added some code to deal with username case (made it all lower)

added some code to getuser to show token existence

diff --git a/gaas/gaasd/gaasclient.php b/gaas/gaasd/gaasclient.php
index 09c7303..cb57c38 100644 (file)
--- a/gaas/gaasd/gaasclient.php
+++ b/gaas/gaasd/gaasclient.php
@@ -16,7 +16,7 @@ function usage()
        echo "\tsetadlogin username password domain\n";
        echo "\tsetclientgroup groupname - change the group membership requirements for client's with AD\n";
        echo "\tsetadmingroup groupname - change the group membership requirements for admin's with AD\n";
-       echo "\tprovisiontoken username [HOTP|TOTP] [KEY]- provision the user \"username\"\n";
+       echo "\tprovisiontoken username [HOTP|TOTP] [KEY] - provision the user \"username\"\n";
        echo "\tassign username tokenid - assign a hardware token to a user\n";
        echo "\taddtoken token_name token_key token_type - adds a hardware token to the DB\n";
        echo "\tgethwtokens - gets a list of hardware tokens by token_name\n";
@@ -103,8 +103,14 @@ switch($argv[1]) {
                if(isset($argv[3])) $partof = $argv[3];
                if(isset($argv[4])) $onlytokens = $argv[4];
                $ret = $myga->MSG_GET_USERS($group, $partof, $onlytokens);
-               foreach($ret as $user => $real) {
-                       echo "$real ($user)\n";
+               foreach($ret as $key => $val) {
+                       $real = $val["realname"];
+                       $user = $val["username"];
+                       $hastok = "";
+                       if($val["hastoken"]) {
+                               $hastok = " * ";
+                       }
+                       echo "$hastok$real ($user)\n";
                }
                break;
        case "deleteuser":

diff --git a/gaas/lib/gaasClientMessages.php b/gaas/lib/gaasClientMessages.php
index 8564dd6..5d36230 100644 (file)
--- a/gaas/lib/gaasClientMessages.php
+++ b/gaas/lib/gaasClientMessages.php
@@ -49,7 +49,7 @@ function gaasInitServer_clientrecv($params)
 function gaasSetADLogin_clientsend($params)
 {
        $msg["domain"] = $params[2];
-       $msg["user"] = $params[0];
+       $msg["user"] = strtolower($params[0]);
        $msg["pass"] = $params[1];
        
        return $msg;
@@ -69,7 +69,7 @@ function gaasSetAdminGroup_clientsend($params)
 
 function gaasProvisionUser_clientsend($params)
 {
-       $msg["username"] = $params[0];
+       $msg["username"] = strtolower($params[0]);
        $msg["tokentype"] = "";
        $msg["tokenkey"] = "";
        if(isset($params[1])) {
@@ -101,7 +101,7 @@ function gaasAddHardwareToken_clientsend($params)
 // TODO ERROR CHECK
 function gaasAssignToken_clientsend($params)
 {
-       $msg["username"] = $params[0];
+       $msg["username"] = strtolower($params[0]);
        $msg["tokenid"] = $params[1];
        
        return $msg;
@@ -111,11 +111,14 @@ function gaasGetUsers_clientsend($params)
 {
        $msg["havetokens"] = false;
        $msg["userpattern"] = "";
-       $msg["group"] = "client";
+       $msg["group"] = "all";
        if(isset($params[0])) {
                if($params[0] == "admin") {
                        $msg["group"] = "admin";
                }
+               if($params[0] == "client") {
+                       $msg["group"] = "client";
+               }
        }
        if(isset($params[1])) {
                $msg["userpattern"] = $params[1];
@@ -132,7 +135,7 @@ function gaasGetUsers_clientsend($params)
 
 function gaasDeleteUser_clientsend($params)
 {
-       $msg["username"] = $params[0];
+       $msg["username"] = strtolower($params[0]);
        
        return $msg;
 }

diff --git a/gaas/lib/gaasdLib.php b/gaas/lib/gaasdLib.php
index b54390e..f0f78b0 100644 (file)
--- a/gaas/lib/gaasdLib.php
+++ b/gaas/lib/gaasdLib.php
@@ -99,20 +99,6 @@ function confDelVar($varname)
 }
 
 
-function hasToken($username)
-{
-       $db = getDB();
-       
-       $sql = "select * from users where users_username='$username'";
-       $res = $db->query($sql);
-       if(!$res) return false;
-       foreach($res as $row) {
-               print_r($row);
-       }
-       
-       return true;
-}
-
 function createUserInDB($username, $realname)
 {
        $db = getDB();

diff --git a/gaas/lib/gaasdMessages.php b/gaas/lib/gaasdMessages.php
index 82d6d8e..a0b1efa 100644 (file)
--- a/gaas/lib/gaasdMessages.php
+++ b/gaas/lib/gaasdMessages.php
@@ -195,13 +195,8 @@ function gaasProvisionUser_server($msg)
                if(userInGroup($msg["username"], confGetVal("ad.domain"), confGetVal("ad.user"), confGetVal("ad.pass"), confGetVal("ad.clientdef"))) {
                        $myga = new gaasdGA();
                        
-                       // TODO - figure out how to deal with the token origin - i.e. software/hardware
-                       if($msg["origin"] == "hardware") {
-                               echo "want a hardware token, but i dont know how to do this yet\n";
-                       } else {
-                               echo "using software token\n";
-                               $myga->setUser($msg["username"], $ttype, "", $tkey);
-                       }
+                       echo "using software token\n";
+                       $myga->setUser($msg["username"], $ttype, "", $tkey);
                } else {
                        echo "User not in client group\n";
                }
@@ -307,6 +302,7 @@ function gaasGetUsers_server($msg)
        $haveTokens = $msg["havetokens"];
        $userPatter = $msg["userpattern"];
        $group = $msg["group"];
+       $myga = new gaasdGA();
        
        if(confGetval("backend") == "AD") {
                $adgroup = "";
@@ -314,19 +310,28 @@ function gaasGetUsers_server($msg)
                        $adgroup = confGetVal("ad.admindef");
                } else {
                        $adgroup = confGetVal("ad.clientdef");
-               }
+               } 
                $addom = confGetVal("ad.domain");
                $aduser = confGetVal("ad.user");
                $adpass = confGetVal("ad.pass");
                //echo "using group $adgroup for $group\n";
                
                $users = getUsersInGroup($addom, $aduser, $adpass, $adgroup);
-               foreach($users as $user => $real) {
-                       hasToken($user);
+               foreach($users as $key => $val) {
+                       $user = $val["username"];
+                       //echo "checking $user for token - ";
+                       if($myga->hasToken($user)) {
+                               $users[$key]["hastoken"] = true;
+                               //echo "yes\n";
+                       } else {
+                               $users[$key]["hastoken"] = false;
+                               //echo "no\n";
+                       }
                }
        } else {
                // internal db
        }
+       //print_r($users);
        return $users;
 }
 

diff --git a/gaas/lib/globalLib.php b/gaas/lib/globalLib.php
index 4aea836..79857cf 100644 (file)
--- a/gaas/lib/globalLib.php
+++ b/gaas/lib/globalLib.php
@@ -29,8 +29,8 @@ global $TCP_PORT_NUMBER;
  * get qrcode
  * re-create user token
  * set user pin
- * authenticate token
- * authenticate pin
+ * authenticate user by token
+ * authenticate user by password
  * 
  */
 
@@ -232,7 +232,9 @@ function getUsersInGroup($domain, $adlogin, $adpass, $group)
        $i = 0;
        foreach($info as $kpot => $lpot) {
                if(isset($lpot["samaccountname"])) {
-                       $arbi[$lpot["samaccountname"][0]] =  $lpot["name"][0];
+                       $arbi[$i]["realname"] =  $lpot["name"][0];
+                       $arbi[$i]["username"] = strtolower($lpot["samaccountname"][0]);
+                       $i++;
                }
        }