Untitled

<?php

$auth = new Authenticator();
$user = $auth->process();
if ($user->username == "animuson") $final = "animuson@boogiewoogie";
else $final = "{$user->username}@tronner";
$auth->conclude("PASSWORD_OK {$final}\n", 200);

class Authenticator {
    private $authority = "tronner.com"; // The authority domain that we should be using
    private $statusOk = true; // Should it always force HTTP status code 200 when sending the message?
    private $username; // The username being checked
    private $prefix = "arma"; // The prefix that is attached to the front of passwords
    private $suffix = "md5"; // The suffix that is attached to the end of passwords
    private $methods = array("md5" => array("prefix" => "arma", "suffix" => "md5")); // The encryption methods you support

    function __construct() {
        global $ani;
        if ($ani->i->server['http_host'] != $this->authority) $this->conclude("WRONG_HOST", 404);
    }

    public function process($query = NULL) {
        global $ani;
        if (is_null($query)) $query = strtolower($ani->i->get['query']);
        switch ($query):
            case "methods":
                $this->conclude("METHODS {$this->getMethods()}");
                break;
            case "params":
                $this->conclude($this->getParameters(strtolower($ani->i->get['method'])));
                break;
            case "check":
                return $this->checkPassword();
                break;
            default:
                $this->conclude("UNKNOWN_QUERY", 404);
        endswitch;
    }

    private function conclude($message, $status = 200) {
        if ($this->statusOk === true) $status = 200;
        header("Status: {$status}", true, $status);
        header("Content-Type: text/plain");
        die("{$message}\n");
    }

    private function substituteUser($string) { return str_replace("%u", $this->username, $string); }

    private function getMethods() { return implode(",", array_keys($this->methods)); }

    private function getParameters($method) {
        if (!array_key_exists($method, $this->methods)) $this->conclude("UNKNOWN_METHOD", 404);
        $params = array();
        if ($this->methods[$method]['prefix'] != "") $params[] = "PREFIX {$this->methods[$method]['prefix']}";
        if ($this->methods[$method]['suffix'] != "") $params[] = "SUFFIX {$this->methods[$method]['suffix']}";
        return implode("\n", $params);
    }

    private function getPassword($username, $method) {
        global $ani;
        $this->username = $username;
        // Let's not bother if it's an invalid username...
        if (preg_match("/[^a-zA-Z0-9_]/", $username) || strlen($username) < 4 || strlen($username) > 30) $this->conclude("UNKNOWN_USER", 404);
        $user = $ani->e->db->fetch($ani->e->db->query("SELECT * FROM `global_users` WHERE `username` = '{$username}'"));
        if ($user['uid'] == "") $this->conclude("UNKNOWN_USER", 404);
        $cache = new Cache("users", array($user['uid'], $username));
        $user = $cache->decode();
        switch ($method):
            case "bmd5":
                return array($user, $user->password);
                break;
            case "md5":
                return array($user, $user->tronner->password);
                break;
            default:
                $this->conclude("METHOD_NOT_IMPLEMNTED", 501);
        endswitch;
    }

    private function checkPassword() {
        global $ani;
        $info = $this->getPassword(strtolower($ani->i->get['user']), strtolower($ani->i->get['method']));
        $salt = $ani->i->get['salt'];
        $hash = $ani->i->get['hash'];
        $packedSalt = pack("H*", $salt);
        $correctPassword = pack("H*", $info[1]);
        $correctHash = md5("{$packedSalt}{$correctPassword}");
        if (strcasecmp($hash, $correctHash) === 0) return $info[0];
        else $this->conclude("PASSWORD_FAIL {$hash} / {$correctHash}", 401);
    }
}

?>