Merge branch 'master' of git://github.com/mp2300/gallery3-contrib
This commit is contained in:
commit
69993f3f9c
63
modules/wordpress_auth/config/identity.php
Normal file
63
modules/wordpress_auth/config/identity.php
Normal file
@ -0,0 +1,63 @@
|
||||
<?php defined('SYSPATH') or die('No direct script access.');
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2009 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
/*
|
||||
* @package Wordpress_auth
|
||||
*
|
||||
* Use Wordpress installation as authentication source.
|
||||
* Wordpress Roles are mappee to Gallery groups
|
||||
*
|
||||
* The module comes with two drivers:
|
||||
* wordpressdb: Connect directly to the wordpress database defined in
|
||||
* $config['wordpress_auth']['params']['wp_database'] and authenticate
|
||||
*
|
||||
* wordpressfile: Load the entire Wordpress codebase and use Wordpress API
|
||||
* functions to authenticate users. The path to the Wordpress basedir must be
|
||||
* defined in $config['wordpress_auth']['params']['path'] and this file must
|
||||
* be included from the gallery index.php file
|
||||
*
|
||||
* wordpressdb is fastest but does only work with straight Wordpress database.
|
||||
* If other authentications plugins have been added to wordpress, then the
|
||||
* wordpressfile driver must be used.
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
$config['wordpress_auth'] = array(
|
||||
'driver' => 'wordpressdb',
|
||||
'allow_updates' => false,
|
||||
'params' => array(
|
||||
'wp_database' => array(
|
||||
'username' => 'user',
|
||||
'password' => 'pass',
|
||||
'database' => 'dbname',
|
||||
'host' => 'localhost',
|
||||
'table_prefix' => 'wp_',
|
||||
'charset' => 'utf8'
|
||||
),
|
||||
'path' => 'path/to/local/wordpress/installation'
|
||||
)
|
||||
);
|
||||
|
||||
|
||||
// load code
|
||||
if ($config['wordpress_auth']['driver'] == 'wordpressfile') {
|
||||
require_once $config['wordpress_auth']['params']['path'] . 'wp-load.php';
|
||||
require_once $config['wordpress_auth']['params']['path'] . 'wp-admin/includes/user.php';
|
||||
}
|
64
modules/wordpress_auth/helpers/wordpress_auth_installer.php
Normal file
64
modules/wordpress_auth/helpers/wordpress_auth_installer.php
Normal file
@ -0,0 +1,64 @@
|
||||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2009 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class wordpress_auth_installer {
|
||||
static function can_activate() {
|
||||
$messages = array();
|
||||
try {
|
||||
// load config
|
||||
require MODPATH . 'wordpress_auth/config/identity.php';
|
||||
// create instance and fetch admin user
|
||||
$driver = ucfirst($config['wordpress_auth']['driver']);
|
||||
$filename = MODPATH . 'wordpress_auth/libraries/drivers/IdentityProvider/' . $driver . '.php';
|
||||
$classname = 'IdentityProvider_' . $driver . '_Driver';
|
||||
require($filename);
|
||||
$wordpress_auth_provider = new $classname($config['wordpress_auth']['params']);
|
||||
$admin = $wordpress_auth_provider->admin_user();
|
||||
// Everything is fine
|
||||
$messages["warn"][] = IdentityProvider::confirmation_message();
|
||||
}
|
||||
catch (Exception $e) {
|
||||
$messages["error"][] =
|
||||
'Cannot install Wordpress identity provider. Error: ' . $e->getMessage();
|
||||
}
|
||||
return $messages;
|
||||
}
|
||||
|
||||
static function install() {
|
||||
IdentityProvider::change_provider('wordpress_auth');
|
||||
}
|
||||
|
||||
static function initialize() {
|
||||
module::set_version('wordpress_auth', 1);
|
||||
$root = item::root();
|
||||
foreach (IdentityProvider::instance()->groups() as $group) {
|
||||
module::event("group_created", $group);
|
||||
access::allow($group, "view", $root);
|
||||
access::allow($group, "view_full", $root);
|
||||
}
|
||||
}
|
||||
|
||||
static function uninstall() {
|
||||
// Delete all groups so that we give other modules an opportunity to clean up
|
||||
$wordpress_auth_provider = new IdentityProvider("wordpress_auth");
|
||||
foreach ($wordpress_auth_provider->groups() as $group) {
|
||||
module::event("group_deleted", $group);
|
||||
}
|
||||
}
|
||||
}
|
258
modules/wordpress_auth/libraries/PasswordHash.php
Normal file
258
modules/wordpress_auth/libraries/PasswordHash.php
Normal file
@ -0,0 +1,258 @@
|
||||
<?php
|
||||
/**
|
||||
* Portable PHP password hashing framework.
|
||||
* @package phpass
|
||||
* @since 2.5
|
||||
* @version 0.1
|
||||
* @link http://www.openwall.com/phpass/
|
||||
*/
|
||||
|
||||
#
|
||||
# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
|
||||
# the public domain.
|
||||
#
|
||||
# There's absolutely no warranty.
|
||||
#
|
||||
# Please be sure to update the Version line if you edit this file in any way.
|
||||
# It is suggested that you leave the main version number intact, but indicate
|
||||
# your project name (after the slash) and add your own revision information.
|
||||
#
|
||||
# Please do not change the "private" password hashing method implemented in
|
||||
# here, thereby making your hashes incompatible. However, if you must, please
|
||||
# change the hash type identifier (the "$P$") to something different.
|
||||
#
|
||||
# Obviously, since this code is in the public domain, the above are not
|
||||
# requirements (there can be none), but merely suggestions.
|
||||
#
|
||||
|
||||
/**
|
||||
* Portable PHP password hashing framework.
|
||||
*
|
||||
* @package phpass
|
||||
* @version 0.1 / genuine
|
||||
* @link http://www.openwall.com/phpass/
|
||||
* @since 2.5
|
||||
*/
|
||||
class PasswordHash {
|
||||
var $itoa64;
|
||||
var $iteration_count_log2;
|
||||
var $portable_hashes;
|
||||
var $random_state;
|
||||
|
||||
function PasswordHash($iteration_count_log2, $portable_hashes)
|
||||
{
|
||||
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
|
||||
|
||||
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
|
||||
$iteration_count_log2 = 8;
|
||||
$this->iteration_count_log2 = $iteration_count_log2;
|
||||
|
||||
$this->portable_hashes = $portable_hashes;
|
||||
|
||||
$this->random_state = microtime() . (function_exists('getmypid') ? getmypid() : '') . uniqid(rand(), TRUE);
|
||||
|
||||
}
|
||||
|
||||
function get_random_bytes($count)
|
||||
{
|
||||
$output = '';
|
||||
if (($fh = @fopen('/dev/urandom', 'rb'))) {
|
||||
$output = fread($fh, $count);
|
||||
fclose($fh);
|
||||
}
|
||||
|
||||
if (strlen($output) < $count) {
|
||||
$output = '';
|
||||
for ($i = 0; $i < $count; $i += 16) {
|
||||
$this->random_state =
|
||||
md5(microtime() . $this->random_state);
|
||||
$output .=
|
||||
pack('H*', md5($this->random_state));
|
||||
}
|
||||
$output = substr($output, 0, $count);
|
||||
}
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
function encode64($input, $count)
|
||||
{
|
||||
$output = '';
|
||||
$i = 0;
|
||||
do {
|
||||
$value = ord($input[$i++]);
|
||||
$output .= $this->itoa64[$value & 0x3f];
|
||||
if ($i < $count)
|
||||
$value |= ord($input[$i]) << 8;
|
||||
$output .= $this->itoa64[($value >> 6) & 0x3f];
|
||||
if ($i++ >= $count)
|
||||
break;
|
||||
if ($i < $count)
|
||||
$value |= ord($input[$i]) << 16;
|
||||
$output .= $this->itoa64[($value >> 12) & 0x3f];
|
||||
if ($i++ >= $count)
|
||||
break;
|
||||
$output .= $this->itoa64[($value >> 18) & 0x3f];
|
||||
} while ($i < $count);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
function gensalt_private($input)
|
||||
{
|
||||
$output = '$P$';
|
||||
$output .= $this->itoa64[min($this->iteration_count_log2 +
|
||||
((PHP_VERSION >= '5') ? 5 : 3), 30)];
|
||||
$output .= $this->encode64($input, 6);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
function crypt_private($password, $setting)
|
||||
{
|
||||
$output = '*0';
|
||||
if (substr($setting, 0, 2) == $output)
|
||||
$output = '*1';
|
||||
|
||||
if (substr($setting, 0, 3) != '$P$')
|
||||
return $output;
|
||||
|
||||
$count_log2 = strpos($this->itoa64, $setting[3]);
|
||||
if ($count_log2 < 7 || $count_log2 > 30)
|
||||
return $output;
|
||||
|
||||
$count = 1 << $count_log2;
|
||||
|
||||
$salt = substr($setting, 4, 8);
|
||||
if (strlen($salt) != 8)
|
||||
return $output;
