X-Git-Url: http://git.pjr.cc/?a=blobdiff_plain;f=gaas%2Flib%2FgaasdMessages.php;h=82a07e1d95e429a5df21f16fdf05b6fd10354358;hb=1d0624b43d97b21304c89b482ebad52b07700559;hp=3b59931274645077400964b7364d53c51eb4ceea;hpb=40dc7f97626a703a943e27cdcd1a3d6a332a8f27;p=ga4php.git diff --git a/gaas/lib/gaasdMessages.php b/gaas/lib/gaasdMessages.php index 3b59931..82a07e1 100644 --- a/gaas/lib/gaasdMessages.php +++ b/gaas/lib/gaasdMessages.php @@ -11,8 +11,21 @@ function gaasStatus_server($messages) $return = "init"; if($initState != false && $backEnd != "") { $return = "running"; + $be = confGetVal("backend"); + if($be == "AD") { + $dom = confGetVal("ad.domain"); + $user = confGetVal("ad.user"); + $client = confGetVal("ad.clientdef"); + $admin = confGetVal("ad.admindef"); + $return .= " - AD integrated to $dom, GAASD Username: $user, Clients Group: $client, Admins Group: $admin"; + } else { + $return .= " - internal database"; + } + } + + return $return; } @@ -76,6 +89,7 @@ function gaasInitServer_server($msg) confSetVal("ad.clientdef", $adclientdef); confSetVal("ad.admindef", $adadmindef); confSetVal("backend", "AD"); + confSetVal("defaulttokentype", "TOTP"); $initState = true; $backEnd = "AD"; @@ -123,8 +137,6 @@ function gaasSetADLogin_server($msg) $addom = $msg["domain"]; $adlogin = $msg["user"]; $adpass = $msg["pass"]; - $adclientdef = $msg["clientdef"]; - $adadmindef = $msg["admindef"]; $res = adTestLogin($addmo, $adlogin, $adpass); if($res != 0) { @@ -134,10 +146,99 @@ function gaasSetADLogin_server($msg) confSetVal("ad.domain", $addom); confSetVal("ad.user", $adlogin); confSetVal("ad.pass", $adpass); - confSetVal("ad.clientdef", $adclientdef); - confSetVal("ad.admindef", $adadmindef); return true; } + +function gaasSetAdminGroup_server($msg) +{ + if(confGetVal("backend") == "AD") { + confSetVal("ad.admindef", $msg["admingroup"]); + } else return false; + + return true; +} + +function gaasSetClientGroup_server($msg) +{ + if(confGetVal("backend") == "AD") { + confSetVal("ad.clientdef", $msg["clientgroup"]); + } else return false; + + return true; +} + +function gaasProvisionUser_server($msg) +{ + + // function userInGroup($user, $domain, $adlogin, $adpass, $group) + echo "in provision user\n"; + print_r($msg); + $dttype = confGetVal("defaulttokentype"); + if($dttype != "HOTP" && $dttype != "TOTP") { + echo "default token type not set, setting to TOTP\n"; + confSetVal("defaulttokentype", "TOTP"); + $dttype = "TOTP"; + } + if($msg["tokentype"] == "") { + $ttype = confGetVal("defaulttokentype"); + } else { + $ttype = $msg["tokentype"]; + } + if($ttype != "HOTP" && $ttype != "TOTP") { + echo "using default token type, $dttype because user entered value of $ttype doesnt make sense\n"; + $ttype = $dttype; + } + $tkey = $msg["tokenkey"]; + if(confGetVal("backend") == "AD") { + if(userInGroup($msg["username"], confGetVal("ad.domain"), confGetVal("ad.user"), confGetVal("ad.pass"), confGetVal("ad.clientdef"))) { + $myga = new gaasdGA(); + $myga->setUser($msg["username"], $ttype, "", $tkey); + } else { + echo "User not in client group\n"; + } + } else { + // internal db + } + + + return true; +} + +function gaasGetUsers_server($msg) +{ + $haveTokens = $msg["havetokens"]; + $userPatter = $msg["userpattern"]; + $group = $msg["group"]; + + if(confGetval("backend") == "AD") { + $adgroup = ""; + if($group == "admin") { + $adgroup = confGetVal("ad.admindef"); + } else { + $adgroup = confGetVal("ad.clientdef"); + } + $addom = confGetVal("ad.domain"); + $aduser = confGetVal("ad.user"); + $adpass = confGetVal("ad.pass"); + //echo "using group $adgroup for $group\n"; + + $users = getUsersInGroup($addom, $aduser, $adpass, $adgroup); + foreach($users as $user => $real) { + hasToken($user); + } + } else { + // internal db + } + return $users; +} + +function gaasDeleteUser_server($msg) +{ + $username = $msg["username"]; + $db = getDB(); + $db->query($sql = "delete from users where users_username='$username'"); + +} ?> \ No newline at end of file