diff options
Diffstat (limited to 'pam.php')
| -rw-r--r-- | pam.php | 33 |
1 files changed, 28 insertions, 5 deletions
@@ -1,17 +1,40 @@ <?php // Autoload classes from ./inc which adhere to naming scheme <lowercasename>.inc.php -function slxAutoloader($class) -{ - $file = 'inc/' . preg_replace('/[^a-z0-9]/', '', mb_strtolower($class)) . '.inc.php'; +spl_autoload_register(function ($class) { + $file = 'inc/' . preg_replace('/[^a-z0-9]/', '', strtolower($class)) . '.inc.php'; if (!file_exists($file)) return; require_once $file; -} -spl_autoload_register('slxAutoloader'); +}); require_once 'config.php'; +$action = Request::any('action'); + +// +// New version - browser based +// +if ($action === 'browser') { + // Browser requesting a token + Header('Location: shib/client_auth.php?token=' . Request::any('token')); + exit; +} + +if ($action === 'verify') { + // pam stack on client trying to verify + $row = Database::queryFirst("SELECT username FROM client_token WHERE token = :token AND dateline > UNIX_TIMESTAMP() - 300", + ['token' => (string)Request::any('token')]); + Header('Content-Type: text/plain; charset=utf-8'); + if ($row === false) { + die("ERROR=Invalid token"); + } + die("USER={$row['username']}"); +} + +// +// Old way, ECP +// Header('Content-Type: text/plain; charset=utf-8'); $res = Database::simpleQuery("SELECT suffix, authmethod FROM organization INNER JOIN organization_suffix USING(organizationid)"); |