Главная Обзор Помощь
Вход
torambo.com
/
yunohost_glpi_singlesignon
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: ddc9c2ddc1
Ветки Метки
yunohost_glpi_s...
/
front
/
callback.php

callback.php 5.0 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * ---------------------------------------------------------------------
    5. 

  5.  * SingleSignOn is a plugin which allows to use SSO for auth
    6. 

  6.  * ---------------------------------------------------------------------
    7. 

  7.  * Copyright (C) 2022 Edgard
    8. 

  8.  *
    9. 

  9.  * This program is free software: you can redistribute it and/or modify
    10. 

  10.  * it under the terms of the GNU General Public License as published by
    11. 

  11.  * the Free Software Foundation, either version 3 of the License, or
    12. 

  12.  * (at your option) any later version.
    13. 

  13.  *
    14. 

  14.  * This program is distributed in the hope that it will be useful,
    15. 

  15.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    16. 

  16.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    17. 

  17.  * GNU General Public License for more details.
    18. 

  18.  *
    19. 

  19.  * You should have received a copy of the GNU General Public License
    20. 

  20.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    21. 

  21.  * ---------------------------------------------------------------------
    22. 

  22.  * @copyright Copyright © 2021 - 2022 Edgard
    23. 

  23.  * @license   http://www.gnu.org/licenses/gpl.txt GPLv3+
    24. 

  24.  * @link      https://github.com/edgardmessias/glpi-singlesignon/
    25. 

  25.  * ---------------------------------------------------------------------
    26. 

  26.  */
    27. 

  27. 

  28. //Disable CSRF token
    29. 

  29. define('GLPI_USE_CSRF_CHECK', 0);
    30. 

  30. 

  31. ini_set('display_errors', 1);
    32. 

  32. ini_set('display_startup_errors', 1);
    33. 

  33. error_reporting(E_ALL);
    34. 

  34. 

  35. include('../../../inc/includes.php');
    36. 

  36. 

  37. $provider_id = PluginSinglesignonToolbox::getCallbackParameters('provider');
    38. 

  38. 

  39. if (!$provider_id) {
    40. 

  40.    Html::displayErrorAndDie(__sso("Provider not defined."), false);
    41. 

  41. }
    42. 

  42. 

  43. $signon_provider = new PluginSinglesignonProvider();
    44. 

  44. 

  45. if (!$signon_provider->getFromDB($provider_id)) {
    46. 

  46.    Html::displayErrorAndDie(__sso("Provider not found."), true);
    47. 

  47. }
    48. 

  48. 

  49. if (!$signon_provider->fields['is_active']) {
    50. 

  50.    Html::displayErrorAndDie(__sso("Provider not active."), true);
    51. 

  51. }
    52. 

  52. 

  53. $signon_provider->checkAuthorization();
    54. 

  54. 

  55. $test = PluginSinglesignonToolbox::getCallbackParameters('test');
    56. 

  56. 

  57. if ($test) {
    58. 

  58.    $signon_provider->debug = true;
    59. 

  59.    Html::nullHeader("Login", $CFG_GLPI["root_doc"] . '/index.php');
    60. 

  60.    echo '<div class="left spaced">';
    61. 

  61.    echo '<pre>';
    62. 

  62.    echo "### BEGIN ###\n";
    63. 

  63.    $signon_provider->getResourceOwner();
    64. 

  64.    echo "### END ###";
    65. 

  65.    echo '</pre>';
    66. 

  66.    Html::nullFooter();
    67. 

  67.    exit();
    68. 

  68. }
    69. 

  69. 

  70. $user_id = Session::getLoginUserID();
    71. 

  71. 

  72. $REDIRECT = "";
    73. 

  73. 

  74. if ($user_id || $signon_provider->login()) {
    75. 

  75. 

  76.    $user_id = $user_id ?: Session::getLoginUserID();
    77. 

  77. 

  78.    if ($user_id) {
    79. 

  79.       $signon_provider->linkUser($user_id);
    80. 

  80.    }
    81. 

  81. 

  82.    $params = PluginSinglesignonToolbox::getCallbackParameters('q');
    83. 

