From a5d84156482c7edef521f48be3df62ff02cb6072 Mon Sep 17 00:00:00 2001
From: efalcy <efalcy@git-test.afi-sa.fr>
Date: Tue, 12 Feb 2013 14:33:09 +0000
Subject: [PATCH] Lecture des mots de passe en MD5 Base64

---
 .gitattributes                                |  1 +
 library/ZendAfi/Auth.php                      | 14 ++++++-
 scripts/md5base64.pl                          |  5 +++
 .../opac/controllers/AuthControllerTest.php   |  7 +++-
 tests/library/ZendAfi/AuthTest.php            | 40 ++++++++++++++++++-
 5 files changed, 63 insertions(+), 4 deletions(-)
 create mode 100644 scripts/md5base64.pl

diff --git a/.gitattributes b/.gitattributes
index 37e02777b11..be7df1e6e11 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -4897,6 +4897,7 @@ scripts/find_tests.php -text
 scripts/insert_licence.sh -text
 scripts/iosrd.sh -text
 scripts/marker-visit.el -text
+scripts/md5base64.pl -text
 scripts/opac2.sql -text
 scripts/opac3.el -text
 scripts/org-link-minor-mode.el -text
diff --git a/library/ZendAfi/Auth.php b/library/ZendAfi/Auth.php
index 56b44e66997..e75e30d278e 100644
--- a/library/ZendAfi/Auth.php
+++ b/library/ZendAfi/Auth.php
@@ -63,10 +63,16 @@ class ZendAfi_Auth extends Zend_Auth {
 			$adapters = $this->getOrderedAdaptersForLoginPassword($login, $password);
 
 		foreach ($adapters as $authAdapter) {
+
 			$authAdapter->setIdentity($login);
 			$authAdapter->setCredential($password);
 	
-			if (!$this->authenticate($authAdapter)->isValid()) continue;
+			if (!$this->authenticate($authAdapter)->isValid()) {
+				$authAdapter->setCredential($this->md5_base64($this->_credential));
+				if (!$this->authenticate($authAdapter)->isValid())
+continue;
+
+			}
 			$this->getStorage()->write($authAdapter->getResultObject());
 			return true;
 		}
@@ -74,6 +80,12 @@ class ZendAfi_Auth extends Zend_Auth {
 	}
 
 
+	public function md5_base64 ( $data )
+	{
+    return preg_replace('/=+$/','',base64_encode(pack('H*',md5($data))));
+
+	}
+
 	public function logUser($user) {
 		$this->getStorage()->write($user->toStdClass());
 		return $this;
diff --git a/scripts/md5base64.pl b/scripts/md5base64.pl
new file mode 100644
index 00000000000..cb944d44e6b
--- /dev/null
+++ b/scripts/md5base64.pl
@@ -0,0 +1,5 @@
+
+use Digest::MD5 
+qw(md5_base64); 
+my $var='adminPassword';
+print md5_base64($var);
diff --git a/tests/application/modules/opac/controllers/AuthControllerTest.php b/tests/application/modules/opac/controllers/AuthControllerTest.php
index 4d163aba404..79696c948f3 100644
--- a/tests/application/modules/opac/controllers/AuthControllerTest.php
+++ b/tests/application/modules/opac/controllers/AuthControllerTest.php
@@ -325,7 +325,7 @@ class AuthControllerAdminIsLoggedTest extends PortailWithOneLoginModuleTestCase
 			->setRoleLevel(ZendAfi_Acl_AdminControllerRoles::ADMIN_PORTAIL)
 			->setRole('super_admin')
 			->setLogin('sysadm')
-			->setPassword('pafgjl')
+			->setPassword('sysadmPassword')
 			->setIdSite(1)
 			->setIdabon('')
 			->setId(1);
@@ -415,7 +415,6 @@ class AuthControllerPostTest extends AuthControllerNobodyLoggedTestCase {
 
 
 
-
 class AuthControllerPostSimpleTest extends AuthControllerNobodyLoggedTestCase {
 	protected $_auth;
 
@@ -460,4 +459,8 @@ class AuthControllerPostSimpleTest extends AuthControllerNobodyLoggedTestCase {
 	}
 }
 
+
+
+
+
 ?>
\ No newline at end of file
diff --git a/tests/library/ZendAfi/AuthTest.php b/tests/library/ZendAfi/AuthTest.php
index 7914c247268..51395d93204 100644
--- a/tests/library/ZendAfi/AuthTest.php
+++ b/tests/library/ZendAfi/AuthTest.php
@@ -25,4 +25,42 @@ class AuthSessionNamespaceTest extends PHPUnit_Framework_TestCase {
 		$this->assertEquals('Zend_Auth' . md5(BASE_URL),
 			                  ZendAfi_Auth::getInstance()->getStorage()->getNamespace());
 	}
-}
\ No newline at end of file
+
+
+	/** 
+	 * @test 
+	 */
+	public function validAuthenticationInMd5ShouldRedirect()	{
+	
+		$zendAuth = new ZendAfi_Auth();
+		assertTrue($zendAuth->authenticateLoginPassword('sysadm','adminPassword',[new Mock_Adapter()]));
+		
+	}
+}
+
+
+
+class Mock_Adapter  implements Zend_Auth_Adapter_Interface {
+	public function setIdentity($identity) {
+		$this->_identity = $identity;
+		return $this;
+	}
+
+	/**
+	 * @param string $credential
+	 * @return Zend_Auth_Adapter_CommSigb
+	 */
+	public function setCredential($credential) {
+		$this->_credential = $credential;
+		return $this;
+	}
+
+
+	
+	public function authenticate() {
+		if ($this->_credential == 'M9h/02RRb2YEEk/Mdv3SeQ')
+			return true;
+		
+	}
+}
+	
-- 
GitLab