Update of new Security code, currently working on making TLogin functional so we can test the providers soon.

13 files changed, 595 insertions, 3 deletions

diff --git a/framework/Web/Security/Principal/IIdentity.php b/framework/Web/Security/Principal/IIdentity.php
new file mode 100644
index 00000000..89bc0f70
--- /dev/null
+++ b/framework/Web/Security/Principal/IIdentity.php
@@ -0,0 +1,24 @@
+<?php
+/**
+ * IIdentity interface.
+ * Defines the basic functionality of a principal object.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: IIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+interface IIdentity
+{
+	private $_authenticationType;
+	private $_isAuthenticated;
+	private $_name;
+
+	public function getAuthenticationType();
+	public function setAuthenticationType($value);
+	public function getIsAuthenticated();
+	public function setIsAuthenticated($value);
+	public function getName();
+	public function setName($value);
+}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/Principal/IPrincipal.php b/framework/Web/Security/Principal/IPrincipal.php
new file mode 100644
index 00000000..9503387a
--- /dev/null
+++ b/framework/Web/Security/Principal/IPrincipal.php
@@ -0,0 +1,19 @@
+<?php
+/**
+ * IPrincipal interface.
+ * Defines the basic functionality of an identity object.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: IIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+interface IPrincipal
+{
+	 private $_identity;
+     
+     public function getIdentity();
+     public function setIdentity($value);
+     public function isInRole($role);
+}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/Principal/TGenericIdentity.php b/framework/Web/Security/Principal/TGenericIdentity.php
new file mode 100644
index 00000000..037ebc42
--- /dev/null
+++ b/framework/Web/Security/Principal/TGenericIdentity.php
@@ -0,0 +1,48 @@
+<?php
+/**
+ * TGenericIdentity class.
+ * Represents a generic user.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TGenericIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+Prado::using('System.Web.Security.Principal.IIdentity');
+class TGenericIdentity implements IIdentity
+{
+	 private $_authenticationType;
+     private $_isAuthenticated;
+     private $_name;
+     
+     public function getAuthenticationType()
+     {
+     	return $this->_authenticationType;
+     }
+     public function setAuthenticationType($value)
+     {
+     	$this->_authenticationType = TPropertyValue::ensureString($value);
+     }
+     public function getIsAuthenticated()
+     {
+     	return $this->_isAuthenticated;
+     }
+     public function setIsAuthenticated($value)
+     {
+     	$this->_isAuthenticated = TPropertyValue::ensureBoolean($value);
+     }
+     public function getName()
+     {
+     	return $this->_name;
+     }
+     public function setName($value)
+     {
+     	$this->_name = TPropertyValue::ensureString($value);
+     }
+     
+     public function __construct($name, $type=null)
+     {
+     	
+     }
+}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/Principal/TGenericPrincipal.php b/framework/Web/Security/Principal/TGenericPrincipal.php
new file mode 100644
index 00000000..8e07388e
--- /dev/null
+++ b/framework/Web/Security/Principal/TGenericPrincipal.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * TGenericPrincipal class.
+ * Represents a generic principal. 
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TGenericPrincipal.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security.Principal
+ * @since 3.1
+ */
+Prado::using('System.Web.Security.Principal.IPrincipal');
+class TGenericPrincipal implements IPrincipal
+{
+     private $_identity;
+     
+     public function getIdentity()
+     {
+     	return $this->_identity;
+     }
+     public function setIdentity($value)
+     {
+     	$this->_identity = TPropertyValue::ensureString($value);
+     }
+     
+     public function __construct($name, $type=null)
+     {
+     	
+     }
+     public function isInRole($role)
+     {
+     	
+     }
+}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/TCookieProtection.php b/framework/Web/Security/TCookieProtection.php
new file mode 100644
index 00000000..2a757898
--- /dev/null
+++ b/framework/Web/Security/TCookieProtection.php
@@ -0,0 +1,27 @@
+<?php
+/**
+ * TCookieProtection class.
+ * Describes how information in a cookie is protected.
+ * 
+ * All			Use both Validation and Encryption to protect the information 
+ * 				in the cookie. 
+ * Encryption	Encrypt the information in the cookie. 
+ * None			Do not protect information in the cookie. Information in the 
+ * 				cookie is stored in clear text and not validated when sent back 
+ * 				to the server. 
