Hi!
As so many I am also trying to fix some sort of single sign-on for several services. My situation: I get an encrypted username and password from another website, decrypt it and than want to authenticate and/or create the user exactly as is done through the regular login form (behind which in my case an Ldap plugin is doing its magic). I was hoping you guys could put me on the right track. I tried many things much like the following (which obviously runs into many errors).
<?php require_once('includes/SpecialUserlogin.php'); require_once('includes/AuthPlugin.php'); require_once('includes/WebRequest.php'); define('MEDIAWIKI', true); require_once('LocalSettings.php'); $wgRequest = new FauxRequest( array ( 'wpName' => 'username', // dynamically filled 'wpPassword' => 'password', // dynamically filled 'wpDomain' => 'MYDOMAIN', 'wpRemember' => '1', 'wpLoginattempt' => 'Log in', 'returnto' => 'Main_Page', // dynamically filled )); $form = new LoginForm( $wgRequest ); $form->execute(); ?>
Do I need to create another object (AuthPlugin?) or use the $wgAuth somehow? A little push in the right direction would be greatly appreciated. Using the mediawiki Api (ApiLogin.php) I can authenticate but I do not know how to use this further.
Sorry for my ignorance but I do not seem to be able to read the php of mediawiki well enough to provide the solution myself. Browsing the wiki's, googling and searching this mail list has so far not helped.
Kind regards,
Jac (Istanbul, Turkey)
You probably want to use AuthPlugin:
http://www.mediawiki.org/wiki/AuthPlugin
It may be helpful to look at existing extensions that use it, such as LDAP, OpenID, and the provided sample code (I think there is some).
Thank you for your reaction, cool, I figured this would be the direction to go. I now do: $wgAuth = new LdapAuthenticationPlugin(); // as I am using that extension to AuthPlugin $wgAuth->validDomain('MYDOMAIN'); $wgAuth->setDomain('MYDOMAIN'); $wgAuth->getCanonicalName($decryptedusername); $wgAuth->authenticate($decryptedusername,$decryptedpwd); $wgAuth->initUser($decryptedusernamer,$decryptedpwd); which gives an error as I am 'Calling to a member function saveSettings() on a non-object'. This non-object has to be a User but I cannot find where to instantantiate it. Other simular attempts result in different function giving errors as they are trying to process a non-User object. First guess is that this is where the LoginForm class has to be called? Maybe a final push ...? By the way, validation seems to work, it is just about updating or adding the user and redirecting now.
By the way please correct me if I am out of line sending these questions here. Especially as they probably only reflect my ignorance. Anyway thanks for your reply! -- Jac
________________________________
From: wikitech-l-bounces@lists.wikimedia.org on behalf of Simetrical Sent: Mon 1/14/2008 11:38 PM To: Wikimedia developers Subject: Re: [Wikitech-l] Using the authentication functions
You probably want to use AuthPlugin:
http://www.mediawiki.org/wiki/AuthPlugin
It may be helpful to look at existing extensions that use it, such as LDAP, OpenID, and the provided sample code (I think there is some).
_______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Thank you for your reaction, cool, I figured this would be the direction to go. I now do: $wgAuth = new LdapAuthenticationPlugin(); // as I am using that extension to AuthPlugin $wgAuth->validDomain('MYDOMAIN'); $wgAuth->setDomain('MYDOMAIN'); $wgAuth->getCanonicalName($decryptedusername); $wgAuth->authenticate($decryptedusername,$decryptedpwd); $wgAuth->initUser($decryptedusernamer,$decryptedpwd); which gives an error as I am 'Calling to a member function saveSettings() on a non-object'. This non-object has to be a User but I cannot find where to instantantiate it. Other simular attempts result in different function giving errors as they are trying to process a non-User object. First guess is that this is where the LoginForm class has to be called? Maybe a final push ...? By the way, validation seems to work, it is just about updating or adding the user and redirecting now.
