1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
#!/usr/bin/perl
# HTTP basic auth plugin.
package IkiWiki::Plugin::httpauth;
use warnings;
use strict;
use IkiWiki 3.00;
sub import {
hook(type => "getsetup", id => "httpauth", call => \&getsetup);
hook(type => "auth", id => "httpauth", call => \&auth);
hook(type => "formbuilder_setup", id => "httpauth",
call => \&formbuilder_setup);
hook(type => "canedit", id => "httpauth", call => \&canedit);
hook(type => "pagetemplate", id => "httpauth", call => \&pagetemplate);
}
sub getsetup () {
return
plugin => {
safe => 1,
rebuild => 0,
},
cgiauthurl => {
type => "string",
example => "http://example.com/wiki/auth/ikiwiki.cgi",
description => "url to redirect to when authentication is needed",
safe => 1,
rebuild => 0,
},
httpauth_pagespec => {
type => "pagespec",
example => "!*/Discussion",
description => "PageSpec of pages where only httpauth will be used for authentication",
safe => 0,
rebuild => 0,
},
}
sub redir_cgiauthurl ($;@) {
my $cgi=shift;
IkiWiki::redirect($cgi,
IkiWiki::cgiurl(cgiurl => $config{cgiauthurl}, @_));
exit;
}
sub auth ($$) {
my $cgi=shift;
my $session=shift;
if (defined $cgi->remote_user()) {
$session->param("name", $cgi->remote_user());
}
}
sub formbuilder_setup (@) {
my %params=@_;
my $form=$params{form};
my $session=$params{session};
my $cgi=$params{cgi};
my $buttons=$params{buttons};
if ($form->title eq "signin" &&
! defined $cgi->remote_user() && defined $config{cgiauthurl}) {
my $button_text="Login with HTTP auth";
push @$buttons, $button_text;
if ($form->submitted && $form->submitted eq $button_text) {
# bounce thru cgiauthurl and then back to
# the stored postsignin action
redir_cgiauthurl($cgi, do => "postsignin");
}
}
}
sub test_httpauth_pagespec ($) {
my $page=shift;
return defined $config{httpauth_pagespec} &&
length $config{httpauth_pagespec} &&
defined $config{cgiauthurl} &&
pagespec_match($page, $config{httpauth_pagespec});
}
sub canedit ($$$) {
my $page=shift;
my $cgi=shift;
my $session=shift;
if (! defined $cgi->remote_user() && test_httpauth_pagespec($page)) {
return sub {
IkiWiki::redirect($cgi,
$config{cgiauthurl}.'?'.$cgi->query_string());
exit;
};
}
else {
return undef;
}
}
sub pagetemplate (@_) {
my %params=@_;
my $template=$params{template};
if ($template->param("editurl") &&
test_httpauth_pagespec($params{page})) {
# go directly to cgiauthurl when editing a page matching
# the pagespec
$template->param(editurl => IkiWiki::cgiurl(
cgiurl => $config{cgiauthurl},
do => "edit", page => $params{page}));
}
}
1
|