summaryrefslogblamecommitdiffstats
path: root/pam.php
blob: 20c5a85f7a955a9149810e97fc7c1cd17e53297f (plain) (tree) 
baba267 ^



5ff1e94 ^


baba267 ^



5ff1e94 ^

baba267 ^



5ff1e94 ^







e5be4e9 ^

5ff1e94 ^





e5be4e9 ^


5ff1e94 ^










baba267 ^








1
2
3

4
5

6
7
8

9

10
11
12

13
14
15
16
17
18
19

20

21
22
23
24
25

26
27

28
29
30
31
32
33
34
35
36
37

38
39
40
41
42
43
44
45



                                                                                    

                                                                                          


                                
   


                          






                                     
                                                                                




                                               

                                                                                                                                   









                                                          







                                                                                                                                 
<?php

// Autoload classes from ./inc which adhere to naming scheme <lowercasename>.inc.php
spl_autoload_register(function ($class) {
	$file = 'inc/' . preg_replace('/[^a-z0-9]/', '', strtolower($class)) . '.inc.php';
	if (!file_exists($file))
		return;
	require_once $file;
});

require_once 'config.php';

$action = Request::any('action');

//
// New version - browser based
//
if ($action === 'browser') {
	// Browser requesting a token
	Header('Location: shib/client_auth.php?token=' . Request::any('token'));
	exit;
}

if ($action === 'verify') {
	// pam stack on client trying to verify
	$row = Database::queryFirst("SELECT username FROM client_token WHERE token = :token AND dateline > UNIX_TIMESTAMP() - 300",
		['token' => (string)Request::any('token')]);
	Header('Content-Type: text/plain; charset=utf-8');
	if ($row === false) {
		die("ERROR=Invalid token");
	}
	die("USER={$row['username']}");
}

//
// Old way, ECP
//
Header('Content-Type: text/plain; charset=utf-8');

$res = Database::simpleQuery("SELECT suffix, authmethod FROM organization INNER JOIN organization_suffix USING(organizationid)");
while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
	if (substr($row['authmethod'], 0, 5) === 'https') {
		echo $row['suffix'], '=', $row['authmethod'], "\n";
	}
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-04-23 13:23:10 +0200