diff --git a/application/applicationextension.inc.php b/application/applicationextension.inc.php index efb3e8554..d0f577af6 100644 --- a/application/applicationextension.inc.php +++ b/application/applicationextension.inc.php @@ -92,7 +92,7 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension return $this->OnError($iErrorCode); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /** @@ -104,7 +104,7 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension */ protected function OnStart(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /** @@ -117,7 +117,7 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension */ protected function OnModeDetection(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /** @@ -133,7 +133,7 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension */ protected function OnReadCredentials(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /** @@ -146,27 +146,27 @@ abstract class AbstractLoginFSMExtension implements iLoginFSMExtension */ protected function OnCheckCredentials(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCredentialsOK(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnUsersOK(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnConnected(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnError(&$iErrorCode) { - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } } diff --git a/application/loginbasic.class.inc.php b/application/loginbasic.class.inc.php index 3e8629b00..684f1ec2c 100644 --- a/application/loginbasic.class.inc.php +++ b/application/loginbasic.class.inc.php @@ -31,7 +31,7 @@ class LoginBasic extends AbstractLoginFSMExtension $_SESSION['login_mode'] = 'basic'; } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCheckCredentials(&$iErrorCode) @@ -42,10 +42,10 @@ class LoginBasic extends AbstractLoginFSMExtension if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, $_SESSION['login_mode'], 'internal')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; - return LoginWebPage::LOGIN_FSM_RETURN_ERROR; + return LoginWebPage::LOGIN_FSM_ERROR; } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCredentialsOK(&$iErrorCode) @@ -55,7 +55,7 @@ class LoginBasic extends AbstractLoginFSMExtension list($sAuthUser) = $this->GetAuthUserAndPassword(); LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnError(&$iErrorCode) @@ -64,7 +64,7 @@ class LoginBasic extends AbstractLoginFSMExtension { LoginWebPage::HTTP401Error(); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnConnected(&$iErrorCode) @@ -74,7 +74,7 @@ class LoginBasic extends AbstractLoginFSMExtension $_SESSION['can_logoff'] = true; return LoginWebPage::CheckLoggedUser($iErrorCode); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } private function GetAuthUserAndPassword() diff --git a/application/logindefault.class.inc.php b/application/logindefault.class.inc.php index 89705a788..dbed091fd 100644 --- a/application/logindefault.class.inc.php +++ b/application/logindefault.class.inc.php @@ -35,7 +35,7 @@ class LoginDefaultBefore extends AbstractLoginFSMExtension { unset($_SESSION['login_mode']); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnReadCredentials(&$iErrorCode) @@ -49,7 +49,22 @@ class LoginDefaultBefore extends AbstractLoginFSMExtension // Force login mode LoginWebPage::SetLoginModeAndReload($sProposedLoginMode); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; + } + + protected function OnError(&$iErrorCode) + { + static::ResetSession(); + $iOnExit = LoginWebPage::getIOnExit(); + if ($iOnExit == LoginWebPage::EXIT_RETURN) + { + return LoginWebPage::LOGIN_FSM_RETURN; // Error, exit FSM + } + elseif ($iOnExit == LoginWebPage::EXIT_HTTP_401) + { + LoginWebPage::HTTP401Error(); // Error, exit + } + return LoginWebPage::LOGIN_FSM_CONTINUE; } } @@ -73,7 +88,7 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte protected function OnError(&$iErrorCode) { self::ResetLoginSession(); - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCredentialsOk(&$iErrorCode) @@ -84,7 +99,7 @@ class LoginDefaultAfter extends AbstractLoginFSMExtension implements iLogoutExte self::ResetLoginSession(); exit(); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /** diff --git a/application/loginexternal.class.inc.php b/application/loginexternal.class.inc.php index 002f51616..04ed7f1d4 100644 --- a/application/loginexternal.class.inc.php +++ b/application/loginexternal.class.inc.php @@ -30,7 +30,7 @@ class LoginExternal extends AbstractLoginFSMExtension $_SESSION['login_mode'] = 'external'; } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCheckCredentials(&$iErrorCode) @@ -41,10 +41,10 @@ class LoginExternal extends AbstractLoginFSMExtension if (!UserRights::CheckCredentials($sAuthUser, '', $_SESSION['login_mode'], 'external')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; - return LoginWebPage::LOGIN_FSM_RETURN_ERROR; + return LoginWebPage::LOGIN_FSM_ERROR; } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCredentialsOK(&$iErrorCode) @@ -54,7 +54,7 @@ class LoginExternal extends AbstractLoginFSMExtension $sAuthUser = $this->GetAuthUser(); LoginWebPage::OnLoginSuccess($sAuthUser, 'external', $_SESSION['login_mode']); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnConnected(&$iErrorCode) @@ -64,7 +64,7 @@ class LoginExternal extends AbstractLoginFSMExtension $_SESSION['can_logoff'] = false; return LoginWebPage::CheckLoggedUser($iErrorCode); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /** diff --git a/application/loginform.class.inc.php b/application/loginform.class.inc.php index a1a12471f..e7847fd7a 100644 --- a/application/loginform.class.inc.php +++ b/application/loginform.class.inc.php @@ -46,7 +46,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginDataExtension } $_SESSION['login_mode'] = 'form'; } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCheckCredentials(&$iErrorCode) @@ -58,10 +58,10 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginDataExtension if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, $_SESSION['login_mode'], 'internal')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; - return LoginWebPage::LOGIN_FSM_RETURN_ERROR; + return LoginWebPage::LOGIN_FSM_ERROR; } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCredentialsOK(&$iErrorCode) @@ -80,7 +80,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginDataExtension // Store 'auth_user' in session for further use LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnError(&$iErrorCode) @@ -89,7 +89,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginDataExtension { $this->bForceFormOnError = true; } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnConnected(&$iErrorCode) @@ -99,7 +99,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginDataExtension $_SESSION['can_logoff'] = true; return LoginWebPage::CheckLoggedUser($iErrorCode); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /** diff --git a/application/loginurl.class.inc.php b/application/loginurl.class.inc.php index 37d8c9e2c..b21456c95 100644 --- a/application/loginurl.class.inc.php +++ b/application/loginurl.class.inc.php @@ -35,7 +35,7 @@ class LoginURL extends AbstractLoginFSMExtension $_SESSION['login_mode'] = 'url'; } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCheckCredentials(&$iErrorCode) @@ -47,10 +47,10 @@ class LoginURL extends AbstractLoginFSMExtension if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, $_SESSION['login_mode'], 'internal')) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; - return LoginWebPage::LOGIN_FSM_RETURN_ERROR; + return LoginWebPage::LOGIN_FSM_ERROR; } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCredentialsOK(&$iErrorCode) @@ -60,7 +60,7 @@ class LoginURL extends AbstractLoginFSMExtension $sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data'); LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnError(&$iErrorCode) @@ -69,7 +69,7 @@ class LoginURL extends AbstractLoginFSMExtension { $this->bErrorOccurred = true; } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnConnected(&$iErrorCode) @@ -79,6 +79,6 @@ class LoginURL extends AbstractLoginFSMExtension $_SESSION['can_logoff'] = true; return LoginWebPage::CheckLoggedUser($iErrorCode); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } } \ No newline at end of file diff --git a/application/loginwebpage.class.inc.php b/application/loginwebpage.class.inc.php index a579906d4..407991dbf 100644 --- a/application/loginwebpage.class.inc.php +++ b/application/loginwebpage.class.inc.php @@ -54,11 +54,13 @@ class LoginWebPage extends NiceWebPage const LOGIN_STATE_ERROR = 'error'; // An error occurred, next state will be NONE // Login FSM Returns - const LOGIN_FSM_RETURN_OK = 0; // End the FSM OK (connected) - const LOGIN_FSM_RETURN_ERROR = 1; // Error signaled - const LOGIN_FSM_RETURN_CONTINUE = 2; // Continue