Contrôle d'identification par OpenFlyers pour un logiciel tiers : Différence entre versions

Aller à : navigation, rechercher
(PHP code example)
(How it works)
Ligne 3 : Ligne 3 :
  
 
=How it works=
 
=How it works=
If your OpenFlyers is located at http://openflyers.com/test/ just post at http://openflyers.com/test/checkIdent.php with login and rawPassword variables.
+
If your OpenFlyers is located at http://openflyers.com/platform-name/ just post at http://openflyers.com/platform-name/checkIdent.php with login and rawPassword variables.
  
 
'''Warning:''' OpenFlyers release 2 or higher required a password hashed with MD5 (see the commented $postData line below in the PHP script).
 
'''Warning:''' OpenFlyers release 2 or higher required a password hashed with MD5 (see the commented $postData line below in the PHP script).

Version du 2 décembre 2016 à 14:06

Presentation

Here is an presentation of how to check if an identification/password couple submitted by your own scripts is correct according to the OpenFlyers database.

How it works

If your OpenFlyers is located at http://openflyers.com/platform-name/ just post at http://openflyers.com/platform-name/checkIdent.php with login and rawPassword variables.

Warning: OpenFlyers release 2 or higher required a password hashed with MD5 (see the commented $postData line below in the PHP script).

Possible return values

The script display return an answer code which should be one of this value:

  • 0: OK
  • 1: OK but several profile availables. OpenFlyers select automatically the best profile.
  • 2: outdate but authorized
  • 3: outdate but authorized with outdate profile
  • 4: outdate subscription, unauthorized
  • 5: bad Ident, unauthorized
  • 6: Banned (ip or login), unauthorized
  • 7: no Ident -> ask one

We recommend you to consider 0-2 OK and 3-7 bad

Warning: you have to filter public access login (with no right) because for OF, it's a valid access !!!

JavaScript

If you are using your own authenticate form, use javascript function submit_pwd() located into \javascript\submitPwd.js

PHP code example

Here an example how to send a post request with php :

function httpPostRequest($host, $path, $postData) { 
  $result= ""; 
 
  $request = "POST $path HTTP/1.1\n". 
  "Host: $host\n". 
  (isset($referer) ? "Referer: $referer\n" : ""). 
  "Content-type: Application/x-www-form-urlencoded\n".
  "Content-length: ".strlen($postData)."\n". 
  "Connection: close\n\n". 
  $postData."\n"; 
 
  // Some debug informations:
  // print("<pre>Request:\n".htmlentities($request)."</pre>"); 
 
  if ($fp = fsockopen($host, 80, $errno, $errstr, 3))
  // for PHP release < 5.3.0, use the following syntax:
  // if ($fp = fsockopen($host, 80, &$errno, &$errstr, 3))
    { 
    if (fputs($fp, $request)) 
    { 
      while(! feof($fp)) 
      { 
       $result.= fgets($fp, 128); 
      } 
      fclose($fp); 
//      print($result);
      return $result; 
    } 
  } 
}
 
//$postData='login=jbond&rawPassword='.md5('007'); // for OpenFlyers release 2 or higher
$postData='login=jbond&rawPassword=007';
$rawContent = httpPostRequest('openflyers.com','http://openflyers.com/plateform-name/checkIdent.php',$postData); [^]
 
list($header, $content) = explode("\r\n\r\n", $rawContent, 2);
list($byteQty, $realContent, $dummy) = explode("\r\n", $content, 3);
 
// the answer is in $realContent

Joomla authentification plugin

If you have a Joomla website and you want that Openflyers users could connect to your Joomla restricted access zone, you may add this plugin to have only one account database: Openflyers one. You don't need to update Joomla user database, this plugin ask directly Openflyers thanks to CheckIdent.php script. There are two files depending on your Joomla version: