diff options
| author | Freya Murphy <freya@freyacat.org> | 2024-05-30 13:05:46 -0400 |
|---|---|---|
| committer | Freya Murphy <freya@freyacat.org> | 2024-05-30 13:05:46 -0400 |
| commit | 39bcb09a367251bed7cfb445f546252547058e66 (patch) | |
| tree | a1bb8e2c137e16202836ea6df8d7004b5e48e8a6 /src/web/helpers/schema.php | |
| parent | am dumb (diff) | |
| download | ldap_forwardauth-39bcb09a367251bed7cfb445f546252547058e66.tar.gz ldap_forwardauth-39bcb09a367251bed7cfb445f546252547058e66.tar.bz2 ldap_forwardauth-39bcb09a367251bed7cfb445f546252547058e66.zip | |
many changes
Diffstat (limited to 'src/web/helpers/schema.php')
| -rw-r--r-- | src/web/helpers/schema.php | 236 |
1 files changed, 236 insertions, 0 deletions
diff --git a/src/web/helpers/schema.php b/src/web/helpers/schema.php new file mode 100644 index 0000000..6afa43f --- /dev/null +++ b/src/web/helpers/schema.php @@ -0,0 +1,236 @@ +<?php /* Copyright (c) 2024 Freya Murphy */ + +class User { + + public ?string $dn; + public ?string $username; + public ?string $email; + public ?string $first_name; + public ?string $last_name; + + function __construct() {} + + /** + * Validates all required fields are set + */ + private function validate(): int { + return ( + $this->dn == NULL || + $this->username == NULL || + $this->email == NULL + ) ? 1 : 0; + } + + /** + * Loads Data from the array to self + * @param array $data - the data to load + * @return int 0 on success, 1 on error + */ + public function from_array(array $data): int { + $this->dn = NULL; + $this->username = NULL; + $this->email = NULL; + $this->first_name = NULL; + $this->last_name = NULL; + + foreach ($data as $key => $value) { + if ($value == NULL) + continue; + $type = gettype($value); + switch ($key) { + case 'dn': { + if ($type != 'string') + return 1; + $this->dn = $value; + } break; + case 'username': { + if ($type != 'string') + return 1; + $this->username = $value; + } break; + case 'email': { + if ($type != 'string') + return 1; + $this->email = $value; + } break; + case 'first_name': { + if ($type != 'string') + return 1; + $this->first_name = $value; + } break; + case 'last_name': { + if ($type != 'string') + return 1; + $this->last_name = $value; + } break; + } + } + + return $this->validate(); + } + + /** + * Converts the user into an array + * @return ?array<string,string> + */ + public function to_array(): ?array { + if ($this->validate()) + return NULL; + $data = array( + 'dn' => $this->dn, + 'username' => $this->username, + 'email' => $this->email + ); + if ($this->first_name) + $data['first_name'] = $this->first_name; + if ($this->last_name) + $data['last_name'] = $this->last_name; + return $data; + } + + /** + * Writes the HTTP headers + */ + public function write_headers(): int { + if ($this->validate()) + return 1; + + $header_username = getenv("HTTP_USERNAME_HEADER"); + $header_email = getenv("HTTP_EMAIL_HEADER"); + $header_first = getenv("HTTP_FIRST_NAME_HEADER"); + $header_last = getenv("HTTP_LAST_NAME_HEADER"); + + header("{$header_username}: {$this->username}"); + header("{$header_email}: {$this->email}"); + if ($this->first_name) + header("{$header_first}: {$this->first_name}"); + if ($this->last_name) + header("{$header_last}: {$this->last_name}"); + + return 0; + } + +} + +class Session { + + public ?User $user; + public ?int $created; + public ?int $expires; + public ?string $token; + + private int $session_lifetime_seconds; + + function __construct() { + $this->session_lifetime_seconds = 60 * 60 * 24 * 3; + } + + /** + * Validates all required fields are set + */ + private function validate(): int { + if ( + $this->user == NULL || + $this->created == NULL || + $this->expires == NULL || + $this->token == NULL + ) { + return 1; + } + if ($this->expires < time()) + return 1; + return 0; + } + + /** + * Loads Data from the array to self + * @param array $data - the data to load + * @return int 0 on success, 1 on error + */ + public function from_array(array $data): int { + $this->user = NULL; + $this->created = NULL; + $this->expires = NULL; + $this->token = NULL; + + foreach ($data as $key => $value) { + if ($value == NULL) + continue; + $type = gettype($value); + switch ($key) { + case 'user': { + $this->user = new User(); + if ($this->user->from_array($value)) + return 1; + } break; + case 'created': { + if ($type != 'integer') + return 1; + $this->created = $value; + } break; + case 'expires': { + if ($type != 'integer') + return 1; + $this->expires = $value; + } break; + case 'token': { + if ($type != 'string') + return 1; + $this->token = $value; + } break; + } + } + + return $this->validate(); + } + + /** + * Renew the expiry clock + */ + public function reset_expiry(): void { + $this->expires = time() + $this->session_lifetime_seconds; + } + + /** + * Converts the session into an array + * @return ?array<string,mixed> + */ + public function to_array(): ?array { + if ($this->validate()) + return NULL; + return array( + 'user' => $this->user->to_array(), + 'created' => $this->created, + 'expires' => $this->expires, + 'token' => $this->token + ); + } + + /** + * Writes the HTTP headers + */ + public function write_headers(): int { + if ($this->validate()) + return 1; + if ($this->user->write_headers()) + return 1; + + $cookie_name = getenv("COOKIE_NAME"); + $cookie_options = array ( + 'expires' => $this->expires, + 'path' => '/', + 'domain' => getenv("COOKIE_DOMAIN"), + 'secure' => true, + 'httponly' => true, + 'samesite' => 'Lax' + ); + setcookie( + $cookie_name, + $this->token, + $cookie_options + ); + + return 0; + } + +} |