From bd517aaa43fe3437889f4199730bcab1a8519168 Mon Sep 17 00:00:00 2001
From: paulr <me@pjr.cc>
Date: Fri, 3 Dec 2010 14:10:23 +1100
Subject: [PATCH] lots of work on the authserver... tho mostly proof of concept

---
 authserver/authd/authd.php    |   55 +++++++++++++++++--
 authserver/authuser.php       |   23 ++++++++-
 authserver/lib/authClient.php |   61 +++++++++++++++++++++
 authserver/lib/lib.php        |  117 ++++++++++++++++++++++++++++++++++++++++-
 4 files changed, 248 insertions(+), 8 deletions(-)
 create mode 100644 authserver/lib/authClient.php

diff --git a/authserver/authd/authd.php b/authserver/authd/authd.php
index 7755688..616eab7 100644
--- a/authserver/authd/authd.php
+++ b/authserver/authd/authd.php
@@ -1,24 +1,69 @@
 <?php
 
-if(file_exists("config.php")) require_once("config.php")
-else {
+if(file_exists("config.php")) {
+	require_once("config.php");
+} else {
 	// config file doesnt exist, we must abort sensibly
 }
 
 // get out master library for ga4php
 require_once("../lib/lib.php");
 
-
+	
+//exit(0);
 // first we want to fork into the background like all good daemons should
-$pid = pcntl_fork();
+//$pid = pcntl_fork();
+$pid = 0;
 
 if($pid == -1) {
 	
 } else if($pid) {
 	// i am the parent, i shall leave
+	echo "i am a parent, i leave\n";
 	exit(0);
 } else {
-	// i am the child, begin me up
+	
+	
+	/// ok, this is just testing stuff... create queue
+	global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
+	
+	
+	
+	$cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT, 0666 | 'IPC_CREAT');
+	$sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER, 0666 | 'IPC_CREAT');
+
+	$myga = new gaasGA();
+	global $myga;
+	
+	
+	print_r($myga);
+	
+	while(true) {
+		msg_receive($sr_queue, 0, $msg_type, 16384, $msg);
+		echo "Got message $msg_type\n";
+		print_r($msg);
+		switch($msg_type) {
+			case MSG_AUTH_USER:
+				echo "got auth message, $msg\n";
+				$username = $msg["user"];
+				$passcode = $msg["passcode"];
+				global $myga;
+				msg_send($cl_queue, MSG_AUTH_USER, $myga->authenticateUser($username, $passcode));
+				break;
+			case MSG_ADD_USER:
+				echo "add user\n";
+				$username = $msg["username"];
+				global $myga;
+				msg_send($cl_queue, MSG_ADD_USER, $myga->setUser($username));
+				break;
+			case MSG_DELETE_USER:
+				break;
+			default:
+				echo "um??\n";
+				
+		}		
+		echo "Back to wait\n";
+	}	
 }
 
 ?>
\ No newline at end of file
diff --git a/authserver/authuser.php b/authserver/authuser.php
index bf6ca8c..f6ff83c 100644
--- a/authserver/authuser.php
+++ b/authserver/authuser.php
@@ -1,6 +1,6 @@
 <?php
 /*
- * radverify.php
+ * 
  * 
  * This file is designed as a "script" extension to freeradius (or some such tool) for radius authentication.
  * Also provided is a simple web interface for managing users in freeradius.
@@ -9,4 +9,25 @@
  * 
  */
 
+require_once("lib/authClient.php");
+
+$myAC = new GAAuthClient();
+
+if(!isset($argv[1])) {
+	echo "Usage: ".$argv[0]." add|auth username passcode\n";
+	return 0;	
+}
+
+switch($argv[1]) {
+	case "auth":
+		if($myAC->authUser($argv[2], $argv[3])==1) {
+			echo "Pass!";
+		} else {
+			echo "Fail!";
+		}
+		break;
+	case "add":
+		$myAC->addUser($argv[2]);
+		break;
+}
 ?>
\ No newline at end of file
diff --git a/authserver/lib/authClient.php b/authserver/lib/authClient.php
new file mode 100644
index 0000000..64093e2
--- /dev/null
+++ b/authserver/lib/authClient.php
@@ -0,0 +1,61 @@
+<?php
+
+require_once("lib.php");
+
+class GAAuthClient {
+	function authUser($username, $passcode) {
+		global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
+		
+		
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_SERVER)) {
+			return false;
+		}
+
+		// TODO we need to setup a client queue sem lock here
+		
+		$cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT);
+		$sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER);
+		
+		
+		$message["user"] = $username;
+		$message["passcode"] = $passcode;
+		
+		msg_send($sr_queue, MSG_AUTH_USER, $message, true, true, $msg_err);
+		echo "message sent\n";
+		
+		msg_receive($cl_queue, 0, $msg_type, 16384, $msg);
+		echo "message received?\n";
+		print_r($msg);
+		
+		return false;
+	}
+	
+	function addUser($username) {
+		global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
+		
+		
+		if(!msg_queue_exists($MSG_QUEUE_KEY_ID_SERVER)) {
+			return false;
+		}
+
+		// TODO we need to setup a client queue sem lock here
+		
+		$cl_queue = msg_get_queue($MSG_QUEUE_KEY_ID_CLIENT);
+		$sr_queue = msg_get_queue($MSG_QUEUE_KEY_ID_SERVER);
+		
+		
+		$message["username"] = $username;
+		
+		msg_send($sr_queue, MSG_ADD_USER, $message, true, true, $msg_err);
+		echo "message sent\n";
+		
+		msg_receive($cl_queue, 0, $msg_type, 16384, $msg);
+		echo "message received?\n";
+		print_r($msg);
+		
+		return false;
+		
+	}
+}
+
+?>
\ No newline at end of file
diff --git a/authserver/lib/lib.php b/authserver/lib/lib.php
index dadbc0f..efc6d95 100644
--- a/authserver/lib/lib.php
+++ b/authserver/lib/lib.php
@@ -1,9 +1,122 @@
 <?php
-require_once("../../lib/ga4php.php");
 
