[dev] new third party for login
steve
mailling at gmx.co.uk
Fri Jun 27 08:52:09 PDT 2003
Hi,
I developed a new way to work with login from a web site (the goal is to
add new services from other web sites).
Here is url.php that has to be in lib/auth/
<?php
/**
* The Auth_url:: class checks login credentials against a login/password
* feature of a web site
*
* $Horde: horde/lib/Auth/yahoo.php,v 1.7 2003/06/19 18:47:45 chuck Exp $
*
* Copyright 1999-2003 Stephane Huther <smailling at free.fr>
*
* Required values for $params:
* 'login_url' Url of the login page (without http://)
* 'logout_url' Url of the logout page (without http://)
* 'https' True if https has to be used
* 'usernamefield' Name of the 'username' field
* 'passwordfield' Name of the 'password' field
* 'method' Method (POST, ...)
* 'allowRedirects' Allow redirections
*
* See the enclosed file COPYING for license information (LGPL). If you
* did not receive this file, see yahoo://www.fsf.org/copyleft/lgpl.html.
*
* @author Stephane Huther <smailling at free.fr>
* @version $Revision: 1.7 $
* @since Horde 3.0
* @package horde.auth
*/
class Auth_url extends Auth {
/**
* Constructs a new Url authentication object.
*
* @access public
*
* @param optional array $params A hash containing parameters.
*/
function Auth_url($params = array())
{
$this->_params = $params;
}
/**
* Find out if a set of login credentials are valid.
*
* @access private
*
* @param string $userID The userID to check.
* @param array $credentials The credentials to use.
*
* @return boolean Whether or not the credentials are valid.
*/
function _authenticate($userID, $credentials)
{
if (!isset($this->_params['login_url'])) {
Horde::fatal(PEAR::raiseError(_("Required 'login_url' not specified in
authentication configuration.")), __FILE__, __LINE__);
}
if (!isset($this->_params['logout_url'])) {
Horde::fatal(PEAR::raiseError(_("Required 'logout_url' not specified in
authentication configuration.")), __FILE__, __LINE__);
}
if (!isset($this->_params['https'])) {
Horde::fatal(PEAR::raiseError(_("Required 'https' not specified in
authentication configuration.")), __FILE__, __LINE__);
}
if (!isset($this->_params['usernamefield'])) {
Horde::fatal(PEAR::raiseError(_("Required 'usernamefield' not specified
in authentication configuration.")), __FILE__, __LINE__);
}
if (!isset($this->_params['passwordfield'])) {
Horde::fatal(PEAR::raiseError(_("Required 'passwordfield' not specified
in authentication configuration.")), __FILE__, __LINE__);
}
if (!isset($this->_params['method'])) {
Horde::fatal(PEAR::raiseError(_("Required 'method' not specified in
authentication configuration.")), __FILE__, __LINE__);
}
if (!isset($this->_params['allowRedirects'])) {
Horde::fatal(PEAR::raiseError(_("Required 'allowRedirects' not specified
in authentication configuration.")), __FILE__, __LINE__);
}
$options['method'] = $this->_params['method'];
$options['timeout'] = 5;
$options['allowRedirects'] = $this->_params['allowRedirects'];
require_once 'HTTP/Request.php';
if ($this->_params['https']) {
$url='https://' . $this->_params['login_url'] ;
} else {
$url='http://' . $this->_params['login_url'] ;
}
$http = &new HTTP_Request($url, $options);
$http->addPostData($this->_params['usernamefield'], $userID);
$http->addPostData($this->_params['passwordfield'],
$credentials['password']);
$result = $http->sendRequest();
if (is_a($result, 'PEAR_Error')) {
$result = $result->getMessage();
} else {
$result = $http->getResponseBody();
}
$login_status=$this->_checkauthenticate($userID, $credentials, $result);
if (is_a($login_status, 'PEAR_Error') || !$login_status ) {
Horde::logMessage($result, __FILE__, __LINE__, PEAR_LOG_DEBUG);
$this->_setAuthError();
return false;
} else {
return true;
}
}
/**
* Analyse the result page after the login to check if the lgin
procedure is fine.
* Must be overwritten
*
* @access private
*
* @param string $userID The userID to check.
* @param array $credentials The credentials to use.
* @param object $result Result from $http->getResponseBody()
*
* @return boolean Whether or not the credentials are valid.
*/
function _checkauthenticate($userID, $credentials, $result)
{
return PEAR::raiseError('unsupported');
}
}
-- Here is a new yahoo.php
-- I didn't provide a diff since the file doesn't change so often and the
changes are important
<?php
/**
* The Auth_yahoo:: class checks login credentials against Yahoo! mail
* accounts.
*
* $Horde: horde/lib/Auth/yahoo.php,v 1.7 2003/06/19 18:47:45 chuck Exp $
*
* Copyright 1999-2003 Chuck Hagenbuch <chuck at horde.org>
*
* See the enclosed file COPYING for license information (LGPL). If you
* did not receive this file, see yahoo://www.fsf.org/copyleft/lgpl.html.
*
* @author Chuck Hagenbuch <chuck at horde.org>
* @version $Revision: 1.7 $
* @since Horde 3.0
* @package horde.auth
*/
require_once $GLOBALS['registry']->getParam('fileroot', $app) .
'/lib/Auth/' .'url.php';
class Auth_yahoo extends Auth_url {
/**
* Constructs a new Yahoo authentication object.
*
* @access public
*
* @param optional array $params A hash containing parameters.
*/
function Auth_yahoo($params = array())
{
$this->_params = $params;
$this->_params['login_url'] = 'login.yahoo.com/config/login';
$this->_params['logout_url'] = '';
$this->_params['https'] = false;
$this->_params['usernamefield'] = 'login';
$this->_params['passwordfield'] = 'passwd';
$this->_params['method'] = 'POST';
$this->_params['allowRedirects'] = true;
}
/**
* Analyse the result page after the login to check if the lgin
procedure is fine.
* Must be overwritten
*
* @access private
*
* @param string $userID The userID to check.
* @param array $credentials The credentials to use.
* @param object $result Result from $http->getResponseBody()
*
* @return boolean Whether or not the credentials are valid.
*/
function _checkauthenticate($userID, $credentials, $result)
{
if (!preg_match('|invalid password|i', $result)) {
return true;
}
return false;
}
}
What do you think about it? What do you think about the place of url.php in
the tree?
Steve
More information about the dev
mailing list