|
||||
|
||||
# We're kind of forced to use MD5 here since it's the only
|
||||
# cryptographic primitive available in all versions of PHP
|
||||
# currently in use. To implement our own low-level crypto
|
||||
# in PHP would result in much worse performance and
|
||||
# consequently in lower iteration counts and hashes that are
|
||||
# quicker to crack (by non-PHP code).
|
||||
if (PHP_VERSION >= '5') {
|
||||
$hash = md5($salt . $password, TRUE);
|
||||
do {
|
||||
$hash = md5($hash . $password, TRUE);
|
||||
} while (--$count);
|
||||
} else {
|
||||
$hash = pack('H*', md5($salt . $password));
|
||||
do {
|
||||
$hash = pack('H*', md5($hash . $password));
|
||||
} while (--$count);
|
||||
}
|
||||
|
||||
$output = substr($setting, 0, 12);
|
||||
$output .= $this->encode64($hash, 16);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
function gensalt_extended($input)
|
||||
{
|
||||
$count_log2 = min($this->iteration_count_log2 + 8, 24);
|
||||
# This should be odd to not reveal weak DES keys, and the
|
||||
# maximum valid value is (2**24 - 1) which is odd anyway.
|
||||
$count = (1 << $count_log2) - 1;
|
||||
|
||||
$output = '_';
|
||||
$output .= $this->itoa64[$count & 0x3f];
|
||||
$output .= $this->itoa64[($count >> 6) & 0x3f];
|
||||
$output .= $this->itoa64[($count >> 12) & 0x3f];
|
||||
$output .= $this->itoa64[($count >> 18) & 0x3f];
|
||||
|
||||
$output .= $this->encode64($input, 3);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
function gensalt_blowfish($input)
|
||||
{
|
||||
# This one needs to use a different order of characters and a
|
||||
# different encoding scheme from the one in encode64() above.
|
||||
# We care because the last character in our encoded string will
|
||||
# only represent 2 bits. While two known implementations of
|
||||
# bcrypt will happily accept and correct a salt string which
|
||||
# has the 4 unused bits set to non-zero, we do not want to take
|
||||
# chances and we also do not want to waste an additional byte
|
||||
# of entropy.
|
||||
$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
|
||||
|
||||
$output = '$2a$';
|
||||
$output .= chr(ord('0') + $this->iteration_count_log2 / 10);
|
||||
$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
|
||||
$output .= '$';
|
||||
|
||||
$i = 0;
|
||||
do {
|
||||
$c1 = ord($input[$i++]);
|
||||
$output .= $itoa64[$c1 >> 2];
|
||||
$c1 = ($c1 & 0x03) << 4;
|
||||
if ($i >= 16) {
|
||||
$output .= $itoa64[$c1];
|
||||
break;
|
||||
}
|
||||
|
||||
$c2 = ord($input[$i++]);
|
||||
$c1 |= $c2 >> 4;
|
||||
$output .= $itoa64[$c1];
|
||||
$c1 = ($c2 & 0x0f) << 2;
|
||||
|
||||
$c2 = ord($input[$i++]);
|
||||
$c1 |= $c2 >> 6;
|
||||
$output .= $itoa64[$c1];
|
||||
$output .= $itoa64[$c2 & 0x3f];
|
||||
} while (1);
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
function HashPassword($password)
|
||||
{
|
||||
$random = '';
|
||||
|
||||
if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
|
||||
$random = $this->get_random_bytes(16);
|
||||
$hash =
|
||||
crypt($password, $this->gensalt_blowfish($random));
|
||||
if (strlen($hash) == 60)
|
||||
return $hash;
|
||||
}
|
||||
|
||||
if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) {
|
||||
if (strlen($random) < 3)
|
||||
$random = $this->get_random_bytes(3);
|
||||
$hash =
|
||||
crypt($password, $this->gensalt_extended($random));
|
||||
if (strlen($hash) == 20)
|
||||
return $hash;
|
||||
}
|
||||
|
||||
if (strlen($random) < 6)
|
||||
$random = $this->get_random_bytes(6);
|
||||
$hash =
|
||||
$this->crypt_private($password,
|
||||
$this->gensalt_private($random));
|
||||
if (strlen($hash) == 34)
|
||||
return $hash;