-class gaasGA extends GoogleAuthenticator {
+if(!isset($MSG_QUEUE_KEY_ID_SERVER)) $MSG_QUEUE_KEY_ID_SERVER = "189751072";
+if(!isset($MSG_QUEUE_KEY_ID_CLIENT)) $MSG_QUEUE_KEY_ID_CLIENT = "189751073";
+global $MSG_QUEUE_KEY_ID_SERVER, $MSG_QUEUE_KEY_ID_CLIENT;
+
+define("MSG_AUTH_USER", 1);
+define("MSG_ADD_USER", 2);
+define("MSG_DELETE_USER", 2);
+
+
+if(file_exists("../../lib/ga4php.php")) require_once("../../lib/ga4php.php");
+if(file_exists("../lib/ga4php.php")) require_once("../lib/ga4php.php");
+
+function getDatabase() {
+	$dbobject = false;
+	if(file_exists("/tmp/gadata.sqlite")) {
+		try {
+			$dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
+		} catch(PDOException $exep) {
+			error_log("execpt on db open");
+		}
+	} else {
+		try {
+			$dbobject = new PDO("sqlite:/tmp/gadata.sqlite");
+		} catch(PDOException $exep) {
+			error_log("execpt on db open");
+		}
+		$sql = 'CREATE TABLE "users" ("users_id" INTEGER PRIMARY KEY AUTOINCREMENT,"users_username" TEXT,"users_tokendata" TEXT);';
+		$dbobject->query($sql);
+	}
 	
+	return $dbobject;
+}
 
+function closeDatabase($db) {
+	// doesnt do anything yet
+}
+
+class gaasGA extends GoogleAuthenticator {
+	function getData($username) {
+		
+		// get our database connection
+		$dbObject = getDatabase();
+		
+		// set the sql for retreiving the data
+		$sql = "select users_tokendata from users where users_username='$username'";
+		
+		// run the query
+		$result = $dbObject->query($sql);
+		
+		// check the result
+		if(!$result) return false;
+		
+		// now just retreieve all the data (there should only be one, but whatever)
+		$tokendata = false;
+		foreach($result as $row) {
+			$tokendata = $row["users_tokendata"];
+		}
+		
+		// now we have our data, we just return it. If we got no data
+		// we'll just return false by default
+		return $tokendata;
+		
+		// and there you have it, simple eh?
+	}
+	
+	
+	// now we need a function for putting the data back into our user table.
+	// in this example, we wont check anything, we'll just overwrite it.
+	function putData($username, $data) {
+		// get our database connection
+		$dbObject = getDatabase();
+		
+		// set the sql for updating the data
+		// token data is stored as a base64 encoded string, it should
+		// not need to be escaped in any way prior to storing in a database
+		// but feel free to call your databases "addslashes" (or whatever)
+		// function on $data prior to doing the SQL.
+		$sql = "delete from users where users_username='$username'";
+		$dbObject->query($sql);
+		
+		$sql = "insert into users values (NULL, '$username', '$data')";
+		
+		
+		// now execute the sql and return straight away - you should probably
+		// clean up after yourselves, but im going to assume pdo does this
+		// for us anyway in this exmaple
+		if($dbObject->query($sql)) {
+			return true;
+		} else {
+			return false;
+		}
+		
+		// even simpler!
+	}
+	
+	function getUsers() {
+		// get our database connection
+		$dbObject = getDatabase();
+		
+		// now the sql again
+		$sql = "select users_username from users";
+		
+		// run the query
+		$result = $dbObject->query($sql);
+		
+		// iterate over the results - we expect a simple array containing
+		// a list of usernames
+		$i = 0;
+		$users = array();
+		foreach($result as $row) {
+			$users[$i] = $row["username"];
+			$i++;
+		}
+		
+		// now return the list
+		return $users;
+	}	
 }
 
 ?>
\ No newline at end of file
-- 
1.7.0.4