[civicrm-core.git] / ext / authx / authx.php

<?php

require_once 'authx.civix.php';
// phpcs:disable
use CRM_Authx_ExtensionUtil as E;
// phpcs:enable

Civi::dispatcher()->addListener('civi.invoke.auth', function($e) {
  if (!empty($_SERVER['HTTP_X_CIVI_AUTH'])) {
    return (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'xheader', 'cred' => $_SERVER['HTTP_X_CIVI_AUTH']]);
  }

  if (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
    return (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'header', 'cred' => $_SERVER['HTTP_AUTHORIZATION']]);
  }

  $params = ($_SERVER['REQUEST_METHOD'] === 'GET') ? $_GET : $_POST;
  if (!empty($params['_authx'])) {
    if ((implode('/', $e->args) === 'civicrm/authx/login')) {
      (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'login', 'cred' => $params['_authx'], 'useSession' => TRUE]);
      _authx_redact(['_authx']);
    }
    elseif (!empty($params['_authxSes'])) {
      (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'auto', 'cred' => $params['_authx'], 'useSession' => TRUE]);
      if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        _authx_reload(implode('/', $e->args), $_SERVER['QUERY_STRING']);
      }
      else {
        _authx_redact(['_authx', '_authxSes']);
      }
    }
    else {
      (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'param', 'cred' => $params['_authx']]);
      _authx_redact(['_authx']);
    }
  }
});

/**
 * @return \Civi\Authx\AuthxInterface
 */
function _authx_uf() {
  $class = 'Civi\\Authx\\' . CIVICRM_UF;
  return class_exists($class) ? new $class() : new \Civi\Authx\None();
}

/**
 * For parameter-based authentication, this option will hide parameters.
 * This is mostly a precaution, hedging against the possibility that some routes
 * make broad use of $_GET or $_PARAMS.
 *
 * @param array $keys
 */
function _authx_redact(array $keys) {
  foreach ($keys as $key) {
    unset($_POST[$key], $_GET[$key], $_REQUEST[$key]);
  }
}

/**
 * Reload the current page-view.
 *
 * @param string $route
 * @param string $queryString
 */
function _authx_reload($route, $queryString) {
  parse_str($queryString, $query);
  foreach (array_keys($query) as $key) {
    if (CRM_Utils_String::startsWith($key, '_authx')) {
      unset($query[$key]);
    }
  }
  $url = CRM_Utils_System::url($route, $query, TRUE, NULL, FALSE, CRM_Core_Config::singleton()->userSystem->isFrontEndPage());
  CRM_Utils_System::redirect($url);
}

/**
 * Implements hook_civicrm_config().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_config/
 */
function authx_civicrm_config(&$config) {
  _authx_civix_civicrm_config($config);
}

/**
 * Implements hook_civicrm_xmlMenu().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_xmlMenu
 */
function authx_civicrm_xmlMenu(&$files) {
  _authx_civix_civicrm_xmlMenu($files);
}

/**
 * Implements hook_civicrm_install().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_install
 */
function authx_civicrm_install() {
  _authx_civix_civicrm_install();
}

/**
 * Implements hook_civicrm_postInstall().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_postInstall
 */
function authx_civicrm_postInstall() {
  _authx_civix_civicrm_postInstall();
}

/**
 * Implements hook_civicrm_uninstall().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_uninstall
 */
function authx_civicrm_uninstall() {
  _authx_civix_civicrm_uninstall();
}

/**
 * Implements hook_civicrm_enable().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_enable
 */
function authx_civicrm_enable() {
  _authx_civix_civicrm_enable();
}

/**
 * Implements hook_civicrm_disable().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_disable
 */
function authx_civicrm_disable() {
  _authx_civix_civicrm_disable();
}

/**
 * Implements hook_civicrm_upgrade().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_upgrade
 */
function authx_civicrm_upgrade($op, CRM_Queue_Queue $queue = NULL) {
  return _authx_civix_civicrm_upgrade($op, $queue);
}

/**
 * Implements hook_civicrm_managed().
 *
 * Generate a list of entities to create/deactivate/delete when this module
 * is installed, disabled, uninstalled.
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_managed
 */
function authx_civicrm_managed(&$entities) {
  _authx_civix_civicrm_managed($entities);
}

/**
 * Implements hook_civicrm_caseTypes().
 *
 * Generate a list of case-types.
 *
 * Note: This hook only runs in CiviCRM 4.4+.
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_caseTypes
 */
function authx_civicrm_caseTypes(&$caseTypes) {
  _authx_civix_civicrm_caseTypes($caseTypes);
}

/**
 * Implements hook_civicrm_angularModules().
 *
 * Generate a list of Angular modules.
 *
 * Note: This hook only runs in CiviCRM 4.5+. It may
 * use features only available in v4.6+.
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_angularModules
 */
function authx_civicrm_angularModules(&$angularModules) {
  _authx_civix_civicrm_angularModules($angularModules);
}

