From: Michael M Slusarz Date: Tue, 1 Jun 2010 04:34:35 +0000 (-0600) Subject: Move application auth driver to horde/Core X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=1714871fc4a30e1a9f079b0e68290a6fad80a32c;p=horde.git Move application auth driver to horde/Core --- diff --git a/framework/Auth/lib/Horde/Auth.php b/framework/Auth/lib/Horde/Auth.php index 9d394d955..5e522d788 100644 --- a/framework/Auth/lib/Horde/Auth.php +++ b/framework/Auth/lib/Horde/Auth.php @@ -98,24 +98,29 @@ class Horde_Auth * Attempts to return a concrete Horde_Auth_Base instance based on * $driver. * - * @param mixed $driver The type of concrete Horde_Auth_Base subclass - * to return. - * @param array $params A hash containing any additional configuration or - * parameters a subclass might need. + * @param string $driver Either a driver name, or the full class name to + * use (class must extend Horde_Auth_Base). + * @param array $params A hash containing any additional configuration + * or parameters a subclass might need. * * @return Horde_Auth_Base The newly created concrete instance. * @throws Horde_Auth_Exception */ static public function factory($driver, $params = null) { - $driver = str_replace(' ', '_' , ucwords(str_replace('_', ' ', basename($driver)))); + /* Base drivers (in Auth/ directory). */ $class = __CLASS__ . '_' . $driver; + if (class_exists($class)) { + return new $class($params); + } + /* Explicit class name, */ + $class = $driver; if (class_exists($class)) { return new $class($params); } - throw new Horde_Auth_Exception('Class definition of ' . $class . ' not found.'); + throw new Horde_Auth_Exception(__CLASS__ . ': Class definition of ' . $driver . ' not found.'); } /** diff --git a/framework/Auth/lib/Horde/Auth/Application.php b/framework/Auth/lib/Horde/Auth/Application.php deleted file mode 100644 index 84eaa57d7..000000000 --- a/framework/Auth/lib/Horde/Auth/Application.php +++ /dev/null @@ -1,374 +0,0 @@ - - * @category Horde - * @license http://opensource.org/licenses/lgpl-2.1.php LGPL - * @package Auth - */ -class Horde_Auth_Application extends Horde_Auth_Base -{ - /** - * Cache for hasCapability(). - * - * @var array - */ - protected $_loaded = array(); - - /** - * Equivalent methods in application's API. - * - * @var array - */ - protected $_apiMethods = array( - 'add' => 'authAddUser', - 'authenticate' => 'authAuthenticate', - 'authenticatecallback' => 'authAuthenticateCallback', - 'exists' => 'authUserExists', - 'list' => 'authUserList', - 'loginparams' => 'authLoginParams', - 'remove' => 'authRemoveUser', - 'resetpassword' => 'authResetPassword', - 'transparent' => 'authTransparent', - 'update' => 'authUpdateUser' - ); - - /** - * Constructor. - * - * @param array $params Required parameters: - * 
-     * 'app' - (string) The application which is providing authentication.
