<?php /** * UAACS based authenticating class and scripts * * @package CommonObjects\Uaacs_authentication * @author Channa Dewamitta * @copyright BizyCorp/Ekwa Internal development Team * @version V2.1.0 */ if ( ! defined('BASEPATH')) exit('No direct script access allowed'); /** * Data encription decription algorithms * */ include_once('pc1.php'); //Encryption/Decryption Algorithm /** * A class to incorporate UAACS into any new application. * * * IMPORTANT :- For logging out, a post var named "UAACS_logout" should be used * with value "YES". * * USAGE :- * * $uaacs = new Uaacs_authentication ; * $uaacs->setLandingPage('http://bizydads.com/channa/portman/clientportfolio.php'); * $uaacs->setAccessKey('j2ghjlzivj8u'); * $uaacs->setSecurityKey('844c1cf009c169d456f5e22f4f3eb737') ; * $uaacs->setAppId(58) ; * $uaacs->setRoleId(456) ; * //Following are optional * $uaacs->setLogoutUrl('http://UAACS.kindersigns.org/API/logout.php'); * $uaacs->setLgnCheckUrl('http://UAACS.kindersigns.org/API/loginCheck.php'); * $uaacs->authenticate(); * $functions = $uaacs->getAllowedFunctions() ; //An array * $myRoles = $uaacs->getAllowedRoles(); //An array * $roleId = $uaacs->getActiveRole(); * $data = $uaacs->getUserData(); //simpleXMLObject * * da: 28da7d * dev sec key: 85d3c6ee8affbff * ACK : yd064wqrbr9 * AS; : eec12d7215ad20eeb1cb4a7eabc9ba47 * * @author Channa Dewamitta <channa@ekwa.com> * @created Sep 01, 2013 * @modified on * @modification * @version V2.1.0 * **/ class Uaacs_authentication { /** * Property Landing Page URL * * @access private protected * @since 2.0 */ protected $landPageUrl; /** * Property Landing Page * * @access private protected * @since 2.0 */ protected $landPage; /** * Property Access Key * * @access private protected * @since 2.0 */ protected $aKey; /** * Property Security Key * * @access private protected * @since 2.0 */ protected $sKey; /** * Property Application ID * * @access private protected * @since 2.0 */ protected $appId; /** * Property Role ID * * @access private protected * @since 2.0 */ protected $roleId; /** * Property logout page URL * * @access private protected * @since 2.0 */ protected $logoutUrl; /** * Property Login Page URL * * @access private protected * @since 2.0 */ protected $loginUrl; /** * Property Login check Page URL * * @access private protected * @since 2.0 */ protected $lgnCheckUrl; /** * Property Allowed roles list * * @access private protected * @since 2.0 */ protected $allowedRoles; /** * Property Allowed function list * * @access private protected * @since 2.0 */ protected $allowedFunctions; /** * Property Active role * * @access private protected * @since 2.0 */ protected $activeRole = FALSE; /** * Property User data structure * * @access private protected * @since 2.0 */ protected $userData; /** * Function __construct * * Class constructor * @access public * @since 2.0 */ function __construct() { $this->logoutUrl = 'http://UAACS.kindersigns.org/API/logout.php'; $this->lgnCheckUrl = 'http://UAACS.kindersigns.org/API/loginCheck.php' ; $this->loginUrl = 'http://UAACS.kindersigns.org/login.php'; //include_once('pc1.php'); } //Property Setters //Property Setters /** * Function setLandingPage * * Sets the landing page param * @param string $url URL of landing page * @return void * @access public * @since 2.0 */ public function setLandingPage($url){ $this->landPageUrl = $url; $this->landPage = file_get_contents("http://tinyurl.com/api-create.php?url={$this->landPageUrl}");//Shortened } /** * Function setAccessKey * * Sets the accesskey param * @param string $aKey access key of app * @return void * @access public * @since 2.0 */ public function setAccessKey($aKey){ $this->aKey = $aKey; } /** * Function setSecurityKey * * Sets the security key param * @param string $sKey security key of app * @return void * @access public * @since 2.0 */ public function setSecurityKey($sKey){ $this->sKey = $sKey; } /** * Function setAppId * * Sets the application ID param * @param string $appId application ID from UAACS * @return void * @access public * @since 2.0 */ public function setAppId($appId){ $this->appId = $appId; } /** * Function setRoleId * * Sets the role ID param * @param string $roleId role ID from UAACS * @return void * @access public * @since 2.0 */ public function setRoleId($roleId){ $this->roleId = $roleId; } /** * Function setLogoutUrl * * Sets the logout script URL param * @param string $logoutUrl url of logout script in UAACS * @return void * @access public * @since 2.0 */ public function setLogoutUrl($logoutUrl){ $this->logoutUrl = $logoutUrl; } /** * Function setLgnCheckUrl * * Sets the login check script URL param * @param string $lgnCheckUrl url of login checking script in UAACS * @return void * @access public * @since 2.0 */ public function setLgnCheckUrl($lgnCheckUrl){ $this->lgnCheckUrl = $lgnCheckUrl; } /** * Function setLoginUrl * * Sets the login script URL param * @param string $loginUrl url of login script in UAACS * @return void * @access public * @since 2.0 */ public function setLoginUrl($loginUrl){ $this->loginUrl = $loginUrl; } //Property Getters /** * Function getLandingPage * * Gets the landing page param * @return string URL of landing page * @access public * @since 2.0 */ public function getLandingPage(){ return $this->landPage ; } /** * Function getAccessKey * * Gets the accesskey param * @return string access key of app * @access public * @since 2.0 */ public function getAccessKey(){ return $this->aKey = $aKey; } /** * Function getSecurityKey * * Gets the security key param * @return string security key of app * @access public * @since 2.0 */ public function getSecurityKey(){ return $this->landPage ; } /** * Function getAppId * * Gets the application ID param * @return string application ID from UAACS * @access public * @since 2.0 */ public function getAppId(){ return $this->sKey ; } /** * Function getRoleId * * Get the role ID param * @@return string role ID from UAACS * @access public * @since 2.0 */ public function getRoleId(){ return $this->roleId ; } /** * Function getLogoutUrl * * Gets the logout script URL param * @return string url of logout script in UAACS * @access public * @since 2.0 */ public function getLogoutUrl(){ return $this->logoutUrl ; } /** * Function getLgnCheckUrl * * Gets the login check script URL param * @return string url of login checking script in UAACS * @access public * @since 2.0 */ public function getLgnCheckUrl(){ return $this->lgnCheckUrl ; } /** * Function getAllowedRoles * * Gets the allowed roles param * @return string list of allowed roles * @access public * @since 2.0 */ public function getAllowedRoles(){ return $this->allowedRoles ; } /** * Function getAllowedFunctions * * Gets the allowed functions param * @return string list of allowed functions * @access public * @since 2.0 */ public function getAllowedFunctions(){ return $this->allowedFunctions ; } /** * Function getActiveRole * * Gets the active role param * @return int the active role ID * @access public * @since 2.0 */ public function getActiveRole(){ return $this->activeRole ; } /** * Function getUserData * * Gets the user specific data param * @return array user specific data * @access public * @since 2.0 */ public function getUserData(){ return $this->userData ; } /** * Method to authenticate the user * * @access public * @param none * @return void But may branch to login page or landing page based on logged * in status with appropriate access dara XML */ public function authenticate(){ log_message('info','POST VARS - '.serialize($_POST)) ; //Handle logouts first if requested for if (isset($_POST['UAACS_logout']) && $_POST['UAACS_logout']=='yes'){ $ls = base64_encode("{$this->appId}|{$this->roleId}|{$this->landPageUrl}"); //unset session vars if (isset($_SESSION['functions_'.$this->appId]))unset($_SESSION['functions_'.$this->appId]) ; if (isset($_SESSION['roles_'.$this->appId])) unset($_SESSION['roles_'.$this->appId]) ; if (isset($_SESSION['roleId_'.$this->appId])) unset($_SESSION['roleId_'.$this->appId]); if (isset($_SESSION['user_id_'.$this->appId])) unset($_SESSION['user_id_'.$this->appId]); //Redirect to logout header("Location:{$this->logoutUrl}?ls=".$ls); exit(); } //Handle login if(!(isset($_POST['lc'])) || $_POST['lc'] != 'yes') //If Login Status check is not being performed yet { $ddata = "$this->appId|$this->roleId|$this->aKey|$this->sKey|$this->landPage";//Data delimited by pipe character (application id, role id, others see above header("Location:{$this->lgnCheckUrl}?d=".base64_encode($ddata));//d = Data base64 encoded, request being made exit(); //This is very important } $pc1 = new PC1(); //$pk = 'cF12#&*)1N!z'; $pk = 'cF12$g8JK#&*)1N!z'; $data = $pc1->decrypt($_POST['data'],$pk); // Decrypt Access data $this->userData = new SimpleXMLElement($data); if( (string)$this->userData->RESULT == 'NOTLOGGEDIN'){ header("Location:{$this->loginUrl}?a={$this->appId}&r={$this->roleId}&showRL=yes&L=".urlencode($this->landPageUrl)); exit(); //This is very important } //Get allowed functions $myFunctions = $this->userData->DATALIST->USER->ACL->FUNCTION; foreach ($myFunctions as $value){ $this->allowedFunctions[(string) $value->FUNCTIONID]= true; } //Get Allowed Roles $myRoles = $this->userData->DATALIST->USER->ACL->ROLE; foreach ($myRoles as $value){ $this->allowedRoles[(string)$value->ROLEID]['NAME'] = (string) $value->ROLENAME; $this->allowedRoles[(string)$value->ROLEID]['ACTIVEROLE']= isset($value->ACTIVEROLE)? true:false; if (isset($value->ACTIVEROLE)) $this->activeRole = (string)$value->ROLEID; } } } /* End of file Someclass.php */