summaryrefslogtreecommitdiff
path: root/framework/Web/Security
diff options
context:
space:
mode:
authorjrags <>2006-11-01 04:47:01 +0000
committerjrags <>2006-11-01 04:47:01 +0000
commit6d28e3f62535bb637b08287585bf9c13dfd756d2 (patch)
treeea8e6ba21ff3f5fcf7c16933d7c9a8ed224a2412 /framework/Web/Security
parentb4403995107c4440b4e19dd5e5e8385e0eac2a5a (diff)
Update of new Security code, currently working on making TLogin functional so we can test the providers soon.
Diffstat (limited to 'framework/Web/Security')
-rw-r--r--framework/Web/Security/Principal/IIdentity.php24
-rw-r--r--framework/Web/Security/Principal/IPrincipal.php19
-rw-r--r--framework/Web/Security/Principal/TGenericIdentity.php48
-rw-r--r--framework/Web/Security/Principal/TGenericPrincipal.php34
-rw-r--r--framework/Web/Security/TCookieProtection.php27
-rw-r--r--framework/Web/Security/TDefaultAuthenticationModule.php15
-rw-r--r--framework/Web/Security/TFormsAuthentication.php96
-rw-r--r--framework/Web/Security/TFormsAuthenticationModule.php126
-rw-r--r--framework/Web/Security/TFormsAuthenticationTicket.php124
-rw-r--r--framework/Web/Security/TFormsIdentity.php71
-rw-r--r--framework/Web/Security/TMembershipProvider.php1
-rw-r--r--framework/Web/Security/TRoleManagerModule.php11
-rw-r--r--framework/Web/Security/TSqlMembershipProvider.php2
13 files changed, 595 insertions, 3 deletions
diff --git a/framework/Web/Security/Principal/IIdentity.php b/framework/Web/Security/Principal/IIdentity.php
new file mode 100644
index 00000000..89bc0f70
--- /dev/null
+++ b/framework/Web/Security/Principal/IIdentity.php
@@ -0,0 +1,24 @@
+<?php
+/**
+ * IIdentity interface.
+ * Defines the basic functionality of a principal object.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: IIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+interface IIdentity
+{
+ private $_authenticationType;
+ private $_isAuthenticated;
+ private $_name;
+
+ public function getAuthenticationType();
+ public function setAuthenticationType($value);
+ public function getIsAuthenticated();
+ public function setIsAuthenticated($value);
+ public function getName();
+ public function setName($value);
+}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/Principal/IPrincipal.php b/framework/Web/Security/Principal/IPrincipal.php
new file mode 100644
index 00000000..9503387a
--- /dev/null
+++ b/framework/Web/Security/Principal/IPrincipal.php
@@ -0,0 +1,19 @@
+<?php
+/**
+ * IPrincipal interface.
+ * Defines the basic functionality of an identity object.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: IIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+interface IPrincipal
+{
+ private $_identity;
+
+ public function getIdentity();
+ public function setIdentity($value);
+ public function isInRole($role);
+}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/Principal/TGenericIdentity.php b/framework/Web/Security/Principal/TGenericIdentity.php
new file mode 100644
index 00000000..037ebc42
--- /dev/null
+++ b/framework/Web/Security/Principal/TGenericIdentity.php
@@ -0,0 +1,48 @@
+<?php
+/**
+ * TGenericIdentity class.
+ * Represents a generic user.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TGenericIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+Prado::using('System.Web.Security.Principal.IIdentity');
+class TGenericIdentity implements IIdentity
+{
+ private $_authenticationType;
+ private $_isAuthenticated;
+ private $_name;
+
+ public function getAuthenticationType()
+ {
+ return $this->_authenticationType;
+ }
+ public function setAuthenticationType($value)
+ {
+ $this->_authenticationType = TPropertyValue::ensureString($value);
+ }
+ public function getIsAuthenticated()
+ {
+ return $this->_isAuthenticated;
+ }
+ public function setIsAuthenticated($value)
+ {
+ $this->_isAuthenticated = TPropertyValue::ensureBoolean($value);
+ }
+ public function getName()
+ {
+ return $this->_name;
+ }
+ public function setName($value)
+ {
+ $this->_name = TPropertyValue::ensureString($value);
+ }
+
+ public function __construct($name, $type=null)
+ {
+
+ }
+}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/Principal/TGenericPrincipal.php b/framework/Web/Security/Principal/TGenericPrincipal.php
new file mode 100644
index 00000000..8e07388e
--- /dev/null
+++ b/framework/Web/Security/Principal/TGenericPrincipal.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * TGenericPrincipal class.