By the way please correct me if I am out of line sending these questions here. Especially as they probably only reflect my ignorance. Anyway thanks for your reply! -- Jac
The LDAP plugin wasn't meant to be used as a library. It is a standalone plugin that is configured via LocalSettings.php. Please see:
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication
V/r,
Ryan Lane
Ah, so I should somehow post the variables to the Special:Userpage? Meaning the instantiation of a FauxWebRequest? Or should I take a different approach? Sorry for dragging on but I spend quite some time on this and got pretty much lost in the class structure of mediawiki, promise to pay back by documenting my scenario and solution on the mediawiki wiki somewhere -- Jac PS: I will remove my similar question from the discussion tab of the LDAP extension wiki article, considering I am dealing with the master directly now ;-)
-----Original Message----- From: wikitech-l-bounces@lists.wikimedia.org on behalf of Lane, Ryan Sent: Tue 1/15/2008 9:18 PM To: Wikimedia developers Subject: Re: [Wikitech-l] Using the authentication functions
Thank you for your reaction, cool, I figured this would be the direction to go. I now do: $wgAuth = new LdapAuthenticationPlugin(); // as I am using that extension to AuthPlugin $wgAuth->validDomain('MYDOMAIN'); $wgAuth->setDomain('MYDOMAIN'); $wgAuth->getCanonicalName($decryptedusername); $wgAuth->authenticate($decryptedusername,$decryptedpwd); $wgAuth->initUser($decryptedusernamer,$decryptedpwd); which gives an error as I am 'Calling to a member function saveSettings() on a non-object'. This non-object has to be a User but I cannot find where to instantantiate it. Other simular attempts result in different function giving errors as they are trying to process a non-User object. First guess is that this is where the LoginForm class has to be called? Maybe a final push ...? By the way, validation seems to work, it is just about updating or adding the user and redirecting now.
By the way please correct me if I am out of line sending these questions here. Especially as they probably only reflect my ignorance. Anyway thanks for your reply! -- Jac
The LDAP plugin wasn't meant to be used as a library. It is a standalone plugin that is configured via LocalSettings.php. Please see:
http://www.mediawiki.org/wiki/Extension:LDAP_Authentication
V/r,
Ryan Lane
_______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/wikitech-l
GUBBELS Jac schreef:
Ah, so I should somehow post the variables to the Special:Userpage? Meaning the instantiation of a FauxWebRequest? Or should I take a different approach? Sorry for dragging on but I spend quite some time on this and got pretty much lost in the class structure of mediawiki, promise to pay back by documenting my scenario and solution on the mediawiki wiki somewhere
Note that you can also login through the API: http://en.wikipedia.org/w/api.php?action=login&lgname=user&lgpasswor...
Roan Kattouw (Catrope)
Hi, After one more day of frustration and not succeeding I am going to bug you one more time with some code of my attempts of the day:
$apiRequest = 'http://www.mywebsite.net/wiki/api.php?action=login&lgname=%27.$activedir... $login = unserialize(file_get_contents($apiRequest)); if($login['login']['result'] == 'Success') { setcookie("wiki_wikiUserID", $login['login']['lguserid'] , 0, "/", ".mywebsite.net"); setcookie("wiki_wikiUserName", $login['login']['lgusername'] , 0, "/", ".mywebsite.net"); setcookie("wiki_wiki_token", $login['login']['lgtoken'] , 0, "/", ".mywebsite.net"); header('Location: http://www.mywebsite.net/wiki/index.php/Main_Page' http://www.mywebsite.net/wiki/index.php/Main_Page' ); } else { ...
Thus: I can authenticate using the api. In return I get a page with some php array (mentioning success!). Now I need to somehow redirect the browser to the main page of the wiki to benifit from the succeeded login. This is where I am lost. I obivously somehow need to start some session. Hopefully one of you can be a little more verbose in his or her reaction, because I seem to need it ;-) I also tried the FauxRequest approach described on the wiki and even experimented with libcurl but all without succes... I hope someone has the heart (and time) to save me from this ordeal. -- Jac
Ah, so I should somehow post the variables to the Special:Userpage? Meaning the instantiation of a FauxWebRequest? Or should I take a different approach? Sorry for dragging on but I spend quite some time on this and got pretty much lost in the class structure of mediawiki, promise to pay back by documenting my scenario and solution on the mediawiki wiki somewhere
Note that you can also login through the API: http://en.wikipedia.org/w/api.php?action=login&lgname=user&lgpasswor... http://en.wikipedia.org/w/api.php?action=login&lgname=user&lgpassword=password
Roan Kattouw (Catrope)
GUBBELS Jac schreef:
Thus: I can authenticate using the api. In return I get a page with some php array (mentioning success!). Now I need to somehow redirect the browser to the main page of the wiki to benifit from the succeeded login. This is where I am lost. I obivously somehow need to start some session. Hopefully one of you can be a little more verbose in his or her reaction, because I seem to need it ;-) I also tried the FauxRequest approach described on the wiki and even experimented with libcurl but all without succes... I hope someone has the heart (and time) to save me from this ordeal. -- Jac
You need to fetch the cookies that api.php passes you (*all* of them) and pass them along to the user.
Roan Kattouw (Catrope)
wikitech-l@lists.wikimedia.org