2006-11-20 02:52:18 +01:00
|
|
|
#!/usr/bin/perl
|
|
|
|
# HTTP basic auth plugin.
|
|
|
|
package IkiWiki::Plugin::httpauth;
|
|
|
|
|
|
|
|
use warnings;
|
|
|
|
use strict;
|
2008-12-23 22:34:19 +01:00
|
|
|
use IkiWiki 3.00;
|
2006-11-20 02:52:18 +01:00
|
|
|
|
2008-12-17 21:22:16 +01:00
|
|
|
sub import {
|
2012-04-04 18:58:36 +02:00
|
|
|
hook(type => "checkconfig", id => "httpauth", call => \&checkconfig);
|
2008-08-03 22:40:12 +02:00
|
|
|
hook(type => "getsetup", id => "httpauth", call => \&getsetup);
|
2006-11-20 10:40:09 +01:00
|
|
|
hook(type => "auth", id => "httpauth", call => \&auth);
|
2010-02-11 23:26:09 +01:00
|
|
|
hook(type => "formbuilder_setup", id => "httpauth",
|
|
|
|
call => \&formbuilder_setup);
|
2010-02-12 01:54:40 +01:00
|
|
|
hook(type => "canedit", id => "httpauth", call => \&canedit,
|
|
|
|
first => 1);
|
2008-12-17 21:22:16 +01:00
|
|
|
}
|
2006-11-20 02:52:18 +01:00
|
|
|
|
2008-12-17 21:22:16 +01:00
|
|
|
sub getsetup () {
|
2008-08-03 22:40:12 +02:00
|
|
|
return
|
|
|
|
plugin => {
|
|
|
|
safe => 1,
|
|
|
|
rebuild => 0,
|
2010-02-12 04:24:15 +01:00
|
|
|
section => "auth",
|
2008-08-03 22:40:12 +02:00
|
|
|
},
|
2009-11-10 06:50:59 +01:00
|
|
|
cgiauthurl => {
|
|
|
|
type => "string",
|
2009-11-10 06:53:34 +01:00
|
|
|
example => "http://example.com/wiki/auth/ikiwiki.cgi",
|
2009-11-10 06:50:59 +01:00
|
|
|
description => "url to redirect to when authentication is needed",
|
|
|
|
safe => 1,
|
|
|
|
rebuild => 0,
|
|
|
|
},
|
2010-02-12 00:25:10 +01:00
|
|
|
httpauth_pagespec => {
|
|
|
|
type => "pagespec",
|
|
|
|
example => "!*/Discussion",
|
|
|
|
description => "PageSpec of pages where only httpauth will be used for authentication",
|
|
|
|
safe => 0,
|
|
|
|
rebuild => 0,
|
|
|
|
},
|
2008-12-17 21:22:16 +01:00
|
|
|
}
|
2012-04-04 18:58:36 +02:00
|
|
|
|
|
|
|
sub checkconfig () {
|
|
|
|
if ($config{cgi} && defined $config{cgiauthurl} &&
|
|
|
|
keys %{$IkiWiki::hooks{auth}} < 2) {
|
|
|
|
# There are no other auth hooks registered, so avoid
|
|
|
|
# the normal signin form, and jump right to httpauth.
|
|
|
|
require IkiWiki::CGI;
|
|
|
|
inject(name => "IkiWiki::cgi_signin", call => sub ($$) {
|
|
|
|
my $cgi=shift;
|
|
|
|
redir_cgiauthurl($cgi, $cgi->query_string());
|
|
|
|
});
|
|
|
|
}
|
|
|
|
}
|
2010-02-11 23:26:09 +01:00
|
|
|
|
2010-02-12 00:25:10 +01:00
|
|
|
sub redir_cgiauthurl ($;@) {
|
2010-02-11 23:26:09 +01:00
|
|
|
my $cgi=shift;
|
|
|
|
|
2010-02-12 00:25:10 +01:00
|
|
|
IkiWiki::redirect($cgi,
|
2010-02-12 01:54:40 +01:00
|
|
|
@_ > 1 ? IkiWiki::cgiurl(cgiurl => $config{cgiauthurl}, @_)
|
|
|
|
: $config{cgiauthurl}."?@_"
|
|
|
|
);
|
2010-02-11 23:26:09 +01:00
|
|
|
exit;
|
|
|
|
}
|
2008-08-03 22:40:12 +02:00
|
|
|
|
2008-12-17 21:22:16 +01:00
|
|
|
sub auth ($$) {
|
2006-11-20 02:52:18 +01:00
|
|
|
my $cgi=shift;
|
|
|
|
my $session=shift;
|
|
|
|
|
|
|
|
if (defined $cgi->remote_user()) {
|
|
|
|
$session->param("name", $cgi->remote_user());
|
|
|
|
}
|
2010-02-11 22:36:19 +01:00
|
|
|
}
|
|
|
|
|
2010-02-11 23:26:09 +01:00
|
|
|
sub formbuilder_setup (@) {
|
|
|
|
my %params=@_;
|
|
|
|
|
|
|
|
my $form=$params{form};
|
|
|
|
my $session=$params{session};
|
|
|
|
my $cgi=$params{cgi};
|
|
|
|
my $buttons=$params{buttons};
|
|
|
|
|
|
|
|
if ($form->title eq "signin" &&
|
|
|
|
! defined $cgi->remote_user() && defined $config{cgiauthurl}) {
|
|
|
|
my $button_text="Login with HTTP auth";
|
|
|
|
push @$buttons, $button_text;
|
|
|
|
|
|
|
|
if ($form->submitted && $form->submitted eq $button_text) {
|
2010-02-12 00:25:10 +01:00
|
|
|
# bounce thru cgiauthurl and then back to
|
|
|
|
# the stored postsignin action
|
|
|
|
redir_cgiauthurl($cgi, do => "postsignin");
|
2010-02-11 23:26:09 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-02-12 00:25:10 +01:00
|
|
|
sub canedit ($$$) {
|
|
|
|
my $page=shift;
|
|
|
|
my $cgi=shift;
|
|
|
|
my $session=shift;
|
|
|
|
|
2010-02-12 00:32:07 +01:00
|
|
|
if (! defined $cgi->remote_user() &&
|
2010-08-31 00:32:32 +02:00
|
|
|
(! defined $session->param("name") ||
|
|
|
|
! IkiWiki::userinfo_get($session->param("name"), "regdate")) &&
|
2010-02-12 01:54:40 +01:00
|
|
|
defined $config{httpauth_pagespec} &&
|
|
|
|
length $config{httpauth_pagespec} &&
|
|
|
|
defined $config{cgiauthurl} &&
|
|
|
|
pagespec_match($page, $config{httpauth_pagespec})) {
|
2010-02-12 00:25:10 +01:00
|
|
|
return sub {
|
2010-02-12 01:54:40 +01:00
|
|
|
# bounce thru cgiauthurl and back to edit action
|
|
|
|
redir_cgiauthurl($cgi, $cgi->query_string());
|
2010-02-12 00:25:10 +01:00
|
|
|
};
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return undef;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-11-20 02:52:18 +01:00
|
|
|
1
|