Context Navigation

source: branches/2.2.0.1/preferences/handlecertificate.php @ 3991

Revision 3991, 11.7 KB checked in by rafaelraymundo, 13 years ago (diff)
Ticket #1739 - Login com certificado em atributo customizável

Line
1	<?php
2	$GLOBALS['phpgw_info']['flags'] = array(
3	'noheader' => True,
4	'nonavbar' => True,
5	'currentapp' => 'preferences'
6	);
7	if(file_exists('../header.inc.php'))
8	{
9	include('../header.inc.php');
10	}
11	else
12	{
13	echo '1'.chr(0x0D).chr(0x0A).lang('Error. header.inc.php not found');
14	exit();
15	}
16	if($_POST['certificado'])
17	{
18	require_once('../security/classes/CertificadoB.php');
19	require_once('../security/classes/Verifica_Certificado.php');
20	include('../security/classes/Verifica_Certificado_conf.php');
21	$cert =str_replace(chr(0x0A).chr(0x0A),chr(0x0A),$_POST['certificado']);
22	$cert = troca_espaco_por_mais($cert);
23	$c = new certificadoB();
24	$c->certificado($cert);
25	if (!$c->apresentado)
26	{
27	echo '2'.chr(0x0D).chr(0x0A).lang('Fail to get certificate');
28	exit();
29	}
30	$b = new Verifica_Certificado($c->dados,$cert);
31	// Testa se Certificado OK.
32	if(!$b->status)
33	{
34	$msg = '3'.chr(0x0D).chr(0x0A).$b->msgerro;
35	foreach($b->erros_ssl as $linha)
36	{
37	$msg .= "\n" . $linha;
38	}
39	echo $msg;
40	exit();
41	}
42	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
43	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
44	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
45	{
46	$ds = $GLOBALS['phpgw']->common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_master_host'],
47	$GLOBALS['phpgw_info']['server']['ldap_master_root_dn'],
48	$GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
49	}
50	else
51	{
52	$ds = $GLOBALS['phpgw']->common->ldapConnect();
53	}
54	if (!$ds)
55	{
56	echo '4'.chr(0x0D).chr(0x0A).lang('Failure when get user data to login');
57	exit();
58	}
59	$cert_atrib_cpf = isset($GLOBALS['phpgw_info']['server']['certificado_atributo_cpf'])&&$GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']!=''?$GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']:"uid";
60	// CPF he valor obrigatório no certificado ICP-BRASIL.
61	$filtro = $cert_atrib_cpf .'='. $c->dados['2.16.76.1.3.1']['CPF'];
62	$atributos = array();
63	if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']) && $GLOBALS['phpgw_info']['server']['atributoexpiracao'])
64	{
65	$atributos[] = $GLOBALS['phpgw_info']['server']['atributoexpiracao'];
66	}
67	else
68	{
69	$atributos[] = 'phpgwlastpasswdchange';
70	}
71	$atributos[] = "userCertificate";
72	$atributos[] = "uid";
73	$sr=ldap_search($ds, $GLOBALS['phpgw_info']['server']['ldap_context'],$filtro,$atributos);
74	// Pega resultado ....
75	$info = ldap_get_entries($ds, $sr);
76	// Tem de achar só uma entrada.....ao menos uma....
77	if($info["count"]!=1)
78	{
79	echo '5'.chr(0x0D).chr(0x0A).lang('Invalid data from users directory').'('.$cert_atrib_cpf.' = ' . $c->dados['2.16.76.1.3.1']['CPF'] . ')';
80	ldap_close($ds);
81	exit();
82	}
83	if($info[0]["userCertificate"][0] && $cert == $info[0]["userCertificate"][0] )
84	{
85	//echo '0'.chr(0x0D).chr(0x0A).$info[0]["uid"][0].chr(0x0D).chr(0x0A).$info[0]["cryptpassword"][0];
86	echo '6'.chr(0x0D).chr(0x0A).lang('Certificate already registered');
87	ldap_close($ds);
88	exit();
89	}
90	$user_info = array();
91	$aux1 = $info[0]["dn"];
92	$user_info['userCertificate'] = $cert;
93	if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']) && $GLOBALS['phpgw_info']['server']['atributoexpiracao'])
94	{
95	if(substr($info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0],-1,1)=="Z")
96	{
97	$user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '19800101000000Z';
98	}
99	else
100	{
101	$user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '0';
102	}
103	}
104	else
105	{
106	$user_info['phpgwlastpasswdchange'] = '0';
107	}
108	if(!ldap_modify($ds,$aux1,$user_info))
109	{