|
||||
|
||||
# Returning '*' on error is safe here, but would _not_ be safe
|
||||
# in a crypt(3)-like function used _both_ for generating new
|
||||
# hashes and for validating passwords against existing hashes.
|
||||
return '*';
|
||||
}
|
||||
|
||||
function CheckPassword($password, $stored_hash)
|
||||
{
|
||||
$hash = $this->crypt_private($password, $stored_hash);
|
||||
if ($hash[0] == '*')
|
||||
$hash = crypt($password, $stored_hash);
|
||||
|
||||
return $hash == $stored_hash;
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
@ -0,0 +1,303 @@
|
||||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2009 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class IdentityProvider_Wordpressdb_Driver implements IdentityProvider_Driver {
|
||||
private $config;
|
||||
private $db;
|
||||
private $_guest_user;
|
||||
|
||||
/**
|
||||
* Initializes the WordPress auth driver
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($config) {
|
||||
$this->config = $config;
|
||||
$d = $config['wp_database'];
|
||||
$this->db = new mysqli($d['host'], $d['username'], $d['password'], $d['database']);
|
||||
if ($this->db->connect_error) {
|
||||
throw new Exception('Cannot connect to mysql database (' . $this->db->connect_errno . ') ' . $this->db->connect_error);
|
||||
}
|
||||
$this->db->set_charset($d['charset']);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::guest.
|
||||
*/
|
||||
public function guest() {
|
||||
if (empty($this->_guest_user)) {
|
||||
$this->_guest_user = new Wordpress_User();
|
||||
$this->_guest_user->id = 0;
|
||||
$this->_guest_user->name = "Guest";
|
||||
$this->_guest_user->full_name = "Guest";
|
||||
$this->_guest_user->guest = true;
|
||||
$this->_guest_user->admin = false;
|
||||
$this->_guest_user->locale = null;
|
||||
$this->_guest_user->email = null;
|
||||
$this->_guest_user->url = null;
|
||||
}
|
||||
return $this->_guest_user;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::admin_user.
|
||||
*/
|
||||
public function admin_user() {
|
||||
$tp = $this->config['wp_database']['table_prefix'];
|
||||
$query = 'SELECT user_id FROM ' . $tp . 'usermeta WHERE meta_key = "' . $tp . 'capabilities" AND meta_value = "a:1:{s:13:\"administrator\";b:1;}" ORDER BY user_id ASC LIMIT 1';
|
||||
|
||||
$result = $this->db->query($query);
|
||||
$admin = $result->fetch_array(MYSQLI_ASSOC);
|
||||
$result->free();
|
||||
if (isset($admin)) {
|
||||
return $this->lookup_user($admin['user_id']);
|
||||
} else {
|
||||
throw new Exception("@todo NO ADMIN USER FOUND");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::create_user.
|
||||
*/
|
||||
public function create_user($name, $full_name, $password, $email) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::is_correct_password.
|
||||
*/
|
||||
public function is_correct_password($user, $password) {
|
||||
$password = trim($password);
|
||||
if ( strlen($user->user_pass) <= 32 ) {
|
||||
return $user->user_pass == md5($password);
|
||||
} else {
|
||||
$hasher = new PasswordHash(8, TRUE);
|
||||
return $hasher->CheckPassword($password, $user->user_pass);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::lookup_user.
|
||||
*/
|
||||
public function lookup_user($id) {
|
||||
if (is_numeric($id)) {
|
||||
$tp = $this->config['wp_database']['table_prefix'];
|
||||
$query = 'SELECT u.*, m.meta_value AS roles FROM ' . $tp . 'users u LEFT OUTER JOIN ' . $tp . 'usermeta m ON (u.ID = m.user_id) WHERE u.ID = ' . $id . ' AND meta_key = "' . $tp . 'capabilities"';
|
||||
$result = $this->db->query($query);
|
||||
$user = $result->fetch_array(MYSQLI_ASSOC);
|
||||
$result->free();
|
||||
if (isset($user)) {
|
||||
return new Wordpress_User($user);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::lookup_user_by_name.
