automatically register SSL client cert when user registers

This commit is contained in:
Christian Weiske 2011-05-09 08:13:17 +02:00
parent 6447ca7186
commit 2fba302003
2 changed files with 43 additions and 10 deletions

View file

@ -85,9 +85,31 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi
*/ */
public function registerCurrentCertificate($uId) public function registerCurrentCertificate($uId)
{ {
//FIXME $serial = $_SERVER['SSL_CLIENT_M_SERIAL'];
$clientIssuerDn = $_SERVER['SSL_CLIENT_I_DN'];
$query = 'INSERT INTO ' . $this->getTableName()
. ' '. $this->db->sql_build_array(
'INSERT', array(
'uId' => $uId,
'sslSerial' => $serial,
'sslClientIssuerDn' => $clientIssuerDn,
'sslName' => $_SERVER['SSL_CLIENT_S_DN_CN'],
'sslEmail' => $_SERVER['SSL_CLIENT_S_DN_Email']
)
);
if (!($dbresult = $this->db->sql_query($query))) {
message_die(
GENERAL_ERROR, 'Could not load user for client certificate',
'', __LINE__, __FILE__, $query, $this->db
);
return false;
} }
return true;
}
/** /**
* Takes values from the currently available SSL client certificate * Takes values from the currently available SSL client certificate
@ -109,8 +131,9 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi
} }
if (count($arData)) { if (count($arData)) {
$us = SemanticScuttle_Service_Factory::get('User');
foreach ($arData as $column => $value) { foreach ($arData as $column => $value) {
$userservice->_updateuser($uId, $column, $value); $us->_updateuser($uId, $column, $value);
} }
} }
return $arData; return $arData;

View file

@ -72,7 +72,16 @@ if (POST_SUBMITTED != '') {
$tplVars['error'] = T_('Antispam answer is not valid. Please try again.'); $tplVars['error'] = T_('Antispam answer is not valid. Please try again.');
// Register details // Register details
} elseif ($userservice->addUser($posteduser, POST_PASS, POST_MAIL) !== false) { } else {
$uId = $userservice->addUser($posteduser, POST_PASS, POST_MAIL);
if ($uId !== false) {
if (isset($_SERVER['SSL_CLIENT_VERIFY'])
&& $_SERVER['SSL_CLIENT_VERIFY'] == 'SUCCESS'
) {
$ssl = SemanticScuttle_Service_Factory::get('User_SslClientCert');
$ssl->registerCurrentCertificate($uId);
$ssl->updateProfileFromCurentCert($uId);
}
// Log in with new username // Log in with new username
$login = $userservice->login($posteduser, POST_PASS); $login = $userservice->login($posteduser, POST_PASS);
if ($login) { if ($login) {
@ -82,6 +91,7 @@ if (POST_SUBMITTED != '') {
} else { } else {
$tplVars['error'] = T_('Registration failed. Please try again.'); $tplVars['error'] = T_('Registration failed. Please try again.');
} }
}
} }
$tplVars['antispamQuestion'] = $GLOBALS['antispamQuestion']; $tplVars['antispamQuestion'] = $GLOBALS['antispamQuestion'];