aboutsummaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2014-03-15 15:09:48 -0300
committerSilvio Rhatto <rhatto@riseup.net>2014-03-15 15:09:48 -0300
commit4fb376687dc1546f51e637cae1478582309f85f0 (patch)
tree8dd99abb6a221fd10bd86b00d5dd431ebcba4e0a /actions
downloadelgg-4fb376687dc1546f51e637cae1478582309f85f0.tar.gz
elgg-4fb376687dc1546f51e637cae1478582309f85f0.tar.bz2
Squashed 'mod/foafssl/' content from commit 3c1da1e
git-subtree-dir: mod/foafssl git-subtree-split: 3c1da1eaff8f61049b45ad99528f8f4e09ac7e62
Diffstat (limited to 'actions')
-rw-r--r--actions/add.php43
-rw-r--r--actions/generate.php53
-rwxr-xr-xactions/register.php81
-rw-r--r--actions/suck.php56
4 files changed, 233 insertions, 0 deletions
diff --git a/actions/add.php b/actions/add.php
new file mode 100644
index 000000000..494229aad
--- /dev/null
+++ b/actions/add.php
@@ -0,0 +1,43 @@
+<?php
+global $CONFIG;
+$user = get_loggedin_user();
+$name = get_input('name');
+$webid = get_input('webid');
+$modulus = get_input('modulus');
+$exponent = get_input('exponent');
+
+error_log($name);
+error_log($webid);
+error_log($modulus);
+error_log($exponent);
+
+if (isset($_FILES['cert_file'])) {
+ $cert = get_uploaded_file('cert_file');
+ $res = openssl_x509_read($cert);
+ $cert_data = openssl_x509_parse($cert);
+ $pubKey = openssl_pkey_get_public($res);
+ $keyData = openssl_pkey_get_details($pubKey);
+ $webid = $cert_data["extensions"]["subjectAltName"];
+
+ //Remove certificate armour
+ $unpacked_n = unpack("H*",$keyData['rsa']['n']);
+ $modulus = strtoupper($unpacked_n[1]);
+
+ $unpacked_e = unpack("H*",$keyData['rsa']['e']);
+ $exponent = hexdec($unpacked_e[1]);
+ $name = $cert_data["subject"]["CN"];
+ error_log("load file");
+ error_log("webid:".$webid);
+ error_log("exponent".$exponent);
+ error_log("mod".$modulus);
+}
+
+if ($modulus && $exponent && $user && $webid) {
+ $key = elgg_foafssl_createkey($modulus, $exponent, $user, $webid, $name);
+ system_message(elgg_echo("foafssl:addkey"));
+}
+else {
+ register_error(elgg_echo("foafssl:cantadd"));
+}
+forward($CONFIG->wwwroot."pg/foafssl/manage");
+?>
diff --git a/actions/generate.php b/actions/generate.php
new file mode 100644
index 000000000..e899d3dd0
--- /dev/null
+++ b/actions/generate.php
@@ -0,0 +1,53 @@
+<?php
+
+require_once($CONFIG->pluginspath."foafssl/lib/Authentication.php");
+require_once($CONFIG->pluginspath."foafssl/cert_proxy.php");
+
+global $CONFIG;
+
+
+function toBASE64($encodeMe) {
+ // does openssl really need this?
+ $data = base64_encode($encodeMe);
+ $datalb = "";
+ while (strlen($data) > 64) {
+ $datalb .= substr($data, 0, 64) . "\n";
+ $data = substr($data,64);
+ }
+ $datalb .= $data;
+ return $datalb;
+}
+
+
+$user = get_loggedin_user();
+$webid = $user->getURL();
+$name = get_input("name");
+$pubkey = get_input("pubkey");
+
+$cert = request_identity_p12($name, $webid, $pubkey);
+
+if ($cert && $user) {
+ $armored_cert = "-----BEGIN CERTIFICATE-----\n";
+ $armored_cert .= toBase64($cert);
+ $armored_cert .= "\n-----END CERTIFICATE-----\n";
+ $res = openssl_x509_read($armored_cert);
+ $cert_data = openssl_x509_parse($armored_cert);
+ $uid = $cert_data["subject"]["UID"];
+ $altName = $cert_data["extensions"]["subjectAltName"];
+ $pubKey = openssl_pkey_get_public($res);
+ $keyData = openssl_pkey_get_details($pubKey);
+
+ //Remove certificate armour
+ $unpacked_n = unpack("H*",$keyData['rsa']['n']);
+ $modulus = strtoupper($unpacked_n[1]);
+ $unpacked_e = unpack("H*",$keyData['rsa']['e']);
+ $exponent = hexdec($unpacked_e[1]);
+ set_input("name",$cert_data["subject"]["CN"]);
+ set_input("webid",$altName);
+ set_input("modulus",$modulus);
+ set_input("exponent",$exponent);
+ // now really include
+ include($CONFIG->pluginspath."foafssl/actions/add.php");
+}
+
+?>
diff --git a/actions/register.php b/actions/register.php
new file mode 100755
index 000000000..ff5e495b5
--- /dev/null
+++ b/actions/register.php
@@ -0,0 +1,81 @@
+<?php
+/**
+ * Elgg registration action
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @author Curverider Ltd
+ * @link http://elgg.org/
+ */
+
+global $CONFIG;
