alazhar/joomla_test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
alazhar
2020-01-02 22:20:31 +07:00
commit 10eb3340ad
5753 changed files with 631345 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

149
plugins/authentication/gmail/gmail.php Normal file
View File

@ -0,0 +1,149 @@
<?php
/**
* @package Joomla.Plugin
* @subpackage Authentication.gmail
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
/**
* GMail Authentication Plugin
*
* @package Joomla.Plugin
* @subpackage Authentication.gmail
* @since 1.5
*/
class PlgAuthenticationGMail extends JPlugin
{
/**
* This method should handle any authentication and report back to the subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return boolean
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$success = 0;
// Check if we have curl or not
if (function_exists('curl_init'))
{
// Check if we have a username and password
if (strlen($credentials['username']) && strlen($credentials['password']))
{
$blacklist = explode(',', $this->params->get('user_blacklist', ''));
// Check if the username isn't blacklisted
if (!in_array($credentials['username'], $blacklist))
{
$suffix = $this->params->get('suffix', '');
$applysuffix = $this->params->get('applysuffix', 0);
$offset = strpos($credentials['username'], '@');
// Check if we want to do suffix stuff, typically for Google Apps for Your Domain
if ($suffix && $applysuffix)
{
if ($applysuffix == 1 && $offset === false)
{
// Apply suffix if missing
$credentials['username'] .= '@' . $suffix;
}
elseif ($applysuffix == 2)
{
// Always use suffix
if ($offset)
{
// If we already have an @, get rid of it and replace it
$credentials['username'] = substr($credentials['username'], 0, $offset);
}
$credentials['username'] .= '@' . $suffix;
}
}
$curl = curl_init('https://mail.google.com/mail/feed/atom');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->params->get('verifypeer', 1));
//curl_setopt($curl, CURLOPT_HEADER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_USERPWD, $credentials['username'] . ':' . $credentials['password']);
curl_exec($curl);
$code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
switch ($code)
{
case 200:
$message = JText::_('JGLOBAL_AUTH_ACCESS_GRANTED');
$success = 1;
break;
case 401:
$message = JText::_('JGLOBAL_AUTH_ACCESS_DENIED');
break;
default:
$message = JText::_('JGLOBAL_AUTH_UNKNOWN_ACCESS_DENIED');
break;
}
}
else
{
// The username is black listed
$message = 'User is blacklisted';
}
}
else
{
$message = JText::_('JGLOBAL_AUTH_USER_BLACKLISTED');
}
}
else
{
$message = 'curl isn\'t insalled';
}
$response->type = 'GMail';
if ($success)
{
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
if (strpos($credentials['username'], '@') === false)
{
if ($suffix)
{
// If there is a suffix then we want to apply it
$response->email = $credentials['username'] . '@' . $suffix;
}
else
{
// If there isn't a suffix just use the default gmail one
$response->email = $credentials['username'] . '@gmail.com';
}
}
else
{
// The username looks like an email address (probably is) so use that
$response->email = $credentials['username'];
}
// Reset the username to what we ended up using
$response->username = $credentials['username'];
$response->fullname = $credentials['username'];
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::sprintf('JGLOBAL_AUTH_FAILED', $message);
}
}
}

