diff options
| author | Andrew Dolgov <[email protected]> | 2022-07-24 14:48:21 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2022-07-24 14:48:21 +0300 |
| commit | 2634afed889eea33eefd24629d21cadc09e80818 (patch) | |
| tree | 99b5426aeeedcff4a8ad396fb76a9c18e0799ec6 /init.php | |
initial
Diffstat (limited to 'init.php')
| -rw-r--r-- | init.php | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/init.php b/init.php new file mode 100644 index 0000000..4ed6c78 --- /dev/null +++ b/init.php @@ -0,0 +1,98 @@ +<?php +require_once __DIR__ . "/vendor/autoload.php"; + +use Jumbojett\OpenIDConnectClient; + +class Auth_OIDC extends Auth_Base { + + /** redirect user to this URL after logout; .env: + * TTRSS_AUTH_OIDC_POST_LOGOUT_URL=http://127.0.0.1/logout-redirect + */ + const AUTH_OIDC_POST_LOGOUT_URL = "AUTH_OIDC_POST_LOGOUT_URL"; + + /** @var PluginHost $host */ + private $host; + + function about() { + return array(null, + "Authenticates against configured OIDC provider", + "fox", + true); + } + + function init($host) { + $host->add_hook($host::HOOK_AUTH_USER, $this); + + Config::add(self::AUTH_OIDC_POST_LOGOUT_URL, "", Config::T_STRING); + + if (Config::get(self::AUTH_OIDC_POST_LOGOUT_URL) != "") { + $host->add_hook($host::HOOK_POST_LOGOUT, $this); + } + + $this->host = $host; + } + + function is_public_method($method) { + return $method == "callback"; + } + + function callback() { + print "IN_CALLBACK"; + die; + } + + function authenticate($login, $password, $service = '') { + $oidc = new OpenIDConnectClient('https://auth.fakecake.org', + 'dev-debian-ttrss', + 'Bu3vuCi0wBeQteJ7di4H6SKgqvYnpSludEP68SHu9wLekxXl'); + + if (!($_SESSION['uid'] ?? false)) { + $oidc->setRedirectURL(Config::get_self_url()); + + try { + $oidc->addScope(['openid', 'profile', 'email']); + $oidc->authenticate(); + + $login = $oidc->requestUserInfo("preferred_username"); + + $user_id = $this->auto_create_user($login, $password); + + if ($user_id) { + + $name = $oidc->requestUserInfo("name"); + + if ($name) { + $sth = $this->pdo->prepare("UPDATE ttrss_users SET full_name = ? WHERE id = ?"); + $sth->execute([$name, $user_id]); + } + + $email = $oidc->requestUserInfo("email"); + + if ($email) { + $sth = $this->pdo->prepare("UPDATE ttrss_users SET email = ? WHERE id = ?"); + $sth->execute([$email, $user_id]); + } + } + + return $user_id; + + } catch (Exception $e) { + var_dump($e); + die; + } + } + + return false; + } + + function hook_post_logout($login, $user_id) { + return [ + Config::get(self::AUTH_OIDC_POST_LOGOUT_URL) + ]; + } + + function api_version() { + return 2; + } + +} |