+ * Represents a generic principal.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TGenericPrincipal.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+Prado::using('System.Web.Security.Principal.IPrincipal');
+class TGenericPrincipal implements IPrincipal
+{
+ private $_identity;
+
+ public function getIdentity()
+ {
+ return $this->_identity;
+ }
+ public function setIdentity($value)
+ {
+ $this->_identity = TPropertyValue::ensureString($value);
+ }
+
+ public function __construct($name, $type=null)
+ {
+
+ }
+ public function isInRole($role)
+ {
+
+ }
+}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/TCookieProtection.php b/framework/Web/Security/TCookieProtection.php
new file mode 100644
index 00000000..2a757898
--- /dev/null
+++ b/framework/Web/Security/TCookieProtection.php
@@ -0,0 +1,27 @@
+<?php
+/**
+ * TCookieProtection class.
+ * Describes how information in a cookie is protected.
+ *
+ * All Use both Validation and Encryption to protect the information
+ * in the cookie.
+ * Encryption Encrypt the information in the cookie.
+ * None Do not protect information in the cookie. Information in the
+ * cookie is stored in clear text and not validated when sent back
+ * to the server.
+ * Validation Ensure that the information in the cookie has not been altered
+ * before being sent back to the server.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TCookieProtection.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+class TCookieProtection extends TEnumerable
+{
+ const All='All';
+ const Encryption='Encryption';
+ const None='None';
+ const Validation='Validation';
+}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/TDefaultAuthenticationModule.php b/framework/Web/Security/TDefaultAuthenticationModule.php
new file mode 100644
index 00000000..03d6e758
--- /dev/null
+++ b/framework/Web/Security/TDefaultAuthenticationModule.php
@@ -0,0 +1,15 @@
+<?php
+/**
+ * TDefaultAuthenticationModule class.
+ * Ensures that an authentication object is present in the context. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TDefaultAuthenticationModule.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TDefaultAuthenticationModule extends TModule
+{
+
+}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/TFormsAuthentication.php b/framework/Web/Security/TFormsAuthentication.php
new file mode 100644
index 00000000..5830d7eb
--- /dev/null
+++ b/framework/Web/Security/TFormsAuthentication.php
@@ -0,0 +1,96 @@
+<?php
+/**
+ * TFormsAuthentication class.
+ * Manages forms-authentication services for Web applications. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsAuthentication.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TFormsAuthentication
+{
+ private static $_cookieDomain;
+ private static $_cookieMode;
+ private static $_cookiesSupported;
+ private static $_defaultUrl;
+ private static $_enableCrossAppRedirects;
+ private static $_formsCookieName;
+ private static $_formsCookiePath;
+ private static $_loginUrl;
+ private static $_requireSSL;
+ private static $_slidingExpiration;
+
+ public static function getCookiePath()
+ {
+ return self::$_cookieDomain;
+ }
+ public static function setCookiePath($value)
+ {
+ self::$_cookieDomain = TPropertyValue::ensureString($value);
+ }
+
+ public function __construct()
+ {
+
+ }
+
+ public static Authenticate($name, $password);
+ public static Decrypt($encryptedTicket);
+ public static Encrypt($ticket);
+ private static Encrypt($ticket, $hexEncodedTicket);
+ public static GetAuthCookie( $$userName, $createPersistentCookie);
+ public static GetAuthCookie( $$userName, $createPersistentCookie, strCookiePath);
+ private static GetAuthCookie( $userName, $createPersistentCookie, strCookiePath, hexEncodedTicket);
+ public static GetLoginPage( $extraQuery);
+ public static GetLoginPage( $extraQuery, $reuseReturnUrl);
+ public static GetRedirectUrl( $userName, $createPersistentCookie);
+ public static GetReturnUrl( $useDefaultIfAbsent);
+ public static HashPasswordForStoringInConfigFile($password, $passwordFormat);
+ public static Initialize();
+ private static ernalAuthenticate( $name, $password);
+ private static IsPathWithinAppRoot($context, $path);
+ private static MakeTicketoBinaryBlob($ticket);
+ public static RedirectFromLoginPage($userName, $createPersistentCookie);
