00001 <?php
00025 require_once CORE_PATH . 'extensions/auth/auth_interface.php';
00026 class Auth
00027 {
00033 private $adapter;
00039 private $adapter_object = null;
00046 private $active_session = false;
00052 private $expire_time = 3600;
00058 private $extra_args = array();
00062 private $sleep_time = 0;
00068 private static $is_valid = null;
00074 private static $active_identity = array();
00080 public function __construct ()
00081 {
00082 $extra_args = Util::getParams(func_get_args());
00083 if (isset($extra_args[0])) {
00084 $adapter = $extra_args[0];
00085 unset($extra_args[0]);
00086 } else {
00087 $adapter = 'model';
00088 }
00089 $this->set_adapter($adapter, $this, $extra_args);
00090 }
00091 public function set_adapter ($adapter, $auth = null, $extra_args = array())
00092 {
00093 if (! in_array($adapter, array('digest' , 'http' , 'model' , 'kerberos5' , 'radius'))) {
00094 throw new kumbiaException("Adaptador de autenticación '$adapter' no soportado");
00095 }
00096 $this->adapter = Util::camelcase($adapter);
00097 require_once CORE_PATH . "extensions/auth/adapters/{$adapter}_auth.php";
00098 $adapter_class = $this->adapter . 'Auth';
00099 $this->extra_args = $extra_args;
00100 $this->adapter_object = new $adapter_class($auth, $extra_args);
00101 }
00106 public function get_adapter_name ($adapter)
00107 {
00108 return $this->adapter;
00109 }
00115 public function authenticate ()
00116 {
00117 $result = $this->adapter_object->authenticate();
00121 if ($result && $this->active_session) {
00122 $user_hash = md5(serialize($this->extra_args));
00123 $filename = APP_PATH . 'temp/cache/' . base64_encode('auth');
00124 if (file_exists($filename)) {
00125 $fp = fopen($filename, 'r');
00126 while (! feof($fp)) {
00127 $line = fgets($fp);
00128 $user = explode(':', $line);
00129 if ($user_hash == $user[0]) {
00130 if ($user[1] + $user[2] > time()) {
00131 if ($this->sleep_time) {
00132 sleep($this->sleep_time);
00133 }
00134 self::$active_identity = array();
00135 self::$is_valid = false;
00136 return false;
00137 } else {
00138 fclose($fp);
00139 $this->destroy_active_session();
00140 file_put_contents($filename, $user_hash . ':' . time() . ':' . $this->expire_time . "\n");
00141 }
00142 }
00143 }
00144 fclose($fp);
00145 $fp = fopen($filename, 'a');
00146 fputs($fp, $user_hash . ':' . time() . ':' . $this->expire_time . "\n");
00147 fclose($fp);
00148 } else {
00149 file_put_contents($filename, $user_hash . ':' . time() . ':' . $this->expire_time . "\n");
00150 }
00151 }
00152 if (! $result) {
00153 if ($this->sleep_time) {
00154 sleep($this->sleep_time);
00155 }
00156 }
00157 $_SESSION['KUMBIA_AUTH_IDENTITY'] = $this->adapter_object->get_identity();
00158 self::$active_identity = $this->adapter_object->get_identity();
00159 $_SESSION['KUMBIA_AUTH_VALID'] = $result;
00160 self::$is_valid = $result;
00161 return $result;
00162 }
00168 public function authenticate_with_http ()
00169 {
00170 if (! $_SERVER['PHP_AUTH_USER']) {
00171 header('WWW-Authenticate: Basic realm="basic"');
00172 header('HTTP/1.0 401 Unauthorized');
00173 return false;
00174 } else {
00175 $options = array("username" => $_SERVER['PHP_AUTH_USER'] , "password" => $_SERVER['PHP_AUTH_PW']);
00176 $this->adapter_object->set_params($options);
00177 return $this->authenticate();
00178 }
00179 }
00185 public function get_identity ()
00186 {
00187 return $this->adapter_object->get_identity();
00188 }
00194 public function set_active_session ($value, $time = 3600)
00195 {
00196 $this->active_session = $value;
00197 $this->expire_time = $time;
00198 }
00203 public function destroy_active_session ()
00204 {
00205 $user_hash = md5(serialize($this->extra_args));
00206 $filename = APP_PATH . 'temp/cache/' . base64_encode('auth');
00207 $lines = file($filename);
00208 $lines_out = array();
00209 foreach ($lines as $line) {
00210 if (substr($line, 0, 32) != $user_hash) {
00211 $lines_out[] = $line;
00212 }
00213 }
00214 file_put_contents($filename, join("\n", $lines_out));
00215 }
00221 public function get_adapter_instance ()
00222 {
00223 return $this->adapter_object;
00224 }
00231 public function sleep_on_fail ($value, $time = 2)
00232 {
00233 $time = (int) $time;
00234 if ($time < 0) {
00235 $time = 0;
00236 }
00237 if ($value) {
00238 $this->sleep_time = $time;
00239 } else {
00240 $this->sleep_time = 0;
00241 }
00242 }
00248 static public function is_valid ()
00249 {
00250 if (! is_null(self::$is_valid)) {
00251 return self::$is_valid;
00252 } else {
00253 self::$is_valid = isset($_SESSION['KUMBIA_AUTH_VALID']) ? $_SESSION['KUMBIA_AUTH_VALID'] : null;
00254 return self::$is_valid;
00255 }
00256 }
00262 static public function get_active_identity ()
00263 {
00264 if (count(self::$active_identity)) {
00265 return self::$active_identity;
00266 } else {
00267 self::$active_identity = $_SESSION['KUMBIA_AUTH_IDENTITY'];
00268 return self::$active_identity;
00269 }
00270 }
00275 static public function destroy_identity ()
00276 {
00277 self::$is_valid = null;
00278 unset($_SESSION['KUMBIA_AUTH_VALID']);
00279 self::$active_identity = null;
00280 unset($_SESSION['KUMBIA_AUTH_IDENTITY']);
00281 }
00282 }
