forked from duosecurity/duo_mediawiki
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSpecialDuoAuth.php
executable file
·59 lines (52 loc) · 2.06 KB
/
SpecialDuoAuth.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<?php
class SpecialDuoAuth extends SpecialPage {
var $success = false;
function __construct() {
parent::__construct( 'DuoAuth' );
}
function getName() {
"Duo Authentication";
}
function execute( $par ) {
global $wgUser, $mediaWiki, $wgRequest, $wgOut, $wgDuoIKey, $wgDuoSKey, $wgDuoHost, $IP, $wgServer, $wgScriptPath, $wgScript, $wgSecretKey;
$this->setHeaders();
require_once("$IP/extensions/DuoAuth/duo_web.php");
if ($wgUser->isLoggedIn()) {
$username = $wgUser->getName();
$uid = $wgUser->getId();
$duo_token = Duo::signRequest($wgDuoIKey, $wgDuoSKey, $wgSecretKey, $wgUser->getName());
$iframe_attributes = array(
'id' => 'duo_iframe',
'data-host' => $wgDuoHost,
'data-sig-request' => $duo_token,
'frameborder' => '0',
);
$iframe_attributes = array_map(function($key, $value) {
return sprintf('%s="%s"', $key, $value);
}, array_keys($iframe_attributes), array_values($iframe_attributes));
$iframe_attributes = implode(" ", $iframe_attributes);
$wgOut->addHtml('
<script src="'. $wgServer . $wgScriptPath . '/extensions/DuoAuth/Duo-Web-v2.min.js"></script>
<link rel="stylesheet" type="text/css" href="'. $wgServer . $wgScriptPath . '/extensions/DuoAuth/Duo-Frame.css">
<iframe ' . $iframe_attributes . '></iframe>
');
$wgUser->logout();
$_SESSION['du'] = $username;
$_SESSION['id'] = $uid;
} else if (isset($_POST["sig_response"]) && !empty($_POST["sig_response"])) {
$duo_user = Duo::verifyResponse($wgDuoIKey, $wgDuoSKey, $wgSecretKey, $_POST["sig_response"]);
if ($duo_user == $_SESSION['du']) {
# TODO: should be able to do this with $wgUser->getIdFromName($_SESSION['du'])
$wgUser->setId($_SESSION['id']);
$wgUser->loadFromId();
$wgUser->setCookies();
$wgOut->redirect("$wgScript/Main Page");
} else {
$mediaWiki->restInPeace();
}
} else {
$wgOut->addWikiText("You must login to see this page.");
}
}
}
?>