+ * Validation	Ensure that the information in the cookie has not been altered 
+ * 				before being sent back to the server. 
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TCookieProtection.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+class TCookieProtection extends TEnumerable 
+{
+	const All='All';
+	const Encryption='Encryption';
+	const None='None';
+	const Validation='Validation';
+}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/TDefaultAuthenticationModule.php b/framework/Web/Security/TDefaultAuthenticationModule.php
new file mode 100644
index 00000000..03d6e758
--- /dev/null
+++ b/framework/Web/Security/TDefaultAuthenticationModule.php
@@ -0,0 +1,15 @@
+<?php
+/**
+ * TDefaultAuthenticationModule class.
+ * Ensures that an authentication object is present in the context. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TDefaultAuthenticationModule.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TDefaultAuthenticationModule extends TModule 
+{
+	
+}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/TFormsAuthentication.php b/framework/Web/Security/TFormsAuthentication.php
new file mode 100644
index 00000000..5830d7eb
--- /dev/null
+++ b/framework/Web/Security/TFormsAuthentication.php
@@ -0,0 +1,96 @@
+<?php
+/**
+ * TFormsAuthentication class.
+ * Manages forms-authentication services for Web applications. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsAuthentication.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TFormsAuthentication
+{
+	private static $_cookieDomain;
+	private static $_cookieMode;
+	private static $_cookiesSupported;
+	private static $_defaultUrl;
+	private static $_enableCrossAppRedirects;
+	private static $_formsCookieName;
+	private static $_formsCookiePath;
+	private static $_loginUrl;
+	private static $_requireSSL;
+	private static $_slidingExpiration;
+
+	public static function getCookiePath()
+	{
+		return self::$_cookieDomain;
+	}
+	public static function setCookiePath($value)
+	{
+		self::$_cookieDomain = TPropertyValue::ensureString($value);
+	}
+
+	public function __construct()
+	{
+
+	}
+
+	public static Authenticate($name, $password);
+	public static Decrypt($encryptedTicket);
+	public static Encrypt($ticket);
+	private static Encrypt($ticket, $hexEncodedTicket);
+	public static GetAuthCookie( $$userName, $createPersistentCookie);
+	public static GetAuthCookie( $$userName, $createPersistentCookie,  strCookiePath);
+	private static GetAuthCookie( $userName, $createPersistentCookie,  strCookiePath,  hexEncodedTicket);
+	public static GetLoginPage( $extraQuery);
+	public static GetLoginPage( $extraQuery, $reuseReturnUrl);
+	public static GetRedirectUrl( $userName, $createPersistentCookie);
+	public static GetReturnUrl( $useDefaultIfAbsent);
+	public static HashPasswordForStoringInConfigFile($password,  $passwordFormat);
+	public static Initialize();
+	private static  ernalAuthenticate( $name,  $password);
+	private static IsPathWithinAppRoot($context,  $path);
+	private static MakeTicketoBinaryBlob($ticket);
+	public static  RedirectFromLoginPage($userName, $createPersistentCookie);
+	public static  RedirectFromLoginPage($userName, $createPersistentCookie,  $strCookiePath);
+	public static  RedirectToLoginPage();
+	public static  RedirectToLoginPage($extraQuery);
+	private static RemoveQSVar($ref  $strUrl,  $posQ, $token,  $sep,  $lenAtStartToLeave);
+	public static  RemoveQueryVariableFromUrl( $strUrl,  $QSVar);
+	public static RenewTicketIfOld($tOld);
+	public static  SetAuthCookie( $userName, $createPersistentCookie);
+	public static  SetAuthCookie( $userName, $createPersistentCookie,  $strCookiePath);
+	public static  SignOut();
+
+	// Properties
+	public static  CookieDomain { get; }
+	public static HttpCookieMode CookieMode { get; }
+	public static  CookiesSupported { get; }
+	public static  DefaultUrl { get; }
+	public static  EnableCrossAppRedirects { get; }
+	public static  FormsCookieName { get; }
+	public static  FormsCookiePath { get; }
+	public static  LoginUrl { get; }
+	public static  RequireSSL { get; }
+	public static  SlidingExpiration { get; }
+
+	// Fields
+	private static  _CookieDomain;
+	private static HttpCookieMode _CookieMode;
+	private static  _DefaultUrl;
+	private static  _EnableCrossAppRedirects;
+	private static  _FormsCookiePath;
+	private static  _FormsName;
+	private static  _Initialized;
+	private static object _lockObject;
+	private static  _LoginUrl;
+	private static FormsProtectionEnum _Protection;
+	private static  _RequireSSL;
+	private static  _SlidingExpiration;
+	private static  _Timeout;
+	private const  CONFIG_DEFAULT_COOKIE = ".ASPXAUTH";
+	private const  MAC_LENGTH = 20;
+	private const  MAX_TICKET_LENGTH = 0x1000;
+	ernal const  RETURN_URL = "ReturnUrl";
+}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/TFormsAuthenticationModule.php b/framework/Web/Security/TFormsAuthenticationModule.php
new file mode 100644
index 00000000..df0d5300
--- /dev/null
+++ b/framework/Web/Security/TFormsAuthenticationModule.php
@@ -0,0 +1,126 @@
+<?php
+/**
+ * TFormsAuthenticationModule class.
