Add configuration
This commit is contained in:
parent
fe95203969
commit
501edd6d23
15
config/proxyauth.config.php
Normal file
15
config/proxyauth.config.php
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
<?php
|
||||
|
||||
return array(
|
||||
'proxyauth' => array(
|
||||
'replace_form' => false,
|
||||
'button_text' => 'Login with SSO',
|
||||
'remember' => true,
|
||||
'sso_domain' => '',
|
||||
'logout_url' => '',
|
||||
'create_account' => true,
|
||||
'username_header' => 'REMOTE_USER',
|
||||
'email_header' => '',
|
||||
'fullname_header' => ''
|
||||
)
|
||||
);
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
/**
|
||||
* Name: Proxy Auth
|
||||
* Description: Authenticate a user against reverse proxy headers
|
||||
* Version: 1.1
|
||||
* Version: 1.2
|
||||
* Author: Mark Wane <https://social.cool110.xyz/profile/mark>
|
||||
*/
|
||||
|
||||
|
|
@ -18,19 +18,27 @@
|
|||
use Friendica\Core\Hook;
|
||||
use Friendica\DI;
|
||||
use Friendica\Model\User;
|
||||
use Friendica\Core\System;
|
||||
use Friendica\Util\ConfigFileLoader;
|
||||
|
||||
function proxyauth_install(){
|
||||
Hook::register( 'load_config', 'addon/proxyauth/proxyauth.php', 'proxyauth_config' );
|
||||
Hook::register( 'authenticate', 'addon/proxyauth/proxyauth.php', 'proxyauth_hook' );
|
||||
Hook::register( 'login_hook', 'addon/proxyauth/proxyauth.php', 'proxyauth_login' );
|
||||
Hook::register( 'logging_out', 'addon/proxyauth/proxyauth.php', 'proxyauth_logout' );
|
||||
}
|
||||
|
||||
function proxyauth_uninstall(){
|
||||
Hook::unregister( 'load_config', 'addon/proxyauth/proxyauth.php', 'proxyauth_config' );
|
||||
Hook::unregister( 'authenticate', 'addon/proxyauth/proxyauth.php', 'proxyauth_hook' );
|
||||
Hook::unregister( 'login_hook', 'addon/proxyauth/proxyauth.php', 'proxyauth_login' );
|
||||
Hook::unregister( 'logging_out', 'addon/proxyauth/proxyauth.php', 'proxyauth_logout' );
|
||||
}
|
||||
|
||||
function proxyauth_config( $a, $l ){
|
||||
$a->getConfigCache()->load( $l->loadAddonConfig( 'proxyauth' ) );
|
||||
}
|
||||
|
||||
function proxyauth_hook( $a, &$b ){
|
||||
$acc = proxyauth_auth();
|
||||
|
||||
|
|
@ -43,30 +51,48 @@ function proxyauth_hook( $a, &$b ){
|
|||
}
|
||||
|
||||
function proxyauth_login( $a, &$o ){
|
||||
$o = ' <form id="login-form" action="https://social.cool110.xyz/login" role="form" method="post">
|
||||
<div id="login-group" role="group" aria-labelledby="login-head">
|
||||
<input type="hidden" name="auth-params" value="login" />
|
||||
<div id="login-submit-wrapper">
|
||||
<input type="submit" name="submit" id="login-submit-button" value="Login with SSO" />
|
||||
$replace = DI::config()->get( 'proxyauth', 'replace_form' );
|
||||
$text = DI::config()->get( 'proxyauth', 'button_text' );
|
||||
$remember = DI::config()->get( 'proxyauth', 'remember' );
|
||||
|
||||
if ( $replace ){
|
||||
$o = ' <form id="login-form" action="https://social.cool110.xyz/login" role="form" method="post">
|
||||
<div id="login-group" role="group" aria-labelledby="login-head">
|
||||
<input type="hidden" name="auth-params" value="login" />
|
||||
<div id="login-submit-wrapper">
|
||||
<input type="submit" name="submit" id="login-submit-button" value="' . $text . '" />
|
||||
</div>
|
||||
<input type="hidden" name="remember" value="' . (int) $remember . '" />
|
||||
</div>
|
||||
<input type="hidden" name="remember" value="0" />
|
||||
</div>
|
||||
</form>';
|
||||
</form>';
|
||||
}
|
||||
}
|
||||
|
||||
function proxyauth_logout( $a ){
|
||||
$domain = DI::config()->get( 'proxyauth', 'sso_domain' );
|
||||
$url = DI::config()->get( 'proxyauth', 'logout_url' );
|
||||
|
||||
DI::cookie()->clear();
|
||||
DI::session()->clear();
|
||||
info( DI::l10n()->t( 'Logging out') );
|
||||
if ( ! stripos( $_SERVER['HTTP_REFERER'], 'auth.cool110.xyz' ) ) {
|
||||
DI::baseUrl()->redirect( '/logout_sso' );
|
||||
if ( ! stripos( $_SERVER['HTTP_REFERER'], $domain ) ) {
|
||||
if ( '' != $url ){
|
||||
System::externalRedirect( $url );
|
||||
} else {
|
||||
DI::baseUrl()->redirect( '/logout_sso' );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function proxyauth_auth(){
|
||||
$uid = $_SERVER['HTTP_UID'] ?? NULL;
|
||||
$mail = $_SERVER['HTTP_MAIL'] ?? NULL;
|
||||
$name = $_SERVER['HTTP_CN'] ?? NULL;
|
||||
$create = DI::config()->get( 'proxyauth', 'create_account' );
|
||||
$uid_header = DI::config()->get( 'proxyauth', 'username_header' );
|
||||
$mail_header = DI::config()->get( 'proxyauth', 'email_header' );
|
||||
$name_header = DI::config()->get( 'proxyauth', 'fullame_header' );
|
||||
|
||||
$uid = $_SERVER[ $uid_header ] ?? NULL;
|
||||
$mail = $_SERVER[ $mail_header ] ?? NULL;
|
||||
$name = $_SERVER[ $name_header ] ?? NULL;
|
||||
|
||||
if ( is_null( $uid ) ){
|
||||
return false;
|
||||
|
|
@ -78,9 +104,12 @@ function proxyauth_auth(){
|
|||
return $acc;
|
||||
}
|
||||
|
||||
proxyauth_create_user( $uid, $mail, $name );
|
||||
|
||||
return proxyauth_get_user( $uid );
|
||||
if ( $create ){
|
||||
proxyauth_create_user( $uid, $mail, $name );
|
||||
return proxyauth_get_user( $uid );
|
||||
} else {
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
function proxyauth_create_user( $uid, $mail, $name ){
|
||||
|
|
|
|||
Loading…
Reference in a new issue