Commit 7122f4d38e12190469d4a6b025e766348be2ec4e
1 parent
d4c845e3
PT: 865156 - Atompub Http1.1Auth implemented.
Showing
5 changed files
with
130 additions
and
80 deletions
webservice/atompub/auth.php deleted
| 1 | -<?php | |
| 2 | -/** | |
| 3 | - * Framework for an Atom Publication Protocol Service | |
| 4 | - * | |
| 5 | - * KnowledgeTree Community Edition | |
| 6 | - * Document Management Made Simple | |
| 7 | - * Copyright (C) 2008, 2009 KnowledgeTree Inc. | |
| 8 | - * Portions copyright The Jam Warehouse Software (Pty) Limited | |
| 9 | - * | |
| 10 | - * This program is free software; you can redistribute it and/or modify it under | |
| 11 | - * the terms of the GNU General Public License version 3 as published by the | |
| 12 | - * Free Software Foundation. | |
| 13 | - * | |
| 14 | - * This program is distributed in the hope that it will be useful, but WITHOUT | |
| 15 | - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS | |
| 16 | - * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more | |
| 17 | - * details. | |
| 18 | - * | |
| 19 | - * You should have received a copy of the GNU General Public License | |
| 20 | - * along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 21 | - * | |
| 22 | - * You can contact KnowledgeTree Inc., PO Box 7775 #87847, San Francisco, | |
| 23 | - * California 94120-7775, or email info@knowledgetree.com. | |
| 24 | - * | |
| 25 | - * The interactive user interfaces in modified source and object code versions | |
| 26 | - * of this program must display Appropriate Legal Notices, as required under | |
| 27 | - * Section 5 of the GNU General Public License version 3. | |
| 28 | - * | |
| 29 | - * In accordance with Section 7(b) of the GNU General Public License version 3, | |
| 30 | - * these Appropriate Legal Notices must retain the display of the "Powered by | |
| 31 | - * KnowledgeTree" logo and retain the original copyright notice. If the display of the | |
| 32 | - * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices | |
| 33 | - * must display the words "Powered by KnowledgeTree" and retain the original | |
| 34 | - * copyright notice. | |
| 35 | - * Contributor( s): | |
| 36 | - * Mark Holtzhausen <mark@knowledgetree.com> | |
| 37 | - * | |
| 38 | - */ | |
| 39 | - | |
| 40 | -/** | |
| 41 | - * Automatic Login bypassing HTTP Basic Auth | |
| 42 | - * TODO: Thest HTTP Basic Auth - Try Library From Home | |
| 43 | - */ | |
| 44 | - | |
| 45 | -$SessionId=KT_atom_service_helper::login('admin','admin'); | |
| 46 | -$SessionId=$SessionId['session_id']; | |
| 47 | - | |
| 48 | - | |
| 49 | -?> | |
| 50 | 0 | \ No newline at end of file |
webservice/atompub/demodms/KT_atom_server.default_dms_services.inc.php
| ... | ... | @@ -23,6 +23,7 @@ class KT_atom_service_fulltree extends KT_atom_service { |
| 23 | 23 | $feed->newField($property,$value,$entry); |
| 24 | 24 | } |
| 25 | 25 | } |
| 26 | + $this->setStatus(self::STATUS_OK); | |
| 26 | 27 | //Expose the responseFeed |
| 27 | 28 | $this->responseFeed=$feed; |
| 28 | 29 | } |
| ... | ... | @@ -90,4 +91,24 @@ class KT_atom_service_document extends KT_atom_service { |
| 90 | 91 | $this->responseFeed=$feed; |
| 91 | 92 | } |
| 92 | 93 | } |
| 94 | + | |
| 95 | +class KT_atom_service_test extends KT_atom_service{ | |
| 96 | + public function GET_action(){} | |
| 97 | + public function PUT_action(){} | |
| 98 | + public function POST_action(){} | |
| 99 | + public function DELETE_action(){} | |
| 100 | +} | |
| 101 | + | |
| 102 | +class KT_atom_service_logout extends KT_atom_service{ | |
| 103 | + public function GET_action(){ | |
| 104 | + //$this->setStatus(self::STATUS_OK); | |
| 105 | + KT_atom_HTTPauth::logout(); | |
| 106 | + ob_end_clean(); | |
| 107 | + KT_atom_HTTPauth::login('KnowledgeTree AtomPub','You are not allowed on this realm'); | |
| 108 | + exit; | |
| 109 | + } | |
| 110 | + public function PUT_action(){} | |
| 111 | + public function POST_action(){} | |
| 112 | + public function DELETE_action(){} | |
| 113 | +} | |
| 93 | 114 | ?> |
| 94 | 115 | \ No newline at end of file | ... | ... |
webservice/atompub/demodms/KT_atom_service_helper.inc.php
| ... | ... | @@ -32,7 +32,7 @@ |
| 32 | 32 | * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices |
| 33 | 33 | * must display the words "Powered by KnowledgeTree" and retain the original |
| 34 | 34 | * copyright notice. |
| 35 | - * Contributor( s): | |
| 35 | + * Contributor( s): | |
| 36 | 36 | * Mark Holtzhausen <mark@knowledgetree.com> |
| 37 | 37 | * |
| 38 | 38 | */ |
| ... | ... | @@ -42,17 +42,17 @@ class KT_atom_service_helper{ |
| 42 | 42 | protected static $FILE_LIST_PROPERTIES=array('id','title','document_type','created_by','created_date','checked_out_by','checked_out_date','modified_by','modified_date','owned_by','mime_type','mime_icon_path','mime_display'); |
| 43 | 43 | protected static $FOLDER_RECURSION_LEVEL=100; |
| 44 | 44 | protected static $kt=NULL; |
| 45 | - | |
| 45 | + | |
| 46 | 46 | /** |
| 47 | 47 | * Make sure the class is always treated statically and never instantiated. |
| 48 | - * | |
| 48 | + * | |
| 49 | 49 | * @return void |
| 50 | 50 | */ |
| 51 | 51 | public function __construct(){ |
| 52 | 52 | die('KT_atom_service_helper should not be instantiated. Only use as a static class'); |
| 53 | 53 | } |
| 54 | 54 | |
| 55 | - | |
| 55 | + | |
| 56 | 56 | /** |
| 57 | 57 | * Get the KT singleton instance |
| 58 | 58 | * |
| ... | ... | @@ -65,8 +65,8 @@ class KT_atom_service_helper{ |
| 65 | 65 | } |
| 66 | 66 | return self::$kt; |
| 67 | 67 | } |
| 68 | - | |
| 69 | - | |
| 68 | + | |
| 69 | + | |
| 70 | 70 | /** |
| 71 | 71 | * Get the subfolders of the indicated folder |
| 72 | 72 | * |
| ... | ... | @@ -82,10 +82,10 @@ class KT_atom_service_helper{ |
| 82 | 82 | $subfolders[$item[id]]=self::extractFromArray($item,self::$FOLDER_LIST_PROPERTIES); |
| 83 | 83 | } |
| 84 | 84 | } |
| 85 | - return $subfolders; | |
| 85 | + return $subfolders; | |
| 86 | 86 | } |
| 87 | - | |
| 88 | - | |
| 87 | + | |
| 88 | + | |
| 89 | 89 | /** |
| 90 | 90 | * Get every folder & document in the repository |
| 91 | 91 | * |
| ... | ... | @@ -109,20 +109,20 @@ class KT_atom_service_helper{ |
| 109 | 109 | } |
| 110 | 110 | return $appTree; |
| 111 | 111 | } |
| 112 | - | |
| 113 | - | |
| 112 | + | |
| 113 | + | |
| 114 | 114 | /** |
| 115 | 115 | * Get detail about the folder |
| 116 | 116 | * |
| 117 | 117 | * @param integer $folderId The id of the folder to get detail on. |
| 118 | - * @return array | |
| 118 | + * @return array | |
| 119 | 119 | */ |
| 120 | 120 | public static function getFolderDetail($folderId=NULL){ |
| 121 | 121 | $ktInfo=self::getKT()->get_folder_by_id($folderId); |
| 122 | 122 | return $ktInfo->get_detail(); |
| 123 | 123 | } |
| 124 | - | |
| 125 | - | |
| 124 | + | |
| 125 | + | |
| 126 | 126 | /** |
| 127 | 127 | * Get detail about the indicated document |
| 128 | 128 | * |
| ... | ... | @@ -133,8 +133,8 @@ class KT_atom_service_helper{ |
| 133 | 133 | $ktInfo=self::getKT()->get_document_detail($docId); |
| 134 | 134 | return $ktInfo; |
| 135 | 135 | } |
| 136 | - | |
| 137 | - | |
| 136 | + | |
| 137 | + | |
| 138 | 138 | /** |
| 139 | 139 | * Get a list of all the documents in a folder. |
| 140 | 140 | * |
| ... | ... | @@ -151,8 +151,8 @@ class KT_atom_service_helper{ |
| 151 | 151 | } |
| 152 | 152 | return $folderFiles; |
| 153 | 153 | } |