/**
 * Implements hook_civicrm_alterSettingsFolders().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_alterSettingsFolders
 */
function authx_civicrm_alterSettingsFolders(&$metaDataFolders = NULL) {
  _authx_civix_civicrm_alterSettingsFolders($metaDataFolders);
}

/**
 * Implements hook_civicrm_entityTypes().
 *
 * Declare entity types provided by this module.
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_entityTypes
 */
function authx_civicrm_entityTypes(&$entityTypes) {
  _authx_civix_civicrm_entityTypes($entityTypes);
}

/**
 * Implements hook_civicrm_thems().
 */
function authx_civicrm_themes(&$themes) {
  _authx_civix_civicrm_themes($themes);
}

// --- Functions below this ship commented out. Uncomment as required. ---

/**
 * Implements hook_civicrm_preProcess().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_preProcess
 */
//function authx_civicrm_preProcess($formName, &$form) {
//
//}

/**
 * Implements hook_civicrm_navigationMenu().
 *
 * @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_navigationMenu
 */
//function authx_civicrm_navigationMenu(&$menu) {
//  _authx_civix_insert_navigation_menu($menu, 'Mailings', array(
//    'label' => E::ts('New subliminal message'),
//    'name' => 'mailing_subliminal_message',
//    'url' => 'civicrm/mailing/subliminal',
//    'permission' => 'access CiviMail',
//    'operator' => 'OR',
//    'separator' => 0,
//  ));
//  _authx_civix_navigationMenu($menu);
//}
Commit	Line	Data
7946d659 TO	1	<?php
	2
	3	require_once 'authx.civix.php';
	4	// phpcs:disable
	5	use CRM_Authx_ExtensionUtil as E;
	6	// phpcs:enable
	7
3a429e3f TO	8	Civi::dispatcher()->addListener('civi.invoke.auth', function($e) {
3a429e3f TO	9	if (!empty($_SERVER['HTTP_X_CIVI_AUTH'])) {
0ecb5a5f	10	return (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'xheader', 'cred' => $_SERVER['HTTP_X_CIVI_AUTH']]);
3a429e3f TO	11	}
	12
	13	if (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
0ecb5a5f	14	return (new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'header', 'cred' => $_SERVER['HTTP_AUTHORIZATION']]);
3a429e3f TO	15	}
	16
	17	$params = ($_SERVER['REQUEST_METHOD'] === 'GET') ? $_GET : $_POST;
	18	if (!empty($params['_authx'])) {
	19	if ((implode('/', $e->args) === 'civicrm/authx/login')) {
0ecb5a5f	20	(new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'login', 'cred' => $params['_authx'], 'useSession' => TRUE]);
3a429e3f TO	21	_authx_redact(['_authx']);
	22	}
	23	elseif (!empty($params['_authxSes'])) {
0ecb5a5f	24	(new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'auto', 'cred' => $params['_authx'], 'useSession' => TRUE]);
a196e838 TO	25	if ($_SERVER['REQUEST_METHOD'] === 'GET') {
	26	_authx_reload(implode('/', $e->args), $_SERVER['QUERY_STRING']);
	27	}
	28	else {
	29	_authx_redact(['_authx', '_authxSes']);
	30	}
3a429e3f TO	31	}
3a429e3f TO	32	else {
0ecb5a5f	33	(new \Civi\Authx\Authenticator())->auth($e, ['flow' => 'param', 'cred' => $params['_authx']]);
3a429e3f TO	34	_authx_redact(['_authx']);
	35	}
	36	}
	37	});
	38
	39	/**
	40	* @return \Civi\Authx\AuthxInterface
	41	*/
	42	function _authx_uf() {
	43	$class = 'Civi\\Authx\\' . CIVICRM_UF;
	44	return class_exists($class) ? new $class() : new \Civi\Authx\None();
	45	}
	46
	47	/**
	48	* For parameter-based authentication, this option will hide parameters.
	49	* This is mostly a precaution, hedging against the possibility that some routes
	50	* make broad use of $_GET or $_PARAMS.
	51	*
	52	* @param array $keys
	53	*/
	54	function _authx_redact(array $keys) {
	55	foreach ($keys as $key) {
	56	unset($_POST[$key], $_GET[$key], $_REQUEST[$key]);
	57	}
	58	}
	59
a196e838 TO	60	/**
	61	* Reload the current page-view.
	62	*
	63	* @param string $route
	64	* @param string $queryString
	65	*/
	66	function _authx_reload($route, $queryString) {
	67	parse_str($queryString, $query);
	68	foreach (array_keys($query) as $key) {
	69	if (CRM_Utils_String::startsWith($key, '_authx')) {
	70	unset($query[$key]);
	71	}
	72	}
	73	$url = CRM_Utils_System::url($route, $query, TRUE, NULL, FALSE, CRM_Core_Config::singleton()->userSystem->isFrontEndPage());
	74	CRM_Utils_System::redirect($url);
	75	}
	76
7946d659 TO	77	/**
	78	* Implements hook_civicrm_config().
	79	*
	80	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_config/
	81	*/
	82	function authx_civicrm_config(&$config) {
	83	_authx_civix_civicrm_config($config);
