default/plugins/SignOn.php

0001 <?php
0002
0003 /**
0004  *  ocs-webserver
0005  *
0006  *  Copyright 2016 by pling GmbH.
0007  *
0008  *    This file is part of ocs-webserver.
0009  *
0010  *    This program is free software: you can redistribute it and/or modify
0011  *    it under the terms of the GNU Affero General Public License as
0012  *    published by the Free Software Foundation, either version 3 of the
0013  *    License, or (at your option) any later version.
0014  *
0015  *    This program is distributed in the hope that it will be useful,
0016  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
0017  *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0018  *    GNU Affero General Public License for more details.
0019  *
0020  *    You should have received a copy of the GNU Affero General Public License
0021  *    along with this program.  If not, see <http://www.gnu.org/licenses/>.
0022  *
0023  *    Created: 21.10.2016
0024  **/
0025 class Default_Plugin_SignOn extends Zend_Controller_Plugin_Abstract
0026 {
0027
0028     /** @var Zend_Auth */
0029     protected $_auth;
0030
0031     public function __construct($auth)
0032     {
0033         $this->_auth = $auth;
0034     }
0035
0036     /**
0037      * @inheritDoc
0038      *
0039      * @param Zend_Controller_Request_Abstract $request
0040      *
0041      * @throws Zend_Auth_Storage_Exception
0042      * @throws Zend_Exception
0043      * @throws Zend_Session_Exception
0044      */
0045     public function preDispatch(Zend_Controller_Request_Abstract $request)
0046     {
0047         // at this point the zend framework has already tested the session cookie and we should have an auth object.
0048         if ($this->_auth->hasIdentity()) {
0049             return;
0050         }
0051
0052         if (false === ($token_id = $request->getCookie(Default_Model_SingleSignOnToken::ACTION_LOGIN, false))) {
0053             return;
0054         }
0055
0056         $modelAuthToken = new Default_Model_SingleSignOnToken();
0057         if (false === $modelAuthToken->isValid($token_id)) {
0058             return;
0059         }
0060
0061         $token_data = $modelAuthToken->getData($token_id);
0062
0063         if (isset($token_data['member_id']) AND isset($token_data['auth_result'])) {
0064             $modelAuth = new Default_Model_Authorization();
0065             $authResult = $modelAuth->authenticateUser($token_data['member_id'], null, $token_data['remember_me'],Local_Auth_AdapterFactory::LOGIN_SSO);
0066             if (false === $authResult->isValid()) {
0067                 Zend_Registry::get('logger')->warn(__METHOD__
0068                     . ' - Sign on with OAuth failed: Can not authenticate user ('
0069                     . $token_data['member_id'] . ',' . $token_id . ')' . implode('; ', $authResult->getMessages()))
0070                 ;
0071             }
0072         }
0073     }
0074
0075 }