-     *
- * - * @throws InvalidArgumentException - */ - public function __construct(array $params = array()) - { - if (!isset($params['app'])) { - throw new InvalidArgumentException('Missing app parameter.'); - } - - $this->_app = $params['app']; - - parent::__construct($params); - } - - /** - * Queries the current Auth object to find out if it supports the given - * capability. - * - * @param string $capability The capability to test for. - * - * @return boolean Whether or not the capability is supported. - */ - public function hasCapability($capability) - { - $capability = strtolower($capability); - - if (!in_array($capability, $this->_loaded) && - isset($this->_apiMethods[$capability])) { - $this->_capabilities[$capability] = $GLOBALS['registry']->hasAppMethod($this->_app, $this->_apiMethods[$capability]); - $this->_loaded[] = $capability; - } - - return parent::hasCapability($capability); - } - - /** - * Finds out if a set of login credentials are valid, and if requested, - * mark the user as logged in in the current session. - * - * @param string $userId The userId to check. - * @param array $credentials The credentials to check. - * @param boolean $login Whether to log the user in. If false, we'll - * only test the credentials and won't modify - * the current session. Defaults to true. - * - * @return boolean Whether or not the credentials are valid. - */ - public function authenticate($userId, $credentials, $login = true) - { - if (!parent::authenticate($userId, $credentials, $login)) { - return false; - } - - $this->_authCallback(); - - return true; - } - - /** - * Find out if a set of login credentials are valid. - * - * @param string $userId The userId to check. - * @param array $credentials The credentials to use. This object will - * always be available in the 'auth_ob' key. - * - * @throws Horde_Auth_Exception - */ - protected function _authenticate($userId, $credentials) - { - if (!$this->hasCapability('authenticate')) { - throw new Horde_Auth_Exception($this->_app . ' does not provide an authenticate() method.'); - } - - $credentials['auth_ob'] = $this; - - $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['authenticate'], array('args' => array($userId, $credentials), 'noperms' => true)); - } - - /** - * List all users in the system. - * - * @return array The array of userIds. - * @throws Horde_Auth_Exception - */ - public function listUsers() - { - if ($this->hasCapability('list')) { - return $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['list']); - } else { - return parent::listUsers(); - } - } - - /** - * Checks if $userId exists in the system. - * - * @param string $userId User ID to check. - * - * @return boolean Whether or not $userId already exists. - */ - public function exists($userId) - { - if ($this->hasCapability('exists')) { - return $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['exists'], array('args' => array($userId))); - } else { - return parent::exists($userId); - } - } - - /** - * Add a set of authentication credentials. - * - * @param string $userId The userId to add. - * @param array $credentials The credentials to use. - * - * @throws Horde_Auth_Exception - */ - public function addUser($userId, $credentials) - { - if ($this->hasCapability('add')) { - $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['add'], array('args' => array($userId, $credentials))); - } else { - parent::addUser($userId, $credentials); - } - } - - /** - * Update a set of authentication credentials. - * - * @param string $oldID The old userId. - * @param string $newID The new userId. - * @param array $credentials The new credentials - * - * @throws Horde_Auth_Exception - */ - public function updateUser($oldID, $newID, $credentials) - { - if ($this->hasCapability('update')) { - $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['update'], array('args' => array($oldID, $newID, $credentials))); - } else { - parent::updateUser($userId, $credentials); - } - } - - /** - * Reset a user's password. Used for example when the user does not - * remember the existing password. - * - * @param string $userId The userId for which to reset the password. - * - * @return string The new password on success. - * @throws Horde_Auth_Exception - */ - public function resetPassword($userId) - { - if ($this->hasCapability('resetpassword')) { - return $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['resetpassword'], array('args' => array($userId))); - } - - return parent::resetPassword(); - } - - /** - * Delete a set of authentication credentials. - * - * @param string $userId The userId to delete. - * - * @throws Horde_Auth_Exception - */ - public function removeUser($userId) - { - if ($this->hasCapability('remove')) { - $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['remove'], array('args' => array($userId))); - Horde_Auth::removeUserData($userId); - } else { - parent::removeUser($userId); - } - } - - /** - * Automatic authentication. - * - * @return boolean Whether or not the client is allowed. - * @throws Horde_Auth_Exception - */ - public function transparent() - { - if (!parent::transparent()) { - return false; - } - - $this->_authCallback(); - - return true; - } - - /** - * Attempt transparent authentication. The application method is passed a - * single parameter: the current class instance. - * - * @return boolean Whether transparent login is supported. - */ - protected function _transparent() - { - if (!$this->hasCapability('transparent')) { - /* If this application contains neither transparent nor - * authenticate capabilities, it does not require any - * authentication if already authenticated to Horde. */ - return (Horde_Auth::getAuth() && - !$this->hasCapability('authenticate')); - } - - return $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['transparent'], array('args' => array($this), 'noperms' => true)); - } - - /** - * Returns information on what login parameters to display on the login - * screen. - * - * @return array An array with the following keys: - * 
-     * 'js_code' - (array) A list of javascript statements to be included via
-     *             Horde::addInlineScript().
-     * 'js_files' - (array) A list of javascript files to be included via
-     *              Horde::addScriptFile().
-     * 'nosidebar' - (boolean) If true, never load the sidebar when
-     *               authenticating to this app.
-     * 'params' - (array) A list of parameters to display on the login screen.