|
||||
*/
|
||||
public function lookup_user_by_name($name) {
|
||||
$name = $this->db->escape_string($name);
|
||||
$tp = $this->config['wp_database']['table_prefix'];
|
||||
$query = 'SELECT u.*, m.meta_value AS roles FROM ' . $tp . 'users u LEFT OUTER JOIN ' . $tp . 'usermeta m ON (u.ID = m.user_id) WHERE u.user_login = "' . $name . '" AND meta_key = "' . $tp . 'capabilities"';
|
||||
$result = $this->db->query($query);
|
||||
$user = $result->fetch_array(MYSQLI_ASSOC);
|
||||
$result->free();
|
||||
if (isset($user)) {
|
||||
return new Wordpress_User($user);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::create_group.
|
||||
*/
|
||||
public function create_group($name) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::everybody.
|
||||
*/
|
||||
public function everybody() {
|
||||
return new Wordpress_Group('everybody');
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::registered_users.
|
||||
*/
|
||||
public function registered_users() {
|
||||
return new Wordpress_Group('registered_users');
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::get_user_list.
|
||||
*/
|
||||
public function get_user_list($ids) {
|
||||
$users = array();
|
||||
foreach ($ids as $id) {
|
||||
$users[] = $this->lookup_user($id);
|
||||
}
|
||||
return $users;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::lookup_group.
|
||||
*/
|
||||
public function lookup_group($name) {
|
||||
$groups = $this->groups();
|
||||
foreach ($groups as $group) {
|
||||
if ($group->id == $name) {
|
||||
return $group;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Look up the group by name.
|
||||
* @param string $name the name of the group to locate
|
||||
* @return Group_Definition
|
||||
*/
|
||||
public function lookup_group_by_name($name) {
|
||||
return $this->lookup_group(strtolower($name));
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::groups.
|
||||
*/
|
||||
public function groups() {
|
||||
if (!isset($this->wp_roles)) {
|
||||
$tp = $this->config['wp_database']['table_prefix'];
|
||||
$query = 'SELECT option_value FROM ' . $tp . 'options WHERE option_name = "' . $tp . 'user_roles" LIMIT 1';
|
||||
$result = $this->db->query($query);
|
||||
$wp_roles = $result->fetch_array(MYSQLI_ASSOC);
|
||||
$result->free();
|
||||
if (isset($wp_roles)) {
|
||||
$this->wp_roles = unserialize($wp_roles['option_value']);
|
||||
}
|
||||
}
|
||||
|
||||
$groups = array(new Wordpress_Group('everybody'));
|
||||
foreach ($this->wp_roles as $k => $r) {
|
||||
$groups[] = new Wordpress_Group($k);
|
||||
}
|
||||
return $groups;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::add_user_to_group.
|
||||
*/
|
||||
static function add_user_to_group($user, $group_id) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::remove_user_to_group.
|
||||
*/
|
||||
static function remove_user_from_group($user, $group_id) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
} // End Identity Gallery Driver
|
||||
|
||||
class Wordpress_User implements User_Definition {
|
||||
private $user_info;
|
||||
|
||||
public function __construct($user_info=null) {
|
||||
$this->user_info = $user_info;
|
||||
}
|
||||
|
||||
public function display_name() {
|
||||
return $this->user_info['user_nicename'];
|
||||
}
|
||||
|
||||
public function groups() {
|
||||
return $this->groups;
|
||||
}
|
||||
|
||||
public function __get($key) {
|
||||
switch($key) {
|
||||
case "name":
|
||||
return $this->user_info['user_login'];
|
||||
|
||||
case "guest":
|
||||
return false;
|
||||
|
||||
case "id":
|
||||
return $this->user_info['ID'];
|
||||
|
||||
case "groups":
|
||||
$groups = array(new Wordpress_Group('everybody'));
|
||||
|
||||
if (isset($this->user_info['roles'])) {
|
||||
$roles = unserialize($this->user_info['roles']);
|
||||
foreach ($roles as $k => $r) {
|
||||
$groups[] = new Wordpress_Group($k);
|
||||
}
|
||||
}
|
||||
$this->groups = $groups;
|
||||
return $this->groups;
|
||||
|
||||
case "locale": // @todo
|
||||
return null;
|
||||
|
||||
case "admin":
|
||||
foreach($this->groups as $g) {
|
||||
if ($g->id == 'administrator') {
|
||||
$this->admin = true;
|
||||
return $this->admin;
|
||||
}
|
||||
}
|
||||
$this->admin = false;
|
||||
return $this->admin;
|
||||
|
||||
case "email":
|
||||
return $this->user_info['user_email'];
|
||||
|
||||
case "full_name":