110	echo '7'.chr(0x0D).chr(0x0A).lang('Error in Certificate registration'). ' - ' . $aux1;
111	}
112	else
113	{
114	echo '0'.chr(0x0D).chr(0x0A).lang('To conclude your Certificate registration change your password');
115	}
116	ldap_close($ds);
117	exit();
118	}
119	else
120	{
121	$GLOBALS['phpgw_info']['flags']['app_header'] = lang('Digital Certificate Registration');
122	$GLOBALS['phpgw']->common->phpgw_header();
123	echo parse_navbar();
124	if ($GLOBALS['phpgw_info']['server']['certificado']==1)
125	{
126	$var_tokens = '';
127	for($ii = 1; $ii < 11; $ii++)
128	{
129	if($GLOBALS['phpgw_info']['server']['test_token' . $ii . '1'])
130	$var_tokens .= $GLOBALS['phpgw_info']['server']['test_token' . $ii . '1'] . ',';
131	}
132	if(!$var_tokens)
133	{
134	$var_tokens = 'ePass2000Lx;/usr/lib/libepsng_p11.so,ePass2000Win;c:/windows/system32/ngp11v211.dll';
135	}
136	$param1 = "
137	'<param name=\"token\" value=\"" . substr($var_tokens,0,strlen($var_tokens)) . "\"> ' +
138	";
139	$param2 = "
140	'token=\"" . substr($var_tokens,0,strlen($var_tokens)) . "\" ' +
141	";
142	$cod_applet =
143	/* // com debug ativado
144	'<script type="text/javascript">
145	if (navigator.userAgent.match(\'MSIE\')){
146	document.write(\'<object style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" \' +
147	\'classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"> \' +
148	\'<param name="type" value="application/x-java-applet;version=1.5"> \' +
149	\'<param name="code" value="LoginApplet.class"> \' +
150	\'<param name="locale" value="' . $lang . '"> \' +
151	\'<param name="mayscript" value="true"> \' + '
152	. $param1
153	. ' \'<param name="archive" value="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar"> \' +
154	\'<param name="debug" value="true"> \' +
155	\'</object>\');
156	}
157	else {
158	document.write(\'<embed style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" code="LoginApplet.class" locale="' . $lang . '"\' +
159	\'archive="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar" \' + '
160	. $param2
161	. ' \'type="application/x-java-applet;version=1.5" debug= "true" mayscript > \' +
162	\'<noembed> \' +
163	\'No Java Support. \' +
164	\'</noembed> \' +
165	\'</embed> \');
166	}
167	</script>';
168	*/
169	// sem debug ativado
170	'<script type="text/javascript">
171	if (navigator.userAgent.match(\'MSIE\')){
172	document.write(\'<object style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" \' +
173	\'classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"> \' +
174	\'<param name="type" value="application/x-java-applet;version=1.5"> \' +
175	\'<param name="codebase" value="/security/">\' +
176	\'<param name="code" value="LoginApplet.class"> \' +
177	\'<param name="locale" value="' . $lang . '"> \' +
178	\'<param name="mayscript" value="true"> \' + '
179	. $param1
180	. ' \'<param name="archive" value="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar"> \' +
181	\'</object>\');
182	}
183	else {
184	document.write(\'<embed style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" codebase="/security/" code="LoginApplet.class" locale="' . $lang . '"\' +
185	\'archive="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar" \' + '
186	. $param2
187	. ' \'type="application/x-java-applet;version=1.5" mayscript > \' +
188	\'<noembed> \' +
189	\'No Java Support. \' +
190	\'</noembed> \' +
191	\'</embed> \');
192	}
193	</script>';
194	echo $cod_applet;
195	echo '<form method="POST" action="preferences" >';
196	echo '<BR/><BR/><BR/>';
197	echo '<div align="center"><h2>'.lang('Getting your Certificate').'</h2>';
198	echo '<h2><img style="border:0px;margin:31px 0px 58px 0px;" src="../phpgwapi/templates/default/images/acao.gif" /></h2>';
199	echo '<input type="submit" name="cancel" value="' . lang('cancel') . '" ></div>';
200	$GLOBALS['phpgw']->common->phpgw_footer();
201	}
202	}
203	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: