tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SAML with pandora sessions

This commit is contained in:
fbsanchez 2020-10-16 14:00:38 +02:00
parent b97e8697f9
commit ca9b167741
3 changed files with 76 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pandora_console/include/auth/mysql.php
View File

@ -239,8 +239,7 @@ function process_user_login_remote($login, $pass, $api=false)
// Unknown authentication method
default:
$config['auth_error'] = 'User not found in database
or incorrect password';
$config['auth_error'] = 'User not found in database or incorrect password';
return false;
break;
}

68
pandora_console/include/load_session.php
View File

@ -198,11 +198,63 @@ function pandora_session_gc($max_lifetime=300)
}
$result_handler = session_set_save_handler(
'pandora_session_open',
'pandora_session_close',
'pandora_session_read',
'pandora_session_write',
'pandora_session_destroy',
'pandora_session_gc'
);
/**
* Enables custom session handlers.
*
* @return boolean Context changed or not.
*/
function enable_session_handlers()
{
global $config;
if ($config['_using_pandora_sessionhandlers'] !== true) {
if (session_status() !== PHP_SESSION_NONE) {
// Close previous version.
session_write_close();
}
$sesion_handler = session_set_save_handler(
'pandora_session_open',
'pandora_session_close',
'pandora_session_read',
'pandora_session_write',
'pandora_session_destroy',
'pandora_session_gc'
);
session_start();
// Restore previous session.
$config['_using_pandora_sessionhandlers'] = true;
return $sesion_handler;
}
return false;
}
/**
* Disables custom session handlers.
*
* @return void
*/
function disable_session_handlers()
{
global $config;
if (session_status() !== PHP_SESSION_NONE) {
// Close previous version.
session_write_close();
}
$ss = new SessionHandler();
session_set_save_handler($ss, true);
session_start();
$config['_using_pandora_sessionhandlers'] = false;
}
// Always enable session handler.
$result_handler = enable_session_handlers();

29
pandora_console/index.php
View File

@ -395,24 +395,25 @@ if (! isset($config['id_user'])) {
$nick_in_db = $_SESSION['prepared_login_da']['id_user'];
$expired_pass = false;
} else if (($config['auth'] == 'saml') && ($login_button_saml)) {
$saml_configured = include_once $config['homedir'].'/'.ENTERPRISE_DIR.'/include/auth/saml.php';
if (!$saml_configured) {
$saml_path = $config['homedir'].'/'.ENTERPRISE_DIR.'/include/auth/saml.php';
if (!$saml_path) {
include_once 'general/noaccesssaml.php';
}
} else {
include_once $saml_path;
$saml_user_id = saml_process_user_login();
$saml_user_id = saml_process_user_login();
if (!$saml_user_id) {
include_once 'general/noaccesssaml.php';
}
if (!$saml_user_id) {
include_once 'general/noaccesssaml.php';
}
$nick_in_db = $saml_user_id;
if (!$nick_in_db) {
include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
$as = new SimpleSAML_Auth_Simple($config['saml_source']);
$as->logout();
$nick_in_db = $saml_user_id;
if (!$nick_in_db) {
include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
$as = new SimpleSAML_Auth_Simple($config['saml_source']);
$as->logout();
}
}
} else {
// process_user_login is a virtual function which should be defined in each auth file.
@ -971,7 +972,7 @@ if (isset($_GET['bye'])) {
if ($config['auth'] == 'saml') {
include_once $config['saml_path'].'simplesamlphp/lib/_autoload.php';
$as = new SimpleSAML_Auth_Simple('PandoraFMS');
$as = new SimpleSAML_Auth_Simple($config['saml_source']);
$as->logout();
}