+ public static RedirectFromLoginPage($userName, $createPersistentCookie, $strCookiePath);
+ public static RedirectToLoginPage();
+ public static RedirectToLoginPage($extraQuery);
+ private static RemoveQSVar($ref $strUrl, $posQ, $token, $sep, $lenAtStartToLeave);
+ public static RemoveQueryVariableFromUrl( $strUrl, $QSVar);
+ public static RenewTicketIfOld($tOld);
+ public static SetAuthCookie( $userName, $createPersistentCookie);
+ public static SetAuthCookie( $userName, $createPersistentCookie, $strCookiePath);
+ public static SignOut();
+
+ // Properties
+ public static CookieDomain { get; }
+ public static HttpCookieMode CookieMode { get; }
+ public static CookiesSupported { get; }
+ public static DefaultUrl { get; }
+ public static EnableCrossAppRedirects { get; }
+ public static FormsCookieName { get; }
+ public static FormsCookiePath { get; }
+ public static LoginUrl { get; }
+ public static RequireSSL { get; }
+ public static SlidingExpiration { get; }
+
+ // Fields
+ private static _CookieDomain;
+ private static HttpCookieMode _CookieMode;
+ private static _DefaultUrl;
+ private static _EnableCrossAppRedirects;
+ private static _FormsCookiePath;
+ private static _FormsName;
+ private static _Initialized;
+ private static object _lockObject;
+ private static _LoginUrl;
+ private static FormsProtectionEnum _Protection;
+ private static _RequireSSL;
+ private static _SlidingExpiration;
+ private static _Timeout;
+ private const CONFIG_DEFAULT_COOKIE = ".ASPXAUTH";
+ private const MAC_LENGTH = 20;
+ private const MAX_TICKET_LENGTH = 0x1000;
+ ernal const RETURN_URL = "ReturnUrl";
+}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/TFormsAuthenticationModule.php b/framework/Web/Security/TFormsAuthenticationModule.php
new file mode 100644
index 00000000..df0d5300
--- /dev/null
+++ b/framework/Web/Security/TFormsAuthenticationModule.php
@@ -0,0 +1,126 @@
+<?php
+/**
+ * TFormsAuthenticationModule class.
+ * Sets the identity of the user for an PRADO application when forms authentication is enabled.
+ * This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsAuthenticationModule.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TFormsAuthenticationModule extends TModule
+{
+ /**
+ * @var boolean if the module has been initialized
+ */
+ private $_initialized=false;
+
+ private static $_fAuthChecked=false;
+ private static $_fAuthRequired=false;
+ private $_fFormsInit;
+ private $_formsName;
+ private $_loginUrl;
+ const CONFIG_DEFAULT_COOKIE = ".ASPXAUTH";
+ const CONFIG_DEFAULT_LOGINURL = "login.aspx";
+
+ //Is this the best way to do it?? i dont see how the forms module knows about the provider
+ private $_defaultProvider;
+
+ public function getDefaultProvider()
+ {
+ return $this->_defaultProvider;
+ }
+ public function setDefaultProvider($value)
+ {
+ $this->_defaultProvider = TPropertyValue::ensureString($value);
+ }
+
+ public function __construct()
+ {
+
+ }
+ /**
+ * Initializes this module.
+ * This method is required by the IModule interface.
+ * @param TXmlElement configuration for this module, can be null
+ * @throws TConfigurationException if user manager does not exist or is not IUserManager
+ */
+ public function init($config)
+ {
+ $this->getApplication()->attachEventHandler('OnAuthentication',array($this,'doAuthentication'));
+ $this->getApplication()->attachEventHandler('OnEndRequest',array($this,'leave'));
+ $this->getApplication()->attachEventHandler('OnAuthorization',array($this,'doAuthorization'));
+ $this->_initialized=true;
+ }
+
+ private static function extractTicketFromCookie($context, $name)
+ {
+
+ }
+ /**
+ * Performs authentication.
+ * This is the event handler attached to application's Authentication event.
+ * Do not call this method directly.
+ * @param mixed sender of the Authentication event
+ * @param mixed event parameter
+ */
+ public function doAuthentication($sender,$param)
+ {
+ Prado::using('System.Util.TVarDumper');
+// echo TVarDumper::dump(__METHOD__,10,true);
+ }
+ /**
+ * Performs login redirect if authorization fails.
+ * This is the event handler attached to application's EndRequest event.
+ * Do not call this method directly.
+ * @param mixed sender of the event
+ * @param mixed event parameter
+ */
+ public function leave($sender,$param)
+ {
+ Prado::using('System.Util.TVarDumper');
+// echo TVarDumper::dump(__METHOD__,10,true);
+ }
+ /**
+ * Performs authorization.
