From 23f908c3e95b121f83f8c14450a9d06c4c8d41ad Mon Sep 17 00:00:00 2001 From: marcus Date: Wed, 23 Jul 2008 16:27:48 +0000 Subject: PAM now supports 'required' and 'sufficient' git-svn-id: https://code.elgg.org/elgg/trunk@1504 36083f99-b078-4883-b0ff-0f9b5a30f544 --- engine/lib/pam.php | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) (limited to 'engine/lib/pam.php') diff --git a/engine/lib/pam.php b/engine/lib/pam.php index 6bbfce79d..1faa0014e 100644 --- a/engine/lib/pam.php +++ b/engine/lib/pam.php @@ -21,14 +21,19 @@ * * @param string $handler The handler function in the format * pam_handler($credentials = NULL); + * @param string $importance The importance - "sufficient" or "required" */ - function register_pam_handler($handler) + function register_pam_handler($handler, $importance = "sufficient") { global $_PAM_HANDLERS; if (is_callable($handler)) { - $_PAM_HANDLERS[$handler] = $handler; + $_PAM_HANDLERS[$handler] = new stdClass; + + $_PAM_HANDLERS[$handler]->handler = $handler; + $_PAM_HANDLERS[$handler]->importance = strtolower($importance); + return true; } @@ -49,27 +54,38 @@ { global $_PAM_HANDLERS, $_PAM_HANDLERS_MSG; + $authenticated = false; + foreach ($_PAM_HANDLERS as $k => $v) { + $handler = $v->handler; + $importance = $v->importance; + try { // Execute the handler - if ($v($credentials)) + if ($handler($credentials)) { // Explicitly returned true $_PAM_HANDLERS_MSG[$k] = "Authenticated!"; - return true; + $authenticated = true; } else + { $_PAM_HANDLERS_MSG[$k] = "Not Authenticated."; + + // If this is required then abort. + if ($importance == 'required') + return false; + } } catch (Exception $e) { $_PAM_HANDLERS_MSG[$k] = "$e"; } } - - return false; + + return $authenticated; } ?> \ No newline at end of file -- cgit v1.2.3