Home Explore Help
Register Sign In
aj
/
chamilo-lms2
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 665a9a6066
Branches Tags
chamilo-lms2
/
main
/
auth
/
external_login
/
login.ws.php

login.ws.php 3.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 
  1. <?php /* For licensing terms, see /license.txt */
    2. 

  2. // External login module : WS (for Web Services)
    3. 

  3. /**
    4. 

  4.  *
    5. 

  5.  * This file is included in main/inc/local.inc.php at user login if the user
    6. 

  6.  * have 'ws' in his auth_source field instead of 'platform'.
    7. 

  7.  */
    8. 

  8. 

  9. use ChamiloSession as Session;
    10. 

  10. 

  11. // Configure the web service URL here. e.g. http://174.1.1.19:8020/login.asmx?WSDL
    12. 

  12. $wsUrl = '';
    13. 

  13. 

  14. // include common authentication functions
    15. 

  15. require_once dirname(__FILE__) . '/functions.inc.php';
    16. 

  16. // call the login checker (defined below)
    17. 

  17. $isValid = loginWSAuthenticate($login, $password, $wsUrl);
    18. 

  18. 

  19. // if the authentication was successful, proceed
    20. 

  20. if ($isValid === 1) {
    21. 

  21.     //error_log('WS authentication worked');
    22. 

  22.     $chamiloUser = UserManager::get_user_info($login);
    23. 

  23.     $loginFailed = false;
    24. 

  24.     $_user['user_id'] = $chamiloUser['user_id'];
    25. 

  25.     $_user['status'] = (isset($chamiloUser['status']) ? $chamiloUser['status'] : 5);
    26. 

  26.     $_user['uidReset'] = true;
    27. 

  27.     Session::write('_user', $_user);
    28. 

  28.     $uidReset = true;
    29. 

  29.     $logging_in = true;
    30. 

  30.     Event::event_login($_user['user_id']);
    31. 

  31. } else {
    32. 

  32.     //error_log('WS authentication error - user not approved by external WS');
    33. 

  33.     $loginFailed = true;
    34. 

  34.     $uidReset = false;
    35. 

  35.     if (isset($_user) && isset($_user['user_id'])) {
    36. 

  36.         unset($_user['user_id']);
    37. 

  37.     }
    38. 

  38. }
    39. 

  39. 

  40. /**
    41. 

  41.  * Checks whether a user has the right to enter on the platform or not
    42. 

  42.  * @param string The username, as provided in form
    43. 

  43.  * @param string The cleartext password, as provided in form
    44. 

  44.  * @param string The WS URL, as provided at the beginning of this script
    45. 

  45.  */
    46. 

  46. function loginWSAuthenticate($username, $password, $wsUrl) {
    47. 

  47.     // check params
    48. 

  48.     if (empty($username) or empty($password) or empty($wsUrl)) {
    49. 

  49.         return false;
    50. 

  50.     }
    51. 

  51.     // Create new SOAP client instance
    52. 

  52.     $client = new SoapClient($wsUrl);
    53. 

  53.     if (!$client) {
    54. 

  54.         return false;
    55. 

  55.     }
    56. 

  56.     // Include phpseclib methods, because of a bug with AES/CFB in mcrypt
    57. 

  57.     include_once api_get_path(LIBRARY_PATH).'phpseclib/Crypt/AES.php';
    58. 

  58.     // Define all elements necessary to the encryption
    59. 

  59.     $key = '-+*%$({[]})$%*+-';
    60. 

  60.     // Complete password con PKCS7-specific padding
    61. 

  61.     $blockSize = 16;
    62. 

  62.     $padding = $blockSize - (strlen($password)%$blockSize);
    63. 

  63.     $password .= str_repeat(chr($padding),$padding);
    64. 

  64.     $cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
    65. 

  65.     $cipher->setKeyLength(128);
    66. 

  66.     $cipher->setKey($key);
    67. 

  67.     $cipher->setIV($key);
    68. 

  68. 

  69.     $cipheredPass = $cipher->encrypt($password);
    70. 

  70.     // Mcrypt call left for documentation purposes - broken, see https://bugs.php.net/bug.php?id=51146
    71. 

  71.     //$cipheredPass = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $password,  MCRYPT_MODE_CFB, $key);
    72. 

  72. 

  73.     // Following lines present for debug purposes only
    74. 

  74.     /*
    75. 

  75.     $arr = preg_split('//', $cipheredPass, -1, PREG_SPLIT_NO_EMPTY);
    76. 

  76.     foreach ($arr as $char) {
    77. 

  77.         error_log(ord($char));
    78. 

  78.     }
    79. 

  79.     */
    80. 

  80.     // Change to base64 to avoid communication alteration
    81. 

  81.     $passCrypted = base64_encode($cipheredPass);
    82. 

  82.     // The call to the webservice will change depending on your definition
    83. 

  83.     try {
    84. 

  84.         $response = $client->validateUser(array('user' => $username, 'pass' => $passCrypted, 'system' => 'chamilo'));
    85. 

  85.     } catch (SoapFault $fault) {
    86. 

  86.         error_log('Caught something');
    87. 

  87.         if ($fault->faultstring != 'Could not connect to host') {
    88. 

  88.             error_log('Not a connection problem');
    89. 

  89.             throw $fault;
    90. 

  90.         } else {
    91. 

  91.             error_log('Could not connect to WS host');
    92. 

  92.         }
    93. 

  93.         return 0;
    94. 

  94.     }
    95. 

  95.     return $response->validateUserResult;
    96. 

  96. }
    97. 

  97. 

  98. 

  99. 

  100. 

  101. 

  102. 

  103. 

  104. 

  105.