+ * This is the event handler attached to application's Authorization event.
+ * Do not call this method directly.
+ * @param mixed sender of the Authorization event
+ * @param mixed event parameter
+ */
+ public function doAuthorization($sender,$param)
+ {
+ Prado::using('System.Util.TVarDumper');
+// echo TVarDumper::dump(__METHOD__,10,true);
+ }
+}
+//public sealed class FormsAuthenticationModule : IHttpModule
+//{
+// // Events
+// public event FormsAuthenticationEventHandler Authenticate;
+//
+// // Methods
+// [SecurityPermission(SecurityAction.Demand, Unrestricted=true)]
+// public FormsAuthenticationModule();
+// public void Dispose();
+// private static FormsAuthenticationTicket
+//ExtractTicketFromCookie(HttpContext context, string name, out bool
+//cookielessTicket);
+// public void Init(HttpApplication app);
+// private void OnAuthenticate(FormsAuthenticationEventArgs e);
+// private void OnEnter(object source, EventArgs eventArgs);
+// private void OnLeave(object source, EventArgs eventArgs);
+// private static void Trace(string str);
+//
+// // Fields
+// private FormsAuthenticationEventHandler _eventHandler;
+// private static bool _fAuthChecked;
+// private static bool _fAuthRequired;
+// private bool _fFormsInit;
+// private string _FormsName;
+// private string _LoginUrl;
+// private const string CONFIG_DEFAULT_COOKIE = ".ASPXAUTH";
+// private const string CONFIG_DEFAULT_LOGINURL = "login.aspx";
+//}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/TFormsAuthenticationTicket.php b/framework/Web/Security/TFormsAuthenticationTicket.php
new file mode 100644
index 00000000..e53b68b2
--- /dev/null
+++ b/framework/Web/Security/TFormsAuthenticationTicket.php
@@ -0,0 +1,124 @@
+<?php
+/**
+ * TFormsAuthenticationTicket class.
+ * Provides access to properties and values of the ticket used with forms
+ * authentication to identify users. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsAuthenticationTicket.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TFormsAuthenticationTicket
+{
+ private $_cookiePath;
+ private $_expiration;
+ private $_expired;
+ private $_isPersistent;
+ private $_issueDate;
+ private $_name;
+ private $_userData;
+ private $_version;
+
+ public function getCookiePath()
+ {
+ return $this->_cookiePath;
+ }
+ public function setCookiePath($value)
+ {
+ $this->_cookiePath = TPropertyValue::ensureString($value);
+ }
+ public function getExpiration()
+ {
+ return $this->_expiration;
+ }
+ public function setExpiration($value)
+ {
+ $this->_expiration = TPropertyValue::ensureString($value);
+ }
+ public function getExpired()
+ {
+ return $this->_expired;
+ }
+ public function setExpired($value)
+ {
+ $this->_expired = TPropertyValue::ensureString($value);
+ }
+ public function getIsPersistent()
+ {
+ return $this->_isPersistent;
+ }
+ public function setIsPersistent($value)
+ {
+ $this->_isPersistent = TPropertyValue::ensureString($value);
+ }
+ public function getIssueDate()
+ {
+ return $this->_issueDate;
+ }
+ public function setIssueDate($value)
+ {
+ $this->_issueDate = TPropertyValue::ensureString($value);
+ }
+ public function getName()
+ {
+ return $this->_name;
+ }
+ public function setName($value)
+ {
+ $this->_name = TPropertyValue::ensureString($value);
+ }
+ public function getUserData()
+ {
+ return $this->_userData;
+ }
+ public function setUserData($value)
+ {
+ $this->_userData = TPropertyValue::ensureString($value);
+ }
+ public function getVersion()
+ {
+ return $this->_version;
+ }
+ public function setVersion($value)
+ {
+ $this->_version = TPropertyValue::ensureString($value);
+ }
+
+ public function __construct()
+ {
+
+ }
+}
+//public sealed class FormsAuthenticationTicket
+//{
+// // Methods
+// public FormsAuthenticationTicket(string name, bool isPersistent,
+//int timeout);
+// public FormsAuthenticationTicket(int version, string name,
+//DateTime issueDate, DateTime expiration, bool isPersistent, string
+//userData);
+// public FormsAuthenticationTicket(int version, string name,
+//DateTime issueDate, DateTime expiration, bool isPersistent, string
+//userData, string cookiePath);
+//
+// // Properties
+// public string CookiePath { get; }
+// public DateTime Expiration { get; }
+// public bool Expired { get; }
+// public bool IsPersistent { get; }
+// public DateTime IssueDate { get; }
+// public string Name { get; }
+// public string UserData { get; }
+// public int Version { get; }
+//
+// // Fields
+// private string _CookiePath;
+// private DateTime _Expiration;
+// private bool _IsPersistent;
+// private DateTime _IssueDate;
+// private string _Name;
+// private string _UserData;
+// private int _Version;
+//}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/TFormsIdentity.php b/framework/Web/Security/TFormsIdentity.php
new file mode 100644
index 00000000..f4d00f82
--- /dev/null
+++ b/framework/Web/Security/TFormsIdentity.php
@@ -0,0 +1,71 @@
+<?php
+/**
+ * TFormsIdentity class.
