = $authenticator->authenticate($login, $pwd);
+
+		if(0) {
 		/* Authenticate against LDAP server {{{ */
 		if (!is_object($user) && isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
 			require_once("../inc/inc.ClassLdapAuthentication.php");
@ -114,6 +118,7 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
 			$authobj = new SeedDMS_DbAuthentication($dms, $settings);
 			$user = $authobj->authenticate($login, $pwd);
 		} /* }}} */
+		}

 		/* If the user is still not authenticated, then exit with an error */
 		if(!is_object($user)) {
--- a/inc/inc.AuthenticationInit.php
+++ b/inc/inc.AuthenticationInit.php
@ -0,0 +1,42 @@
+<?php
+/**
+ * Create authentication service
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Markus Westphal, Malcolm Cowe, Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2002-2005 Markus Westphal,
+ *             2006-2008 Malcolm Cowe, 2010-2022 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+require_once('inc.ClassAuthenticationService.php');
+require_once('inc.ClassDbAuthentication.php');
+require_once('inc.ClassLdapAuthentication.php');
+
+global $logger;
+$authenticator = new SeedDMS_AuthenticationService($logger, $settings);
+
+if(isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
+	foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authenticationObj) {
+		if(method_exists($authenticationObj, 'preAddService')) {
+			$authenticationObj->preAddService($dms, $authenticator);
+		}
+	}
+}
+
+$authenticator->addService(new SeedDMS_DbAuthentication($dms, $settings), 'db');
+if(isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
+	$authenticator->addService(new SeedDMS_LdapAuthentication($dms, $settings), 'ldap');
+}
+
+if(isset($GLOBALS['SEEDDMS_HOOKS']['authentication'])) {
+	foreach($GLOBALS['SEEDDMS_HOOKS']['authentication'] as $authenticationObj) {
+		if(method_exists($authenticationObj, 'postAddService')) {
+			$authenticationObj->postAddService($dms, $authenticator);
+		}
+	}
+}
+
--- a/inc/inc.ClassAuthenticationService.php
+++ b/inc/inc.ClassAuthenticationService.php
@ -0,0 +1,88 @@
+<?php
+/**
+ * Implementation of authentication service
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @license    GPL 2
+ * @version    @version@
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2016 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+
+/**
+ * Implementation of authentication service
+ *
+ * @category   DMS
+ * @package    SeedDMS
+ * @author     Uwe Steinmann <uwe@steinmann.cx>
+ * @copyright  Copyright (C) 2016 Uwe Steinmann
+ * @version    Release: @package_version@
+ */
+class SeedDMS_AuthenticationService {
+	/**
+	 * List of services for authenticating user
+	 */
+	protected $services;
+
+	/*
+	 * List of servives with errors
+	 */
+	protected $errors;
+
+	/*
+	 * Service for logging
+	 */
+	protected $logger;
+
+	/*
+	 * Configuration
+	 */
+	protected $settings;
+
+	public function __construct($logger = null, $settings = null) { /* {{{ */
+		$this->services = array();
+		$this->errors = array();
+		$this->logger = $logger;
+		$this->settings = $settings;
+	} /* }}} */
+
+	public function addService($service, $name='') { /* {{{ */
+		if(!$name)
+			$name = md5(uniqid());
+		$this->services[$name] = $service;
+		$this->errors[$name] = true;
+	} /* }}} */
+
+	public function getServices() { /* {{{ */
+		return $this->services;
+	} /* }}} */
+
+	public function getErrors() { /* {{{ */
+		return $this->errors;
+	} /* }}} */
+
+	public function authenticate($username, $password) { /* {{{ */
+		$user = null;
+		foreach($this->services as $name => $service) {
+			$this->logger->log('Authentication service \''.$name.'\'', PEAR_LOG_INFO);
+			$user = $service->authenticate($username, $password);
+			if($user === false) {
+				$this->errors[$name] = false;
+				if($this->logger)
+					$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' failed.', PEAR_LOG_ERR);
+				return false;
+			}	elseif($user === null) {
+				if($this->logger)
+					$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' disregarded.', PEAR_LOG_ERR);
+			} else {
+				if($this->logger)
+					$this->logger->log('Authentication service \''.$name.'\': Authentication of user \''.$username.'\' successful.', PEAR_LOG_INFO);
+				$this->errors[$name] = true;
+				return $user;
+			}
+		}
+		return $user;
+	} /* }}} */
+}
--- a/inc/inc.DBInit.php
+++ b/inc/inc.DBInit.php
@ -68,3 +68,4 @@ if(isset($GLOBALS['SEEDDMS_HOOKS']['initDMS'])) {

 require_once("inc.ConversionInit.php");
 require_once('inc.FulltextInit.php');
+require_once('inc.AuthenticationInit.php');
--- a/op/op.Login.php
+++ b/op/op.Login.php
@ -89,6 +89,7 @@ $controller->setParam('lang', $lang);
 $controller->setParam('sesstheme', $sesstheme);
 $controller->setParam('referuri', $referuri);
 $controller->setParam('session', $session);
+$controller->setParam('authenticator', $authenticator);
 if(!$controller()) {
 	$session = null;
 	add_log_line("login failed", PEAR_LOG_ERR);