	84	}
	85
	86	/**
	87	* Implements hook_civicrm_xmlMenu().
	88	*
	89	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_xmlMenu
	90	*/
	91	function authx_civicrm_xmlMenu(&$files) {
	92	_authx_civix_civicrm_xmlMenu($files);
	93	}
	94
	95	/**
	96	* Implements hook_civicrm_install().
	97	*
	98	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_install
	99	*/
	100	function authx_civicrm_install() {
	101	_authx_civix_civicrm_install();
	102	}
	103
	104	/**
	105	* Implements hook_civicrm_postInstall().
	106	*
	107	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_postInstall
	108	*/
	109	function authx_civicrm_postInstall() {
	110	_authx_civix_civicrm_postInstall();
	111	}
	112
	113	/**
	114	* Implements hook_civicrm_uninstall().
	115	*
	116	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_uninstall
	117	*/
	118	function authx_civicrm_uninstall() {
	119	_authx_civix_civicrm_uninstall();
	120	}
	121
	122	/**
	123	* Implements hook_civicrm_enable().
	124	*
	125	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_enable
	126	*/
	127	function authx_civicrm_enable() {
	128	_authx_civix_civicrm_enable();
	129	}
	130
	131	/**
	132	* Implements hook_civicrm_disable().
	133	*
	134	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_disable
	135	*/
	136	function authx_civicrm_disable() {
	137	_authx_civix_civicrm_disable();
	138	}
	139
	140	/**
141	* Implements hook_civicrm_upgrade().
142	*
143	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_upgrade
144	*/
145	function authx_civicrm_upgrade($op, CRM_Queue_Queue $queue = NULL) {
146	return _authx_civix_civicrm_upgrade($op, $queue);
147	}
148
149	/**
150	* Implements hook_civicrm_managed().
151	*
152	* Generate a list of entities to create/deactivate/delete when this module
153	* is installed, disabled, uninstalled.
154	*
155	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_managed
156	*/
157	function authx_civicrm_managed(&$entities) {
158	_authx_civix_civicrm_managed($entities);
159	}
160
161	/**
162	* Implements hook_civicrm_caseTypes().
163	*
164	* Generate a list of case-types.
165	*
166	* Note: This hook only runs in CiviCRM 4.4+.
167	*
168	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_caseTypes
169	*/
170	function authx_civicrm_caseTypes(&$caseTypes) {
171	_authx_civix_civicrm_caseTypes($caseTypes);
172	}
173
174	/**
175	* Implements hook_civicrm_angularModules().
176	*
177	* Generate a list of Angular modules.
178	*
179	* Note: This hook only runs in CiviCRM 4.5+. It may
180	* use features only available in v4.6+.
181	*
182	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_angularModules
183	*/
184	function authx_civicrm_angularModules(&$angularModules) {
185	_authx_civix_civicrm_angularModules($angularModules);
186	}
187
188	/**
189	* Implements hook_civicrm_alterSettingsFolders().
190	*
191	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_alterSettingsFolders
192	*/
193	function authx_civicrm_alterSettingsFolders(&$metaDataFolders = NULL) {
194	_authx_civix_civicrm_alterSettingsFolders($metaDataFolders);
195	}
196
197	/**
198	* Implements hook_civicrm_entityTypes().
199	*
200	* Declare entity types provided by this module.
201	*
202	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_entityTypes
203	*/
204	function authx_civicrm_entityTypes(&$entityTypes) {
205	_authx_civix_civicrm_entityTypes($entityTypes);
206	}
207
208	/**
209	* Implements hook_civicrm_thems().
210	*/
211	function authx_civicrm_themes(&$themes) {
212	_authx_civix_civicrm_themes($themes);
213	}
214
215	// --- Functions below this ship commented out. Uncomment as required. ---
216
217	/**
218	* Implements hook_civicrm_preProcess().
219	*
220	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_preProcess
221	*/
222	//function authx_civicrm_preProcess($formName, &$form) {
223	//
224	//}
225
226	/**
227	* Implements hook_civicrm_navigationMenu().
228	*
229	* @link https://docs.civicrm.org/dev/en/latest/hooks/hook_civicrm_navigationMenu
230	*/
231	//function authx_civicrm_navigationMenu(&$menu) {
232	// _authx_civix_insert_navigation_menu($menu, 'Mailings', array(
233	// 'label' => E::ts('New subliminal message'),
234	// 'name' => 'mailing_subliminal_message',
235	// 'url' => 'civicrm/mailing/subliminal',
236	// 'permission' => 'access CiviMail',
237	// 'operator' => 'OR',
238	// 'separator' => 0,
239	// ));
240	// _authx_civix_navigationMenu($menu);
241	//}