2015-06-22 13:53:34 +00:00
class Scores_Ws_Server
* User information
* @var array
protected $User;
* Is user authenticated
* @var boolean
protected $authenticated = false;
* Authenticated method (Basic, SoapHeader)
* @var string
protected $authMethod = null;
* Nom de l'application d'ou provient la demande d'authentification
* @var string
protected $authApp = null;
* IP du client
* @var string
protected $authIp = null;
* Name of Service
* @var string
public $serviceName = null;
* Is a customize service
* @var boolean
public $serviceClient = false;
* Name of Client
* @var string
public $serviceClientName = null;
* Version of service
* @var string
public $serviceVersion = null;
* List all application IPs
* @var array
protected $listApplicationIp = array (
'', //Extranet - sd-46528
'', //Extranet - ns359466
2015-07-10 08:42:07 +00:00
2015-06-22 13:53:34 +00:00
protected $listProxyIp = array(
* List all permission
* @var array
* category
* acces
* code | label | category
protected $listeDroits = array (
'RECHCSV' => "Export des résultats de la recherche",
'IPARI' => "Investigation par l'image IparI&copy;",
'HISTOBODACC' => "Historique des annonces bodacc",
'INVESTIG' => "Investigation",
'SEARCHENT' => "Recherche Entreprise",
'SEARCHDIR' => "Recherche Dirigeant",
'SEARCHACT' => "Recherche Actionnaire",
'IDENTITE' => "Fiche d'identité",
'IDPROCOL' => 'Fiche procédure collective',
'LIENS' => "Liens inter-entreprise",
'ETABLISSEMENTS' => "Liste des établissements",
'GROUPE' => "Informations et organigramme du groupe",
'EVENINSEE' => '&Eacute;vènements INSEE',
'AVISINSEE' => 'Avis de situation INSEE',
'AVISRNCS' => 'Avis de situation RNCS',
'RNVP' => "Normalisation postale",
'DIRIGEANTS' => "Liste des dirigeants",
'DIRIGEANTSOP' => "Liste des dirigeants opérationnels",
'SYNTHESE' => "Synthèse",
'RATIOS' => "Ratios",
'FLUX' => "Flux de trésorerie",
'LIASSE' => "Liasse fiscale",
'LIASSEXLS' => "Export des Liasses au format XLS",
'UPLOADBILAN' => "Saisie de bilan",
'BOURSE' => "Bourse & cotations",
'BANQUE' => "Relations bancaires",
'ANNONCES' => "Annonces légales",
'INFOSREG' => "Informations réglementée",
'COMPETENCES' => "Compétences territoriales",
'CONVENTIONS' => "Conventions collectives",
'MARQUES' => "Marques déposées",
'INDISCORE' => "indiScore&copy;",
'INDISCORE2' => "Rapport synthetique",
'INDISCORE3' => "Rapport complet",
'INDISCOREP' => "indiScore+",
'INDISCORE2P' => "Rapport synthetique+",
'INDISCORE3P' => "Rapport complet+",
'VALORISATION' => "Valorisation",
'SCORECSF' => "Score CSF",
'ENQUETEC' => "Enquête commerciale",
'AVISCREDIT' => "Avis de crédit personnalisé",
'KBIS' => "Extrait RCS",
'ACTES' => "Pièces officielles",
'PRIVILEGES' => "Privilèges",
'SURVANNONCE' => "Surveillance des annonces légales",
'SURVINSEE' => "Surveillance des événements INSEE",
'SURVBILAN' => "Surveillance des bilans saisies (liasse fiscale)",
'SURVSCORE' => "Surveillance des événements sur le score",
'SURVACTES' => "Surveillance des pieces officielles (comptes annuels, actes)",
'SURVDIRIGEANTS'=> "Surveillance des dirigeants",
'SURVPAIEMENTS' => "Surveillance des paiements",
'SURVLIENS' => "Surveillance des liens financiers",
'SURVPRIV' => "Surveillance des privilèges",
'MONPROFIL' => "Mon profil",
'EDITION' => "Mode Edition",
'PORTEFEUILLE' => "Portefeuille",
'SURVLISTE' => "Liste des surveillances",
'INTERNATIONAL' => "Recherche Internationale",
'BDF' => "Banque de France",
'WORLDCHECK' => "World-Check Risk Intelligence",
protected $listeCategory = array(
'RECHERCHE' => array(
'label' => "Recherche",
'IDENTITE' => array(
'label' => "Identité",
'DIRIGEANT' => array(
'label' => "Dirigeant",
'FINANCE' => array(
'label' => 'Elements Financiers',
'JURIDIQUE' => array(
'label' => 'Elements Juridiques',
'EVALUATION' => array(
'label' => 'Evaluation',
'PIECES' => array(
'label' => 'Pièces officielles',
'droits' => array('KBIS', 'ACTES', 'PRIVILEGES'),
'label' => 'Surveillances',
'OPTIONS' => array(
'label' => 'Options',
'DIVERS' => array(
'label' => 'Divers',
'droits' => array('INTERNATIONAL', 'BDF'),
* List preferences
* @var array
protected $listePrefs = array(
'NAF4' => "Afficher les anciens NAF",
'NACE' => "Afficher les codes NACES",
'NEWS' => "Afficher les news Google&copy;",