-     *            Each entry is an array with the following entries:
-     *            'label' - (string) The label of the entry.
-     *            'type' - (string) 'select', 'text', or 'password'.
-     *            'value' - (mixed) If type is 'text' or 'password', the
-     *                      text to insert into the field by default. If type
-     *                      is 'select', an array with they keys as the
-     *                      option values and an array with the following keys:
-     *                      'hidden' - (boolean) If true, the option will be
-     *                                 hidden.
-     *                      'name' - (string) The option label.
-     *                      'selected' - (boolean) If true, will be selected
-     *                                   by default.
-     *
- * - * @throws Horde_Exception - */ - public function getLoginParams() - { - if (!$this->hasCapability('loginparams')) { - return parent::getLoginParams(); - } - - return $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['loginparams'], array('noperms' => true)); - } - - /** - * Provide method to get internal credential values. Necessary as the - * application API does not have direct access to the protected member - * variables of this class. - * - * @param mixed $name The credential name to get. If null, will return - * the entire credential list. - * - * @return mixed Return the credential information, or null if the. - * credential doesn't exist. - */ - public function getCredential($name = null) - { - if (is_null($name)) { - return $this->_credentials; - } - - return isset($this->_credentials[$name]) - ? $this->_credentials[$name] - : null; - } - - /** - * Provide method to set internal credential values. Necessary as the - * application API does not have direct access to the protected member - * variables of this class. - * - * @param string $name The credential name to set. - * @param mixed $value The credential value to set. If $name is 'userId', - * this must be a text value. If $name is - * 'credentials' or 'params', this is an array of - * values to be merged in. - */ - public function setCredential($type, $value) - { - switch ($type) { - case 'userId': - $this->_credentials['userId'] = $value; - break; - - case 'credentials': - case 'params': - $this->_credentials[$type] = array_merge($this->_credentials[$type], $value); - break; - } - } - - /** - * Provide way to finish authentication tasks in an application and ensure - * that the full application environment is loaded. - * - * @throws Horde_Auth_Exception - */ - protected function _authCallback() - { - if ($this->hasCapability('authenticatecallback')) { - $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['authenticatecallback'], array('noperms' => true)); - } - } - - /** - * Indicate whether the application requires authentication. - * - * @return boolean True if application requires authentication. - */ - public function requireAuth() - { - return $this->hasCapability('authenticate') || $this->hasCapability('transparent'); - } - -} diff --git a/framework/Auth/package.xml b/framework/Auth/package.xml index 5fc9525f6..6bd59ddb0 100644 --- a/framework/Auth/package.xml +++ b/framework/Auth/package.xml @@ -48,7 +48,6 @@ http://pear.php.net/dtd/package-2.0.xsd"> - @@ -127,6 +126,10 @@ http://pear.php.net/dtd/package-2.0.xsd"> + Db + pear.horde.org + + Form pear.horde.org @@ -164,7 +167,6 @@ http://pear.php.net/dtd/package-2.0.xsd"> - diff --git a/framework/Core/lib/Horde/Core/Auth/Application.php b/framework/Core/lib/Horde/Core/Auth/Application.php new file mode 100644 index 000000000..4074965ec --- /dev/null +++ b/framework/Core/lib/Horde/Core/Auth/Application.php @@ -0,0 +1,368 @@ + + * @category Horde + * @license http://opensource.org/licenses/lgpl-2.1.php LGPL + * @package Core + */ +class Horde_Core_Auth_Application extends Horde_Auth_Base +{ + /** + * Cache for hasCapability(). + * + * @var array + */ + protected $_loaded = array(); + + /** + * Equivalent methods in application's API. + * + * @var array + */ + protected $_apiMethods = array( + 'add' => 'authAddUser', + 'authenticate' => 'authAuthenticate', + 'authenticatecallback' => 'authAuthenticateCallback', + 'exists' => 'authUserExists', + 'list' => 'authUserList', + 'loginparams' => 'authLoginParams', + 'remove' => 'authRemoveUser', + 'resetpassword' => 'authResetPassword', + 'transparent' => 'authTransparent', + 'update' => 'authUpdateUser' + ); + + /** + * Constructor. + * + * @param array $params Required parameters: + * 
+     * 'app' - (string) The application which is providing authentication.
