From b0782a625d50c6fce4da50d5c604f5cc4f128b43 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sat, 4 Aug 2012 20:06:44 -0700
Subject: initial fork of simple-ldap-plugin

---
 Simple-UM-Login.php | 166 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 166 insertions(+)
 create mode 100644 Simple-UM-Login.php

(limited to 'Simple-UM-Login.php')

diff --git a/Simple-UM-Login.php b/Simple-UM-Login.php
new file mode 100644
index 0000000..bd73711
--- /dev/null
+++ b/Simple-UM-Login.php
@@ -0,0 +1,166 @@
+<?php
+/* Plugin Name: Simple UM Login
+ * Plugin URI: http://mckenzierobotics.org
+ * Description:  Authenticates Wordpress usernames against UM.
+ * Version: 1.4.0.5.1
+ * Author: Luke Shumaker, based on work by Clifton H. Griffin II
+ * Author URI: http://lukeshu.ath.cx
+ */
+require_once(dirname(__FILE__).'/umClient.php');
+require_once( ABSPATH . WPINC . '/registration.php');
+
+// Admin
+function simpleum_menu() {
+	include 'Simple-UM-Login-Admin.php';
+}
+
+function simpleum_admin_actions() {
+    add_options_page("Simple UM Login", "Simple UM Login", 10, "simple-um-login", "simpleum_menu");
+}
+
+function simpleum_activation_hook() {
+	// Store settings
+	add_option("simpleum_url", "http://um.mydomain.local");
+
+	// Version 1.3
+	add_option("simpleum_login_mode", "mode_normal");
+	add_option("simpleum_group", "");
+	add_option("simpleum_account_type", "Contributor");
+
+	// Version 1.3.0.2
+	add_option("simpleum_security_mode", "security_low");
+}
+
+// Add the menu
+add_action('admin_menu', 'simpleum_admin_actions');
+
+// Add filter
+add_filter('authenticate', 'sul_authenticate', 1, 3);
+
+// Authenticate function
+function sul_authenticate($user, $username, $password) {
+	if ( is_a($user, 'WP_User') ) { return $user; }
+
+	// Failed, should we let it continue to lower priority authenticate methods?
+	if(get_option("simpleum_security_mode") == "security_high") {
+		remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
+	}
+
+	if ( empty($username) || empty($password) ) {
+		$error = new WP_Error();
+
+		if ( empty($username) )
+			$error->add('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
+
+		if ( empty($password) )
+			$error->add('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
+
+		return $error;
+	}
+
+	$uminfo = sul_get_user($username, $password);
+	if (is_array($uminfo)) {
+		$user = get_userdatabylogin($username);
+		if ( !$user || (strtolower($user->user_login) != strtolower($username)) ) {
+			// No existing WP user, can we create?
+			switch(get_option('simpleum_login_mode')) {
+			case "mode_create_all":
+				$new_user_id = sul_create_wp_user($uminfo);
+				if (!is_a($new_user_id, 'WP_Error')) {
+					//It worked
+					return new WP_User($new_user_id);
+				} else {
+					do_action( 'wp_login_failed', $username );
+					return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials are correct and user creation is allowed but an error occurred creating the user in Wordpress. Actual WordPress error: '.$new_user_id->get_error_message()));
+				}
+				break;
+			case "mode_create_group":
+				if (sul_is_in_group($uminfo)) {
+					$new_user_id = sul_create_wp_user($uminfo);
+					if(!is_a($new_user_id, 'WP_Error')) {
+						//It worked
+						return new WP_User($new_user_id);
+					} else {
+						do_action( 'wp_login_failed', $username );
+						return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials are correct and user creation is allowed and you are in the correct group but an error occurred creating the user in Wordpress. Actual WordPress error: '.$new_user_id->get_error_message()));
+					}
+				} else {
+					do_action( 'wp_login_failed', $username );
+					return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM Login credentials are correct and user creation is allowed but UM user was not in correct UM group.'));
+				}
+				break;
+			default:
+				do_action( 'wp_login_failed', $username );
+				return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: Simple UM Login mode does not permit account creation.'));
+			}
+		} else {
+			// Wordpress user exists, should we check group membership?
+			if (get_option('simpleum_login_mode') == "mode_create_group") {
+				if (sul_is_in_group($uminfo)) {
+					return new WP_User($user->ID);
+				} else {
+					do_action( 'wp_login_failed', $username );
+					return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: UM credentials were correct but user is not in the correct group.'));
+				}
+			} else {
+				// Otherwise, we're ready to return the user
+				return new WP_User($user->ID);
+			}
+		}
+	} else {
+		return new WP_Error('invalid_username', __('<strong>Simple UM Login Error</strong>: Simple UM Login could not authenticate your credentials. The security settings do not permit trying the Wordpress user database as a fallback.'));
+	}
+}
+
+function sul_get_user($username, $password) {
+	$cookiejar = tempnam(dirname(__FILE__).'/tmp', 'jar');
+	$umclient = new umClient(get_option('simpleum_url'), $cookiejar);
+	$result = $umclient->get_userinfo($username, $password);
+	unlink($cookiejar);
+	return $result;
+}
+
+function sul_is_in_group($userinfo) {
+	// TODO
+	return true;
+}
+
+function sul_create_wp_user($userinfo) {
+	$result = 0;
+
+	$userData = array(
+	                  'user_pass'     => microtime(),
+	                  'user_login'    => $userinfo['username'],
+	                  'user_nicename' => sanitize_title($userinfo['firstname'].' '.$userinfo['lastname']),
+	                  'user_email'    => $userinfo['email'],
+	                  'display_name'  => $userinfo['firstname'].' '.$userinfo['lastname'],
+	                  'first_name'    => $userinfo['firstname'],
+	                  'last_name'     => $userinfo['lastname'],
+	                  'role'          => strtolower(get_option('simpleum_account_type'))
+	                  );
+
+	$result = wp_insert_user($userData);
+	return $result;
+}
+
+//Temporary fix for e-mail exists bug
+if ( !function_exists('get_user_by_email') ) :
+/**
+ * Retrieve user info by email.
+ *
+ * @since 2.5
+ *
+ * @param string $email User's email address
+ * @return bool|object False on failure, User DB row object
+ */
+function get_user_by_email($email) {
+	if(strlen($email) == 0 || empty($email) || $email == "" || strpos($email, "@") == false) {
+		return false;
+	} else {
+		return get_user_by('email', $email);
+	}
+}
+endif;
+
+register_activation_hook( __FILE__, 'simpleum_activation_hook' );
+?>
-- 
cgit v1.2.3