Context Navigation

source: branches/2.2.0.1/preferences/handlecertificate.php @ 4123

Revision 4123, 12.9 KB checked in by rafaelraymundo, 13 years ago (diff)
Ticket #1739 - Login com certificado em atributo customizável.

Line
1	<?php
2	$GLOBALS['phpgw_info']['flags'] = array(
3	'noheader' => True,
4	'nonavbar' => True,
5	'currentapp' => 'preferences'
6	);
7	if(file_exists('../header.inc.php'))
8	{
9	include('../header.inc.php');
10	}
11	else
12	{
13	echo '1'.chr(0x0D).chr(0x0A).lang('Error. header.inc.php not found');
14	exit();
15	}
16	if($_POST['certificado'])
17	{
18	$GLOBALS['phpgw_info']['flags']['app_header'] = lang('Digital Certificate Registration');
19	$GLOBALS['phpgw']->common->phpgw_header();
20	echo parse_navbar();
21	echo '<form id="answerForm" name="answerForm" method="POST" action="index.php" >';
22	echo '<BR/><BR/><BR/>';
23
24	require_once('../security/classes/CertificadoB.php');
25	require_once('../security/classes/Verifica_Certificado.php');
26	include('../security/classes/Verifica_Certificado_conf.php');
27	$cert =str_replace(chr(0x0A).chr(0x0A),chr(0x0A),$_POST['certificado']);
28	$cert = troca_espaco_por_mais($cert);
29	$c = new certificadoB();
30	$c->certificado($cert);
31	if (!$c->apresentado)
32	{
33	echo '<div align="center"><h2>'.lang('Fail to get certificate').'</h2>';
34	exit();
35	}
36	$b = new Verifica_Certificado($c->dados,$cert);
37	// Testa se Certificado OK.
38	if(!$b->status)
39	{
40	$msg = '3'.chr(0x0D).chr(0x0A).$b->msgerro;
41	foreach($b->erros_ssl as $linha)
42	{
43	$msg .= "\n" . $linha;
44	}
45	echo '<div align="center"><h2>'.$msg.'</h2>';
46	exit();
47	}
48	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
49	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
50	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
51	{
52	$ds = $GLOBALS['phpgw']->common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_master_host'],
53	$GLOBALS['phpgw_info']['server']['ldap_master_root_dn'],
54	$GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
55	}
56	else
57	{
58	$ds = $GLOBALS['phpgw']->common->ldapConnect();
59	}
60	if (!$ds)
61	{
62	echo '<div align="center"><h2>'.lang('Failure when get user data to login').'</h2>';
63	exit();
64	}
65	$cert_atrib_cpf = isset($GLOBALS['phpgw_info']['server']['certificado_atributo_cpf'])&&$GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']!=''?$GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']:"uid";
66	// CPF he valor obrigatório no certificado ICP-BRASIL.
67	$filtro = $cert_atrib_cpf .'='. $c->dados['2.16.76.1.3.1']['CPF'];
68	$atributos = array();
69	if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']) && $GLOBALS['phpgw_info']['server']['atributoexpiracao'])
70	{
71	$atributos[] = $GLOBALS['phpgw_info']['server']['atributoexpiracao'];
72	}
73	else
74	{
75	$atributos[] = 'phpgwlastpasswdchange';
76	}
77	$atributos[] = "userCertificate";
78	$atributos[] = "uid";
79	$sr=ldap_search($ds, $GLOBALS['phpgw_info']['server']['ldap_context'],$filtro,$atributos);
80	// Pega resultado ....
81	$info = ldap_get_entries($ds, $sr);
82	// Tem de achar só uma entrada.....ao menos uma....
83	if($info["count"]!=1)
84	{
85	echo '<div align="center"><h2>'.lang('Invalid data from users directory').'('.$cert_atrib_cpf.' = ' . $c->dados['2.16.76.1.3.1']['CPF'] . ')'.'</h2>';
86	ldap_close($ds);
87	exit();
88	}
89	if($info[0]["uid"][0] != $GLOBALS['phpgw_info']['user']['userid'])
90	{
91	echo '<div align="center"><h2>'.lang('Invalid data from users directory').'('.$cert_atrib_cpf.' = ' . $c->dados['2.16.76.1.3.1']['CPF'] . ' - ' . $info[0]["uid"][0] . ' - ' . $GLOBALS['phpgw_info']['user']['userid'] . ')'.'</h2>';
92	ldap_close($ds);
93	exit();
94	}
95	if($info[0]["userCertificate"][0] && $cert == $info[0]["userCertificate"][0] )
96	{
97	//echo '0'.chr(0x0D).chr(0x0A).$info[0]["uid"][0].chr(0x0D).chr(0x0A).$info[0]["cryptpassword"][0];
98	echo '<div align="center"><h2>'.lang('Certificate already registered').'</h2>';
99	ldap_close($ds);
100	exit();
101	}
102	$user_info = array();
103	$aux1 = $info[0]["dn"];
104	$user_info['userCertificate'] = $cert;
105	if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao']) && $GLOBALS['phpgw_info']['server']['atributoexpiracao'])
106	{
107	if(substr($info[0][$GLOBALS['phpgw_info']['server']['atributoexpiracao']][0],-1,1)=="Z")
108	{
109	$user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '19800101000000Z';
110	}
111	else
112	{
113	$user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '0';
114	}
115	}
116	else
117	{
