From 2fba3020034cae12c244713311a7c76d5a6a4800 Mon Sep 17 00:00:00 2001 From: Christian Weiske Date: Mon, 9 May 2011 08:13:17 +0200 Subject: automatically register SSL client cert when user registers --- src/SemanticScuttle/Service/User/SslClientCert.php | 27 ++++++++++++++++++++-- www/register.php | 26 ++++++++++++++------- 2 files changed, 43 insertions(+), 10 deletions(-) diff --git a/src/SemanticScuttle/Service/User/SslClientCert.php b/src/SemanticScuttle/Service/User/SslClientCert.php index 7b0c1eb..9e7b2c4 100644 --- a/src/SemanticScuttle/Service/User/SslClientCert.php +++ b/src/SemanticScuttle/Service/User/SslClientCert.php @@ -85,10 +85,32 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi */ public function registerCurrentCertificate($uId) { - //FIXME + $serial = $_SERVER['SSL_CLIENT_M_SERIAL']; + $clientIssuerDn = $_SERVER['SSL_CLIENT_I_DN']; + + $query = 'INSERT INTO ' . $this->getTableName() + . ' '. $this->db->sql_build_array( + 'INSERT', array( + 'uId' => $uId, + 'sslSerial' => $serial, + 'sslClientIssuerDn' => $clientIssuerDn, + 'sslName' => $_SERVER['SSL_CLIENT_S_DN_CN'], + 'sslEmail' => $_SERVER['SSL_CLIENT_S_DN_Email'] + ) + ); + if (!($dbresult = $this->db->sql_query($query))) { + message_die( + GENERAL_ERROR, 'Could not load user for client certificate', + '', __LINE__, __FILE__, $query, $this->db + ); + return false; + } + + return true; } + /** * Takes values from the currently available SSL client certificate * and adds the available profile data to the user. @@ -109,8 +131,9 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi } if (count($arData)) { + $us = SemanticScuttle_Service_Factory::get('User'); foreach ($arData as $column => $value) { - $userservice->_updateuser($uId, $column, $value); + $us->_updateuser($uId, $column, $value); } } return $arData; diff --git a/www/register.php b/www/register.php index dce65ba..d78ede3 100644 --- a/www/register.php +++ b/www/register.php @@ -72,15 +72,25 @@ if (POST_SUBMITTED != '') { $tplVars['error'] = T_('Antispam answer is not valid. Please try again.'); // Register details - } elseif ($userservice->addUser($posteduser, POST_PASS, POST_MAIL) !== false) { - // Log in with new username - $login = $userservice->login($posteduser, POST_PASS); - if ($login) { - header('Location: '. createURL('bookmarks', $posteduser)); - } - $tplVars['msg'] = T_('You have successfully registered. Enjoy!'); } else { - $tplVars['error'] = T_('Registration failed. Please try again.'); + $uId = $userservice->addUser($posteduser, POST_PASS, POST_MAIL); + if ($uId !== false) { + if (isset($_SERVER['SSL_CLIENT_VERIFY']) + && $_SERVER['SSL_CLIENT_VERIFY'] == 'SUCCESS' + ) { + $ssl = SemanticScuttle_Service_Factory::get('User_SslClientCert'); + $ssl->registerCurrentCertificate($uId); + $ssl->updateProfileFromCurentCert($uId); + } + // Log in with new username + $login = $userservice->login($posteduser, POST_PASS); + if ($login) { + header('Location: '. createURL('bookmarks', $posteduser)); + } + $tplVars['msg'] = T_('You have successfully registered. Enjoy!'); + } else { + $tplVars['error'] = T_('Registration failed. Please try again.'); + } } } -- cgit v1.2.3