FusionDirectory
class_LoginHTTPHeader.inc
1 <?php
2 /*
3  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
4  Copyright (C) 2017-2018 FusionDirectory
5 
6  This program is free software; you can redistribute it and/or modify
7  it under the terms of the GNU General Public License as published by
8  the Free Software Foundation; either version 2 of the License, or
9  (at your option) any later version.
10 
11  This program is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU General Public License for more details.
15 
16  You should have received a copy of the GNU General Public License
17  along with this program; if not, write to the Free Software
18  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
19 */
20 
24 class LoginHTTPHeader extends LoginMethod
25 {
27  static function getLabel ()
28  {
29  return _('HTTP Header');
30  }
31 
33  static function loginProcess ()
34  {
35  global $config, $message, $ui;
36 
37  static::init();
38 
39  /* Reset error messages */
40  $message = '';
41 
42  $header = $config->get_cfg_value('httpHeaderAuthHeaderName', 'AUTH_USER');
43 
44  static::$username = $_SERVER['HTTP_'.$header];
45 
46  if (!static::$username) {
47  throw new FatalError(
48  htmlescape(sprintf(
49  _('No value found in HTTP header "%s"'),
50  $header
51  ))
52  );
53  }
54 
55  $ui = userinfo::getLdapUser(static::$username);
56 
57  if ($ui === FALSE) {
58  throw new FatalError(
59  htmlescape(sprintf(
60  _('Header user "%s" could not be found in LDAP'),
61  static::$username
62  ))
63  );
64  } elseif (is_string($ui)) {
65  throw new FatalError(
66  htmlescape(sprintf(
67  _('Login with user "%s" triggered error: %s'),
68  static::$username,
69  $ui
70  ))
71  );
72  }
73 
74  $ui->loadACL();
75 
76  $success = static::runSteps([
77  'checkForLockingBranch',
78  'loginAndCheckExpired',
79  'runSchemaCheck',
80  ]);
81 
82  if ($success) {
83  /* Everything went well, redirect to main.php */
84  static::redirect();
85  } else {
86  echo msg_dialog::get_dialogs();
87  if (!empty($message)) {
88  throw new FatalError(
89  htmlescape(sprintf(
90  _('Login with user "%s" triggered error: %s'),
91  static::$username,
92  $message
93  ))
94  );
95  }
96  exit();
97  }
98  }
99 }
htmlescape
htmlescape(string $str)
Escape string for HTML output.
Definition: php_setup.inc:32
userinfo\getLdapUser
static getLdapUser(string $username)
Get user from LDAP directory.
Definition: class_userinfo.inc:1037
LoginHTTPHeader\loginProcess
static loginProcess()
All login steps in the right order for HTTP Header login.
Definition: class_LoginHTTPHeader.inc:33
msg_dialog\get_dialogs
static get_dialogs()
Accessor of the message dialog rendered HTML.
Definition: class_msg_dialog.inc:192
LoginMethod
Base class for login methods.
Definition: class_LoginMethod.inc:27
LoginHTTPHeader
Login via HTTP Header.
Definition: class_LoginHTTPHeader.inc:24
LoginHTTPHeader\getLabel
static getLabel()
Displayed name.
Definition: class_LoginHTTPHeader.inc:27
FatalError
Fatal error class. Does not extend FusionDirectoryError.
Definition: class_FatalError.inc:25
Generated on Mon Feb 24 2025 17:39:36 for FusionDirectory by   doxygen 1.8.13