'MAPPY' => "Afficher les fa&ccedil;ades d'immeubles",
'CARTES' => "Afficher les cartes et les plans",
'VOIRSURV' => "Afficher les entités sous surveillances",
'DEMANDEREF' => "Demande de référence par defaut",
'RECHREF' => "Afficher le formulaire de recherche par référence",
* List logs for facturation
* @var array
protected $logs = array(
'identite' => array(
'label' => "Identité"
'liens' => array(
'label' => "Liens Inter-Entreprise"
'etablissements' => array(
'label' => "Etablissements"
'dirigeants' => array(
'label' => "Dirigeants"
'annonces' => array(
'label' => "Annonces légales",
'indiscore' => array(
'label' => "Indiscore",
'indiscorep' => array(
'label' => "Indiscore+",
'indiscore2' => array(
'label' => "Rapport",
'indiscore2p' => array(
'label' => "Rapport avec suivi",
'indiscore3' => array(
'label' => "Rapport complet",
'indiscore3p' => array(
'label' => "Rapport complet avec suivi",
'evenements' => array(
'label' => "Modifications Insee",
'tva' => array(
'label' => "Numéro de TVA intracommunautaire",
'infosreg' => array(
'label' => "Informations réglementées",
'bourse' => array(
'label' => "Information boursière"
'bilan' => array(
'label' => "Liasse fiscale",
'sirenExiste' => array(
'label' => "Controle du SIREN",
'ratios' => array(
'label' => "Ratios",
'rapport1' => array(
'label' => "Rapport complet 1",
'rapport2' => array(
'label' => "Rapport complet 2",
'rapport3' => array(
'label' => "Rapport complet 3",
'banque' => array(
'label' => "Relations banquaires",
'competences' => array(
'label' => "Competences territoriales",
'privdetail' => array(
'label' => "Détails des privilèges",
'privcumul' => array(
'label' => "Privilèges cumulés",
'conventions' => array(
'label' => "Conventions collectives",
'marques' => array(
'label' => "Marques déposés",
'kbis' => array(
'label' => "Extrait RCS",
'dirigeantsop' => array(
'label' => "Dirigeants opérationels",
'groupesarbo' => array(
'label' => "Arborescence de groupes",
'groupeinfos' => array(
'label' => "Informations groupe",
'valorisation' => array(
'label' => "Valorisation",
'rnvp' => array(
'label' => "Normalisation postale",
* List of error code send as SoapFault
* @var unknown_type
public $listError = array(
2015-09-01 09:49:45 +00:00
'0000' => "Erreur indeterminé",
2015-06-22 13:53:34 +00:00
'0900' => "Identifiant ou mot de passe incorrect",
'0901' => "Accès WS non authorisé pour cet utilisateur",
'0902' => "Méthode non authorisée dans votre profil",
'0903' => "Période d'accès au service invalide",
'0904' => "Adresse IP Invalide",
'0905' => "Accès environnement de test non autorisé",
'0906' => "Erreur configuration utilisateur",
'1010' => "Siren invalide",
'1011' => "Identifiant invalide",
'1020' => "Siren inexistant",
'1021' => "Type d'identifiant inexistant",
'1030' => "Aucun résultat pour ce siren en base",
'3000' => "Service disponible",
'9000' => "Service S&D indisponible",
'9001' => "Service partenaire indisponible",
'9002' => "Méthode provisoirement indisponible",
'9003' => "Version du service désactivé",
'9004' => "Version du service inexistant",
'9010' => "Fichier indisponible",
'9020' => "Requête incorrecte",
public function __construct()
|| define ('DATETIME', date('YmdHis'));
|| define ('DATE', substr(DATETIME,0,8));
|| define ('TIME', substr(DATETIME,8,6));
|| define ('DATE_LISIBLE', substr(DATETIME,6,2).'/'.substr(DATETIME,4,2).'/'.substr(DATETIME,0,4));
|| define ('TIME_LISIBLE', substr(DATETIME,8,2).':'.substr(DATETIME,10,2).':'.substr(DATETIME,12,2));
* Send SoapFault with code and messade define
* @param string $code
* @throws SoapFault
protected function sendError($code)
$message = 'Erreur inconnue';
if (array_key_exists($code, $this->listError)){
$message = $this->listError[$code];
throw new SoapFault($code,$message);
* Enregistre l'appel utilisateur à une méthode
* @param $service
* @param $siret
* @param $ref
* @return void
protected function wsLog($service, $siret='', $ref='')
//Is it a test
if ( $this->User->clientTest=='Oui' || $this->User->typeCompte=='TEST' ) {
} else {
2015-06-30 09:39:47 +00:00
$siren = 0;
2015-06-22 13:53:34 +00:00
if ( strlen($siret) == 14 ) {
$siren = substr($siret,0,9);
$nic = substr($siret,9,5);
