mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-06 14:46:56 +02:00
Code Issues Releases Wiki Activity

Tidy up alt_auth plugin - mostly documentation, some code rationalisation, conversion to the 2.0 way, etc

Browse Source
This commit is contained in:
e107steved
2011-12-31 17:42:56 +00:00
parent 6f61a7f889
commit e67702099c
21 changed files with 1628 additions and 1245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

247
e107_plugins/alt_auth/extended_password_handler.php
View File

@@ -2,17 +2,25 @@
/*
* e107 website system
*
* Copyright (C) 2008-2011 e107 Inc (e107.org)
* Copyright (C) 2008-2012 e107 Inc (e107.org)
* Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
*
*
* Extended password handler for alt_auth plugin
*
* $URL$
* $Id$
*/
/*
/**
* e107 Alternate authorisation plugin
*
* @package e107_plugins
* @subpackage alt_auth
* @version $Id$;
*/
/**
EXTENDED PASSWORD HANDLER CLASS
- supports many password formats used on other systems
- implements checking of existing passwords only
@@ -23,97 +31,105 @@ To use:
or, optionally:
call CheckPassword(plaintext_password,login_name, stored_value, password_type)
To do:
@todo:
1. Check that public/private declarations of functions are correct
*/
if (!defined('e107_INIT')) { exit; }
require_once(e_HANDLER.'user_handler.php');
// @todo make these class constants
define('PASSWORD_PHPBB_SALT',2);
define('PASSWORD_MAMBO_SALT',3);
define('PASSWORD_JOOMLA_SALT',4);
define('PASSWORD_GENERAL_MD5',5);
define('PASSWORD_PLAINTEXT',6);
define('PASSWORD_GENERAL_SHA1',7);
define('PASSWORD_WORDPRESS_SALT', 8);
define('PASSWORD_MAGENTO_SALT', 9);
// Supported formats:
define('PASSWORD_PHPBB_ID', '$H$'); // PHPBB salted
define('PASSWORD_ORIG_ID', '$P$'); // 'Original' code
define('PASSWORD_WORDPRESS_ID', '$P$'); // WordPress 2.8
define('PASSWORD_PHPBB_SALT',2);
define('PASSWORD_MAMBO_SALT',3);
define('PASSWORD_JOOMLA_SALT',4);
define('PASSWORD_GENERAL_MD5',5);
define('PASSWORD_PLAINTEXT',6);
define('PASSWORD_GENERAL_SHA1',7);
define('PASSWORD_WORDPRESS_SALT', 8);
define('PASSWORD_MAGENTO_SALT', 9);
// Supported formats:
define('PASSWORD_PHPBB_ID','$H$'); // PHPBB salted
define('PASSWORD_ORIG_ID','$P$'); // 'Original' code
define('PASSWORD_WORDPRESS_ID', '$P$'); // WordPress 2.8
class ExtendedPasswordHandler extends UserHandler
{
var $itoa64; // Holds a string of 64 characters for base64 conversion
// var $iteration_count_log2; // Used to compute number of iterations in calculating hash
var $random_state = ''; // A (hopefully) random number
private $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; // Holds a string of 64 characters for base64 conversion
var $random_state = ''; // A (hopefully) random number
// Constructor
function __construct()
{
// Lookup string ready for base64 conversions
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
// Ancestor constructor
parent::__construct();
}
// Return a number of random bytes as specified by $count
function get_random_bytes($count)
{
$this->random_state = md5($this->random_state.microtime().mt_rand(0,10000)); // This will 'auto seed'
$output = '';
for ($i = 0; $i < $count; $i += 16)
{ // Only do this loop once unless we need more than 16 bytes
$this->random_state = md5(microtime() . $this->random_state);
$output .= pack('H*', md5($this->random_state)); // Becomes an array of 16 bytes
}
$output = substr($output, 0, $count);
return $output;
}
// Encode to base64 (each block of three 8-bit chars becomes 4 printable chars)
// Use first $count characters of $input string
function encode64($input, $count)
{
$output = '';
$i = 0;
do
/**
* Constructor - just call parent
*/
function __construct()
{
$value = ord($input[$i++]);
$output .= $this->itoa64[$value & 0x3f];
if ($i < $count) $value |= ord($input[$i]) << 8;
$output .= $this->itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count) break;
if ($i < $count) $value |= ord($input[$i]) << 16;
$output .= $this->itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count) break;
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
// Ancestor constructor
parent::__construct();
}
return $output;
}
/**
* Return a number of random bytes as specified by $count
*/
private function get_random_bytes($count)
{
$this->random_state = md5($this->random_state.microtime().mt_rand(0,10000)); // This will 'auto seed'
$output = '';
for ($i = 0; $i < $count; $i += 16)
{ // Only do this loop once unless we need more than 16 bytes
$this->random_state = md5(microtime() . $this->random_state);
$output .= pack('H*', md5($this->random_state)); // Becomes an array of 16 bytes
}
$output = substr($output, 0, $count);
return $output;
}
/**
* Encode to base64 (each block of three 8-bit chars becomes 4 printable chars)
* Use first $count characters of $input string
*/
private function encode64($input, $count)
{
return base64_encode(substr($input, 0, $count)); // @todo - check this works OK
/*
$output = '';
$i = 0;
do
{
$value = ord($input[$i++]);