FSM + const LOGIN_FSM_RETURN = 0; // End the FSM OK (connected) + const LOGIN_FSM_ERROR = 1; // Error signaled + const LOGIN_FSM_CONTINUE = 2; // Continue FSM protected static $sHandlerClass = __class__; + private static $iOnExit; + public static function RegisterHandler($sClass) { self::$sHandlerClass = $sClass; @@ -389,6 +391,7 @@ class LoginWebPage extends NiceWebPage */ protected static function Login($iOnExit) { + self::$iOnExit = $iOnExit; if (self::SecureConnectionRequired() && !utils::IsConnectionSecure()) { // Non secured URL... request for a secure connection @@ -438,22 +441,14 @@ class LoginWebPage extends NiceWebPage IssueLog::Info("Login: state: [$sLoginState] call: ".get_class($oLoginFSMExtensionInstance)); } $iResponse = $oLoginFSMExtensionInstance->LoginAction($sLoginState, $iErrorCode); - if ($iResponse == self::LOGIN_FSM_RETURN_OK) + if ($iResponse == self::LOGIN_FSM_RETURN) { - return self::EXIT_CODE_OK; // login OK, exit FSM + return $iErrorCode; // Asked to exit FSM, generally login OK } - if ($iResponse == self::LOGIN_FSM_RETURN_ERROR) + if ($iResponse == self::LOGIN_FSM_ERROR) { - static::ResetSession(); - if ($iOnExit == self::EXIT_RETURN) - { - return $iErrorCode; // Error, exit FSM - } - elseif ($iOnExit == self::EXIT_HTTP_401) - { - self::HTTP401Error(); // Error, exit - } $sLoginState = self::LOGIN_STATE_SET_ERROR; // Next state will be error + // An error was detected, skip the other plugins turn break; } // The plugin has nothing to do for this state, continue to the next plugin @@ -647,13 +642,14 @@ class LoginWebPage extends NiceWebPage $bRet = UserRights::Login($_SESSION['auth_user']); // Login & set the user's language if ($bRet) { - return self::LOGIN_FSM_RETURN_OK; + $iErrorCode = self::EXIT_CODE_OK; + return self::LOGIN_FSM_RETURN; } } // The user account is no longer valid/enabled $iErrorCode = self::EXIT_CODE_WRONGCREDENTIALS; - return self::LOGIN_FSM_RETURN_ERROR; + return self::LOGIN_FSM_ERROR; } /** @@ -1117,4 +1113,13 @@ class LoginWebPage extends NiceWebPage } return false; // nothing matched !! } + + /** + * @return mixed + */ + public static function getIOnExit() + { + return self::$iOnExit; + } + } // End of class diff --git a/datamodels/2.x/authent-cas/src/CASLoginExtension.php b/datamodels/2.x/authent-cas/src/CASLoginExtension.php index a11d25519..3091c2e23 100644 --- a/datamodels/2.x/authent-cas/src/CASLoginExtension.php +++ b/datamodels/2.x/authent-cas/src/CASLoginExtension.php @@ -41,7 +41,7 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte protected function OnStart(&$iErrorCode) { unset($_SESSION['phpCAS']); - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnReadCredentials(&$iErrorCode) @@ -67,14 +67,14 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte { unset($_SESSION['login_will_redirect']); $iErrorCode = LoginWebPage::EXIT_CODE_MISSINGLOGIN; - return LoginWebPage::LOGIN_FSM_RETURN_ERROR; + return LoginWebPage::LOGIN_FSM_ERROR; } } $_SESSION['login_mode'] = 'cas'; phpCAS::forceAuthentication(); // Redirect to CAS and exit } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCheckCredentials(&$iErrorCode) @@ -84,14 +84,14 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte if (!isset($_SESSION['auth_user'])) { $iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS; - return LoginWebPage::LOGIN_FSM_RETURN_ERROR; + return LoginWebPage::LOGIN_FSM_ERROR; } if (Config::Get('cas_user_synchro' )) { self::DoUserProvisioning($_SESSION['auth_user']); } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnCredentialsOK(&$iErrorCode) @@ -102,11 +102,11 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte if (!LoginWebPage::CheckUser($sAuthUser)) { $iErrorCode = LoginWebPage::EXIT_CODE_NOTAUTHORIZED; - return LoginWebPage::LOGIN_FSM_RETURN_ERROR; + return LoginWebPage::LOGIN_FSM_ERROR; } LoginWebPage::OnLoginSuccess($sAuthUser, 'external', $_SESSION['login_mode']); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnError(&$iErrorCode) @@ -121,7 +121,7 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte exit(); } } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } protected function OnConnected(&$iErrorCode) @@ -131,7 +131,7 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte $_SESSION['can_logoff'] = true; return LoginWebPage::CheckLoggedUser($iErrorCode); } - return LoginWebPage::LOGIN_FSM_RETURN_CONTINUE; + return LoginWebPage::LOGIN_FSM_CONTINUE; } /**