diff options
author | jrags <> | 2006-11-01 04:47:01 +0000 |
---|---|---|
committer | jrags <> | 2006-11-01 04:47:01 +0000 |
commit | 6d28e3f62535bb637b08287585bf9c13dfd756d2 (patch) | |
tree | ea8e6ba21ff3f5fcf7c16933d7c9a8ed224a2412 /framework/Web/Security | |
parent | b4403995107c4440b4e19dd5e5e8385e0eac2a5a (diff) |
Update of new Security code, currently working on making TLogin functional so we can test the providers soon.
Diffstat (limited to 'framework/Web/Security')
-rw-r--r-- | framework/Web/Security/Principal/IIdentity.php | 24 | ||||
-rw-r--r-- | framework/Web/Security/Principal/IPrincipal.php | 19 | ||||
-rw-r--r-- | framework/Web/Security/Principal/TGenericIdentity.php | 48 | ||||
-rw-r--r-- | framework/Web/Security/Principal/TGenericPrincipal.php | 34 | ||||
-rw-r--r-- | framework/Web/Security/TCookieProtection.php | 27 | ||||
-rw-r--r-- | framework/Web/Security/TDefaultAuthenticationModule.php | 15 | ||||
-rw-r--r-- | framework/Web/Security/TFormsAuthentication.php | 96 | ||||
-rw-r--r-- | framework/Web/Security/TFormsAuthenticationModule.php | 126 | ||||
-rw-r--r-- | framework/Web/Security/TFormsAuthenticationTicket.php | 124 | ||||
-rw-r--r-- | framework/Web/Security/TFormsIdentity.php | 71 | ||||
-rw-r--r-- | framework/Web/Security/TMembershipProvider.php | 1 | ||||
-rw-r--r-- | framework/Web/Security/TRoleManagerModule.php | 11 | ||||
-rw-r--r-- | framework/Web/Security/TSqlMembershipProvider.php | 2 |
13 files changed, 595 insertions, 3 deletions
diff --git a/framework/Web/Security/Principal/IIdentity.php b/framework/Web/Security/Principal/IIdentity.php new file mode 100644 index 00000000..89bc0f70 --- /dev/null +++ b/framework/Web/Security/Principal/IIdentity.php @@ -0,0 +1,24 @@ +<?php +/** + * IIdentity interface. + * Defines the basic functionality of a principal object. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: IIdentity.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security.Principal + * @since 3.1 + */ +interface IIdentity +{ + private $_authenticationType; + private $_isAuthenticated; + private $_name; + + public function getAuthenticationType(); + public function setAuthenticationType($value); + public function getIsAuthenticated(); + public function setIsAuthenticated($value); + public function getName(); + public function setName($value); +} +?>
\ No newline at end of file diff --git a/framework/Web/Security/Principal/IPrincipal.php b/framework/Web/Security/Principal/IPrincipal.php new file mode 100644 index 00000000..9503387a --- /dev/null +++ b/framework/Web/Security/Principal/IPrincipal.php @@ -0,0 +1,19 @@ +<?php +/** + * IPrincipal interface. + * Defines the basic functionality of an identity object. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: IIdentity.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security.Principal + * @since 3.1 + */ +interface IPrincipal +{ + private $_identity; + + public function getIdentity(); + public function setIdentity($value); + public function isInRole($role); +} +?>
\ No newline at end of file diff --git a/framework/Web/Security/Principal/TGenericIdentity.php b/framework/Web/Security/Principal/TGenericIdentity.php new file mode 100644 index 00000000..037ebc42 --- /dev/null +++ b/framework/Web/Security/Principal/TGenericIdentity.php @@ -0,0 +1,48 @@ +<?php +/** + * TGenericIdentity class. + * Represents a generic user. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TGenericIdentity.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security.Principal + * @since 3.1 + */ +Prado::using('System.Web.Security.Principal.IIdentity'); +class TGenericIdentity implements IIdentity +{ + private $_authenticationType; + private $_isAuthenticated; + private $_name; + + public function getAuthenticationType() + { + return $this->_authenticationType; + } + public function setAuthenticationType($value) + { + $this->_authenticationType = TPropertyValue::ensureString($value); + } + public function getIsAuthenticated() + { + return $this->_isAuthenticated; + } + public function setIsAuthenticated($value) + { + $this->_isAuthenticated = TPropertyValue::ensureBoolean($value); + } + public function getName() + { + return $this->_name; + } + public function setName($value) + { + $this->_name = TPropertyValue::ensureString($value); + } + + public function __construct($name, $type=null) + { + + } +} +?>
\ No newline at end of file diff --git a/framework/Web/Security/Principal/TGenericPrincipal.php b/framework/Web/Security/Principal/TGenericPrincipal.php new file mode 100644 index 00000000..8e07388e --- /dev/null +++ b/framework/Web/Security/Principal/TGenericPrincipal.php @@ -0,0 +1,34 @@ +<?php +/** + * TGenericPrincipal class. + * Represents a generic principal. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TGenericPrincipal.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security.Principal + * @since 3.1 + */ +Prado::using('System.Web.Security.Principal.IPrincipal'); +class TGenericPrincipal implements IPrincipal +{ + private $_identity; + + public function getIdentity() + { + return $this->_identity; + } + public function setIdentity($value) + { + $this->_identity = TPropertyValue::ensureString($value); + } + + public function __construct($name, $type=null) + { + + } + public function isInRole($role) + { + + } +} +?>
\ No newline at end of file diff --git a/framework/Web/Security/TCookieProtection.php b/framework/Web/Security/TCookieProtection.php new file mode 100644 index 00000000..2a757898 --- /dev/null +++ b/framework/Web/Security/TCookieProtection.php @@ -0,0 +1,27 @@ +<?php +/** + * TCookieProtection class. + * Describes how information in a cookie is protected. + * + * All Use both Validation and Encryption to protect the information + * in the cookie. + * Encryption Encrypt the information in the cookie. + * None Do not protect information in the cookie. Information in the + * cookie is stored in clear text and not validated when sent back + * to the server. + * Validation Ensure that the information in the cookie has not been altered + * before being sent back to the server. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TCookieProtection.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security + * @since 3.1 + */ +class TCookieProtection extends TEnumerable +{ + const All='All'; + const Encryption='Encryption'; + const None='None'; + const Validation='Validation'; +} +?>
\ No newline at end of file diff --git a/framework/Web/Security/TDefaultAuthenticationModule.php b/framework/Web/Security/TDefaultAuthenticationModule.php new file mode 100644 index 00000000..03d6e758 --- /dev/null +++ b/framework/Web/Security/TDefaultAuthenticationModule.php @@ -0,0 +1,15 @@ +<?php +/** + * TDefaultAuthenticationModule class. + * Ensures that an authentication object is present in the context. This class cannot be inherited. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TDefaultAuthenticationModule.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security + * @since 3.1 + */ +final class TDefaultAuthenticationModule extends TModule +{ + +} +?>
\ No newline at end of file diff --git a/framework/Web/Security/TFormsAuthentication.php b/framework/Web/Security/TFormsAuthentication.php new file mode 100644 index 00000000..5830d7eb --- /dev/null +++ b/framework/Web/Security/TFormsAuthentication.php @@ -0,0 +1,96 @@ +<?php +/** + * TFormsAuthentication class. + * Manages forms-authentication services for Web applications. This class cannot be inherited. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TFormsAuthentication.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security + * @since 3.1 + */ +final class TFormsAuthentication +{ + private static $_cookieDomain; + private static $_cookieMode; + private static $_cookiesSupported; + private static $_defaultUrl; + private static $_enableCrossAppRedirects; + private static $_formsCookieName; + private static $_formsCookiePath; + private static $_loginUrl; + private static $_requireSSL; + private static $_slidingExpiration; + + public static function getCookiePath() + { + return self::$_cookieDomain; + } + public static function setCookiePath($value) + { + self::$_cookieDomain = TPropertyValue::ensureString($value); + } + + public function __construct() + { + + } + + public static Authenticate($name, $password); + public static Decrypt($encryptedTicket); + public static Encrypt($ticket); + private static Encrypt($ticket, $hexEncodedTicket); + public static GetAuthCookie( $$userName, $createPersistentCookie); + public static GetAuthCookie( $$userName, $createPersistentCookie, strCookiePath); + private static GetAuthCookie( $userName, $createPersistentCookie, strCookiePath, hexEncodedTicket); + public static GetLoginPage( $extraQuery); + public static GetLoginPage( $extraQuery, $reuseReturnUrl); + public static GetRedirectUrl( $userName, $createPersistentCookie); + public static GetReturnUrl( $useDefaultIfAbsent); + public static HashPasswordForStoringInConfigFile($password, $passwordFormat); + public static Initialize(); + private static ernalAuthenticate( $name, $password); + private static IsPathWithinAppRoot($context, $path); + private static MakeTicketoBinaryBlob($ticket); + public static RedirectFromLoginPage($userName, $createPersistentCookie); + public static RedirectFromLoginPage($userName, $createPersistentCookie, $strCookiePath); + public static RedirectToLoginPage(); + public static RedirectToLoginPage($extraQuery); + private static RemoveQSVar($ref $strUrl, $posQ, $token, $sep, $lenAtStartToLeave); + public static RemoveQueryVariableFromUrl( $strUrl, $QSVar); + public static RenewTicketIfOld($tOld); + public static SetAuthCookie( $userName, $createPersistentCookie); + public static SetAuthCookie( $userName, $createPersistentCookie, $strCookiePath); + public static SignOut(); + + // Properties + public static CookieDomain { get; } + public static HttpCookieMode CookieMode { get; } + public static CookiesSupported { get; } + public static DefaultUrl { get; } + public static EnableCrossAppRedirects { get; } + public static FormsCookieName { get; } + public static FormsCookiePath { get; } + public static LoginUrl { get; } + public static RequireSSL { get; } + public static SlidingExpiration { get; } + + // Fields + private static _CookieDomain; + private static HttpCookieMode _CookieMode; + private static _DefaultUrl; + private static _EnableCrossAppRedirects; + private static _FormsCookiePath; + private static _FormsName; + private static _Initialized; + private static object _lockObject; + private static _LoginUrl; + private static FormsProtectionEnum _Protection; + private static _RequireSSL; + private static _SlidingExpiration; + private static _Timeout; + private const CONFIG_DEFAULT_COOKIE = ".ASPXAUTH"; + private const MAC_LENGTH = 20; + private const MAX_TICKET_LENGTH = 0x1000; + ernal const RETURN_URL = "ReturnUrl"; +} +?>
\ No newline at end of file diff --git a/framework/Web/Security/TFormsAuthenticationModule.php b/framework/Web/Security/TFormsAuthenticationModule.php new file mode 100644 index 00000000..df0d5300 --- /dev/null +++ b/framework/Web/Security/TFormsAuthenticationModule.php @@ -0,0 +1,126 @@ +<?php +/** + * TFormsAuthenticationModule class. + * Sets the identity of the user for an PRADO application when forms authentication is enabled. + * This class cannot be inherited. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TFormsAuthenticationModule.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security + * @since 3.1 + */ +final class TFormsAuthenticationModule extends TModule +{ + /** + * @var boolean if the module has been initialized + */ + private $_initialized=false; + + private static $_fAuthChecked=false; + private static $_fAuthRequired=false; + private $_fFormsInit; + private $_formsName; + private $_loginUrl; + const CONFIG_DEFAULT_COOKIE = ".ASPXAUTH"; + const CONFIG_DEFAULT_LOGINURL = "login.aspx"; + + //Is this the best way to do it?? i dont see how the forms module knows about the provider + private $_defaultProvider; + + public function getDefaultProvider() + { + return $this->_defaultProvider; + } + public function setDefaultProvider($value) + { + $this->_defaultProvider = TPropertyValue::ensureString($value); + } + + public function __construct() + { + + } + /** + * Initializes this module. + * This method is required by the IModule interface. + * @param TXmlElement configuration for this module, can be null + * @throws TConfigurationException if user manager does not exist or is not IUserManager + */ + public function init($config) + { + $this->getApplication()->attachEventHandler('OnAuthentication',array($this,'doAuthentication')); + $this->getApplication()->attachEventHandler('OnEndRequest',array($this,'leave')); + $this->getApplication()->attachEventHandler('OnAuthorization',array($this,'doAuthorization')); + $this->_initialized=true; + } + + private static function extractTicketFromCookie($context, $name) + { + + } + /** + * Performs authentication. + * This is the event handler attached to application's Authentication event. + * Do not call this method directly. + * @param mixed sender of the Authentication event + * @param mixed event parameter + */ + public function doAuthentication($sender,$param) + { + Prado::using('System.Util.TVarDumper'); +// echo TVarDumper::dump(__METHOD__,10,true); + } + /** + * Performs login redirect if authorization