automatically register SSL client cert when user registers

2011-05-09 08:13:17 +02:00 · 2011-05-09 08:13:17 +02:00 · 2fba302003
commit 2fba302003
parent 6447ca7186
2 changed files with 43 additions and 10 deletions
--- a/src/SemanticScuttle/Service/User/SslClientCert.php
+++ b/src/SemanticScuttle/Service/User/SslClientCert.php
@ -85,9 +85,31 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi
     */
    public function registerCurrentCertificate($uId)
    {
-        //FIXME
+        $serial         = $_SERVER['SSL_CLIENT_M_SERIAL'];
+        $clientIssuerDn = $_SERVER['SSL_CLIENT_I_DN'];
+
+        $query = 'INSERT INTO ' . $this->getTableName()
+            . ' '. $this->db->sql_build_array(
+                'INSERT', array(
+                    'uId'               => $uId,
+                    'sslSerial'         => $serial,
+                    'sslClientIssuerDn' => $clientIssuerDn,
+                    'sslName'           => $_SERVER['SSL_CLIENT_S_DN_CN'],
+                    'sslEmail'          => $_SERVER['SSL_CLIENT_S_DN_Email']
+                )
+            );
+        if (!($dbresult = $this->db->sql_query($query))) {
+            message_die(
+                GENERAL_ERROR, 'Could not load user for client certificate',
+                '', __LINE__, __FILE__, $query, $this->db
+            );
+            return false;
        }

+        return true;
+    }
+
+

    /**
     * Takes values from the currently available SSL client certificate
@ -109,8 +131,9 @@ class SemanticScuttle_Service_User_SslClientCert extends SemanticScuttle_DbServi
        }

        if (count($arData)) {
+            $us = SemanticScuttle_Service_Factory::get('User');
            foreach ($arData as $column => $value) {
-                $userservice->_updateuser($uId, $column, $value);
+                $us->_updateuser($uId, $column, $value);
            }
        }
        return $arData;
--- a/www/register.php
+++ b/www/register.php
@ -72,7 +72,16 @@ if (POST_SUBMITTED != '') {
        $tplVars['error'] = T_('Antispam answer is not valid. Please try again.');

    // Register details
-    } elseif ($userservice->addUser($posteduser, POST_PASS, POST_MAIL) !== false) {
+    } else {
+        $uId = $userservice->addUser($posteduser, POST_PASS, POST_MAIL);
+        if ($uId !== false) {
+            if (isset($_SERVER['SSL_CLIENT_VERIFY'])
+                && $_SERVER['SSL_CLIENT_VERIFY'] == 'SUCCESS'
+            ) {
+                $ssl = SemanticScuttle_Service_Factory::get('User_SslClientCert');
+                $ssl->registerCurrentCertificate($uId);
+                $ssl->updateProfileFromCurentCert($uId);
+            }
            // Log in with new username
            $login = $userservice->login($posteduser, POST_PASS);
            if ($login) {
@ -82,6 +91,7 @@ if (POST_SUBMITTED != '') {
        } else {
            $tplVars['error'] = T_('Registration failed. Please try again.');
        }
+    }
 }

 $tplVars['antispamQuestion'] = $GLOBALS['antispamQuestion'];