}
}
+ private function getCSRFPreventionToken($ticket) {
+ return array('CSRFPreventionToken: ' . $ticket->CSRFPreventionToken);
+ }
+
+ private function getRestTicket($username, $password) {
+ global $CFG;
+
+ $result = false;
+ $url = $CFG->wblistadm_url . '/ticket';
+
+ $data = "username=$username&password=$password";
+ $response = $this->RESTCall($url, $data, $cookiesIn = '');
+ if ($response['http_code'] >= 200 && $response['http_code'] <= 204) {
+ $data = json_decode($response['content']);
+ $_SESSION['ticket'] = $data->data;
+ $_SESSION['cookies'] = $response['cookies'];
+ $result = true;
+ }
+
+ return $result;
+ }
+
+ public function makeRestCall($method, $data = null) {
+ global $CFG;
+
+ $result;
+
+ $url = $CFG->wblistadm_url . "$method";
+ $token = $this->getCSRFPreventionToken($_SESSION['ticket']);
+ $response = $this->RESTCall($url, $data, $_SESSION['cookies'], $token);
+
+ if ($response['http_code'] >= 200 && $response['http_code'] <= 204) {
+ if ($data) {
+ // HTTP POST
+ $result = true;
+ } else {
+ // HTTP GET
+ $data = json_decode($response['content']);
+ $result = $data->data;
+ }
+ } else {
+ $result = ($data) ? false : array();
+ }
+
+ return $result;
+ }
+
+ private function RESTCall($url, $data = null, $cookiesIn = '', $headers = null) {
+ $options = array(
+ CURLOPT_RETURNTRANSFER => true, // return web page
+ CURLOPT_HEADER => true, //return headers in addition to content
+ CURLOPT_FOLLOWLOCATION => true, // follow redirects
+ CURLOPT_ENCODING => "", // handle all encodings
+ CURLOPT_AUTOREFERER => true, // set referer on redirect
+ CURLOPT_CONNECTTIMEOUT => 120, // timeout on connect
+ CURLOPT_TIMEOUT => 120, // timeout on response
+ CURLOPT_MAXREDIRS => 10, // stop after 10 redirects
+ CURLINFO_HEADER_OUT => true,
+ CURLOPT_SSL_VERIFYPEER => false, // Disabled SSL Cert checks
+ CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+ CURLOPT_COOKIE => $cookiesIn
+ );
+
+ if ($data) {
+ $options[CURLOPT_POST] = 1;
+ $options[CURLOPT_POSTFIELDS] = $data;
+ }
+
+ if ($headers) {
+ $options[CURLOPT_HTTPHEADER] = $headers;
+ }
+
+ $ch = curl_init($url);
+ curl_setopt_array($ch, $options);
+ $rough_content = curl_exec($ch);
+ $err = curl_errno($ch);
+ $errmsg = curl_error($ch);
+ $header = curl_getinfo($ch);
+ curl_close($ch);
+
+ $header_content = substr($rough_content, 0, $header['header_size']);
+ $body_content = trim(str_replace($header_content, '', $rough_content));
+ $pattern = "#Set-Cookie:\\s+(?<cookie>[^=]+=[^;]+)#m";
+ preg_match_all($pattern, $header_content, $matches);
+ $cookiesOut = implode("; ", $matches['cookie']);
+
+ $header['errno'] = $err;
+ $header['errmsg'] = $errmsg;
+ $header['headers'] = $header_content;
+ $header['content'] = $body_content;
+ $header['cookies'] = $cookiesOut;
+
+ return $header;
+ }
+
public function logout() {
$this->log("logout", 4);
$sr = @ldap_search($ds, $CFG->ldap_base_dn, $filter, array('mail','domainglobaladmin'));
$info = @ldap_get_entries($ds, $sr); // array
if ($info['count'] > 0) {
- $this->settings['user'] = $user;
- $result = true;
- $this->settings['loginStatus'] = 'OK';
- $admin = 'NO';
- if (isset($info[0]['domainglobaladmin'])) {
- $admin = $info[0]['domainglobaladmin'][0];
- $admin = strtoupper($admin);
- }
- $this->settings['admin'] = ($admin == 'YES') ? true : false;
-
// Log in to wblistadm server and get CSRFPreventionToken
- $url = $CFG->wblistadm_host . ':' . $CFG->wblistadm_port . '/ticket';
+ if ($this->getRestTicket($user, $pw)) {
+ $this->settings['user'] = $user;
+ $result = true;
+ $this->settings['loginStatus'] = 'OK';
+ $admin = 'NO';
+ if (isset($info[0]['domainglobaladmin'])) {
+ $admin = $info[0]['domainglobaladmin'][0];
+ $admin = strtoupper($admin);
+ }
+ $this->settings['admin'] = ($admin == 'YES') ? true : false;
+ } else {
+ $this->settings['loginStatus'] = 'Login failed';
+ }
} else {
$this->settings['loginStatus'] = 'Login failed';
}
return $string;
}
- public function RESTCall($url, $data = null, $cookiesIn = '', $headers = null) {
- $options = array(
- CURLOPT_RETURNTRANSFER => true, // return web page
- CURLOPT_HEADER => true, //return headers in addition to content
- CURLOPT_FOLLOWLOCATION => true, // follow redirects
- CURLOPT_ENCODING => "", // handle all encodings
- CURLOPT_AUTOREFERER => true, // set referer on redirect
- CURLOPT_CONNECTTIMEOUT => 120, // timeout on connect
- CURLOPT_TIMEOUT => 120, // timeout on response
- CURLOPT_MAXREDIRS => 10, // stop after 10 redirects
- CURLINFO_HEADER_OUT => true,
- CURLOPT_SSL_VERIFYPEER => false, // Disabled SSL Cert checks
- CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
- CURLOPT_COOKIE => $cookiesIn
- );
-
- if ($data) {
- $options[CURLOPT_POST] = 1;
- $options[CURLOPT_POSTFIELDS] = $data;
- }
-
- if ($headers) {
- $options[CURLOPT_HTTPHEADER] = $headers;
- }
-
- $ch = curl_init($url);
- curl_setopt_array($ch, $options);
- $rough_content = curl_exec($ch);
- $err = curl_errno($ch);
- $errmsg = curl_error($ch);
- $header = curl_getinfo($ch);
- curl_close($ch);
-
- $header_content = substr($rough_content, 0, $header['header_size']);
- $body_content = trim(str_replace($header_content, '', $rough_content));
- $pattern = "#Set-Cookie:\\s+(?<cookie>[^=]+=[^;]+)#m";
- preg_match_all($pattern, $header_content, $matches);
- $cookiesOut = implode("; ", $matches['cookie']);
-
- $header['errno'] = $err;
- $header['errmsg'] = $errmsg;
- $header['headers'] = $header_content;
- $header['content'] = $body_content;
- $header['cookies'] = $cookiesOut;
-
- return $header;
- }
}