PukiWiki for PHP 5.4 / 5.5
Fork

(Original repository, No fork origin)

Commit

Revisão	b5db2e96cba94b0f1fe1d7f88b08d0464bebd6ba (tree)
Hora	2016-01-23 01:26:19
Autor	umorigu <umorigu@gmai...>
Commiter	umorigu

BugTrack2/373 AUTH_TYPE_EXTERNAL - Use external sign-in mechanism

In pukiwiki.ini.php, you can define $auth_external_login_url URL.
It is a external sign in URL.

For example,

$auth_type = AUTH_TYPE_EXTERNAL; $auth_external_login_url = './exlogin.php';

If you meet a private page that requires access permission,
a system redirect you to './exlogin.php' with 'url_after_login'
parameter.

In this case, 'exlogin.php' is your custom PHP script.
After you sign in your SSO system,
please redirect back to 'url_after_login' page.

--- a/lib/auth.php

+++ b/lib/auth.php

		@@ -182,6 +182,7 @@ function basic_auth($page, $auth_flag, $exit_flag, $auth_pages, $title_cannot)
182	182	{
183	183	global $auth_method_type, $auth_users, $_msg_auth, $auth_user, $auth_groups;
184	184	global $auth_user_groups, $auth_type, $g_query_string;
	185	+ global $auth_external_login_url;
185	186	// Checked by:
186	187	$target_str = '';
187	188	if ($auth_method_type == 'pagename') {

		@@ -211,7 +212,14 @@ function basic_auth($page, $auth_flag, $exit_flag, $auth_pages, $title_cannot)
211	212	} elseif (AUTH_TYPE_FORM === $auth_type) {
212	213	$url_after_login = get_script_uri() . '?' . $g_query_string;
213	214	$loginurl = get_script_uri() . '?plugin=loginform'
214		- . '&page=' . rawurlencode($page)
	215	+ . '&page=' . pagename_urlencode($page)
	216	+ . '&url_after_login=' . rawurlencode($url_after_login);
	217	+ header('HTTP/1.0 302 Found');
	218	+ header('Location: ' . $loginurl);
	219	+ } elseif (AUTH_TYPE_EXTERNAL === $auth_type) {
	220	+ $url_after_login = get_script_uri() . '?' . $g_query_string;
	221	+ $loginurl = $auth_external_login_url . '?'
	222	+ . '&page=' . pagename_urlencode($page)
215	223	. '&url_after_login=' . rawurlencode($url_after_login);
216	224	header('HTTP/1.0 302 Found');
217	225	header('Location: ' . $loginurl);

		@@ -261,6 +269,7 @@ function ensure_valid_auth_user()
261	269	return true; // no auth input
262	270	}
263	271	case AUTH_TYPE_FORM:
	272	+ case AUTH_TYPE_EXTERNAL:
264	273	{
265	274	session_start();
266	275	// session_regenerate_id(true);

--- a/pukiwiki.ini.php

+++ b/pukiwiki.ini.php

		@@ -235,8 +235,9 @@ $auth_groups = array(
235	235
236	236	/////////////////////////////////////////////////
237	237	// Authentication type
238		-// AUTH_TYPE_NONE, AUTH_TYPE_BASIC or AUTH_TYPE_EXTERNAL
239		-// $auth_type = AUTH_TYPE_BASIC;
	238	+// AUTH_TYPE_FORM, AUTH_TYPE_BASIC or AUTH_TYPE_EXTERNAL
	239	+// $auth_type = AUTH_TYPE_FORM;
	240	+// $auth_external_login_url = './exlogin.php';
240	241
241	242	/////////////////////////////////////////////////
242	243	// Authentication method