From 1a64deeb894dc95e2645a75771732c6cc53a79ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Wed, 4 Oct 2023 01:35:06 +0200
Subject: Squash changes containing private information

There were a lot of changes since the previous commit, but a lot of them
contained personnal information about users. All thos changes got
stashed into a single commit (history is kept in a different place) and
private information was moved in a separate private repository
---
 .../websites/tools/tools/landing/ldap_ssh_keys.php | 348 ---------------------
 1 file changed, 348 deletions(-)
 delete mode 100644 modules/private/websites/tools/tools/landing/ldap_ssh_keys.php

(limited to 'modules/private/websites/tools/tools/landing/ldap_ssh_keys.php')

diff --git a/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php b/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php
deleted file mode 100644
index 259e28d..0000000
--- a/modules/private/websites/tools/tools/landing/ldap_ssh_keys.php
+++ /dev/null
@@ -1,348 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr">
-    <head>
-      <title>ImmaeEu Account</title>
-      <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
-      <meta name="viewport" content="width=device-width, initial-scale=1" />
-      <link rel="stylesheet" href="https://assets.immae.eu/skeleton/2.0.4/skeleton.min.css" integrity="sha256-2YQRJMXD7pIAPHiXr0s+vlRWA7GYJEK0ARns7k2sbHY=" crossorigin="anonymous" />
-      <style type="text/css">
-          body {
-            font-family: Verdana,Arial,Courier New;
-            margin: auto;
-          }
-          table#ssh_keys_list textarea {
-            width: 100%;
-            height: 100%;
-          }
-          table#ssh_keys_list tbody tr.sshkeyrow {
-            height: 130px;
-          }
-          table#ssh_keys_list tbody tr.headrow th {
-            border-bottom: 0px !important;
-            padding-bottom: 0px !important;
-          }
-          table#ssh_keys_list tbody tr.mainrow td:not(.delete-button) {
-            border-bottom: 0px !important;
-            padding-bottom: 0px !important;
-          }
-          table#ssh_keys_list td.sshkey {
-            min-width: 600px;
-            height: 100%;
-            padding-top: 0px !important;
-          }
-
-          table#ssh_keys_list td.comment {
-            min-width: 160px;
-          }
-
-      </style>
-    </head>
-    <body>
-      <div class="container">
-        <h1>Gestion des clés SSH</h1>
-<?php
-
-$connection = NULL;
-
-session_start();
-
-// Liste des applications gérées
-const apps = [
-    'git',
-    'pub',
-    'ftp',
-    'ssh',
-    'forward',
-];
-
-function checkSshKey($sshKey)
-{
-  $exploded = explode(' ', $sshKey);
-  if (count($exploded) != 2) {
-    return false;
-  }
-  if (!in_array($exploded[0], array('ssh-rsa', 'ssh-ed25519'))) {
-    return false;
-  }
-  $decoded = base64_decode($exploded[1], true);
-  if ($decoded === FALSE) {
-    return false;
-  }
-  $decoded = preg_replace("/[^\w\-]/","", (string) $decoded);
-  if (substr($decoded, 0, strlen($exploded[0])) !== $exploded[0]) {
-    return false;
-  }
-
-  return true;
-}
-
-function isUserLogged()
-{
-    return (isset($_SESSION["login"]) && doConnect() !== NULL);
-}
-
-function doConnect()
-{
-  global $connection;
-  $server = "ldaps://ldap.immae.eu";
-
-  if ($connection === NULL) {
-    $connection = ldap_connect($server);
-    ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
-    if (isset($_SESSION["user_dn"]) && isset($_SESSION["password"])) {
-      if (ldap_bind($connection, $_SESSION["user_dn"], $_SESSION["password"]) === false) {
-        $connection = NULL;
-        unset($_SESSION["user_dn"]);
-        unset($_SESSION["password"]);
-        unset($_SESSION["login"]);
-      }
-    }
-  }
-
-  return $connection;
-}
-
-function checkLogin($user, $password)
-{
-    $con = doConnect();
-
-    $user_dn = "uid=$user,ou=users,dc=immae,dc=eu";
-
-    if (ldap_bind($con, $user_dn, $password) === false) {
-        return false;
-    }
-    $_SESSION["user_dn"] = $user_dn;
-    $_SESSION["password"] = $password;
-
-    $user_search = ldap_search($con,"dc=immae,dc=eu","(uid=$user)");
-    $auth_entry = ldap_first_entry($con, $user_search);
-
-    return true;
-}
-
-function getLdapInfo()
-{
-  $con = doConnect();
-  if (!isset($_SESSION["user_dn"])) {
-    $sortieLdap = [];
-  } else {
-    $user_read  = ldap_read($con, $_SESSION["user_dn"], "(objectclass=*)", array("uid","immaeSshKey"));
-    $user_entry = ldap_first_entry($con, $user_read);
-    $sortieLdap = ldap_get_values($con, $user_entry, "immaeSshKey");
-    unset($sortieLdap["count"]);
-  }
-
-    $keys = [];
-    foreach ($sortieLdap as $line) {
-        $exploded = explode(' ', $line);
-
-        $apps = explode('|', $exploded[0]);
-        $publicKey = $exploded[1] . ' ' . $exploded[2];
-
-        unset($exploded[0]);
-        unset($exploded[1]);
-        unset($exploded[2]);
-
-        $comment = implode(' ', $exploded);
-
-        $keys[] = [
-            'apps'       => $apps,
-            'public_key' => $publicKey,
-            'comment'    => $comment,
-        ];
-    }
-
-    return $keys;
-}
-
-function pushLdapInfos($keys)
-{
-    $con = doConnect();
-    if (!isset($_SESSION["user_dn"]))
-      return false;
-
-    return ldap_mod_replace($con, $_SESSION["user_dn"], array("immaeSshKey" => $keys));
-}
-
-
-// Script
-if (isset($_POST['deconnexion'])) {
-    $_SESSION = [];
-}
-
-if (isset($_POST['sauvegarder'])) {
-    $editedKeys = [];
-    $errors = false;
-    $keysToSave = [];
-    foreach($_POST['keys'] as $id => $key) {
-        $editedKeys[$id] = $key;
-        if (!checkSshKey($key['public_key'])) {
-            $editedKeys[$id]['error'] = true;
-            $errors = true;
-        }
-
-        if (!isset($key['apps'])) {
-            $editedKeys[$id]['apps'] = $key['apps'] = [];
-
-        }
-        foreach ($key['apps'] as $app) {
-            if (!in_array($app, apps)) {
-                die("integrity");
-            }
-        }
-
-        if (!isset($editedKeys[$id]['error']) || $editedKeys[$id]['error'] !== true) {
-            $keysToSave[] = implode('|', $key['apps']) . ' ' . $key['public_key'] . ' ' . $key['comment'];
-        }
-    }
-
-    if (!$errors) {
-        $successSave = pushLdapInfos($keysToSave);
-    }
-}
-
-$loginErrors = "";
-if (isset($_POST['login'])) {
-    if (empty($_POST['username']) || empty($_POST['password'])) {
-        $loginErrors = "Le nom d'utilisateur et le mot de passe sont requis.";
-    } elseif (!checkLogin($_POST['username'], $_POST['password'])) {
-        $loginErrors = "Identifiants incorrects.";
-    } else {
-        $_SESSION['login'] = $_POST['username'];
-    }
-}
-
-if (isUserLogged()) :
-    $keys = isset($editedKeys) ? $editedKeys : getLdapInfo();
-?>
-        <p>Connecté en tant que <b><?= $_SESSION['login']; ?></b></p>
-
-        <form method="post">
-            <input type="submit" name="deconnexion" value="Déconnexion">
-        </form>
-
-        <?php if (isset($successSave) && $successSave === true) : ?>
-        <p style="color: green;">Clés enregistrées avec succès.</p>
-        <?php endif; ?>
-
-        <form method="post">
-            <table id="ssh_keys_list">
-                <tbody>
-                    <?php
-                    foreach ($keys as $id => $sshKey) :
-                        ?>
-                        <tr class="headrow">
-                            <th>Description</th>
-                            <?php foreach (apps as $app) : ?>
-                                <th><?= $app ?></th>
-                            <?php endforeach; ?>
-                            <th></th>
-                        </tr>
-                        <tr class="mainrow">
-                            <td class="comment"><textarea name="keys[<?= $id ?>][comment]"><?= $sshKey['comment'] ?></textarea></td>
-                        <?php
-                            foreach (apps as $app) :
-                                $checked = in_array($app, $sshKey['apps']);
-                            ?>
-                            <td><input type="checkbox" name="keys[<?= $id ?>][apps][]" value="<?= $app ?>"<?= $checked ? ' checked' : '' ?>></td>
-                        <?php endforeach; ?>
-                        <td class="delete-button" rowspan="2"><button class="delete">Suppr.</button></td>
-                    </tr>
-                    <tr class="sshkeyrow">
-                            <td colspan="<?php echo 1+count(apps); ?>" class="sshkey"><textarea name="keys[<?= $id ?>][public_key]" <?php if (isset($sshKey['error']) && $sshKey['error'] === true) :?>style="color: red"<?php endif; ?>><?= $sshKey['public_key'] ?></textarea></td>
-                    </tr>
-                    <?php
-                    endforeach;
-                    ?>
-                </tbody>
-            </table>
-
-            <button id="add">Ajouter</button>
-
-            <hr>
-
-            <input type="submit" value="Sauvegarder" name="sauvegarder">
-        </form>
-        <script>
-            function deleteLine(element) {
-                element.addEventListener('click', function(e) {
-                    e.preventDefault();
-                    e.target.closest('tr').remove();
-                }, false);
-            }
-
-            var suppr = document.getElementsByClassName('delete');
-            var add = document.getElementById('add');
-            var list = document.querySelector('#ssh_keys_list > tbody');
-
-            for (var i = 0; i < suppr.length; i++) {
-                deleteLine(suppr[i]);
-            }
-
-            add.addEventListener('click', function (e) {
-                e.preventDefault();
-                i++;
-
-                var newLine = `
-                    <tr class="headrow">
-                        <th>Description</th>
-                        <?php foreach (apps as $app) : ?>
-                            <th><?= $app ?></th>
-                        <?php endforeach; ?>
-                        <th></th>
-                    </tr>
-                    <tr class="mainrow">
-                        <td class="comment"><textarea name="keys[${i}][comment]"></textarea></td>
-                    `;
-
-
-                <?php
-                    foreach (apps as $app) :
-                    ?>
-                    newLine += `<td><input type="checkbox" name="keys[${i}][apps][]" value="<?= $app ?>"></td>`;
-                <?php endforeach; ?>
-
-                newLine += `<td class="delete-button" rowspan="2"><button class="delete" id="delete-${i}">Suppr.</button></td>
-                </tr>`;
-
-                newLine += `<tr class="sshkeyrow">
-                    <td colspan="<?php echo 1+count(apps); ?>" class="sshkey"><textarea name="keys[$[i}][public_key]"></textarea></td>
-                </tr>`;
-
-
-                list.insertAdjacentHTML('beforeend', newLine);
-
-                deleteLine(document.getElementById("delete-" + i));
-
-            }, false)
-        </script>
-<?php
-else:
-?>
-        <form action="" method="post">
-            <h2>Login</h2>
-
-            <?php
-            if (!empty($loginErrors)):
-            ?>
-            <p style="color: red;"><?= $loginErrors; ?></p>
-            <?php
-            endif;
-            ?>
-
-            <label for="username">Utilisateur :</label>
-            <input type="text" id="username" name="username"/>
-
-            <label for="password">Mot de passe :</label>
-            <input type="password" id="password" name="password"/>
-
-            <input type="submit" value="OK" name="login" />
-        </form>
-<?php
-endif;
-?>
-    </div>
-  </body>
-</html>
-
-
-- 
cgit v1.2.3