+error_log("register user foaf!");
+// Get variables
+$username = get_input('username');
+$password = get_input('password');
+$password2 = get_input('password2');
+$email = get_input('email');
+$name = get_input('name');
+$friend_guid = (int) get_input('friend_guid',0);
+$invitecode = get_input('invitecode');
+$exponent = get_input('key_exp');
+$modulus = get_input('key_mod');
+$webid = get_input('key_webid');
+
+if (!($exponent && $modulus && $webid))
+ forward();
+
+$admin = get_input('admin');
+if (is_array($admin)) {
+ $admin = $admin[0];
+}
+
+if (!$CONFIG->disable_registration) {
+// For now, just try and register the user
+ try {
+ $guid = register_user($username, $password, $name, $email, false, $friend_guid, $invitecode);
+ if (((trim($password) != "") && (strcmp($password, $password2) == 0)) && ($guid)) {
+ $new_user = get_entity($guid);
+error_log("register user foaf2!");
+ elgg_set_ignore_access(true);
+ elgg_foafssl_createkey($modulus, $exponent, $new_user, $webid, $name." register cert");
+ elgg_set_ignore_access(false);
+ if (($guid) && ($admin)) {
+ // Only admins can make someone an admin
+ admin_gatekeeper();
+ $new_user->makeAdmin();
+ }
+
+ // Send user validation request on register only
+ global $registering_admin;
+ if (!$registering_admin) {
+ request_user_validation($guid);
+ }
+
+ if (!$new_user->isAdmin()) {
+ // Now disable if not an admin
+ // Don't do a recursive disable. Any entities owned by the user at this point
+ // are products of plugins that hook into create user and might need
+ // access to the entities.
+ $new_user->disable('new_user', false);
+ }
+
+ system_message(sprintf(elgg_echo("registerok"),$CONFIG->sitename));
+
+ // Forward on success, assume everything else is an error...
+ forward();
+ } else {
+ register_error(elgg_echo("registerbad"));
+ }
+ } catch (RegistrationException $r) {
+ register_error($r->getMessage());
+ }
+} else {
+ register_error(elgg_echo('registerdisabled'));
+}
+
+$qs = explode('?',$_SERVER['HTTP_REFERER']);
+$qs = $qs[0];
+$qs .= "?u=" . urlencode($username) . "&e=" . urlencode($email) . "&n=" . urlencode($name) . "&friend_guid=" . $friend_guid;
+
+forward($qs);
diff --git a/actions/suck.php b/actions/suck.php
new file mode 100644
index 000000000..fd801e2de
--- /dev/null
+++ b/actions/suck.php
@@ -0,0 +1,56 @@
+<?php
+
+//require_once("config.php");
+global $CONFIG;
+require_once($CONFIG->pluginspath."foafssl/lib/Authentication.php");
+
+$config = array('db_name'=>'arc','db_user'=>'arc','db_pwd'=>'chjdladhsjk34!arcarc','store_name'=>'arc_tests');
+if ($_SERVER['SSL_CLIENT_CERT']) {
+ error_log("going to add");
+ $cert = $_SERVER['SSL_CLIENT_CERT'];
+ $res = openssl_x509_read($cert);
+ $cert_data = openssl_x509_parse($cert);
+ $uid = $cert_data["subject"]["UID"];
+ $altName = $cert_data["extensions"]["subjectAltName"];
+ $pubKey = openssl_pkey_get_public($res);
+ $keyData = openssl_pkey_get_details($pubKey);
+
+ //Remove certificate armour
+ $unpacked_n = unpack("H*",$keyData['rsa']['n']);
+ $modulus = strtoupper($unpacked_n[1]);
+ $unpacked_e = unpack("H*",$keyData['rsa']['e']);
+ $exponent = hexdec($unpacked_e[1]);
+ set_input("name",$cert_data["subject"]["CN"]);
+ set_input("webid",$altName);
+ set_input("modulus",$modulus);
+ set_input("exponent",$exponent);
+ include($CONFIG->pluginspath."foafssl/actions/add.php");
+}
+
+
+/*
+$auth = new Authentication_FoafSSLARC($config);
+//$auth = new Authentication_AgentARC($config, $webId);
+//var_dump($auth);
+//if ($auth->agentId !== $auth->agentURI) {
+if ($auth->isAuthenticated()) {
+ //print "Hello : $auth->webid<br/>";
+ $base_url = $CONFIG->wwwroot."pg/profile/";
+ if (strpos($auth->webid, $base_url) == 0) {
+ $root_len = strlen($base_url);
+ $username = substr($auth->webid, $root_len, strlen($auth->webid)-$root_len-strlen("?view=foaf"));
+ $user = get_user_by_username($username);
+ login($user, true);
+ system_message(elgg_echo("you logged in successfully with your certificate!"));
+ forward();
+
+ }
+}
+else {
+ print "Sorry you are not logged in<br/>";
+ print $auth->authnDiagnostic;
+}
+*/
+//$auth->logout();
+
+?>