59
plugins/authentication/gmail/gmail.xml Normal file
View File

@ -0,0 +1,59 @@
<?xml version="1.0" encoding="utf-8"?>
<extension version="3.1" type="plugin" group="authentication">
<name>plg_authentication_gmail</name>
<author>Joomla! Project</author>
<creationDate>February 2006</creationDate>
<copyright>Copyright (C) 2005 - 2013 Open Source Matters. All rights reserved.</copyright>
<license>GNU General Public License version 2 or later; see LICENSE.txt</license>
<authorEmail>admin@joomla.org</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>3.0.0</version>
<description>PLG_GMAIL_XML_DESCRIPTION</description>
<files>
<filename plugin="gmail">gmail.php</filename>
<filename>index.html</filename>
</files>
<languages>
<language tag="en-GB">en-GB.plg_authentication_gmail.ini</language>
<language tag="en-GB">en-GB.plg_authentication_gmail.sys.ini</language>
</languages>
<config>
<fields name="params">
<fieldset name="basic">
<field name="applysuffix" type="list"
default="0"
description="PLG_GMAIL_FIELD_APPLYSUFFIX_DESC"
label="PLG_GMAIL_FIELD_APPLYSUFFIX_LABEL"
>
<option value="0">PLG_GMAIL_FIELD_VALUE_NOAPPLYSUFFIX</option>
<option value="1">PLG_GMAIL_FIELD_VALUE_APPLYSUFFIXMISSING</option>
<option value="2">PLG_GMAIL_FIELD_VALUE_APPLYSUFFIXALWAYS</option>
</field>
<field name="suffix" type="text"
description="PLG_GMAIL_FIELD_SUFFIX_DESC"
label="PLG_GMAIL_FIELD_SUFFIX_LABEL"
size="20"
/>
<field name="verifypeer" type="radio"
default="1"
class="btn-group"
description="PLG_GMAIL_FIELD_VERIFYPEER_DESC"
label="PLG_GMAIL_FIELD_VERIFYPEER_LABEL"
>
<option value="0">JNO</option>
<option value="1">JYES</option>
</field>
<field name="user_blacklist" type="text"
description="PLG_GMAIL_FIELD_USER_BLACKLIST_DESC"
label="PLG_GMAIL_FIELD_USER_BLACKLIST_LABEL"
size="20"
/>
</fieldset>
</fields>
</config>
</extension>

1
plugins/authentication/gmail/index.html Normal file
View File

@ -0,0 +1 @@
<!DOCTYPE html><title></title>

1
plugins/authentication/index.html Normal file
View File

@ -0,0 +1 @@
<!DOCTYPE html><title></title>

1
plugins/authentication/joomla/index.html Normal file
View File

@ -0,0 +1 @@
<!DOCTYPE html><title></title>

93
plugins/authentication/joomla/joomla.php Normal file
View File

@ -0,0 +1,93 @@
<?php
/**
* @package Joomla.Plugin
* @subpackage Authentication.joomla
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
/**
* Joomla Authentication plugin
*
* @package Joomla.Plugin
* @subpackage Authentication.joomla
* @since 1.5
*/
class PlgAuthenticationJoomla extends JPlugin
{
/**
* This method should handle any authentication and report back to the subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return boolean
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$response->type = 'Joomla';
// Joomla does not like blank passwords
if (empty($credentials['password']))
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED');
return false;
}
// Get a database object
$db = JFactory::getDbo();
$query = $db->getQuery(true)
->select('id, password')
->from('#__users')
->where('username=' . $db->quote($credentials['username']));
$db->setQuery($query);
$result = $db->loadObject();
if ($result)
{
$parts = explode(':', $result->password);
$crypt = $parts[0];
$salt = @$parts[1];
$testcrypt = JUserHelper::getCryptedPassword($credentials['password'], $salt);
if ($crypt == $testcrypt)
{
// Bring this in line with the rest of the system
$user = JUser::getInstance($result->id);
$response->email = $user->email;
$response->fullname = $user->name;
if (JFactory::getApplication()->isAdmin())
{
$response->language = $user->getParam('admin_language');
}
else
{
$response->language = $user->getParam('language');
}
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS');
}
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_USER');
}
}
}

20
plugins/authentication/joomla/joomla.xml Normal file
View File

@ -0,0 +1,20 @@
<?xml version="1.0" encoding="utf-8"?>
<extension version="3.1" type="plugin" group="authentication">
<name>plg_authentication_joomla</name>
<author>Joomla! Project</author>
<creationDate>November 2005</creationDate>
<copyright>Copyright (C) 2005 - 2013 Open Source Matters. All rights reserved.</copyright>
<license>GNU General Public License version 2 or later; see LICENSE.txt</license>
<authorEmail>admin@joomla.org</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>3.0.0</version>
<description>PLG_AUTH_JOOMLA_XML_DESCRIPTION</description>
<files>
<filename plugin="joomla">joomla.php</filename>
<filename>index.html</filename>
</files>
<languages>
<language tag="en-GB">en-GB.plg_authentication_joomla.ini</language>
<language tag="en-GB">en-GB.plg_authentication_joomla.sys.ini</language>
</languages>
</extension>