fails. + * This is the event handler attached to application's EndRequest event. + * Do not call this method directly. + * @param mixed sender of the event + * @param mixed event parameter + */ + public function leave($sender,$param) + { + Prado::using('System.Util.TVarDumper'); +// echo TVarDumper::dump(__METHOD__,10,true); + } + /** + * Performs authorization. + * This is the event handler attached to application's Authorization event. + * Do not call this method directly. + * @param mixed sender of the Authorization event + * @param mixed event parameter + */ + public function doAuthorization($sender,$param) + { + Prado::using('System.Util.TVarDumper'); +// echo TVarDumper::dump(__METHOD__,10,true); + } +} +//public sealed class FormsAuthenticationModule : IHttpModule +//{ +// // Events +// public event FormsAuthenticationEventHandler Authenticate; +// +// // Methods +// [SecurityPermission(SecurityAction.Demand, Unrestricted=true)] +// public FormsAuthenticationModule(); +// public void Dispose(); +// private static FormsAuthenticationTicket +//ExtractTicketFromCookie(HttpContext context, string name, out bool +//cookielessTicket); +// public void Init(HttpApplication app); +// private void OnAuthenticate(FormsAuthenticationEventArgs e); +// private void OnEnter(object source, EventArgs eventArgs); +// private void OnLeave(object source, EventArgs eventArgs); +// private static void Trace(string str); +// +// // Fields +// private FormsAuthenticationEventHandler _eventHandler; +// private static bool _fAuthChecked; +// private static bool _fAuthRequired; +// private bool _fFormsInit; +// private string _FormsName; +// private string _LoginUrl; +// private const string CONFIG_DEFAULT_COOKIE = ".ASPXAUTH"; +// private const string CONFIG_DEFAULT_LOGINURL = "login.aspx"; +//} +?>
\ No newline at end of file diff --git a/framework/Web/Security/TFormsAuthenticationTicket.php b/framework/Web/Security/TFormsAuthenticationTicket.php new file mode 100644 index 00000000..e53b68b2 --- /dev/null +++ b/framework/Web/Security/TFormsAuthenticationTicket.php @@ -0,0 +1,124 @@ +<?php +/** + * TFormsAuthenticationTicket class. + * Provides access to properties and values of the ticket used with forms + * authentication to identify users. This class cannot be inherited. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TFormsAuthenticationTicket.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security + * @since 3.1 + */ +final class TFormsAuthenticationTicket +{ + private $_cookiePath; + private $_expiration; + private $_expired; + private $_isPersistent; + private $_issueDate; + private $_name; + private $_userData; + private $_version; + + public function getCookiePath() + { + return $this->_cookiePath; + } + public function setCookiePath($value) + { + $this->_cookiePath = TPropertyValue::ensureString($value); + } + public function getExpiration() + { + return $this->_expiration; + } + public function setExpiration($value) + { + $this->_expiration = TPropertyValue::ensureString($value); + } + public function getExpired() + { + return $this->_expired; + } + public function setExpired($value) + { + $this->_expired = TPropertyValue::ensureString($value); + } + public function getIsPersistent() + { + return $this->_isPersistent; + } + public function setIsPersistent($value) + { + $this->_isPersistent = TPropertyValue::ensureString($value); + } + public function getIssueDate() + { + return $this->_issueDate; + } + public function setIssueDate($value) + { + $this->_issueDate = TPropertyValue::ensureString($value); + } + public function getName() + { + return $this->_name; + } + public function setName($value) + { + $this->_name = TPropertyValue::ensureString($value); + } + public function getUserData() + { + return $this->_userData; + } + public function setUserData($value) + { + $this->_userData = TPropertyValue::ensureString($value); + } + public function getVersion() + { + return $this->_version; + } + public function setVersion($value) + { + $this->_version = TPropertyValue::ensureString($value); + } + + public function __construct() + { + + } +} +//public sealed class FormsAuthenticationTicket +//{ +// // Methods +// public FormsAuthenticationTicket(string name, bool isPersistent, +//int timeout); +// public FormsAuthenticationTicket(int version, string name, +//DateTime issueDate, DateTime expiration, bool isPersistent, string +//userData); +// public FormsAuthenticationTicket(int version, string name, +//DateTime issueDate, DateTime expiration, bool isPersistent, string +//userData, string cookiePath); +// +// // Properties +// public string CookiePath { get; } +// public DateTime Expiration { get; } +// public bool Expired { get; } +// public bool IsPersistent { get; } +// public DateTime IssueDate { get; } +// public string Name { get; } +// public string UserData { get; } +// public int Version { get; } +// +// // Fields +// private string _CookiePath; +// private DateTime _Expiration; +// private bool _IsPersistent; +// private DateTime _IssueDate; +// private string _Name; +// private string _UserData; +// private int _Version; +//} +?>