118	$user_info['phpgwlastpasswdchange'] = '0';
119	}
120	if(!ldap_modify($ds,$aux1,$user_info))
121	{
122	echo '<div align="center"><h2>'.lang('Error in Certificate registration'). ' - ' . $aux1.'</h2>';
123	}
124	else
125	{
126	echo '<div align="center"><h2>'.lang('To conclude your Certificate registration change your password').'</h2>';
127	}
128
129	echo '<h2><img style="border:0px;margin:31px 0px 58px 0px;" src="../phpgwapi/templates/default/images/acao.gif" /></h2>';
130	echo '<input type="submit" name="ok" value="' . lang('ok') . '" ></div></form>';
131	$GLOBALS['phpgw']->common->phpgw_footer();
132	ldap_close($ds);
133	exit();
134	}
135	else
136	{
137	$GLOBALS['phpgw_info']['flags']['app_header'] = lang('Digital Certificate Registration');
138	$GLOBALS['phpgw']->common->phpgw_header();
139	echo parse_navbar();
140	if ($GLOBALS['phpgw_info']['server']['certificado']==1)
141	{
142	$var_tokens = '';
143	for($ii = 1; $ii < 11; $ii++)
144	{
145	if($GLOBALS['phpgw_info']['server']['test_token' . $ii . '1'])
146	$var_tokens .= $GLOBALS['phpgw_info']['server']['test_token' . $ii . '1'] . ',';
147	}
148	if(!$var_tokens)
149	{
150	$var_tokens = 'ePass2000Lx;/usr/lib/libepsng_p11.so,ePass2000Win;c:/windows/system32/ngp11v211.dll';
151	}
152	$param1 = "
153	'<param name=\"token\" value=\"" . substr($var_tokens,0,strlen($var_tokens)) . "\"> ' +
154	";
155	$param2 = "
156	'token=\"" . substr($var_tokens,0,strlen($var_tokens)) . "\" ' +
157	";
158	$cod_applet =
159	/* // com debug ativado
160	'<script type="text/javascript">
161	if (navigator.userAgent.match(\'MSIE\')){
162	document.write(\'<object style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" \' +
163	\'classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"> \' +
164	\'<param name="type" value="application/x-java-applet;version=1.5"> \' +
165	\'<param name="code" value="LoginApplet.class"> \' +
166	\'<param name="locale" value="' . $lang . '"> \' +
167	\'<param name="mayscript" value="true"> \' + '
168	. $param1
169	. ' \'<param name="archive" value="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar"> \' +
170	\'<param name="debug" value="true"> \' +
171	\'</object>\');
172	}
173	else {
174	document.write(\'<embed style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" code="LoginApplet.class" locale="' . $lang . '"\' +
175	\'archive="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar" \' + '
176	. $param2
177	. ' \'type="application/x-java-applet;version=1.5" debug= "true" mayscript > \' +
178	\'<noembed> \' +
179	\'No Java Support. \' +
180	\'</noembed> \' +
181	\'</embed> \');
182	}
183	</script>';
184	*/
185	// sem debug ativado
186	'<script type="text/javascript">
187	if (navigator.userAgent.match(\'MSIE\')){
188	document.write(\'<object style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" \' +
189	\'classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"> \' +
190	\'<param name="type" value="application/x-java-applet;version=1.5"> \' +
191	\'<param name="codebase" value="/security/">\' +
192	\'<param name="code" value="LoginApplet.class"> \' +
193	\'<param name="locale" value="' . $lang . '"> \' +
194	\'<param name="mayscript" value="true"> \' + '
195	. $param1
196	. ' \'<param name="archive" value="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar"> \' +
197	\'</object>\');
198	}
199	else {
200	document.write(\'<embed style="display:yes;width:0;height:0;vertical-align:bottom;" id="login_applet" codebase="/security/" code="LoginApplet.class" locale="' . $lang . '"\' +
201	\'archive="ExpressoCertLogin.jar,ExpressoCert.jar,commons-httpclient-3.1.jar,commons-logging-1.1.1.jar,commons-codec-1.3.jar,bcmail-jdk15-142.jar,mail.jar,activation.jar,bcprov-jdk15-142.jar" \' + '
202	. $param2
203	. ' \'type="application/x-java-applet;version=1.5" mayscript > \' +
204	\'<noembed> \' +
205	\'No Java Support. \' +
206	\'</noembed> \' +
207	\'</embed> \');
208	}
209	</script>';
210	echo $cod_applet;
211	echo '<form id="certificateForm" name="certificateForm" method="POST" action="handlecertificate.php" >';
212	echo '<BR/><BR/><BR/>';
213	echo '<div align="center"><h2>'.lang('Getting your Certificate').'</h2>';
214	echo '<h2><img style="border:0px;margin:31px 0px 58px 0px;" src="../phpgwapi/templates/default/images/acao.gif" /></h2>';
215	echo '<input type="hidden" name="certificado" value="" />';
216	echo '<input type="submit" name="cancel" value="' . lang('cancel') . '" ></div></form>';
217	$GLOBALS['phpgw']->common->phpgw_footer();
218	}
219	}
220	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: