r28615 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r28614‎ \| r28615 \| r28616 >
Date:	07:00, 18 December 2007
Author:	tlaqua
Status:	old
Tags:
Comment:	New Extension - intended to associate certain IPs or Hostnames with an existing user account. * Supports iprange (10.0.0.0/24) * Supports ippattern (/10\.0\.0\.\d{1,3}/) * Supports hostpattern (/.\.stcloudstate\.edu/i) VERY experimental
Modified paths:	/trunk/extensions/NetworkAuth (added) (history) /trunk/extensions/NetworkAuth/NetworkAuth.i18n.php (added) (history) /trunk/extensions/NetworkAuth/NetworkAuth.php (added) (history)

Diff [purge]

Index: trunk/extensions/NetworkAuth/NetworkAuth.i18n.php
—	—	@@ -0,0 +1,14 @@
	2	+<?php
	3	+#coding: utf-8
	4	+/**
	5	+ * Internationalisation file for extension NetworkAuth
	6	+ *
	7	+ * @addtogroup Extensions
	8	+*/
	9	+
	10	+$messages = array();
	11	+
	12	+$messages['en'] = array(
	13	+ 'networkauth-name' => 'NetworkAuth',
	14	+ 'networkauth-purltext' => 'NetworkAuth [$1@$2]',
	15	+);
\ No newline at end of file
Property changes on: trunk/extensions/NetworkAuth/NetworkAuth.i18n.php
___________________________________________________________________
Added: svn:eol-style
1	16	+ native
Index: trunk/extensions/NetworkAuth/NetworkAuth.php
—	—	@@ -0,0 +1,175 @@
	2	+<?php
	3	+/** \file
	4	+* \brief Contains code for the NetworkAuth Extension.
	5	+*/
	6	+
	7	+# Not a valid entry point, skip unless MEDIAWIKI is defined
	8	+if (!defined('MEDIAWIKI')) {
	9	+ echo "NetworkAuth extension";
	10	+ exit(1);
	11	+}
	12	+
	13	+$wgNetworkAuthUsers[] = array(
	14	+ 'iprange' => '68.112.142.161/32',
	15	+ 'ippattern' => '/68\.112\.142\.16+/',
	16	+ 'user' => 'TimsComputer');
	17	+
	18	+$wgNetworkAuthUsers[] = array(
	19	+ 'iprange' => '199.17.29.0/24',
	20	+ 'hostpattern' => '/mc-mobile.*\.stcloudstate.edu/i',
	21	+ 'user' => 'HelpdeskComputer');
	22	+
	23	+
	24	+$wgExtensionCredits['other'][] = array(
	25	+ 'name' => 'NetworkAuth',
	26	+ 'version' => '1.0',
	27	+ 'author' => 'Tim Laqua',
	28	+ 'description' => 'Allows you to authenticate users based on network information',
	29	+ 'url' => 'http://www.mediawiki.org/wiki/Extension:NetworkAuth',
	30	+);
	31	+
	32	+$wgExtensionFunctions[] = 'efNetworkAuth_Setup';
	33	+
	34	+function efNetworkAuth_Setup() {
	35	+ global $wgRequest;
	36	+
	37	+ # $wgTitle isn't initalized yet - but we need to know where we are
	38	+ $pageTitle = Title::newFromURL( $wgRequest->getVal('title') );
	39	+
	40	+ if (is_object($pageTitle)) {
	41	+ # Doesn't apply to Userlogin and Userlogout pages - that breaks stuff
	42	+ if (!$pageTitle->isSpecial('Userlogin') && !$pageTitle->isSpecial('Userlogout')) {
	43	+ #Add Messages
	44	+ global $wgMessageCache;
	45	+ require( dirname( __FILE__ ) . '/NetworkAuth.i18n.php' );
	46	+ foreach( $messages as $key => $value ) {
	47	+ $wgMessageCache->addMessages( $messages[$key], $key );
	48	+ }
	49	+
	50	+ efNetworkAuth_Authenticate();
	51	+ }
	52	+ }
	53	+ return true;
	54	+}
	55	+
	56	+function efNetworkAuth_checkForNetworkAuthUser() {
	57	+ global $wgNetworkAuthUsers;
	58	+
	59	+ $ip = wfGetIP();
	60	+
	61	+ foreach ($wgNetworkAuthUsers as $networkAuthUser) {
	62	+ if ( isset( $networkAuthUser['user'] ) ) {
	63	+ if ( isset( $networkAuthUser['iprange'] ) ) {
	64	+ $hex = IP::toHex( $ip );
	65	+ $range = IP::parseRange( $networkAuthUser['iprange'] );
	66	+ if ( $hex >= $range[0] && $hex <= $range[1] ) {
	67	+ global $wgNetworkAuthHost;
	68	+ $wgNetworkAuthHost = $ip;
	69	+ return $networkAuthUser['user'];
	70	+ }
	71	+ }
	72	+
	73	+ if ( isset( $networkAuthUser['ippattern'] ) ) {
	74	+ if ( preg_match( $networkAuthUser['ippattern'], $ip) ) {
	75	+ global $wgNetworkAuthHost;
	76	+ $wgNetworkAuthHost = $ip;
	77	+ return $networkAuthUser['user'];
	78	+ }
	79	+ }
	80	+
	81	+ if ( isset( $networkAuthUser['hostpattern'] ) ) {
	82	+ $host = ar_gethostbyaddr( $ip );
	83	+ if ( preg_match( $networkAuthUser['hostpattern'], $host) ) {
	84	+ global $wgNetworkAuthHost;
	85	+ $wgNetworkAuthHost = $host;
	86	+ return $networkAuthUser['user'];
	87	+ }
	88	+ }
	89	+ } else {
	90	+ # No user for range - useless.
	91	+ }
	92	+ }
	93	+
	94	+ return '';
	95	+}
	96	+
	97	+function efNetworkAuth_Authenticate() {
	98	+ global $wgUser;
	99	+
	100	+ $wgNetworkAuthUser = 'HelpdeskComputer';
	101	+
	102	+ if (!$wgUser->isLoggedIn()) {
	103	+ //echo 'Logged out: ' . $wgUser->getName();
	104	+
	105	+ $networkAuthUser = efNetworkAuth_checkForNetworkAuthUser();
	106	+ if ( $networkAuthUser != '' ) {
	107	+ global $wgNetworkAuthUser;
	108	+ $wgNetworkAuthUser = $networkAuthUser;
	109	+
	110	+ $u = User::newFromName( $wgNetworkAuthUser );
	111	+ }
	112	+
	113	+ if( is_null( $u ) \|\| !User::isUsableName( $u->getName() ) ) {
	114	+ # Not cool. Bad config
	115	+ } else {
	116	+ if ( 0 == $u->getID() ) {
	117	+ # Not cool. Bad username
	118	+ } else {
	119	+ # Finally.
	120	+ $u->load();
	121	+ $wgUser = $u;
	122	+
	123	+ # Since we're not really logged in, just pretending - force a logout
	124	+ # before the page gets displayed.
	125	+ global $wgHooks;
	126	+ $wgHooks['BeforePageDisplay'][] = 'efNetworkAuth_ForceLogout';
	127	+
	128	+ # Add a display message to the personal URLs
	129	+ $wgHooks['PersonalUrls'][] = 'efNetworkAuth_PersonalUrls';
	130	+ }
	131	+ }
	132	+ } else {
	133	+ # Already logged in, do nothing.
	134	+ }
	135	+ return true;
	136	+}
	137	+
	138	+function ar_gethostbyaddr($ip) {
	139	+ $output = `host -W 1 $ip`;
	140	+ if (ereg('.pointer ([A-Za-z0-9.-]+)\..',$output,$regs)) {
	141	+ return $regs[1];
	142	+ }
	143	+ return $ip;
	144	+}
	145	+
	146	+function efNetworkAuth_PersonalUrls($personal_urls, $title) {
	147	+ global $wgNetworkAuthUser, $wgNetworkAuthHost;
	148	+ if (isset($personal_urls['anonuserpage'])) {
	149	+ $personal_urls['anonuserpage']['text'] =
	150	+ wfMsg('networkauth-purltext', $wgNetworkAuthUser, $wgNetworkAuthHost);
	151	+ } else {
	152	+ global $wgUser;
	153	+ $newUrls['anonuserpage'] = array(
	154	+ 'text' => wfMsg('networkauth-purltext', $wgNetworkAuthUser, $wgNetworkAuthHost),
	155	+ 'href' => null,
	156	+ 'active' => true
	157	+ );
	158	+
	159	+ foreach($personal_urls as $key => $value) {
	160	+ if ( $key == 'login' )
	161	+ $newUrls['anonlogin'] = $value;
	162	+ else
	163	+ $newUrls[$key] = $value;
	164	+ }
	165	+ $personal_urls = $newUrls;
	166	+ }
	167	+ return true;
	168	+}
	169	+
	170	+function efNetworkAuth_ForceLogout($out) {
	171	+ # Force logout after most of the permission checks
	172	+ global $wgUser;
	173	+ $wgUser->logout();
	174	+
	175	+ return true;
	176	+}
Property changes on: trunk/extensions/NetworkAuth/NetworkAuth.php
___________________________________________________________________
Added: svn:eol-style
1	177	+ native

Status & tagging log

15:23, 12 September 2011 Meno25 (talk | contribs) changed the status of r28615 [removed: ok added: old]