\ No newline at end of file diff --git a/framework/Web/Security/TFormsIdentity.php b/framework/Web/Security/TFormsIdentity.php new file mode 100644 index 00000000..f4d00f82 --- /dev/null +++ b/framework/Web/Security/TFormsIdentity.php @@ -0,0 +1,71 @@ +<?php +/** + * TFormsIdentity class. + * Represents a user identity authenticated using forms authentication. This class cannot be inherited. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TFormsIdentity.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security + * @since 3.1 + */ +Prado::using('System.Web.Security.Principal.IIdentity'); +final class TFormsIdentity implements IIdentity +{ + private $_authenticationType; + private $_isAuthenticated=false; + private $_name; + private $_ticket; + + public function getAuthenticationType() + { + return $this->_authenticationType; + } + public function setAuthenticationType($value) + { + $this->_authenticationType = TPropertyValue::ensureString($value); + } + public function getIsAuthenticated() + { + return $this->_isAuthenticated; + } + public function setIsAuthenticated($value) + { + $this->_isAuthenticated = TPropertyValue::ensureBoolean($value); + } + public function getName() + { + return $this->_name; + } + public function setName($value) + { + $this->_name = TPropertyValue::ensureString($value); + } + public function getTicket() + { + return $this->_ticket; + } + public function setTicket($value) + { + $this->_ticket = TPropertyValue::ensureString($value); + } + + public function __construct() + { + + } +} +//public sealed class FormsIdentity : IIdentity +//{ +// // Methods +// public FormsIdentity(FormsAuthenticationTicket ticket); +// +// // Properties +// public string AuthenticationType { get; } +// public bool IsAuthenticated { get; } +// public string Name { get; } +// public FormsAuthenticationTicket Ticket { get; } +// +// // Fields +// private FormsAuthenticationTicket _Ticket; +//} +?>
\ No newline at end of file diff --git a/framework/Web/Security/TMembershipProvider.php b/framework/Web/Security/TMembershipProvider.php index 6a54819d..446d59d9 100644 --- a/framework/Web/Security/TMembershipProvider.php +++ b/framework/Web/Security/TMembershipProvider.php @@ -117,7 +117,6 @@ abstract class TMembershipProvider extends TProviderBase throw new TConfigurationException('membershipprovider_configfile_invalid',$this->_configFile); } $this->loadConfig($config); -// $this->getApplication()->attachEventHandler('OnEndRequest',array($this,'collectLogs')); } /** * Loads configuration from an XML element diff --git a/framework/Web/Security/TRoleManagerModule.php b/framework/Web/Security/TRoleManagerModule.php index 7f6181e0..79c6b7a5 100644 --- a/framework/Web/Security/TRoleManagerModule.php +++ b/framework/Web/Security/TRoleManagerModule.php @@ -1,5 +1,14 @@ <?php -class TRoleManagerModule +/** + * TRoleManagerModule class. + * Manages a TRolePrincipal instance for the current user. This class cannot be inherited. + * + * @author Jason Ragsdale <jrags@jasrags.net> + * @version $Id: TRoleManagerModule.php 1398 2006-09-08 19:31:03Z xue $ + * @package System.Web.Security + * @since 3.1 + */ +final class TRoleManagerModule extends TModule { } diff --git a/framework/Web/Security/TSqlMembershipProvider.php b/framework/Web/Security/TSqlMembershipProvider.php index 6bd677f7..87e9015f 100644 --- a/framework/Web/Security/TSqlMembershipProvider.php +++ b/framework/Web/Security/TSqlMembershipProvider.php @@ -57,7 +57,7 @@ class TSqlMembershipProvider extends TMembershipProvider public function getMembershipUser($username=null,$providerUserKey=null,$userIsOnline=false) { Prado::using('System.Web.Security.TMembershipUser'); -// return new TMembershipUser($this->getID()); + return new TMembershipUser($this->getID()); } public function getUserNameByEmail($email) { |