Commit 7122f4d38e12190469d4a6b025e766348be2ec4e
1 parent
d4c845e3
PT: 865156 - Atompub Http1.1Auth implemented.
Showing
5 changed files
with
130 additions
and
80 deletions
webservice/atompub/auth.php deleted
| 1 | -<?php | ||
| 2 | -/** | ||
| 3 | - * Framework for an Atom Publication Protocol Service | ||
| 4 | - * | ||
| 5 | - * KnowledgeTree Community Edition | ||
| 6 | - * Document Management Made Simple | ||
| 7 | - * Copyright (C) 2008, 2009 KnowledgeTree Inc. | ||
| 8 | - * Portions copyright The Jam Warehouse Software (Pty) Limited | ||
| 9 | - * | ||
| 10 | - * This program is free software; you can redistribute it and/or modify it under | ||
| 11 | - * the terms of the GNU General Public License version 3 as published by the | ||
| 12 | - * Free Software Foundation. | ||
| 13 | - * | ||
| 14 | - * This program is distributed in the hope that it will be useful, but WITHOUT | ||
| 15 | - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS | ||
| 16 | - * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more | ||
| 17 | - * details. | ||
| 18 | - * | ||
| 19 | - * You should have received a copy of the GNU General Public License | ||
| 20 | - * along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
| 21 | - * | ||
| 22 | - * You can contact KnowledgeTree Inc., PO Box 7775 #87847, San Francisco, | ||
| 23 | - * California 94120-7775, or email info@knowledgetree.com. | ||
| 24 | - * | ||
| 25 | - * The interactive user interfaces in modified source and object code versions | ||
| 26 | - * of this program must display Appropriate Legal Notices, as required under | ||
| 27 | - * Section 5 of the GNU General Public License version 3. | ||
| 28 | - * | ||
| 29 | - * In accordance with Section 7(b) of the GNU General Public License version 3, | ||
| 30 | - * these Appropriate Legal Notices must retain the display of the "Powered by | ||
| 31 | - * KnowledgeTree" logo and retain the original copyright notice. If the display of the | ||
| 32 | - * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices | ||
| 33 | - * must display the words "Powered by KnowledgeTree" and retain the original | ||
| 34 | - * copyright notice. | ||
| 35 | - * Contributor( s): | ||
| 36 | - * Mark Holtzhausen <mark@knowledgetree.com> | ||
| 37 | - * | ||
| 38 | - */ | ||
| 39 | - | ||
| 40 | -/** | ||
| 41 | - * Automatic Login bypassing HTTP Basic Auth | ||
| 42 | - * TODO: Thest HTTP Basic Auth - Try Library From Home | ||
| 43 | - */ | ||
| 44 | - | ||
| 45 | -$SessionId=KT_atom_service_helper::login('admin','admin'); | ||
| 46 | -$SessionId=$SessionId['session_id']; | ||
| 47 | - | ||
| 48 | - | ||
| 49 | -?> | ||
| 50 | \ No newline at end of file | 0 | \ No newline at end of file |
webservice/atompub/demodms/KT_atom_server.default_dms_services.inc.php
| @@ -23,6 +23,7 @@ class KT_atom_service_fulltree extends KT_atom_service { | @@ -23,6 +23,7 @@ class KT_atom_service_fulltree extends KT_atom_service { | ||
| 23 | $feed->newField($property,$value,$entry); | 23 | $feed->newField($property,$value,$entry); |
| 24 | } | 24 | } |
| 25 | } | 25 | } |
| 26 | + $this->setStatus(self::STATUS_OK); | ||
| 26 | //Expose the responseFeed | 27 | //Expose the responseFeed |
| 27 | $this->responseFeed=$feed; | 28 | $this->responseFeed=$feed; |
| 28 | } | 29 | } |
| @@ -90,4 +91,24 @@ class KT_atom_service_document extends KT_atom_service { | @@ -90,4 +91,24 @@ class KT_atom_service_document extends KT_atom_service { | ||
| 90 | $this->responseFeed=$feed; | 91 | $this->responseFeed=$feed; |
| 91 | } | 92 | } |
| 92 | } | 93 | } |
| 94 | + | ||
| 95 | +class KT_atom_service_test extends KT_atom_service{ | ||
| 96 | + public function GET_action(){} | ||
| 97 | + public function PUT_action(){} | ||
| 98 | + public function POST_action(){} | ||
| 99 | + public function DELETE_action(){} | ||
| 100 | +} | ||
| 101 | + | ||
| 102 | +class KT_atom_service_logout extends KT_atom_service{ | ||
| 103 | + public function GET_action(){ | ||
| 104 | + //$this->setStatus(self::STATUS_OK); | ||
| 105 | + KT_atom_HTTPauth::logout(); | ||
| 106 | + ob_end_clean(); | ||
| 107 | + KT_atom_HTTPauth::login('KnowledgeTree AtomPub','You are not allowed on this realm'); | ||
| 108 | + exit; | ||
| 109 | + } | ||
| 110 | + public function PUT_action(){} | ||
| 111 | + public function POST_action(){} | ||
| 112 | + public function DELETE_action(){} | ||
| 113 | +} | ||
| 93 | ?> | 114 | ?> |
| 94 | \ No newline at end of file | 115 | \ No newline at end of file |
webservice/atompub/demodms/KT_atom_service_helper.inc.php
| @@ -32,7 +32,7 @@ | @@ -32,7 +32,7 @@ | ||
| 32 | * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices | 32 | * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices |
| 33 | * must display the words "Powered by KnowledgeTree" and retain the original | 33 | * must display the words "Powered by KnowledgeTree" and retain the original |
| 34 | * copyright notice. | 34 | * copyright notice. |
| 35 | - * Contributor( s): | 35 | + * Contributor( s): |
| 36 | * Mark Holtzhausen <mark@knowledgetree.com> | 36 | * Mark Holtzhausen <mark@knowledgetree.com> |
| 37 | * | 37 | * |
| 38 | */ | 38 | */ |
| @@ -42,17 +42,17 @@ class KT_atom_service_helper{ | @@ -42,17 +42,17 @@ class KT_atom_service_helper{ | ||
| 42 | protected static $FILE_LIST_PROPERTIES=array('id','title','document_type','created_by','created_date','checked_out_by','checked_out_date','modified_by','modified_date','owned_by','mime_type','mime_icon_path','mime_display'); | 42 | protected static $FILE_LIST_PROPERTIES=array('id','title','document_type','created_by','created_date','checked_out_by','checked_out_date','modified_by','modified_date','owned_by','mime_type','mime_icon_path','mime_display'); |
| 43 | protected static $FOLDER_RECURSION_LEVEL=100; | 43 | protected static $FOLDER_RECURSION_LEVEL=100; |
| 44 | protected static $kt=NULL; | 44 | protected static $kt=NULL; |
| 45 | - | 45 | + |
| 46 | /** | 46 | /** |
| 47 | * Make sure the class is always treated statically and never instantiated. | 47 | * Make sure the class is always treated statically and never instantiated. |
| 48 | - * | 48 | + * |
| 49 | * @return void | 49 | * @return void |
| 50 | */ | 50 | */ |
| 51 | public function __construct(){ | 51 | public function __construct(){ |
| 52 | die('KT_atom_service_helper should not be instantiated. Only use as a static class'); | 52 | die('KT_atom_service_helper should not be instantiated. Only use as a static class'); |
| 53 | } | 53 | } |
| 54 | 54 | ||
| 55 | - | 55 | + |
| 56 | /** | 56 | /** |
| 57 | * Get the KT singleton instance | 57 | * Get the KT singleton instance |
| 58 | * | 58 | * |
| @@ -65,8 +65,8 @@ class KT_atom_service_helper{ | @@ -65,8 +65,8 @@ class KT_atom_service_helper{ | ||
| 65 | } | 65 | } |
| 66 | return self::$kt; | 66 | return self::$kt; |
| 67 | } | 67 | } |
| 68 | - | ||
| 69 | - | 68 | + |
| 69 | + | ||
| 70 | /** | 70 | /** |
| 71 | * Get the subfolders of the indicated folder | 71 | * Get the subfolders of the indicated folder |
| 72 | * | 72 | * |
| @@ -82,10 +82,10 @@ class KT_atom_service_helper{ | @@ -82,10 +82,10 @@ class KT_atom_service_helper{ | ||
| 82 | $subfolders[$item[id]]=self::extractFromArray($item,self::$FOLDER_LIST_PROPERTIES); | 82 | $subfolders[$item[id]]=self::extractFromArray($item,self::$FOLDER_LIST_PROPERTIES); |
| 83 | } | 83 | } |
| 84 | } | 84 | } |
| 85 | - return $subfolders; | 85 | + return $subfolders; |
| 86 | } | 86 | } |
| 87 | - | ||
| 88 | - | 87 | + |
| 88 | + | ||
| 89 | /** | 89 | /** |
| 90 | * Get every folder & document in the repository | 90 | * Get every folder & document in the repository |
| 91 | * | 91 | * |
| @@ -109,20 +109,20 @@ class KT_atom_service_helper{ | @@ -109,20 +109,20 @@ class KT_atom_service_helper{ | ||
| 109 | } | 109 | } |
| 110 | return $appTree; | 110 | return $appTree; |
| 111 | } | 111 | } |
| 112 | - | ||
| 113 | - | 112 | + |
| 113 | + | ||
| 114 | /** | 114 | /** |
| 115 | * Get detail about the folder | 115 | * Get detail about the folder |
| 116 | * | 116 | * |
| 117 | * @param integer $folderId The id of the folder to get detail on. | 117 | * @param integer $folderId The id of the folder to get detail on. |
| 118 | - * @return array | 118 | + * @return array |
| 119 | */ | 119 | */ |
| 120 | public static function getFolderDetail($folderId=NULL){ | 120 | public static function getFolderDetail($folderId=NULL){ |
| 121 | $ktInfo=self::getKT()->get_folder_by_id($folderId); | 121 | $ktInfo=self::getKT()->get_folder_by_id($folderId); |
| 122 | return $ktInfo->get_detail(); | 122 | return $ktInfo->get_detail(); |
| 123 | } | 123 | } |
| 124 | - | ||
| 125 | - | 124 | + |
| 125 | + | ||
| 126 | /** | 126 | /** |
| 127 | * Get detail about the indicated document | 127 | * Get detail about the indicated document |
| 128 | * | 128 | * |
| @@ -133,8 +133,8 @@ class KT_atom_service_helper{ | @@ -133,8 +133,8 @@ class KT_atom_service_helper{ | ||
| 133 | $ktInfo=self::getKT()->get_document_detail($docId); | 133 | $ktInfo=self::getKT()->get_document_detail($docId); |
| 134 | return $ktInfo; | 134 | return $ktInfo; |
| 135 | } | 135 | } |
| 136 | - | ||
| 137 | - | 136 | + |
| 137 | + | ||
| 138 | /** | 138 | /** |
| 139 | * Get a list of all the documents in a folder. | 139 | * Get a list of all the documents in a folder. |
| 140 | * | 140 | * |
| @@ -151,8 +151,8 @@ class KT_atom_service_helper{ | @@ -151,8 +151,8 @@ class KT_atom_service_helper{ | ||
| 151 | } | 151 | } |
| 152 | return $folderFiles; | 152 | return $folderFiles; |
| 153 | } | 153 | } |
| 154 | - | ||
| 155 | - | 154 | + |
| 155 | + | ||
| 156 | /** | 156 | /** |
| 157 | * Returns an array containing only the associated values from $array where the keys were found in $keyArray | 157 | * Returns an array containing only the associated values from $array where the keys were found in $keyArray |
| 158 | * | 158 | * |
| @@ -167,7 +167,7 @@ class KT_atom_service_helper{ | @@ -167,7 +167,7 @@ class KT_atom_service_helper{ | ||
| 167 | } | 167 | } |
| 168 | return $newArray; | 168 | return $newArray; |
| 169 | } | 169 | } |
| 170 | - | 170 | + |
| 171 | /** | 171 | /** |
| 172 | * Log in to KT easily | 172 | * Log in to KT easily |
| 173 | * | 173 | * |
| @@ -178,11 +178,12 @@ class KT_atom_service_helper{ | @@ -178,11 +178,12 @@ class KT_atom_service_helper{ | ||
| 178 | */ | 178 | */ |
| 179 | function login($username, $password, $ip=null){ | 179 | function login($username, $password, $ip=null){ |
| 180 | $kt = self::getKt(); | 180 | $kt = self::getKt(); |
| 181 | - | 181 | + |
| 182 | $session = $kt->start_session($username,$password, $ip); | 182 | $session = $kt->start_session($username,$password, $ip); |
| 183 | if (PEAR::isError($session)){ | 183 | if (PEAR::isError($session)){ |
| 184 | $response['status_code']=KT_atom_server_FAILURE; | 184 | $response['status_code']=KT_atom_server_FAILURE; |
| 185 | $response['session_id']=''; | 185 | $response['session_id']=''; |
| 186 | + $response['error']=$session; | ||
| 186 | }else{ | 187 | }else{ |
| 187 | $session= $session->get_session(); | 188 | $session= $session->get_session(); |
| 188 | $response['status_code'] = KT_atom_server_SUCCESS; | 189 | $response['status_code'] = KT_atom_server_SUCCESS; |
| @@ -190,8 +191,8 @@ class KT_atom_service_helper{ | @@ -190,8 +191,8 @@ class KT_atom_service_helper{ | ||
| 190 | } | 191 | } |
| 191 | return $response; | 192 | return $response; |
| 192 | } | 193 | } |
| 193 | - | ||
| 194 | - | 194 | + |
| 195 | + | ||
| 195 | /** | 196 | /** |
| 196 | * Log out of KT using the session id | 197 | * Log out of KT using the session id |
| 197 | * | 198 | * |
| @@ -199,9 +200,9 @@ class KT_atom_service_helper{ | @@ -199,9 +200,9 @@ class KT_atom_service_helper{ | ||
| 199 | * @return object Containing the status_code of the logout attempt | 200 | * @return object Containing the status_code of the logout attempt |
| 200 | */ | 201 | */ |
| 201 | function logout($session_id){ | 202 | function logout($session_id){ |
| 202 | - $kt = self::getKt(); | 203 | + $kt = self::getKt(); |
| 203 | $session = $kt->get_active_session($session_id, null); | 204 | $session = $kt->get_active_session($session_id, null); |
| 204 | - | 205 | + |
| 205 | if (PEAR::isError($session)){ | 206 | if (PEAR::isError($session)){ |
| 206 | $response['status_code']=KT_atom_server_FAILURE; | 207 | $response['status_code']=KT_atom_server_FAILURE; |
| 207 | }else{ | 208 | }else{ |
| @@ -210,7 +211,16 @@ class KT_atom_service_helper{ | @@ -210,7 +211,16 @@ class KT_atom_service_helper{ | ||
| 210 | } | 211 | } |
| 211 | return $response; | 212 | return $response; |
| 212 | } | 213 | } |
| 213 | - | 214 | + |
| 215 | + function sessionLogout(){ | ||
| 216 | + $session=self::getKt()->get_session(); | ||
| 217 | + if($session){ | ||
| 218 | + try{ | ||
| 219 | + self::getKT()->session_logout(); | ||