+     *
+ * + * @throws InvalidArgumentException + */ + public function __construct(array $params = array()) + { + if (!isset($params['app'])) { + throw new InvalidArgumentException('Missing app parameter.'); + } + + $this->_app = $params['app']; + + parent::__construct($params); + } + + /** + * Queries the current Auth object to find out if it supports the given + * capability. + * + * @param string $capability The capability to test for. + * + * @return boolean Whether or not the capability is supported. + */ + public function hasCapability($capability) + { + $capability = strtolower($capability); + + if (!in_array($capability, $this->_loaded) && + isset($this->_apiMethods[$capability])) { + $this->_capabilities[$capability] = $GLOBALS['registry']->hasAppMethod($this->_app, $this->_apiMethods[$capability]); + $this->_loaded[] = $capability; + } + + return parent::hasCapability($capability); + } + + /** + * Finds out if a set of login credentials are valid, and if requested, + * mark the user as logged in in the current session. + * + * @param string $userId The userId to check. + * @param array $credentials The credentials to check. + * @param boolean $login Whether to log the user in. If false, we'll + * only test the credentials and won't modify + * the current session. Defaults to true. + * + * @return boolean Whether or not the credentials are valid. + */ + public function authenticate($userId, $credentials, $login = true) + { + if (!parent::authenticate($userId, $credentials, $login)) { + return false; + } + + $this->_authCallback(); + + return true; + } + + /** + * Find out if a set of login credentials are valid. + * + * @param string $userId The userId to check. + * @param array $credentials The credentials to use. This object will + * always be available in the 'auth_ob' key. + * + * @throws Horde_Auth_Exception + */ + protected function _authenticate($userId, $credentials) + { + if (!$this->hasCapability('authenticate')) { + throw new Horde_Auth_Exception($this->_app . ' does not provide an authenticate() method.'); + } + + $credentials['auth_ob'] = $this; + + $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['authenticate'], array('args' => array($userId, $credentials), 'noperms' => true)); + } + + /** + * List all users in the system. + * + * @return array The array of userIds. + * @throws Horde_Auth_Exception + */ + public function listUsers() + { + return $this->hasCapability('list') + ? $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['list']) + : parent::listUsers(); + } + + /** + * Checks if $userId exists in the system. + * + * @param string $userId User ID to check. + * + * @return boolean Whether or not $userId already exists. + */ + public function exists($userId) + { + return $this->hasCapability('exists') + ? $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['exists'], array('args' => array($userId))) + : parent::exists($userId); + } + + /** + * Add a set of authentication credentials. + * + * @param string $userId The userId to add. + * @param array $credentials The credentials to use. + * + * @throws Horde_Auth_Exception + */ + public function addUser($userId, $credentials) + { + if ($this->hasCapability('add')) { + $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['add'], array('args' => array($userId, $credentials))); + } else { + parent::addUser($userId, $credentials); + } + } + + /** + * Update a set of authentication credentials. + * + * @param string $oldID The old userId. + * @param string $newID The new userId. + * @param array $credentials The new credentials + * + * @throws Horde_Auth_Exception + */ + public function updateUser($oldID, $newID, $credentials) + { + if ($this->hasCapability('update')) { + $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['update'], array('args' => array($oldID, $newID, $credentials))); + } else { + parent::updateUser($userId, $credentials); + } + } + + /** + * Reset a user's password. Used for example when the user does not + * remember the existing password. + * + * @param string $userId The userId for which to reset the password. + * + * @return string The new password on success. + * @throws Horde_Auth_Exception + */ + public function resetPassword($userId) + { + return $this->hasCapability('resetpassword') + ? $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['resetpassword'], array('args' => array($userId))) + : parent::resetPassword(); + } + + /** + * Delete a set of authentication credentials. + * + * @param string $userId The userId to delete. + * + * @throws Horde_Auth_Exception + */ + public function removeUser($userId) + { + if ($this->hasCapability('remove')) { + $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['remove'], array('args' => array($userId))); + Horde_Auth::removeUserData($userId); + } else { + parent::removeUser($userId); + } + } + + /** + * Automatic authentication. + * + * @return boolean Whether or not the client is allowed. + * @throws Horde_Auth_Exception + */ + public function transparent() + { + if (!parent::transparent()) { + return false; + } + + $this->_authCallback(); + + return true; + } + + /** + * Attempt transparent authentication. The application method is passed a + * single parameter: the current class instance. + * + * @return boolean Whether transparent login is supported. + */ + protected function _transparent() + { + if (!$this->hasCapability('transparent')) { + /* If this application contains neither transparent nor + * authenticate capabilities, it does not require any + * authentication if already authenticated to Horde. */ + return (Horde_Auth::getAuth() && + !$this->hasCapability('authenticate')); + } + + return $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['transparent'], array('args' => array($this), 'noperms' => true)); + } + + /** + * Returns information on what login parameters to display on the login + * screen. + * + * @return array An array with the following keys: + * 
+     * 'js_code' - (array) A list of javascript statements to be included via
+     *             Horde::addInlineScript().