|
||||
return $this->user_info['user_nicename'];
|
||||
|
||||
case "url":
|
||||
return $this->user_info['user_url'];
|
||||
|
||||
case "user_pass":
|
||||
return $this->user_info['user_pass'];
|
||||
|
||||
default:
|
||||
throw new Exception("@todo UNKNOWN_KEY ($key)");
|
||||
}
|
||||
}
|
||||
|
||||
public function avatar_url($size=80, $default=null) {
|
||||
return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
|
||||
md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");
|
||||
}
|
||||
}
|
||||
|
||||
class Wordpress_Group implements Group_Definition {
|
||||
public $id;
|
||||
public $name;
|
||||
|
||||
public function __construct($id, $name = null) {
|
||||
$this->id = $id;
|
||||
if (is_null($name)) $name = ucfirst($id);
|
||||
$this->name = $name;
|
||||
}
|
||||
}
|
@ -0,0 +1,278 @@
|
||||
<?php defined("SYSPATH") or die("No direct script access.");
|
||||
/**
|
||||
* Gallery - a web based photo album viewer and editor
|
||||
* Copyright (C) 2000-2009 Bharat Mediratta
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or (at
|
||||
* your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful, but
|
||||
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*/
|
||||
class IdentityProvider_Wordpressfile_Driver implements IdentityProvider_Driver {
|
||||
static $_params;
|
||||
private static $_guest_user;
|
||||
|
||||
/**
|
||||
* Initializes the WordPress auth driver
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($params) {
|
||||
self::$_params = $params;
|
||||
|
||||
if (!function_exists('get_usermeta')) {
|
||||
throw new Exception("Wordpress not loaded. Add require('modules/wordpress_auth/config/identity.php'); to index.php");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::guest.
|
||||
*/
|
||||
public function guest() {
|
||||
if (empty(self::$_guest_user)) {
|
||||
self::$_guest_user = new Wordpress_User();
|
||||
self::$_guest_user->id = 0;
|
||||
self::$_guest_user->name = "Guest";
|
||||
self::$_guest_user->full_name = "Guest";
|
||||
self::$_guest_user->guest = true;
|
||||
self::$_guest_user->admin = false;
|
||||
self::$_guest_user->locale = null;
|
||||
self::$_guest_user->email = null;
|
||||
self::$_guest_user->url = null;
|
||||
}
|
||||
return self::$_guest_user;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::admin_user.
|
||||
*/
|
||||
public function admin_user() {
|
||||
$wp_user_search = new WP_User_Search(null, null, self::$_params['groups'][count(self::$_params['groups'])-1]);
|
||||
$admins = $wp_user_search->get_results();
|
||||
|
||||
if (count($admins) == 0) {
|
||||
throw new Exception("@todo NO ADMIN USER FOUND");
|
||||
}
|
||||
|
||||
return new Wordpress_User($admins[0]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::create_user.
|
||||
*/
|
||||
public function create_user($name, $full_name, $password, $email) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::is_correct_password.
|
||||
*/
|
||||
public function is_correct_password($user, $password) {
|
||||
return user_pass_ok($user->name, $password);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::lookup_user.
|
||||
*/
|
||||
public function lookup_user($id) {
|
||||
$user = get_userdata($id);
|
||||
|
||||
if (isset($user)) {
|
||||
return new Wordpress_User($user);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::lookup_user_by_name.
|
||||
*/
|
||||
public function lookup_user_by_name($name) {
|
||||
$user = get_userdatabylogin($name);
|
||||
|
||||
if (isset($user)) {
|
||||
return new Wordpress_User($user);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::create_group.
|
||||
*/
|
||||
public function create_group($name) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::everybody.
|
||||
*/
|
||||
public function everybody() {
|
||||
return new Wordpress_Group('everybody');
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::registered_users.
|
||||
*/
|
||||
public function registered_users() {
|
||||
return new Wordpress_Group('registered_users');
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::get_user_list.
|
||||
*/
|
||||
public function get_user_list($ids) {
|
||||
$users = array();
|
||||
foreach ($ids as $id) {
|
||||
$users[] = $this->lookup_user($id);
|
||||
}
|
||||
return $users;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::lookup_group.