| 220 | + }catch(Exception $e){}; | ||
| 221 | + } | ||
| 222 | + } | ||
| 223 | + | ||
| 214 | /** | 224 | /** |
| 215 | * Check whether the session_id is logged into KT | 225 | * Check whether the session_id is logged into KT |
| 216 | * | 226 | * |
| @@ -223,5 +233,9 @@ class KT_atom_service_helper{ | @@ -223,5 +233,9 @@ class KT_atom_service_helper{ | ||
| 223 | return !PEAR::isError($session); | 233 | return !PEAR::isError($session); |
| 224 | } | 234 | } |
| 225 | 235 | ||
| 236 | + function getSessionId(){ | ||
| 237 | + return self::getKt()->get_session()->session; | ||
| 238 | + } | ||
| 239 | + | ||
| 226 | } | 240 | } |
| 227 | ?> | 241 | ?> |
| 228 | \ No newline at end of file | 242 | \ No newline at end of file |
webservice/atompub/index.php
| @@ -63,7 +63,6 @@ define('KT_ATOM_LIB_FOLDER','../classes/atompub/'); | @@ -63,7 +63,6 @@ define('KT_ATOM_LIB_FOLDER','../classes/atompub/'); | ||
| 63 | //define('KT_APP_WEB_OUTPUT',false); //defunct | 63 | //define('KT_APP_WEB_OUTPUT',false); //defunct |
| 64 | 64 | ||
| 65 | 65 | ||
| 66 | - | ||
| 67 | /** | 66 | /** |
| 68 | * Includes | 67 | * Includes |
| 69 | */ | 68 | */ |
| @@ -76,7 +75,18 @@ include_once(KT_ATOM_LIB_FOLDER.'KT_atom_serviceDoc.inc.php'); //Containing | @@ -76,7 +75,18 @@ include_once(KT_ATOM_LIB_FOLDER.'KT_atom_serviceDoc.inc.php'); //Containing | ||
| 76 | include_once(KT_ATOM_LIB_FOLDER.'KT_atom_responseFeed.inc.php'); //Containing the response feed class allowing easy atom feed generation | 75 | include_once(KT_ATOM_LIB_FOLDER.'KT_atom_responseFeed.inc.php'); //Containing the response feed class allowing easy atom feed generation |
| 77 | include_once(KT_ATOM_LIB_FOLDER.'KT_atom_service.inc.php'); | 76 | include_once(KT_ATOM_LIB_FOLDER.'KT_atom_service.inc.php'); |
| 78 | include_once('demodms/KT_atom_server.default_dms_services.inc.php'); | 77 | include_once('demodms/KT_atom_server.default_dms_services.inc.php'); |
| 79 | -include_once('auth.php'); //Containing the authentication protocols | 78 | + |
| 79 | + | ||
| 80 | +/** | ||
| 81 | + * Check Realm Authentication | ||
| 82 | + */ | ||
| 83 | +require_once(KT_ATOM_LIB_FOLDER.'KT_atom_HTTPauth.inc.php'); | ||
| 84 | + | ||
| 85 | +if(!KT_atom_HTTPauth::isLoggedIn()){ | ||
| 86 | + KT_atom_HTTPauth::login('KnowledgeTree AtomPub','You are not authorized to enter this realm'); | ||
| 87 | +} | ||
| 88 | + | ||
| 89 | + | ||
| 80 | 90 | ||
| 81 | 91 | ||
| 82 | //Start the AtomPubProtocol Routing Engine | 92 | //Start the AtomPubProtocol Routing Engine |
| @@ -97,14 +107,11 @@ $APP->addWorkspaceTag('dms','atom:title','Standard DMS'); | @@ -97,14 +107,11 @@ $APP->addWorkspaceTag('dms','atom:title','Standard DMS'); | ||
| 97 | $APP->registerService('DMS','fulltree','KT_atom_service_fulltree','Full Document Tree'); | 107 | $APP->registerService('DMS','fulltree','KT_atom_service_fulltree','Full Document Tree'); |
| 98 | $APP->registerService('DMS','folder','KT_atom_service_folder','Folder Detail'); | 108 | $APP->registerService('DMS','folder','KT_atom_service_folder','Folder Detail'); |
| 99 | $APP->registerService('DMS','document','KT_atom_service_document','Document Detail'); | 109 | $APP->registerService('DMS','document','KT_atom_service_document','Document Detail'); |