+     * 'js_files' - (array) A list of javascript files to be included via
+     *              Horde::addScriptFile().
+     * 'nosidebar' - (boolean) If true, never load the sidebar when
+     *               authenticating to this app.
+     * 'params' - (array) A list of parameters to display on the login screen.
+     *            Each entry is an array with the following entries:
+     *            'label' - (string) The label of the entry.
+     *            'type' - (string) 'select', 'text', or 'password'.
+     *            'value' - (mixed) If type is 'text' or 'password', the
+     *                      text to insert into the field by default. If type
+     *                      is 'select', an array with they keys as the
+     *                      option values and an array with the following keys:
+     *                      'hidden' - (boolean) If true, the option will be
+     *                                 hidden.
+     *                      'name' - (string) The option label.
+     *                      'selected' - (boolean) If true, will be selected
+     *                                   by default.
+     *
+ * + * @throws Horde_Exception + */ + public function getLoginParams() + { + if (!$this->hasCapability('loginparams')) { + return parent::getLoginParams(); + } + + return $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['loginparams'], array('noperms' => true)); + } + + /** + * Provide method to get internal credential values. Necessary as the + * application API does not have direct access to the protected member + * variables of this class. + * + * @param mixed $name The credential name to get. If null, will return + * the entire credential list. + * + * @return mixed Return the credential information, or null if the. + * credential doesn't exist. + */ + public function getCredential($name = null) + { + if (is_null($name)) { + return $this->_credentials; + } + + return isset($this->_credentials[$name]) + ? $this->_credentials[$name] + : null; + } + + /** + * Provide method to set internal credential values. Necessary as the + * application API does not have direct access to the protected member + * variables of this class. + * + * @param string $name The credential name to set. + * @param mixed $value The credential value to set. If $name is 'userId', + * this must be a text value. If $name is + * 'credentials' or 'params', this is an array of + * values to be merged in. + */ + public function setCredential($type, $value) + { + switch ($type) { + case 'userId': + $this->_credentials['userId'] = $value; + break; + + case 'credentials': + case 'params': + $this->_credentials[$type] = array_merge($this->_credentials[$type], $value); + break; + } + } + + /** + * Provide way to finish authentication tasks in an application and ensure + * that the full application environment is loaded. + * + * @throws Horde_Auth_Exception + */ + protected function _authCallback() + { + if ($this->hasCapability('authenticatecallback')) { + $GLOBALS['registry']->callAppMethod($this->_app, $this->_apiMethods['authenticatecallback'], array('noperms' => true)); + } + } + + /** + * Indicate whether the application requires authentication. + * + * @return boolean True if application requires authentication. + */ + public function requireAuth() + { + return $this->hasCapability('authenticate') || $this->hasCapability('transparent'); + } + +} diff --git a/framework/Core/package.xml b/framework/Core/package.xml index 292879e8d..de76dfa69 100644 --- a/framework/Core/package.xml +++ b/framework/Core/package.xml @@ -37,7 +37,8 @@ Application Framework. beta LGPL - * Import signup code from horde/Auth. + * Import application auth driver from horde/Auth. + * Import signup code from horde/Auth. * Import Horde backend driver from horde/LoginTasks. * Import perms UI handling class from horde/Perms. * Import prefs UI handling class from horde/Prefs. @@ -62,6 +63,7 @@ Application Framework. + @@ -263,6 +265,7 @@ Application Framework. +