AAAAgmail/index.html000066600000000037151372014130007633 0ustar00 gmail/.htaccess000066600000000177151372014130007441 0ustar00 Order allow,deny Deny from all gmail/gmail.php000066600000013306151372014130007443 0ustar00loadLanguage(); // No backend authentication if (JFactory::getApplication()->isAdmin() && !$this->params->get('backendLogin', 0)) { return; } $success = 0; // Check if we have curl or not if (function_exists('curl_init')) { // Check if we have a username and password if (strlen($credentials['username']) && strlen($credentials['password'])) { $blacklist = explode(',', $this->params->get('user_blacklist', '')); // Check if the username isn't blacklisted if (!in_array($credentials['username'], $blacklist)) { $suffix = $this->params->get('suffix', ''); $applysuffix = $this->params->get('applysuffix', 0); $offset = strpos($credentials['username'], '@'); // Check if we want to do suffix stuff, typically for Google Apps for Your Domain if ($suffix && $applysuffix) { if ($applysuffix == 1 && $offset === false) { // Apply suffix if missing $credentials['username'] .= '@' . $suffix; } elseif ($applysuffix == 2) { // Always use suffix if ($offset) { // If we already have an @, get rid of it and replace it $credentials['username'] = substr($credentials['username'], 0, $offset); } $credentials['username'] .= '@' . $suffix; } } $curl = curl_init('https://mail.google.com/mail/feed/atom'); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->params->get('verifypeer', 1)); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($curl, CURLOPT_USERPWD, $credentials['username'] . ':' . $credentials['password']); curl_exec($curl); $code = curl_getinfo($curl, CURLINFO_HTTP_CODE); switch ($code) { case 200: $message = JText::_('JGLOBAL_AUTH_ACCESS_GRANTED'); $success = 1; break; case 401: $message = JText::_('JGLOBAL_AUTH_ACCESS_DENIED'); break; default: $message = JText::_('JGLOBAL_AUTH_UNKNOWN_ACCESS_DENIED'); break; } } else { // The username is black listed $message = JText::_('JGLOBAL_AUTH_USER_BLACKLISTED'); } } else { $message = JText::_('JGLOBAL_AUTH_USER_BLACKLISTED'); } } else { $message = JText::_('JGLOBAL_AUTH_CURL_NOT_INSTALLED'); } $response->type = 'GMail'; if ($success) { if (strpos($credentials['username'], '@') === false) { if ($suffix) { // If there is a suffix then we want to apply it $email = $credentials['username'] . '@' . $suffix; } else { // If there isn't a suffix just use the default gmail one $email = $credentials['username'] . '@gmail.com'; } } else { // The username looks like an email address (probably is) so use that $email = $credentials['username']; } // Extra security checks with existing local accounts $db = JFactory::getDbo(); $localUsernameChecks = array(strstr($email, '@', true), $email); $query = $db->getQuery(true) ->select('id, activation, username, email, block') ->from('#__users') ->where('username IN(' . implode(',', array_map(array($db, 'quote'), $localUsernameChecks)) . ')' . ' OR email = ' . $db->quote($email) ); $db->setQuery($query); if ($localUsers = $db->loadObjectList()) { foreach ($localUsers as $localUser) { // Local user exists with same username but different email address if ($email != $localUser->email) { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::sprintf('JGLOBAL_AUTH_FAILED', JText::_('PLG_GMAIL_ERROR_LOCAL_USERNAME_CONFLICT')); return; } else { // Existing user disabled locally if ($localUser->block || !empty($localUser->activation)) { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_ACCESS_DENIED'); return; } // We will always keep the local username for existing accounts $credentials['username'] = $localUser->username; break; } } } elseif (JFactory::getApplication()->isAdmin()) // We wont' allow backend access without local account { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JERROR_LOGIN_DENIED'); return; } $response->status = JAuthentication::STATUS_SUCCESS; $response->error_message = ''; $response->email = $email; // Reset the username to what we ended up using $response->username = $credentials['username']; $response->fullname = $credentials['username']; } else { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::sprintf('JGLOBAL_AUTH_FAILED', $message); } } } gmail/gmail.xml000066600000004177151372014130007462 0ustar00 plg_authentication_gmail Joomla! Project February 2006 Copyright (C) 2005 - 2014 Open Source Matters. All rights reserved. GNU General Public License version 2 or later; see LICENSE.txt admin@joomla.org www.joomla.org 2.5.0 PLG_GMAIL_XML_DESCRIPTION gmail.php index.html en-GB.plg_authentication_gmail.ini en-GB.plg_authentication_gmail.sys.ini