  83. 

  84.    if (isset($params['redirect'])) {
    85. 

  85.       $REDIRECT = '?redirect=' . $params['redirect'];
    86. 

  86.    } else if (isset($_GET['state']) && is_integer(strpos($_GET['state'], "&redirect="))) {
    87. 

  87.       $REDIRECT = '?' . substr($_GET['state'], strpos($_GET['state'], "&redirect=") + 1);
    88. 

  88.    }
    89. 

  89. 

  90.    $url_redirect = '';
    91. 

  91. 

  92. 

  93.    if (isset($params['redirect'])) {
    94. 

  94.       $REDIRECT = '?redirect=' . $params['redirect'];
    95. 

  95.    } else if (isset($_GET['state']) && is_integer(strpos($_GET['state'], "&redirect="))) {
    96. 

  96.       $REDIRECT = '?' . substr($_GET['state'], strpos($_GET['state'], "&redirect=") + 1);
    97. 

  97.    }
    98. 

  98. 

  99.    if ($_SESSION["glpiactiveprofile"]["interface"] == "helpdesk") {
    100. 

  100.       if ($_SESSION['glpiactiveprofile']['create_ticket_on_login'] && empty($REDIRECT)) {
    101. 

  101.          $url_redirect = $CFG_GLPI['root_doc'] . "/front/helpdesk.public.php?create_ticket=1";
    102. 

  102.       } else {
    103. 

  103.          $url_redirect = $CFG_GLPI['root_doc'] . "/front/helpdesk.public.php$REDIRECT";
    104. 

  104.       }
    105. 

  105.    } else {
    106. 

  106.       if ($_SESSION['glpiactiveprofile']['create_ticket_on_login'] && empty($REDIRECT)) {
    107. 

  107.          $url_redirect = $CFG_GLPI['root_doc'] . "/front/ticket.form.php";
    108. 

  108.       } else {
    109. 

  109.          $url_redirect = $CFG_GLPI['root_doc'] . "/front/central.php$REDIRECT";
    110. 

  110.       }
    111. 

  111.    }
    112. 

  112. 

  113.    Html::nullHeader("Login", $CFG_GLPI["root_doc"] . '/index.php');
    114. 

  114.    echo '<div class="center spaced"><a href="' . $url_redirect . '">' .
    115. 

  115.    __sso('Automatic redirection, else click') . '</a>';
    116. 

  116.    echo '<script type="text/javascript">
    117. 

  117.          if (window.opener) {
    118. 

  118.            window.opener.location="' . $url_redirect . '";
    119. 

  119.            window.close();
    120. 

  120.          } else {
    121. 

  121.            window.location="' . $url_redirect . '";
    122. 

  122.          }
    123. 

  123.        </script></div>';
    124. 

  124.    Html::nullFooter();
    125. 

  125.    exit();
    126. 

  126. 

  127.    // Auth::redirectIfAuthenticated();
    128. 

  128. 

  129. }
    130. 

  130. 

  131. // we have done at least a good login? No, we exit.
    132. 

  132. Html::nullHeader("Login", $CFG_GLPI["root_doc"] . '/index.php');
    133. 

  133. echo '<div class="center b">' . __('User not authorized to connect in GLPI') . '<br><br>';
    134. 

  134. // Logout whit noAUto to manage auto_login with errors
    135. 

  135. echo '<a href="' . $CFG_GLPI["root_doc"] . '/front/logout.php?noAUTO=1' .
    136. 

  136. str_replace("?", "&", $REDIRECT) . '" class="singlesignon">' . __('Log in again') . '</a></div>';
    137. 

  137. echo '<script type="text/javascript">
    138. 

  138.    if (window.opener) {
    139. 

  139.       $(".singlesignon").on("click", function (e) {
    140. 

  140.          e.preventDefault();
    141. 

  141.          window.opener.location = $(this).attr("href");
    142. 

  142.          window.focus();
    143. 

  143.          window.close();
    144. 

  144.       });
    145. 

  145.    }
    146. 

  146. </script>';
    147. 

  147. Html::nullFooter();
    148. 

  148. exit();
    149.