| 154 | - | |
| 155 | - | |
| 154 | + | |
| 155 | + | |
| 156 | 156 | /** |
| 157 | 157 | * Returns an array containing only the associated values from $array where the keys were found in $keyArray |
| 158 | 158 | * |
| ... | ... | @@ -167,7 +167,7 @@ class KT_atom_service_helper{ |
| 167 | 167 | } |
| 168 | 168 | return $newArray; |
| 169 | 169 | } |
| 170 | - | |
| 170 | + | |
| 171 | 171 | /** |
| 172 | 172 | * Log in to KT easily |
| 173 | 173 | * |
| ... | ... | @@ -178,11 +178,12 @@ class KT_atom_service_helper{ |
| 178 | 178 | */ |
| 179 | 179 | function login($username, $password, $ip=null){ |
| 180 | 180 | $kt = self::getKt(); |
| 181 | - | |
| 181 | + | |
| 182 | 182 | $session = $kt->start_session($username,$password, $ip); |
| 183 | 183 | if (PEAR::isError($session)){ |
| 184 | 184 | $response['status_code']=KT_atom_server_FAILURE; |
| 185 | 185 | $response['session_id']=''; |
| 186 | + $response['error']=$session; | |
| 186 | 187 | }else{ |
| 187 | 188 | $session= $session->get_session(); |
| 188 | 189 | $response['status_code'] = KT_atom_server_SUCCESS; |
| ... | ... | @@ -190,8 +191,8 @@ class KT_atom_service_helper{ |
| 190 | 191 | } |
| 191 | 192 | return $response; |
| 192 | 193 | } |
| 193 | - | |
| 194 | - | |
| 194 | + | |
| 195 | + | |
| 195 | 196 | /** |
| 196 | 197 | * Log out of KT using the session id |
| 197 | 198 | * |
| ... | ... | @@ -199,9 +200,9 @@ class KT_atom_service_helper{ |
| 199 | 200 | * @return object Containing the status_code of the logout attempt |
| 200 | 201 | */ |
| 201 | 202 | function logout($session_id){ |
| 202 | - $kt = self::getKt(); | |
| 203 | + $kt = self::getKt(); | |
| 203 | 204 | $session = $kt->get_active_session($session_id, null); |
| 204 | - | |
| 205 | + | |
| 205 | 206 | if (PEAR::isError($session)){ |
| 206 | 207 | $response['status_code']=KT_atom_server_FAILURE; |
| 207 | 208 | }else{ |
| ... | ... | @@ -210,7 +211,16 @@ class KT_atom_service_helper{ |
| 210 | 211 | } |
| 211 | 212 | return $response; |
| 212 | 213 | } |
| 213 | - | |
| 214 | + | |
| 215 | + function sessionLogout(){ | |
| 216 | + $session=self::getKt()->get_session(); | |
| 217 | + if($session){ | |
| 218 | + try{ | |
| 219 | + self::getKT()->session_logout(); | |
| 220 | + }catch(Exception $e){}; | |
| 221 | + } | |
| 222 | + } | |
| 223 | + | |
| 214 | 224 | /** |
| 215 | 225 | * Check whether the session_id is logged into KT |
| 216 | 226 | * |
| ... | ... | @@ -223,5 +233,9 @@ class KT_atom_service_helper{ |
| 223 | 233 | return !PEAR::isError($session); |
| 224 | 234 | } |
| 225 | 235 | |
| 236 | + function getSessionId(){ | |
| 237 | + return self::getKt()->get_session()->session; | |
| 238 | + } | |
| 239 | + | |
| 226 | 240 | } |
| 227 | 241 | ?> |
| 228 | 242 | \ No newline at end of file | ... | ... |
webservice/atompub/index.php
| ... | ... | @@ -63,7 +63,6 @@ define('KT_ATOM_LIB_FOLDER','../classes/atompub/'); |
| 63 | 63 | //define('KT_APP_WEB_OUTPUT',false); //defunct |
| 64 | 64 | |
| 65 | 65 | |
| 66 | - | |
| 67 | 66 | /** |
| 68 | 67 | * Includes |
| 69 | 68 | */ |
| ... | ... | @@ -76,7 +75,18 @@ include_once(KT_ATOM_LIB_FOLDER.'KT_atom_serviceDoc.inc.php'); //Containing |
| 76 | 75 | include_once(KT_ATOM_LIB_FOLDER.'KT_atom_responseFeed.inc.php'); //Containing the response feed class allowing easy atom feed generation |
| 77 | 76 | include_once(KT_ATOM_LIB_FOLDER.'KT_atom_service.inc.php'); |
| 78 | 77 | include_once('demodms/KT_atom_server.default_dms_services.inc.php'); |
| 79 | -include_once('auth.php'); //Containing the authentication protocols | |
| 78 | + | |
| 79 | + | |
| 80 | +/** | |
| 81 | + * Check Realm Authentication | |
| 82 | + */ | |