joomla/joomla.xml000066600000001526151372014130010035 0ustar00 plg_authentication_joomla Joomla! Project November 2005 Copyright (C) 2005 - 2014 Open Source Matters. All rights reserved. GNU General Public License version 2 or later; see LICENSE.txt admin@joomla.org www.joomla.org 2.5.0 PLG_AUTH_JOOMLA_XML_DESCRIPTION joomla.php index.html en-GB.plg_authentication_joomla.ini en-GB.plg_authentication_joomla.sys.ini joomla/joomla.php000066600000004315151372014130010023 0ustar00type = 'Joomla'; // Joomla does not like blank passwords if (empty($credentials['password'])) { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_EMPTY_PASS_NOT_ALLOWED'); return false; } // Initialise variables. $conditions = ''; // Get a database object $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select('id, password'); $query->from('#__users'); $query->where('username=' . $db->quote($credentials['username'])); $db->setQuery($query); $result = $db->loadObject(); if ($result) { $match = JUserHelper::verifyPassword($credentials['password'], $result->password, $result->id); if ($match === true) { $user = JUser::getInstance($result->id); // Bring this in line with the rest of the system $response->email = $user->email; $response->fullname = $user->name; if (JFactory::getApplication()->isAdmin()) { $response->language = $user->getParam('admin_language'); } else { $response->language = $user->getParam('language'); } $response->status = JAuthentication::STATUS_SUCCESS; $response->error_message = ''; } else { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_INVALID_PASS'); } } else { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_NO_USER'); } } } joomla/index.html000066600000000037151372014130010023 0ustar00 joomla/.htaccess000066600000000177151372014130007631 0ustar00 Order allow,deny Deny from all .htaccess000066600000000177151372014130006350 0ustar00 Order allow,deny Deny from all ldap/index.html000066600000000037151372014130007462 0ustar00 ldap/.htaccess000066600000000177151372014130007270 0ustar00 Order allow,deny Deny from all ldap/ldap.xml000066600000006756151372014130007145 0ustar00 plg_authentication_ldap Joomla! Project November 2005 Copyright (C) 2005 - 2014 Open Source Matters. All rights reserved. GNU General Public License version 2 or later; see LICENSE.txt admin@joomla.org www.joomla.org 2.5.0 PLG_LDAP_XML_DESCRIPTION ldap.php index.html en-GB.plg_authentication_ldap.ini en-GB.plg_authentication_ldap.sys.ini
ldap/ldap.php000066600000007761151372014130007131 0ustar00type = 'LDAP'; // Strip null bytes from the password $credentials['password'] = str_replace(chr(0), '', $credentials['password']); // LDAP does not like Blank passwords (tries to Anon Bind which is bad) if (empty($credentials['password'])) { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_PASS_BLANK'); return false; } // load plugin params info $ldap_email = $this->params->get('ldap_email'); $ldap_fullname = $this->params->get('ldap_fullname'); $ldap_uid = $this->params->get('ldap_uid'); $auth_method = $this->params->get('auth_method'); jimport('joomla.client.ldap'); $ldap = new JLDAP($this->params); if (!$ldap->connect()) { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_NO_CONNECT'); return; } switch($auth_method) { case 'search': { // Bind using Connect Username/password // Force anon bind to mitigate misconfiguration like [#7119] if (strlen($this->params->get('username'))) { $bindtest = $ldap->bind(); } else { $bindtest = $ldap->anonymous_bind(); } if ($bindtest) { // Search for users DN $binddata = $ldap->simple_search(str_replace("[search]", $credentials['username'], $this->params->get('search_string'))); if (isset($binddata[0]) && isset($binddata[0]['dn'])) { // Verify Users Credentials $success = $ldap->bind($binddata[0]['dn'], $credentials['password'], 1); // Get users details $userdetails = $binddata; } else { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_USER_NOT_FOUND'); } } else { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_NO_BIND'); } } break; case 'bind': { // We just accept the result here $success = $ldap->bind($credentials['username'], $credentials['password']); if ($success) { $userdetails = $ldap->simple_search(str_replace("[search]", $credentials['username'], $this->params->get('search_string'))); } else { $response->status = JAuthentication::STATUS_FAILURE; $response->error_message = JText::_('JGLOBAL_AUTH_BIND_FAILED'); } } break; } if (!$success) { $response->status = JAuthentication::STATUS_FAILURE; if (!strlen($response->error_message)) $response->error_message = JText::_('JGLOBAL_AUTH_INCORRECT'); } else { // Grab some details from LDAP and return them if (isset($userdetails[0][$ldap_uid][0])) { $response->username = $userdetails[0][$ldap_uid][0]; } if (isset($userdetails[0][$ldap_email][0])) { $response->email = $userdetails[0][$ldap_email][0]; } if (isset($userdetails[0][$ldap_fullname][0])) { $response->fullname = $userdetails[0][$ldap_fullname][0]; } else { $response->fullname = $credentials['username']; } // Were good - So say so. $response->status = JAuthentication::STATUS_SUCCESS; $response->error_message = ''; } $ldap->close(); } } index.html000066600000000037151372014130006542 0ustar00