lucidAuth/include/lucidAuth.functions.php

<?php

$configurationFile = '../lucidAuth.config.php';
if (!file_exists($configurationFile)) {
	throw new Exception(sprintf('Missing config file. Please rename \'%1$s.example\' to \'%1$s\' and edit it to reflect your setup.', explode('../', $configurationFile)[1]));
}
$settings = include_once($configurationFile);

function authenticateLDAP (string $username, string $password) {
	global $settings;

	if (!empty($username) && !empty($password)) {
		// Handle login requests

		$ds = ldap_connect($settings->LDAP['Server'], $settings->LDAP['Port']);

		// Strict namingconvention: only allow alphabetic characters
		$sanitizedUsername = preg_replace('([^a-zA-Z]*)', '', $_POST['username']);
		$qualifiedUsername = $settings->LDAP['Domain'] . '\\' . $sanitizedUsername;

		if (@ldap_bind($ds, $qualifiedUsername, utf8_encode($_POST['password']))) {
			// Successful authentication; get additional userdetails from authenticationsource
			$ldapSearchResults = ldap_search($ds, $settings->LDAP['BaseDN'], "sAMAccountName=$sanitizedUsername");
			$commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0];
			// Create JWT-payload
			$jwtPayload = [
				'iat'	=> time(),					// Issued at: time when the token was generated
				'iss'	=> $_SERVER['SERVER_NAME'],	// Issuer
				'sub'	=> $qualifiedUsername,		// Subject (ie. username)
				'name'	=> $commonName				// Common name (as retrieved from AD)
			];

			$secureToken = JWT::encode($jwtPayload, base64_decode($settings->JWT['PrivateKey_base64']));
			return ['status' => 'Success', 'token' => $secureToken];
		} else {
			// LDAP authentication failed!
			return ['status' => 'Fail', 'reason' => '1'];
		}
	} else {
		// Empty username or passwords not allowed!
		return ['status' => 'Fail', 'reason' => '1'];
	}
}

function storeToken (string $username, string $password, object $cookie) {
	global $settings;

	
}

function retrieveToken (string $username, string $foo) {
	global $settings;
	
}

function validateCookie (int $expiration, string $username, string $securetoken) {
#													$_COOKIE['Exp'], $_COOKIE['Sub'], $_COOKIE['JWT']
	global $settings;

	If ($expiration > time()) {
		#moo
	}
}

?>
import local files into repo 2019-01-16 10:37:35 +00:00			`<?php`

Corrected static exception message to dynamic message 2019-01-17 14:06:16 +00:00			`$configurationFile = '../lucidAuth.config.php';`
			`if (!file_exists($configurationFile)) {`
			`throw new Exception(sprintf('Missing config file. Please rename \'%1$s.example\' to \'%1$s\' and edit it to reflect your setup.', explode('../', $configurationFile)[1]));`
Reverted lost changes due to git init 2019-01-16 17:01:30 +00:00			`}`
Corrected static exception message to dynamic message 2019-01-17 14:06:16 +00:00			`$settings = include_once($configurationFile);`
Reverted lost changes due to git init 2019-01-16 17:01:30 +00:00
import local files into repo 2019-01-16 10:37:35 +00:00			`function authenticateLDAP (string $username, string $password) {`
			`global $settings;`

			`if (!empty($username) && !empty($password)) {`
			`// Handle login requests`

			`$ds = ldap_connect($settings->LDAP['Server'], $settings->LDAP['Port']);`

			`// Strict namingconvention: only allow alphabetic characters`
Corrected static exception message to dynamic message 2019-01-17 14:06:16 +00:00			`$sanitizedUsername = preg_replace('([^a-zA-Z]*)', '', $_POST['username']);`
			`$qualifiedUsername = $settings->LDAP['Domain'] . '\\' . $sanitizedUsername;`
import local files into repo 2019-01-16 10:37:35 +00:00
Corrected static exception message to dynamic message 2019-01-17 14:06:16 +00:00			`if (@ldap_bind($ds, $qualifiedUsername, utf8_encode($_POST['password']))) {`
			`// Successful authentication; get additional userdetails from authenticationsource`
			`$ldapSearchResults = ldap_search($ds, $settings->LDAP['BaseDN'], "sAMAccountName=$sanitizedUsername");`
			`$commonName = ldap_get_entries($ds, $ldapSearchResults)[0]['cn'][0];`
import local files into repo 2019-01-16 10:37:35 +00:00			`// Create JWT-payload`
			`$jwtPayload = [`
Corrected static exception message to dynamic message 2019-01-17 14:06:16 +00:00			`'iat' => time(), // Issued at: time when the token was generated`
			`'iss' => $_SERVER['SERVER_NAME'], // Issuer`
			`'sub' => $qualifiedUsername, // Subject (ie. username)`
			`'name' => $commonName // Common name (as retrieved from AD)`
import local files into repo 2019-01-16 10:37:35 +00:00			`];`

			`$secureToken = JWT::encode($jwtPayload, base64_decode($settings->JWT['PrivateKey_base64']));`
			`return ['status' => 'Success', 'token' => $secureToken];`
			`} else {`
			`// LDAP authentication failed!`
			`return ['status' => 'Fail', 'reason' => '1'];`
			`}`
			`} else {`
			`// Empty username or passwords not allowed!`
			`return ['status' => 'Fail', 'reason' => '1'];`
			`}`
			`}`

			`function storeToken (string $username, string $password, object $cookie) {`
			`global $settings;`


			`}`

Reverted lost changes due to git init 2019-01-16 17:01:30 +00:00			`function retrieveToken (string $username, string $foo) {`
import local files into repo 2019-01-16 10:37:35 +00:00			`global $settings;`

			`}`

			`function validateCookie (int $expiration, string $username, string $securetoken) {`
			`# $_COOKIE['Exp'], $_COOKIE['Sub'], $_COOKIE['JWT']`
			`global $settings;`

Reverted lost changes due to git init 2019-01-16 17:01:30 +00:00			`If ($expiration > time()) {`
			`#moo`
			`}`
import local files into repo 2019-01-16 10:37:35 +00:00			`}`

			`?>`