$output .= $this->itoa64[$value & 0x3f];
if ($i < $count) $value |= ord($input[$i]) << 8;
$output .= $this->itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count) break;
if ($i < $count) $value |= ord($input[$i]) << 16;
$output .= $this->itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count) break;
$output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count);
return $output;
*/
}
// Method for PHPBB3-style salted passwords, which begin '$H$', and WordPress-style salted passwords, which begin '$P$'
// Given a plaintext password and the complete password/hash function (which includes any salt), calculate hash
// Returns FALSE on error
function crypt_private($password, $stored_password, $password_type = PASSWORD_PHPBB_SALT)
/**
* Method for PHPBB3-style salted passwords, which begin '$H$', and WordPress-style salted passwords, which begin '$P$'
* Given a plaintext password and the complete password/hash function (which includes any salt), calculate hash
* Returns FALSE on error
*/
private function crypt_private($password, $stored_password, $password_type = PASSWORD_PHPBB_SALT)
{
$output = '*0';
if (substr($stored_password, 0, 2) == $output)
@@ -173,57 +189,70 @@ class ExtendedPasswordHandler extends UserHandler
}
// Return array of supported password types - key is used internally, text is displayed
function getPasswordTypes($include_core = FALSE)
/**
* Return array of supported password types - key is used internally, text is displayed
*/
public function getPasswordTypes($includeExtended = TRUE)
{
$vals = array();
if ($include_core)
$vals = array('md5' => IMPORTDB_LAN_7,'e107_salt' => IMPORTDB_LAN_8); // Methods supported in core
if ($includeExtended)
{
$vals = array('md5' => IMPORTDB_LAN_7,'e107_salt' => IMPORTDB_LAN_8); // Methods supported in core
}
if (is_bool($include_core))
{
$vals = array_merge($vals,array(
'plaintext' => IMPORTDB_LAN_2,
'joomla_salt' => IMPORTDB_LAN_3,
'mambo_salt' => IMPORTDB_LAN_4,
'smf_sha1' => IMPORTDB_LAN_5,
'sha1' => IMPORTDB_LAN_6,
'phpbb3_salt' => IMPORTDB_LAN_12,
'wordpress_salt' => IMPORTDB_LAN_13,
'wordpress_salt' => IMPORTDB_LAN_14,
));
$vals = array_merge($vals,array(
'plaintext' => IMPORTDB_LAN_2,
'joomla_salt' => IMPORTDB_LAN_3,
'mambo_salt' => IMPORTDB_LAN_4,
'smf_sha1' => IMPORTDB_LAN_5,
'sha1' => IMPORTDB_LAN_6,
'phpbb3_salt' => IMPORTDB_LAN_12,
'wordpress_salt' => IMPORTDB_LAN_13,
'magento_salt' => IMPORTDB_LAN_14,
));
}
return $vals;
}
// Return password type which relates to a specific foreign system
function passwordMapping($ptype)
/**
* Return password type which relates to a specific foreign system
*/
public function passwordMapping($ptype)
{
$maps = array(
'plaintext' => PASSWORD_PLAINTEXT,
'joomla_salt' => PASSWORD_JOOMLA_SALT,
'mambo_salt' => PASSWORD_MAMBO_SALT,
'smf_sha1' => PASSWORD_GENERAL_SHA1,
'sha1' => PASSWORD_GENERAL_SHA1,
'mambo' => PASSWORD_GENERAL_MD5,
'phpbb2' => PASSWORD_GENERAL_MD5,
'e107' => PASSWORD_GENERAL_MD5,
'md5' => PASSWORD_GENERAL_MD5,
'e107_salt' => PASSWORD_E107_SALT,
'phpbb2_salt' => PASSWORD_PHPBB_SALT,
'phpbb3_salt' => PASSWORD_PHPBB_SALT,
'plaintext' => PASSWORD_PLAINTEXT,
'joomla_salt' => PASSWORD_JOOMLA_SALT,
'mambo_salt' => PASSWORD_MAMBO_SALT,
'smf_sha1' => PASSWORD_GENERAL_SHA1,
'sha1' => PASSWORD_GENERAL_SHA1,
'mambo' => PASSWORD_GENERAL_MD5,
'phpbb2' => PASSWORD_GENERAL_MD5,
'e107' => PASSWORD_GENERAL_MD5,
'md5' => PASSWORD_GENERAL_MD5,
'e107_salt' => PASSWORD_E107_SALT,
'phpbb2_salt' => PASSWORD_PHPBB_SALT,
'phpbb3_salt' => PASSWORD_PHPBB_SALT,
'wordpress_salt' => PASSWORD_WORDPRESS_SALT,
'magento_salt' => PASSWORD_MAGENTO_SALT,
'magento_salt' => PASSWORD_MAGENTO_SALT,
);
if (isset($maps[$ptype])) return $maps[$ptype];
return FALSE;
}
// Extension of password validation -
function CheckPassword($pword, $login_name, $stored_hash, $password_type = PASSWORD_DEFAULT_TYPE)
/**
* Extension of password validation to handle more types
*
* @param string $pword - plaintext password as entered by user
* @param string $login_name - string used to log in (could actually be email address)
* @param string $stored_hash - required value for password to match
* @param integer $password_type - constant specifying the type of password to check against
*
* @return PASSWORD_INVALID|PASSWORD_VALID|string
* PASSWORD_INVALID if no match
* PASSWORD_VALID if valid password
* Return a new hash to store if valid password but non-preferred encoding
*/
public function CheckPassword($pword, $login_name, $stored_hash, $password_type = PASSWORD_DEFAULT_TYPE)
{
switch ($password_type)
{
@@ -268,11 +297,11 @@ class ExtendedPasswordHandler extends UserHandler
$pwHash = $salt ? md5($salt.$pword) : md5($pword);
$stored_hash = $hash;
break;
case PASSWORD_E107_SALT :
return e107::getUserSession()->CheckPassword($password, $login_name, $stored_hash);
//return e107::getUserSession()->CheckPassword($password, $login_name, $stored_hash);
return parent::CheckPassword($password, $login_name, $stored_hash);
break;
case PASSWORD_PHPBB_SALT :