| 110 | +$APP->registerService('DMS','logout','KT_atom_service_logout','Forceful Logout'); | ||
| 100 | 111 | ||
| 101 | //Execute the current url/header request | 112 | //Execute the current url/header request |
| 102 | $APP->execute(); | 113 | $APP->execute(); |
| 103 | 114 | ||
| 104 | -//echo '<pre>'.print_r($APP,true).'</pre>'; | ||
| 105 | - | ||
| 106 | //Render the resulting feed response | 115 | //Render the resulting feed response |
| 107 | $APP->render(); | 116 | $APP->render(); |
| 108 | -//print_r($APP); | ||
| 109 | - | ||
| 110 | ?> | 117 | ?> |
| 111 | \ No newline at end of file | 118 | \ No newline at end of file |
webservice/classes/atompub/KT_atom_HTTPauth.inc.php
0 → 100644
| 1 | +<?php | ||
| 2 | +class KT_atom_HTTPauth{ | ||
| 3 | + public static function getCredentials(){ | ||
| 4 | + $credentials=array('user'=>'','pass'=>'','method'=>''); | ||
| 5 | + if(isset($_SERVER['PHP_AUTH_USER'])){ | ||
| 6 | + $credentials['user']=$_SERVER['PHP_AUTH_USER']; | ||
| 7 | + $credentials['pass']=isset($_SERVER['PHP_AUTH_PW'])?$_SERVER['PHP_AUTH_PW']:''; | ||
| 8 | + $credentials['method']=isset($_SERVER['AUTH_TYPE'])?$_SERVER['AUTH_TYPE']:''; | ||
| 9 | + }else{ | ||
| 10 | + if(isset($_SERVER['kt_auth']) || isset($_SERVER['REDIRECT_kt_auth'])){ | ||
| 11 | + $ktauth=isset($_SERVER['kt_auth'])?$_SERVER['kt_auth']:$_SERVER['REDIRECT_kt_auth']; | ||
| 12 | + list($authMethod,$authCred)=split(' ',$ktauth); | ||
| 13 | + $authMethod=strtolower(trim($authMethod)); | ||
| 14 | + $authCred=base64_decode(trim($authCred)); | ||
| 15 | + list($authUser,$authPass)=split(':',$authCred); | ||
| 16 | + $credentials['method']=$authMethod; | ||
| 17 | + $credentials['user']=$authUser; | ||
| 18 | + $credentials['pass']=$authPass; | ||
| 19 | + } | ||
| 20 | + } | ||
| 21 | + return $credentials; | ||
| 22 | + } | ||
| 23 | + | ||
| 24 | + public static function requireBasicAuth($realm='default',$message=''){ | ||
| 25 | + $realm=$realm?$realm:'default'; | ||
| 26 | + header('WWW-Authenticate: Basic Realm="'.$realm.'"'); | ||
| 27 | + header('HTTP/1.0 401 Unauthorized'); | ||
| 28 | + echo $message; | ||
| 29 | + exit; | ||
| 30 | + } | ||
| 31 | + | ||
| 32 | + public static function isLoggedIn(){ | ||
| 33 | + $kt=new KTAPI(); | ||
| 34 | + $session=$kt->get_active_session(session_id()); | ||
| 35 | + return !PEAR::isError($session); | ||
| 36 | + } | ||
| 37 | + | ||
| 38 | + public static function logout(){ | ||
| 39 | + $kt=new KTAPI(); | ||
| 40 | + $session=$kt->get_active_session(session_id()); | ||
| 41 | + if(!PEAR::isError($session)){ | ||
| 42 | + $session->logout(); | ||
| 43 | + } | ||
| 44 | + } | ||
| 45 | + | ||
| 46 | + public static function login($realm,$msg){ | ||
| 47 | + $kt=new KTAPI(); | ||
| 48 | + $session=$kt->get_active_session(session_id()); | ||
| 49 | + if(PEAR::isError($session)){ | ||
| 50 | + $cred=self::getCredentials(); | ||
| 51 | + $kt->login($cred['user'],$cred['pass']); | ||
| 52 | + if(self::isLoggedIn())return; | ||
| 53 | + } | ||
| 54 | + self::requireBasicAuth($realm,$msg); | ||
| 55 | + } | ||
| 56 | +} | ||
| 57 | +?> | ||
| 0 | \ No newline at end of file | 58 | \ No newline at end of file |