+ * Represents a user identity authenticated using forms authentication. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+Prado::using('System.Web.Security.Principal.IIdentity');
+final class TFormsIdentity implements IIdentity
+{
+ private $_authenticationType;
+ private $_isAuthenticated=false;
+ private $_name;
+ private $_ticket;
+
+ public function getAuthenticationType()
+ {
+ return $this->_authenticationType;
+ }
+ public function setAuthenticationType($value)
+ {
+ $this->_authenticationType = TPropertyValue::ensureString($value);
+ }
+ public function getIsAuthenticated()
+ {
+ return $this->_isAuthenticated;
+ }
+ public function setIsAuthenticated($value)
+ {
+ $this->_isAuthenticated = TPropertyValue::ensureBoolean($value);
+ }
+ public function getName()
+ {
+ return $this->_name;
+ }
+ public function setName($value)
+ {
+ $this->_name = TPropertyValue::ensureString($value);
+ }
+ public function getTicket()
+ {
+ return $this->_ticket;
+ }
+ public function setTicket($value)
+ {
+ $this->_ticket = TPropertyValue::ensureString($value);
+ }
+
+ public function __construct()
+ {
+
+ }
+}
+//public sealed class FormsIdentity : IIdentity
+//{
+// // Methods
+// public FormsIdentity(FormsAuthenticationTicket ticket);
+//
+// // Properties
+// public string AuthenticationType { get; }
+// public bool IsAuthenticated { get; }
+// public string Name { get; }
+// public FormsAuthenticationTicket Ticket { get; }
+//
+// // Fields
+// private FormsAuthenticationTicket _Ticket;
+//}
+?> \ No newline at end of file
diff --git a/framework/Web/Security/TMembershipProvider.php b/framework/Web/Security/TMembershipProvider.php
index 6a54819d..446d59d9 100644
--- a/framework/Web/Security/TMembershipProvider.php
+++ b/framework/Web/Security/TMembershipProvider.php
@@ -117,7 +117,6 @@ abstract class TMembershipProvider extends TProviderBase
throw new TConfigurationException('membershipprovider_configfile_invalid',$this->_configFile);
}
$this->loadConfig($config);
-// $this->getApplication()->attachEventHandler('OnEndRequest',array($this,'collectLogs'));
}
/**
* Loads configuration from an XML element
diff --git a/framework/Web/Security/TRoleManagerModule.php b/framework/Web/Security/TRoleManagerModule.php
index 7f6181e0..79c6b7a5 100644
--- a/framework/Web/Security/TRoleManagerModule.php
+++ b/framework/Web/Security/TRoleManagerModule.php
@@ -1,5 +1,14 @@
<?php
-class TRoleManagerModule
+/**
+ * TRoleManagerModule class.
+ * Manages a TRolePrincipal instance for the current user. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TRoleManagerModule.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TRoleManagerModule extends TModule
{
}
diff --git a/framework/Web/Security/TSqlMembershipProvider.php b/framework/Web/Security/TSqlMembershipProvider.php
index 6bd677f7..87e9015f 100644
--- a/framework/Web/Security/TSqlMembershipProvider.php
+++ b/framework/Web/Security/TSqlMembershipProvider.php
@@ -57,7 +57,7 @@ class TSqlMembershipProvider extends TMembershipProvider
public function getMembershipUser($username=null,$providerUserKey=null,$userIsOnline=false)
{
Prado::using('System.Web.Security.TMembershipUser');
-// return new TMembershipUser($this->getID());
+ return new TMembershipUser($this->getID());
}
public function getUserNameByEmail($email)
{