Lecture des mots de passe en MD5 Base64

a5d84156 · efalcy · 6e26aa24 · a5d84156 · a5d84156 · a5d84156
Commit a5d84156 authored 12 years ago by efalcy
--- a/.gitattributes
+++ b/.gitattributes
@@ -4897,6 +4897,7 @@ scripts/find_tests.php -text
 scripts/insert_licence.sh -text
 scripts/iosrd.sh -text
 scripts/marker-visit.el -text
+scripts/md5base64.pl -text
 scripts/opac2.sql -text
 scripts/opac3.el -text
 scripts/org-link-minor-mode.el -text

--- a/library/ZendAfi/Auth.php
+++ b/library/ZendAfi/Auth.php
@@ -63,10 +63,16 @@ class ZendAfi_Auth extends Zend_Auth {
 			$adapters = $this->getOrderedAdaptersForLoginPassword($login, $password);

 		foreach ($adapters as $authAdapter) {
+
 			$authAdapter->setIdentity($login);
 			$authAdapter->setCredential($password);
 	
-			if (!$this->authenticate($authAdapter)->isValid()) continue;
+			if (!$this->authenticate($authAdapter)->isValid()) {
+				$authAdapter->setCredential($this->md5_base64($this->_credential));
+				if (!$this->authenticate($authAdapter)->isValid())
+continue;
+
+			}
 			$this->getStorage()->write($authAdapter->getResultObject());
 			return true;
 		}
@@ -74,6 +80,12 @@ class ZendAfi_Auth extends Zend_Auth {
 	}


+	public function md5_base64 ( $data )
+	{
+    return preg_replace('/=+$/','',base64_encode(pack('H*',md5($data))));
+
+	}
+
 	public function logUser($user) {
 		$this->getStorage()->write($user->toStdClass());
 		return $this;

--- a/scripts/md5base64.pl
+++ b/scripts/md5base64.pl
+
+use Digest::MD5 
+qw(md5_base64); 
+my $var='adminPassword';
+print md5_base64($var);
--- a/tests/application/modules/opac/controllers/AuthControllerTest.php
+++ b/tests/application/modules/opac/controllers/AuthControllerTest.php
@@ -325,7 +325,7 @@ class AuthControllerAdminIsLoggedTest extends PortailWithOneLoginModuleTestCase
 			->setRoleLevel(ZendAfi_Acl_AdminControllerRoles::ADMIN_PORTAIL)
 			->setRole('super_admin')
 			->setLogin('sysadm')
-			->setPassword('pafgjl')
+			->setPassword('sysadmPassword')
 			->setIdSite(1)
 			->setIdabon('')
 			->setId(1);
@@ -415,7 +415,6 @@ class AuthControllerPostTest extends AuthControllerNobodyLoggedTestCase {



-
 class AuthControllerPostSimpleTest extends AuthControllerNobodyLoggedTestCase {
 	protected $_auth;

@@ -460,4 +459,8 @@ class AuthControllerPostSimpleTest extends AuthControllerNobodyLoggedTestCase {
 	}
 }

+
+
+
+
 ?>
\ No newline at end of file
--- a/tests/library/ZendAfi/AuthTest.php
+++ b/tests/library/ZendAfi/AuthTest.php
@@ -25,4 +25,42 @@ class AuthSessionNamespaceTest extends PHPUnit_Framework_TestCase {
 		$this->assertEquals('Zend_Auth' . md5(BASE_URL),
 			                  ZendAfi_Auth::getInstance()->getStorage()->getNamespace());
 	}
-}
\ No newline at end of file
+
+
+	/** 
+	 * @test 
+	 */
+	public function validAuthenticationInMd5ShouldRedirect()	{
+	
+		$zendAuth = new ZendAfi_Auth();
+		assertTrue($zendAuth->authenticateLoginPassword('sysadm','adminPassword',[new Mock_Adapter()]));
+		
+	}
+}
+
+
+
+class Mock_Adapter  implements Zend_Auth_Adapter_Interface {
+	public function setIdentity($identity) {
+		$this->_identity = $identity;
+		return $this;
+	}
+
+	/**
+	 * @param string $credential
+	 * @return Zend_Auth_Adapter_CommSigb
+	 */
+	public function setCredential($credential) {
+		$this->_credential = $credential;
+		return $this;
+	}
+
+
+	
+	public function authenticate() {
+		if ($this->_credential == 'M9h/02RRb2YEEk/Mdv3SeQ')
+			return true;
+		
+	}
+}
+