+ * Sets the identity of the user for an PRADO application when forms authentication is enabled. 
+ * This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsAuthenticationModule.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TFormsAuthenticationModule extends TModule
+{
+	/**
+	 * @var boolean if the module has been initialized
+	 */
+	private $_initialized=false;
+	
+	private static $_fAuthChecked=false;
+	private static $_fAuthRequired=false;
+	private $_fFormsInit;
+	private $_formsName;
+	private $_loginUrl;
+	const CONFIG_DEFAULT_COOKIE = ".ASPXAUTH";
+	const CONFIG_DEFAULT_LOGINURL = "login.aspx";
+
+	//Is this the best way to do it?? i dont see how the forms module knows about the provider
+	private $_defaultProvider;
+	
+	public function getDefaultProvider()
+	{
+		return $this->_defaultProvider;
+	}
+	public function setDefaultProvider($value)
+	{
+		$this->_defaultProvider = TPropertyValue::ensureString($value);
+	}
+	
+	public function __construct()
+	{
+
+	}
+	/**
+	 * Initializes this module.
+	 * This method is required by the IModule interface.
+	 * @param TXmlElement configuration for this module, can be null
+	 * @throws TConfigurationException if user manager does not exist or is not IUserManager
+	 */
+	public function init($config)
+	{
+		$this->getApplication()->attachEventHandler('OnAuthentication',array($this,'doAuthentication'));
+		$this->getApplication()->attachEventHandler('OnEndRequest',array($this,'leave'));
+		$this->getApplication()->attachEventHandler('OnAuthorization',array($this,'doAuthorization'));
+		$this->_initialized=true;
+	}
+	
+	private static function extractTicketFromCookie($context, $name)
+	{
+
+	}
+	/**
+	 * Performs authentication.
+	 * This is the event handler attached to application's Authentication event.
+	 * Do not call this method directly.
+	 * @param mixed sender of the Authentication event
+	 * @param mixed event parameter
+	 */
+	public function doAuthentication($sender,$param)
+	{
+		Prado::using('System.Util.TVarDumper');
+//		echo TVarDumper::dump(__METHOD__,10,true);
+	}
+	/**
+	 * Performs login redirect if authorization fails.
+	 * This is the event handler attached to application's EndRequest event.
+	 * Do not call this method directly.
+	 * @param mixed sender of the event
+	 * @param mixed event parameter
+	 */
+	public function leave($sender,$param)
+	{
+		Prado::using('System.Util.TVarDumper');
+//		echo TVarDumper::dump(__METHOD__,10,true);
+	}
+	/**
+	 * Performs authorization.
+	 * This is the event handler attached to application's Authorization event.
+	 * Do not call this method directly.
