Browse Source

XMPP authentification for multi domain systems

tags/3.5.1
Michael Vogel 2 years ago
parent
commit
4f5997f30a
1 changed files with 43 additions and 28 deletions
  1. 43
    28
      include/auth_ejabberd.php

+ 43
- 28
include/auth_ejabberd.php View File

@@ -75,7 +75,7 @@ class exAuth
75 75
 
76 76
 	public function __construct($sLogFile, $bDebug)
77 77
 	{
78
-		global $db;
78
+		global $a, $db;
79 79
 
80 80
 		// setter
81 81
 		$this->sLogFile 	= $sLogFile;
@@ -135,36 +135,30 @@ class exAuth
135 135
 							} else {
136 136
 								// ovdje provjeri prijavu
137 137
 								$sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
138
-								$this->writeDebugLog("[debug] doing auth for ". $sUser);
139
-								//$sQuery = "SELECT `uid`, `password` FROM `user` WHERE `password`='".hash('whirlpool',$aCommand[3])."' AND `nickname`='". $db->escape($sUser) ."'";
140
-								$sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='". $db->escape($sUser) ."'";
141
-								$this->writeDebugLog("[debug] using query ". $sQuery);
142
-								if ($oResult = q($sQuery)){
143
-									$uid = $oResult[0]["uid"];
144
-									$Error = ($oResult[0]["password"] != hash('whirlpool',$aCommand[3]));
145
-/*
146
-									if ($oResult[0]["password"] == hash('whirlpool',$aCommand[3])) {
147
-										// korisnik OK
148
-										$this->writeLog("[exAuth] authentificated user ". $sUser ."@". $aCommand[2]);
149
-										fwrite(STDOUT, pack("nn", 2, 1));
138
+								$this->writeDebugLog("[debug] doing auth for ".$sUser."@".$aCommand[2]);
139
+
140
+								// If the hostnames doesn't match, we try to authenticate remotely
141
+								if ($a->get_hostname() != $aCommand[2])
142
+									$Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true);
143
+								else {
144
+
145
+									//$sQuery = "SELECT `uid`, `password` FROM `user` WHERE `password`='".hash('whirlpool',$aCommand[3])."' AND `nickname`='". $db->escape($sUser) ."'";
146
+									$sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='". $db->escape($sUser) ."'";
147
+									$this->writeDebugLog("[debug] using query ". $sQuery);
148
+									if ($oResult = q($sQuery)){
149
+										$uid = $oResult[0]["uid"];
150
+										$Error = ($oResult[0]["password"] != hash('whirlpool',$aCommand[3]));
150 151
 									} else {
151
-										// korisnik nije OK
152
-										$this->writeLog("[exAuth] authentification failed for user ". $sUser ."@". $aCommand[2]);
153
-										fwrite(STDOUT, pack("nn", 2, 0));
152
+										$this->writeLog("[MySQL] invalid query: ". $sQuery);
153
+										$Error = true;
154
+										$uid = -1;
155
+									}
156
+									if ($Error) {
157
+										$oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid`=%d AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;", intval($uid));
158
+										$this->writeLog("[exAuth] got password ".$oConfig[0]["v"]);
159
+										$Error = ($aCommand[3] != $oConfig[0]["v"]);
154 160
 									}
155
-									$oResult->close();
156
-*/
157
-								} else {
158
-									$this->writeLog("[MySQL] invalid query: ". $sQuery);
159
-									$Error = true;
160
-									$uid = -1;
161
-								}
162
-								if ($Error) {
163
-									$oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid`=%d AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;", intval($uid));
164
-									$this->writeLog("[exAuth] got password ".$oConfig[0]["v"]);
165
-									$Error = ($aCommand[3] != $oConfig[0]["v"]);
166 161
 								}
167
-
168 162
 								if ($Error) {
169 163
 									$this->writeLog("[exAuth] authentification failed for user ". $sUser ."@". $aCommand[2]);
170 164
 									fwrite(STDOUT, pack("nn", 2, 0));
@@ -207,6 +201,27 @@ class exAuth
207 201
 		}
208 202
 	}
209 203
 
204
+	private function check_credentials($host, $user, $password, $ssl) {
205
+
206
+		$url = ($ssl ? "https":"http")."://".$host."/api/account/verify_credentials.json";
207
+
208
+		$ch = curl_init();
209
+		curl_setopt($ch, CURLOPT_URL, $url);
210
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
211
+		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
212
+		curl_setopt($ch, CURLOPT_HEADER, true);
213
+		curl_setopt($ch, CURLOPT_NOBODY, true);
214
+		curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
215
+		curl_setopt($ch, CURLOPT_USERPWD, $user.':'.$password);
216
+
217
+		$header = curl_exec($ch);
218
+		$curl_info = @curl_getinfo($ch);
219
+		$http_code = $curl_info["http_code"];
220
+		curl_close($ch);
221
+
222
+		return($http_code == 200);
223
+	}
224
+
210 225
 	private function writeLog($sMessage)
211 226
 	{
212 227
 		if (is_resource($this->rLogFile)) {

Loading…
Cancel
Save