| 83 | +require_once(KT_ATOM_LIB_FOLDER.'KT_atom_HTTPauth.inc.php'); | |
| 84 | + | |
| 85 | +if(!KT_atom_HTTPauth::isLoggedIn()){ | |
| 86 | + KT_atom_HTTPauth::login('KnowledgeTree AtomPub','You are not authorized to enter this realm'); | |
| 87 | +} | |
| 88 | + | |
| 89 | + | |
| 80 | 90 | |
| 81 | 91 | |
| 82 | 92 | //Start the AtomPubProtocol Routing Engine |
| ... | ... | @@ -97,14 +107,11 @@ $APP->addWorkspaceTag('dms','atom:title','Standard DMS'); |
| 97 | 107 | $APP->registerService('DMS','fulltree','KT_atom_service_fulltree','Full Document Tree'); |
| 98 | 108 | $APP->registerService('DMS','folder','KT_atom_service_folder','Folder Detail'); |
| 99 | 109 | $APP->registerService('DMS','document','KT_atom_service_document','Document Detail'); |
| 110 | +$APP->registerService('DMS','logout','KT_atom_service_logout','Forceful Logout'); | |
| 100 | 111 | |
| 101 | 112 | //Execute the current url/header request |
| 102 | 113 | $APP->execute(); |
| 103 | 114 | |
| 104 | -//echo '<pre>'.print_r($APP,true).'</pre>'; | |
| 105 | - | |
| 106 | 115 | //Render the resulting feed response |
| 107 | 116 | $APP->render(); |
| 108 | -//print_r($APP); | |
| 109 | - | |
| 110 | 117 | ?> |
| 111 | 118 | \ No newline at end of file | ... | ... |
webservice/classes/atompub/KT_atom_HTTPauth.inc.php
0 → 100644
| 1 | +<?php | |
| 2 | +class KT_atom_HTTPauth{ | |
| 3 | + public static function getCredentials(){ | |
| 4 | + $credentials=array('user'=>'','pass'=>'','method'=>''); | |
| 5 | + if(isset($_SERVER['PHP_AUTH_USER'])){ | |
| 6 | + $credentials['user']=$_SERVER['PHP_AUTH_USER']; | |
| 7 | + $credentials['pass']=isset($_SERVER['PHP_AUTH_PW'])?$_SERVER['PHP_AUTH_PW']:''; | |
| 8 | + $credentials['method']=isset($_SERVER['AUTH_TYPE'])?$_SERVER['AUTH_TYPE']:''; | |
| 9 | + }else{ | |
| 10 | + if(isset($_SERVER['kt_auth']) || isset($_SERVER['REDIRECT_kt_auth'])){ | |
| 11 | + $ktauth=isset($_SERVER['kt_auth'])?$_SERVER['kt_auth']:$_SERVER['REDIRECT_kt_auth']; | |
| 12 | + list($authMethod,$authCred)=split(' ',$ktauth); | |
| 13 | + $authMethod=strtolower(trim($authMethod)); | |
| 14 | + $authCred=base64_decode(trim($authCred)); | |
| 15 | + list($authUser,$authPass)=split(':',$authCred); | |
| 16 | + $credentials['method']=$authMethod; | |
| 17 | + $credentials['user']=$authUser; | |
| 18 | + $credentials['pass']=$authPass; | |
| 19 | + } | |
| 20 | + } | |
| 21 | + return $credentials; | |
| 22 | + } | |
| 23 | + | |
| 24 | + public static function requireBasicAuth($realm='default',$message=''){ | |
| 25 | + $realm=$realm?$realm:'default'; | |
| 26 | + header('WWW-Authenticate: Basic Realm="'.$realm.'"'); | |
| 27 | + header('HTTP/1.0 401 Unauthorized'); | |
| 28 | + echo $message; | |
| 29 | + exit; | |
| 30 | + } | |
| 31 | + | |
| 32 | + public static function isLoggedIn(){ | |
| 33 | + $kt=new KTAPI(); | |
| 34 | + $session=$kt->get_active_session(session_id()); | |
| 35 | + return !PEAR::isError($session); | |
| 36 | + } | |
| 37 | + | |
| 38 | + public static function logout(){ | |
| 39 | + $kt=new KTAPI(); | |
| 40 | + $session=$kt->get_active_session(session_id()); | |
| 41 | + if(!PEAR::isError($session)){ | |
| 42 | + $session->logout(); | |
| 43 | + } | |
| 44 | + } | |
| 45 | + | |
| 46 | + public static function login($realm,$msg){ | |
| 47 | + $kt=new KTAPI(); | |
| 48 | + $session=$kt->get_active_session(session_id()); | |
| 49 | + if(PEAR::isError($session)){ | |
| 50 | + $cred=self::getCredentials(); | |
| 51 | + $kt->login($cred['user'],$cred['pass']); | |
| 52 | + if(self::isLoggedIn())return; | |
| 53 | + } | |
| 54 | + self::requireBasicAuth($realm,$msg); | |
| 55 | + } | |
| 56 | +} | |
| 57 | +?> | |
| 0 | 58 | \ No newline at end of file | ... | ... |