From f600fa3b1a3a4c81f6573d05dbcf286e2834a389 Mon Sep 17 00:00:00 2001
From: Craig Andrews <candrews@integralblue.com>
Date: Wed, 11 Nov 2009 12:16:58 -0500
Subject: Rename the plugins, as I'm separating out Authn, Authz, and user
 information into separate plugins

---
 plugins/Authentication/AuthenticationPlugin.php | 172 ++++++++++++++++++++++++
 1 file changed, 172 insertions(+)
 create mode 100644 plugins/Authentication/AuthenticationPlugin.php

(limited to 'plugins/Authentication')

diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php
new file mode 100644
index 000000000..ef78c7ce4
--- /dev/null
+++ b/plugins/Authentication/AuthenticationPlugin.php
@@ -0,0 +1,172 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Superclass for plugins that do authentication and/or authorization
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category  Plugin
+ * @package   StatusNet
+ * @author    Craig Andrews <candrews@integralblue.com>
+ * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link      http://status.net/
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+    exit(1);
+}
+
+/**
+ * Superclass for plugins that do authentication
+ *
+ * @category Plugin
+ * @package  StatusNet
+ * @author   Craig Andrews <candrews@integralblue.com>
+ * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link     http://status.net/
+ */
+
+abstract class AuthenticationPlugin extends Plugin
+{
+    //is this plugin authoritative for authentication?
+    public $authoritative = false;
+    
+    //should accounts be automatically created after a successful login attempt?
+    public $autoregistration = false;
+
+    //can the user change their email address
+    public $email_changeable=true;
+
+    //can the user change their email address
+    public $password_changeable=true;
+
+    //------------Auth plugin should implement some (or all) of these methods------------\\
+    /**
+    * Check if a nickname/password combination is valid
+    * @param nickname
+    * @param password
+    * @return boolean true if the credentials are valid, false if they are invalid.
+    */
+    function checkPassword($nickname, $password)
+    {
+        return false;
+    }
+
+    /**
+    * Automatically register a user when they attempt to login with valid credentials.
+    * User::register($data) is a very useful method for this implementation
+    * @param nickname
+    * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname
+    */
+    function autoRegister($nickname)
+    {
+        return null;
+    }
+
+    /**
+    * Change a user's password
+    * The old password has been verified to be valid by this plugin before this call is made
+    * @param nickname
+    * @param oldpassword
+    * @param newpassword
+    * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname
+    */
+    function changePassword($nickname,$oldpassword,$newpassword)
+    {
+        return null;
+    }
+
+    /**
+    * Can a user change this field in his own profile?
+    * @param nickname
+    * @param field
+    * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname
+    */
+    function canUserChangeField($nickname, $field)
+    {
+        return null;
+    }
+
+    //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\
+    function __construct()
+    {
+        parent::__construct();
+    }
+    
+    function StartCheckPassword($nickname, $password, &$authenticatedUser){
+        if($this->password_changeable){
+            $authenticated = $this->checkPassword($nickname, $password);
+            if($authenticated){
+                $authenticatedUser = User::staticGet('nickname', $nickname);
+                if(!$authenticatedUser && $this->autoregistration){
+                    if($this->autoregister($nickname)){
+                        $authenticatedUser = User::staticGet('nickname', $nickname);
+                    }
+                }
+                return false;
+            }else{
+                if($this->authoritative){
+                    return false;
+                }
+            }
+            //we're not authoritative, so let other handlers try
+        }else{
+            if($this->authoritative){
+                //since we're authoritative, no other plugin could do this
+                throw new Exception(_('Password changing is not allowed'));
+            }
+        }
+    }
+
+    function onStartChangePassword($nickname,$oldpassword,$newpassword)
+    {
+        if($this->password_changeable){
+            $authenticated = $this->checkPassword($nickname, $oldpassword);
+            if($authenticated){
+                $result = $this->changePassword($nickname,$oldpassword,$newpassword);
+                if($result){
+                    //stop handling of other handlers, because what was requested was done
+                    return false;
+                }else{
+                    throw new Exception(_('Password changing failed'));
+                }
+            }else{
+                if($this->authoritative){
+                    //since we're authoritative, no other plugin could do this
+                    throw new Exception(_('Password changing failed'));
+                }else{
+                    //let another handler try
+                    return null;
+                }
+            }
+        }else{
+            if($this->authoritative){
+                //since we're authoritative, no other plugin could do this
+                throw new Exception(_('Password changing is not allowed'));
+            }
+        }
+    }
+
+    function onStartAccountSettingsPasswordMenuItem($widget)
+    {
+        if($this->authoritative && !$this->password_changeable){
+            //since we're authoritative, no other plugin could change passwords, so do render the menu item
+            return false;
+        }
+    }
+}
+
-- 
cgit v1.2.3-54-g00ecf