|
||||
*/
|
||||
public function lookup_group($name) {
|
||||
$groups = $this->groups();
|
||||
foreach ($groups as $group) {
|
||||
if ($group->id == $name) {
|
||||
return $group;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Look up the group by name.
|
||||
* @param string $name the name of the group to locate
|
||||
* @return Group_Definition
|
||||
*/
|
||||
public function lookup_group_by_name($name) {
|
||||
return $this->lookup_group(strtolower($name));
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::groups.
|
||||
*/
|
||||
public function groups() {
|
||||
if (isset($this->_groups)) {
|
||||
return $this->_groups;
|
||||
}
|
||||
$wp_role_obj = new WP_Roles();
|
||||
$wp_roles = $wp_role_obj->roles;
|
||||
$groups = array(new Wordpress_Group('everybody'));
|
||||
foreach ($wp_roles as $k => $r) {
|
||||
$groups[] = new Wordpress_Group(strtolower($k));
|
||||
}
|
||||
return $groups;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::add_user_to_group.
|
||||
*/
|
||||
static function add_user_to_group($user, $group_id) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
|
||||
/**
|
||||
* @see IdentityProvider_Driver::remove_user_to_group.
|
||||
*/
|
||||
static function remove_user_from_group($user, $group_id) {
|
||||
throw new Exception("@todo INVALID OPERATION");
|
||||
}
|
||||
} // End Identity Gallery Driver
|
||||
|
||||
class Wordpress_User implements User_Definition {
|
||||
private $user_info;
|
||||
|
||||
public function __construct($user_info=null) {
|
||||
$this->user_info = get_object_vars($user_info);
|
||||
}
|
||||
|
||||
public function display_name() {
|
||||
return $this->user_info['user_nicename'];
|
||||
}
|
||||
|
||||
public function groups() {
|
||||
return $this->groups;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public function __get($key) {
|
||||
switch($key) {
|
||||
case "name":
|
||||
return $this->user_info['user_login'];
|
||||
|
||||
case "guest":
|
||||
return false;
|
||||
|
||||
case "id":
|
||||
return $this->user_info['ID'];
|
||||
|
||||
case"groups":
|
||||
$groups = array(new Wordpress_Group('everybody'));
|
||||
|
||||
global $table_prefix;
|
||||
$user_roles = get_usermeta($this->id, $table_prefix.'capabilities');
|
||||
if (is_array($user_roles)) {
|
||||
foreach ($user_roles as $r) {
|
||||
$groups[] = new Wordpress_Group($r);
|
||||
}
|
||||
}
|
||||
$this->groups = $groups;
|
||||
return $this->groups;
|
||||
|
||||
case "locale": // @todo
|
||||
return null;
|
||||
|
||||
case "admin":
|
||||
foreach($this->groups as $g) {
|
||||
if ($g->id == 'administrator') {
|
||||
$this->admin = true;
|
||||
return $this->admin;
|
||||
}
|
||||
}
|
||||
$this->admin = false;
|
||||
return $this->admin;
|
||||
|
||||
case "email":
|
||||
return $this->user_info['user_email'];
|
||||
|
||||
case "full_name":
|
||||
return $this->user_info['user_nicename'];
|
||||
;
|
||||
|
||||
case "url": // @todo
|
||||
return null;
|
||||
|
||||
default:
|
||||
throw new Exception("@todo UNKNOWN_KEY ($key)");
|
||||
}
|
||||
}
|
||||
|
||||
public function avatar_url($size=80, $default=null) {
|
||||
return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s",
|
||||
md5($this->email), $size, $default ? "&d=" . urlencode($default) : "");
|
||||
}
|
||||
}
|
||||
|
||||
class Wordpress_Group implements Group_Definition {
|
||||
public $id;
|
||||
public $name;
|
||||
|
||||
public function __construct($id, $name = null) {
|
||||
$this->id = $id;
|
||||
if (is_null($name)) $name = ucfirst($id);
|
||||
$this->name = $name;
|
||||
}
|
||||
}
|
3
modules/wordpress_auth/module.info
Normal file
3
modules/wordpress_auth/module.info
Normal file
@ -0,0 +1,3 @@
|
||||
name = "WordPress Authentication"
|
||||
description = "Use a WordPress installation for authentication"
|
||||
version = 1
|
Reference in New Issue
Block a user