1
plugins/authentication/ldap/index.html Normal file
View File

@ -0,0 +1 @@
<!DOCTYPE html><title></title>

160
plugins/authentication/ldap/ldap.php Normal file
View File

@ -0,0 +1,160 @@
<?php
/**
* @package Joomla.Plugin
* @subpackage Authentication.ldap
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
defined('_JEXEC') or die;
/**
* LDAP Authentication Plugin
*
* @package Joomla.Plugin
* @subpackage Authentication.ldap
* @since 1.5
*/
class PlgAuthenticationLdap extends JPlugin
{
/**
* This method should handle any authentication and report back to the subject
*
* @param array $credentials Array holding the user credentials
* @param array $options Array of extra options
* @param object &$response Authentication response object
*
* @return boolean
*
* @since 1.5
*/
public function onUserAuthenticate($credentials, $options, &$response)
{
$userdetails = null;
$success = 0;
$userdetails = array();
// For JLog
$response->type = 'LDAP';
// LDAP does not like Blank passwords (tries to Anon Bind which is bad)
if (empty($credentials['password']))
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_PASS_BLANK');
return false;
}
// Load plugin params info
$ldap_email = $this->params->get('ldap_email');
$ldap_fullname = $this->params->get('ldap_fullname');
$ldap_uid = $this->params->get('ldap_uid');
$auth_method = $this->params->get('auth_method');
$ldap = new JClientLdap($this->params);
if (!$ldap->connect())
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_CONNECT');
return;
}
switch ($auth_method)
{
case 'search':
{
// Bind using Connect Username/password
// Force anon bind to mitigate misconfiguration like [#7119]
if (strlen($this->params->get('username')))
{
$bindtest = $ldap->bind();
}
else
{
$bindtest = $ldap->anonymous_bind();
}
if ($bindtest)
{
// Search for users DN
$binddata = $ldap->simple_search(str_replace("[search]", $credentials['username'], $this->params->get('search_string')));
if (isset($binddata[0]) && isset($binddata[0]['dn']))
{
// Verify Users Credentials
$success = $ldap->bind($binddata[0]['dn'], $credentials['password'], 1);
// Get users details
$userdetails = $binddata;
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_USER_NOT_FOUND');
}
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_NO_BIND');
}
} break;
case 'bind':
{
// We just accept the result here
$success = $ldap->bind($credentials['username'], $credentials['password']);
if ($success)
{
$userdetails = $ldap->simple_search(str_replace("[search]", $credentials['username'], $this->params->get('search_string')));
}
else
{
$response->status = JAuthentication::STATUS_FAILURE;
$response->error_message = JText::_('JGLOBAL_AUTH_BIND_FAILED');
}
} break;
}
if (!$success)
{
$response->status = JAuthentication::STATUS_FAILURE;
if (!strlen($response->error_message))
{
$response->error_message = JText::_('JGLOBAL_AUTH_INCORRECT');
}
}
else
{
// Grab some details from LDAP and return them
if (isset($userdetails[0][$ldap_uid][0]))
{
$response->username = $userdetails[0][$ldap_uid][0];
}
if (isset($userdetails[0][$ldap_email][0]))
{
$response->email = $userdetails[0][$ldap_email][0];
}
if (isset($userdetails[0][$ldap_fullname][0]))
{
$response->fullname = $userdetails[0][$ldap_fullname][0];
} else {
$response->fullname = $credentials['username'];
}
// Were good - So say so.
$response->status = JAuthentication::STATUS_SUCCESS;
$response->error_message = '';
}
$ldap->close();
}
}

