/usr/share/perl5/IkiWiki/Plugin/httpauth.pm is in ikiwiki 3.20180228-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 | #!/usr/bin/perl
# HTTP basic auth plugin.
package IkiWiki::Plugin::httpauth;
use warnings;
use strict;
use IkiWiki 3.00;
sub import {
hook(type => "checkconfig", id => "httpauth", call => \&checkconfig);
hook(type => "getsetup", id => "httpauth", call => \&getsetup);
hook(type => "auth", id => "httpauth", call => \&auth);
hook(type => "formbuilder_setup", id => "httpauth",
call => \&formbuilder_setup);
hook(type => "canedit", id => "httpauth", call => \&canedit,
first => 1);
}
sub getsetup () {
return
plugin => {
safe => 1,
rebuild => 0,
section => "auth",
},
cgiauthurl => {
type => "string",
example => "http://example.com/wiki/auth/ikiwiki.cgi",
description => "url to redirect to when authentication is needed",
safe => 1,
rebuild => 0,
},
httpauth_pagespec => {
type => "pagespec",
example => "!*/Discussion",
description => "PageSpec of pages where only httpauth will be used for authentication",
safe => 0,
rebuild => 0,
},
}
sub checkconfig () {
if ($config{cgi} && defined $config{cgiauthurl} &&
keys %{$IkiWiki::hooks{auth}} < 2) {
# There are no other auth hooks registered, so avoid
# the normal signin form, and jump right to httpauth.
require IkiWiki::CGI;
inject(name => "IkiWiki::cgi_signin", call => sub ($$) {
my $cgi=shift;
redir_cgiauthurl($cgi, $cgi->query_string());
});
}
}
sub redir_cgiauthurl ($;@) {
my $cgi=shift;
IkiWiki::redirect($cgi,
@_ > 1 ? IkiWiki::cgiurl(cgiurl => $config{cgiauthurl}, @_)
: $config{cgiauthurl}."?@_"
);
exit;
}
sub auth ($$) {
my $cgi=shift;
my $session=shift;
if (length $cgi->remote_user()) {
$session->param("name", $cgi->remote_user());
}
}
sub formbuilder_setup (@) {
my %params=@_;
my $form=$params{form};
my $session=$params{session};
my $cgi=$params{cgi};
my $buttons=$params{buttons};
if ($form->title eq "signin" &&
! length $cgi->remote_user() && defined $config{cgiauthurl}) {
my $button_text="Login with HTTP auth";
push @$buttons, $button_text;
if ($form->submitted && $form->submitted eq $button_text) {
# bounce thru cgiauthurl and then back to
# the stored postsignin action
redir_cgiauthurl($cgi, do => "postsignin");
}
}
}
sub canedit ($$$) {
my $page=shift;
my $cgi=shift;
my $session=shift;
if (! length $cgi->remote_user() &&
(! defined $session->param("name") ||
! IkiWiki::userinfo_get($session->param("name"), "regdate")) &&
defined $config{httpauth_pagespec} &&
length $config{httpauth_pagespec} &&
defined $config{cgiauthurl} &&
pagespec_match($page, $config{httpauth_pagespec})) {
return sub {
# bounce thru cgiauthurl and back to edit action
redir_cgiauthurl($cgi, $cgi->query_string());
};
}
else {
return undef;
}
}
1
|