+	 * @param mixed sender of the Authorization event
+	 * @param mixed event parameter
+	 */
+	public function doAuthorization($sender,$param)
+	{
+		Prado::using('System.Util.TVarDumper');
+//		echo TVarDumper::dump(__METHOD__,10,true);
+	}
+}
+//public sealed class FormsAuthenticationModule : IHttpModule
+//{
+//     // Events
+//     public event FormsAuthenticationEventHandler Authenticate;
+//
+//     // Methods
+//     [SecurityPermission(SecurityAction.Demand, Unrestricted=true)]
+//     public FormsAuthenticationModule();
+//     public void Dispose();
+//     private static FormsAuthenticationTicket
+//ExtractTicketFromCookie(HttpContext context, string name, out bool
+//cookielessTicket);
+//     public void Init(HttpApplication app);
+//     private void OnAuthenticate(FormsAuthenticationEventArgs e);
+//     private void OnEnter(object source, EventArgs eventArgs);
+//     private void OnLeave(object source, EventArgs eventArgs);
+//     private static void Trace(string str);
+//
+//     // Fields
+//     private FormsAuthenticationEventHandler _eventHandler;
+//     private static bool _fAuthChecked;
+//     private static bool _fAuthRequired;
+//     private bool _fFormsInit;
+//     private string _FormsName;
+//     private string _LoginUrl;
+//     private const string CONFIG_DEFAULT_COOKIE = ".ASPXAUTH";
+//     private const string CONFIG_DEFAULT_LOGINURL = "login.aspx";
+//}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/TFormsAuthenticationTicket.php b/framework/Web/Security/TFormsAuthenticationTicket.php
new file mode 100644
index 00000000..e53b68b2
--- /dev/null
+++ b/framework/Web/Security/TFormsAuthenticationTicket.php
@@ -0,0 +1,124 @@
+<?php
+/**
+ * TFormsAuthenticationTicket class.
+ * Provides access to properties and values of the ticket used with forms 
+ * authentication to identify users. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsAuthenticationTicket.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TFormsAuthenticationTicket
+{
+	private $_cookiePath;
+	private $_expiration;
+	private $_expired;
+	private $_isPersistent;
+	private $_issueDate;
+	private $_name;
+	private $_userData;
+	private $_version;
+
+	public function getCookiePath()
+	{
+		return $this->_cookiePath;
+	}
+	public function setCookiePath($value)
+	{
+		$this->_cookiePath = TPropertyValue::ensureString($value);
+	}
+	public function getExpiration()
+	{
+		return $this->_expiration;
+	}
+	public function setExpiration($value)
+	{
+		$this->_expiration = TPropertyValue::ensureString($value);
+	}
+	public function getExpired()
+	{
+		return $this->_expired;
+	}
+	public function setExpired($value)
+	{
+		$this->_expired = TPropertyValue::ensureString($value);
+	}
+	public function getIsPersistent()
+	{
+		return $this->_isPersistent;
+	}
+	public function setIsPersistent($value)
+	{
+		$this->_isPersistent = TPropertyValue::ensureString($value);
+	}
+	public function getIssueDate()
+	{
+		return $this->_issueDate;
+	}
+	public function setIssueDate($value)
+	{
+		$this->_issueDate = TPropertyValue::ensureString($value);
+	}
+	public function getName()
+	{
+		return $this->_name;
+	}
+	public function setName($value)
+	{
+		$this->_name = TPropertyValue::ensureString($value);
+	}
+	public function getUserData()
+	{
+		return $this->_userData;
+	}
+	public function setUserData($value)
+	{
+		$this->_userData = TPropertyValue::ensureString($value);
+	}
+	public function getVersion()
+	{
+		return $this->_version;
+	}
+	public function setVersion($value)
+	{
+		$this->_version = TPropertyValue::ensureString($value);
+	}
+	
+	public function __construct()
+	{
+
+	}
+}
+//public sealed class FormsAuthenticationTicket
+//{
+//     // Methods
+//     public FormsAuthenticationTicket(string name, bool isPersistent,
+//int timeout);
+//     public FormsAuthenticationTicket(int version, string name,
+//DateTime issueDate, DateTime expiration, bool isPersistent, string
+//userData);
+//     public FormsAuthenticationTicket(int version, string name,
+//DateTime issueDate, DateTime expiration, bool isPersistent, string
+//userData, string cookiePath);
+//
+//     // Properties
+//     public string CookiePath { get; }
+//     public DateTime Expiration { get; }
+//     public bool Expired { get; }
+//     public bool IsPersistent { get; }
+//     public DateTime IssueDate { get; }
+//     public string Name { get; }
+//     public string UserData { get; }
+//     public int Version { get; }
+//
+//     // Fields
+//     private string _CookiePath;
+//     private DateTime _Expiration;
+//     private bool _IsPersistent;
+//     private DateTime _IssueDate;
+//     private string _Name;
+//     private string _UserData;
+//     private int _Version;
+//}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/TFormsIdentity.php b/framework/Web/Security/TFormsIdentity.php
new file mode 100644
index 00000000..f4d00f82
--- /dev/null
+++ b/framework/Web/Security/TFormsIdentity.php
@@ -0,0 +1,71 @@
+<?php
+/**
+ * TFormsIdentity class.