132
plugins/authentication/ldap/ldap.xml Normal file
View File

@ -0,0 +1,132 @@
<?xml version="1.0" encoding="utf-8"?>
<extension version="3.1" type="plugin" group="authentication">
<name>plg_authentication_ldap</name>
<author>Joomla! Project</author>
<creationDate>November 2005</creationDate>
<copyright>Copyright (C) 2005 - 2013 Open Source Matters. All rights reserved.</copyright>
<license>GNU General Public License version 2 or later; see LICENSE.txt</license>
<authorEmail>admin@joomla.org</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>3.0.0</version>
<description>PLG_LDAP_XML_DESCRIPTION</description>
<files>
<filename plugin="ldap">ldap.php</filename>
<filename>index.html</filename>
</files>
<languages>
<language tag="en-GB">en-GB.plg_authentication_ldap.ini</language>
<language tag="en-GB">en-GB.plg_authentication_ldap.sys.ini</language>
</languages>
<config>
<fields name="params">
<fieldset name="basic">
<field name="host" type="text"
description="PLG_LDAP_FIELD_HOST_DESC"
label="PLG_LDAP_FIELD_HOST_LABEL"
size="20"
/>
<field name="port" type="text"
default="389"
description="PLG_LDAP_FIELD_PORT_DESC"
label="PLG_LDAP_FIELD_PORT_LABEL"
size="20"
/>
<field name="use_ldapV3" type="radio"
default="0"
class="btn-group"
description="PLG_LDAP_FIELD_V3_DESC"
label="PLG_LDAP_FIELD_V3_LABEL"
>
<option value="0">JNo</option>
<option value="1">JYes</option>
</field>
<field name="negotiate_tls" type="radio"
default="0"
class="btn-group"
description="PLG_LDAP_FIELD_NEGOCIATE_DESC"
label="PLG_LDAP_FIELD_NEGOCIATE_LABEL"
>
<option value="0">JNo</option>
<option value="1">JYes</option>
</field>
<field name="no_referrals" type="radio"
default="0"
class="btn-group"
description="PLG_LDAP_FIELD_REFERRALS_DESC"
label="PLG_LDAP_FIELD_REFERRALS_LABEL"
>
<option value="0">JNo</option>
<option value="1">JYes</option>
</field>
<field name="auth_method" type="list"
default="bind"
description="PLG_LDAP_FIELD_AUTHMETHOD_DESC"
label="PLG_LDAP_FIELD_AUTHMETHOD_LABEL"
>
<option value="search">PLG_LDAP_FIELD_VALUE_BINDSEARCH</option>
<option value="bind">PLG_LDAP_FIELD_VALUE_BINDUSER</option>
</field>
<field name="base_dn" type="text"
description="PLG_LDAP_FIELD_BASEDN_DESC"
label="PLG_LDAP_FIELD_BASEDN_LABEL"
size="20"
/>
<field name="search_string" type="text"
description="PLG_LDAP_FIELD_SEARCHSTRING_DESC"
label="PLG_LDAP_FIELD_SEARCHSTRING_LABEL"
size="20"
/>
<field name="users_dn" type="text"
description="PLG_LDAP_FIELD_USERSDN_DESC"
label="PLG_LDAP_FIELD_USERSDN_LABEL"
size="20"
/>
<field name="username" type="text"
description="PLG_LDAP_FIELD_USERNAME_DESC"
label="PLG_LDAP_FIELD_USERNAME_LABEL"
size="20"
/>
<field name="password" type="password"
description="PLG_LDAP_FIELD_PASSWORD_DESC"
label="PLG_LDAP_FIELD_PASSWORD_LABEL"
size="20"
/>
<field name="ldap_fullname" type="text"
default="fullName"
description="PLG_LDAP_FIELD_FULLNAME_DESC"
label="PLG_LDAP_FIELD_FULLNAME_LABEL"
size="20"
/>
<field name="ldap_email" type="text"
default="mail"
description="PLG_LDAP_FIELD_EMAIL_DESC"
label="PLG_LDAP_FIELD_EMAIL_LABEL"
size="20"
/>
<field name="ldap_uid" type="text"
default="uid"
description="PLG_LDAP_FIELD_UID_DESC"
label="PLG_LDAP_FIELD_UID_LABEL"
size="20"
/>
</fieldset>
</fields>
</config>
</extension>