Add TicketUser class which implement AuthenticatedUser

Add token (authtoken) based authentication to User authentication backend.

Add TicketUser class which implement AuthenticatedUser
a86eea26 · Peter Rotich · Peter Rotich · 7eef427a · a86eea26 · a86eea26
Commit a86eea26 authored 11 years ago by Peter Rotich Committed by Peter Rotich 11 years ago
--- a/include/class.auth.php
+++ b/include/class.auth.php
@@ -464,4 +464,36 @@ class osTicketAuthentication extends StaffAuthenticationBackend {
    }
 }
 StaffAuthenticationBackend::register(osTicketAuthentication);
+
+class AuthTokenAuthentication extends UserAuthenticationBackend {
+    static $name = "Auth Token Authentication";
+    static $id = "authtoken";
+
+
+    function signOn() {
+
+        if ($_GET['auth'] && ($user=self::__authtoken($_GET['auth'])))
+            return $user;
+
+    }
+
+    static private function __authtoken($token) {
+
+        switch ($token[0]) {
+            case 'c': //Collaborator c+[token]
+                if (($c = Collaborator::lookupByAuthToken($token)))
+                    return new TicketUser($c); //Decorator
+                break;
+            case 'o': //Ticket owner  o+[token]
+                break;
+        }
+    }
+
+    function authenticate($username, $password) {
+        return false;
+    }
+
+}
+UserAuthenticationBackend::register(AuthTokenAuthentication);
+
 ?>
--- a/include/class.client.php
+++ b/include/class.client.php
@@ -31,6 +31,8 @@ class Client {

    var $ht;

+    var $user;
+

    function Client($id, $email=null) {
        $this->id =0;
@@ -59,9 +61,8 @@ class Client {
        $this->ticket_id  = $this->ht['ticket_id'];
        $this->ticketID   = $this->ht['ticketID'];

-        $user = User::lookup(array('emails__address'=>$this->ht['email']));
-        $this->fullname   = $user->getFullName();
-
+        $this->user = User::lookup(array('emails__address'=>$this->ht['email']));
+        $this->fullname   = $this->user->getFullName();
        $this->username   = $this->ht['email'];
        $this->email      = $this->ht['email'];

@@ -239,28 +240,66 @@ class Client {

        return false;
    }
+}
+
+/*
+ * Decorator class for authenticated user
+ *
+ */

-    static function authlogin($auth) {
-        //Expecting authtoken
-        // <user type><id of the user type>x<version id of the algo used>h<hash>
-        $matches = array();
-        $regex='/^(?P<type>\w{1})(?P<id>\d+)x(?P<v>\d+)h(?P<hash>.*)$/i';
-        if (!preg_match($regex, $auth, $matches))
+class  TicketUser implements AuthenticatedUser {
+
+    protected $backend;
+    protected $user;
+
+    function __construct($user) {
+        $this->user = $user;
+    }
+
+    /*
+     * Delegate calls to the user
+     */
+    function __call($name, $args) {
+
+        if(!$this->user
+                || !is_callable($this->user, $name))
            return false;

-        switch($matches['type']) {
-            case 'c': //Collaborator c<id>x<algo id used>h<hash for algo>
-                if (($c = Collaborator::lookup($matches['id']))
-                        && strcasecmp($c->getAuthToken($matches['v']), $auth)  == 0
-                        )
-                    return $c;
-                break;
-            case 'o': //Ticket owner
+        return  $args
+            ? call_user_func_array(array($this->user, $name), $args)
+            : call_user_func(array($this->user, $name));
+    }

-                break;
-        }
+    function getId() {
+        //We ONLY care about user ID at the ticket level
+        if ($this->user instanceof Collaborator)
+            return $this->user->getUserId();

-        return false;
+        return $this->user->getId();
    }
+
+    function isOwner() {
+        return  ($this->user && $this->user instanceof Client);
+    }
+
+    function setBackend($bk) {
+        $this->backend = $bk;
+    }
+
+    function getBackend() {
+        return $this->backend;
+    }
+
+    function getUserName() {
+        //XXX: Revisit when real usernames are introduced  or when email
+        // requirement is removed.
+        return $this->user->getEmail();
+    }
+
+    function getRole() {
+        return $this->isOwner() ? 'owner' : 'collaborator';
+    }
+
 }
+
 ?>
--- a/include/class.collaborator.php
+++ b/include/class.collaborator.php
@@ -22,6 +22,8 @@ class Collaborator {
    var $user;
    var $ticket;

+    static private $token_regex = '/^c(?P<id>\d+)x(?P<algo>\d+)h(?P<hash>.*)$/i';
+
    function __construct($id) {

        $this->load($id);
@@ -152,6 +154,21 @@ class Collaborator {
        return $id;
    }

+    static function lookupByAuthToken($token) {
+
+        //Expecting well formatted token see getAuthToken routine for details.
+        $matches = array();
+        if (preg_match(static::$token_regex, $token, $matches)
+                && $matches['id']
+                && ($c = self::lookup($matches['id']))
+                && strcasecmp($c->getAuthToken($matches['algo']), $token)  == 0
+                )
+            return $c;
+
+        return null;
+
+    }
+
    static function lookup($criteria) {
        $id = is_numeric($criteria)
            ? $criteria : self::getIdByInfo($criteria);