+ * Represents a user identity authenticated using forms authentication. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TFormsIdentity.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+Prado::using('System.Web.Security.Principal.IIdentity');
+final class TFormsIdentity implements IIdentity
+{
+	private $_authenticationType;
+	private $_isAuthenticated=false;
+	private $_name;
+	private $_ticket;
+	
+	public function getAuthenticationType()
+	{
+		return $this->_authenticationType;
+	}
+	public function setAuthenticationType($value)
+	{
+		$this->_authenticationType = TPropertyValue::ensureString($value);
+	}
+	public function getIsAuthenticated()
+	{
+		return $this->_isAuthenticated;
+	}
+	public function setIsAuthenticated($value)
+	{
+		$this->_isAuthenticated = TPropertyValue::ensureBoolean($value);
+	}
+	public function getName()
+	{
+		return $this->_name;
+	}
+	public function setName($value)
+	{
+		$this->_name = TPropertyValue::ensureString($value);
+	}
+	public function getTicket()
+	{
+		return $this->_ticket;
+	}
+	public function setTicket($value)
+	{
+		$this->_ticket = TPropertyValue::ensureString($value);
+	}
+	
+	public function __construct()
+	{
+		
+	}
+}
+//public sealed class FormsIdentity : IIdentity
+//{
+//     // Methods
+//     public FormsIdentity(FormsAuthenticationTicket ticket);
+//
+//     // Properties
+//     public string AuthenticationType { get; }
+//     public bool IsAuthenticated { get; }
+//     public string Name { get; }
+//     public FormsAuthenticationTicket Ticket { get; }
+//
+//     // Fields
+//     private FormsAuthenticationTicket _Ticket;
+//}
+?>
\ No newline at end of file
diff --git a/framework/Web/Security/TMembershipProvider.php b/framework/Web/Security/TMembershipProvider.php
index 6a54819d..446d59d9 100644
--- a/framework/Web/Security/TMembershipProvider.php
+++ b/framework/Web/Security/TMembershipProvider.php
@@ -117,7 +117,6 @@ abstract class TMembershipProvider extends TProviderBase
 				throw new TConfigurationException('membershipprovider_configfile_invalid',$this->_configFile);
 		}
 		$this->loadConfig($config);
-//		$this->getApplication()->attachEventHandler('OnEndRequest',array($this,'collectLogs'));
 	}
 	/**
 	 * Loads configuration from an XML element
diff --git a/framework/Web/Security/TRoleManagerModule.php b/framework/Web/Security/TRoleManagerModule.php
index 7f6181e0..79c6b7a5 100644
--- a/framework/Web/Security/TRoleManagerModule.php
+++ b/framework/Web/Security/TRoleManagerModule.php
@@ -1,5 +1,14 @@
 <?php
-class TRoleManagerModule
+/**
+ * TRoleManagerModule class.
+ * Manages a TRolePrincipal instance for the current user. This class cannot be inherited.
+ *
+ * @author Jason Ragsdale <jrags@jasrags.net>
+ * @version $Id: TRoleManagerModule.php 1398 2006-09-08 19:31:03Z xue $
+ * @package System.Web.Security
+ * @since 3.1
+ */
+final class TRoleManagerModule extends TModule 
 {
 	
 }
diff --git a/framework/Web/Security/TSqlMembershipProvider.php b/framework/Web/Security/TSqlMembershipProvider.php
index 6bd677f7..87e9015f 100644
--- a/framework/Web/Security/TSqlMembershipProvider.php
+++ b/framework/Web/Security/TSqlMembershipProvider.php
@@ -57,7 +57,7 @@ class TSqlMembershipProvider extends TMembershipProvider
 	public function getMembershipUser($username=null,$providerUserKey=null,$userIsOnline=false)
 	{
 		Prado::using('System.Web.Security.TMembershipUser');
-//		return new TMembershipUser($this->getID());
+		return new TMembershipUser($this->getID());
 	}
 	public function getUserNameByEmail($email)
 	{