} elseif ( strlen($siret) == 9 ) {
$siren = $siret;
$nic = '';
// Set data by default
$dataInsert = array(
'login' => $this->User->login,
'page' => $service,
'params' => $ref,
'idClient' => $this->User->idClient,
'test' => $test,
'actifInsee' => 0,
'source' => 0,
'raisonSociale' => '',
'cp' => '',
'ville' => '',
'ipClient' => $this->User->ipConnexion,
$db = Zend_Db_Table_Abstract::getDefaultAdapter();
$pageRS = array(
if ( intval($siren)!=0 ) {
$dataInsert['siren'] = $siren;
$dataInsert['nic'] = $nic;
if ( intval($siren)!=0 && in_array($service, $pageRS) ) {
$sql = $db->select()->from('jo.etablissements', array('siren', 'nic', 'actif', 'siege', 'raisonSociale',
'adr_cp', 'adr_ville', 'source'))->where('siren=?', $siren);
if ( intval($siren)>1000 && intval($nic)>9 ) {
$sql->where('nic=?', $nic);
} elseif ( intval($siren)==0 && $ref>0 ) {
$sql->where('id=?', $ref);
} elseif ( intval($siren)>1000 ) {
$sql->where('siege=1')->order('actif DESC')->order('nic DESC');
} else {
try {
$result = $db->fetchRow($sql, null, Zend_Db::FETCH_OBJ);
if ( $result !== null ) {
//file_put_contents('lecture.log', print_r($result,1));
$dataInsert['raisonSociale'] = $result->raisonSociale;
$dataInsert['cp'] = $result->adr_cp;
$dataInsert['ville'] = $result->adr_ville;
$dataInsert['source'] = $result->source;
if ( $result->actif == 0 ) {
$dataInsert['actifInsee'] = 0;
} elseif ( intval($siren)>1000 ) {
$dataInsert['actifInsee'] = 1;
$sql = $db->select()->from('jo.rncs_entrep', 'count(*) AS nb')->where('siren=?', $siren);
$result = $db->fetchRow($sql, null, Zend_Db::FETCH_OBJ);
if ( $result !== null ) {
if ($result->nb>0 ) {
$dataInsert['source'] = 5;
} catch(Zend_Db_Exception $e) {
//@todo : log exception
//file_put_contents('test.log', $e->getMessage());
try {
//file_put_contents('insert.log', print_r($dataInsert,1));
$db->insert('sdv1.logs', $dataInsert);
} catch(Zend_Db_Exception $e) {
//@todo : log exception
//file_put_contents('test.log', $e->getMessage());
* Authenticate with SoapHeader, Optional (Authentication could be done by sending HTTP Basic header - see the doc)
* @param string $username
* @param string $password
* @throws SoapFault
public function authenticate($username = null, $password = null)
if ( $this->authenticated === false )
if ( empty($username) )
* @todo : Digest auth
$this->authMethod = 'basic';
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
* Auth Header in client
* $ns = 'auth';
* //Create our Auth Object to pass to the SOAP service with our values
* $auth = new StdClass();
* $auth->username = 'yourlogin';
* $auth->password = 'yourpassword';
* $creds = new SoapVar($auth, SOAP_ENC_OBJECT);
* //The 2nd variable, 'authenticate' is a method that exists inside of the SOAP service (you must create it, see next example)
* $authenticate = new SoapHeader($ns, 'authenticate', $creds, false);
* $client->__setSoapHeaders($authenticate);
$this->authMethod = 'soapheader';
* With proxy get the original IP
* $request->getClientIp(true);
* Si IP Proxy regarder la valeur HTTP_X_FORWARDED_FOR
if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) && in_array($ip, $this->listProxyIp)) {
* Lors d'une demande d'authentification depuis une application on garde l'IP en mémoire,
* c'est donc celle là qu'il faut utiliser.
if ($this->authIp !== null) {
$ip = $this->authIp;
* Check authentication from the database
$this->authenticated = $this->checkAuth($username, $password, $ip);
if ( $this->authenticated === false ) {
} elseif ( is_string($this->authenticated) ) {
* Check permission
* @param string $perm
protected function permission($perm)
if ( !$this->checkPerm($perm) ){
* Check if user has the right to access WebService
* @throws SoapFault
protected function checkAccesWS()
//Vérifier que l'utilisateur à le droit accesWS (clients/utilisateurs)
$accesWs = $this->User->accesWS;
if ($accesWs){
* Check if the user has the right to acces this functionality
* @param string $perm
* @throws SoapFault
protected function checkPerm($perm)
$output = false;
$droits = $this->User->droits;
if ( is_array($droits) ) {
2016-04-08 15:54:24 +02:00
if ( in_array(strtolower($perm), $droits) ){
2015-06-22 13:53:34 +00:00
$output = true;
} else {
if ( preg_match('/\b'.$perm.'\b/i', $droits) ){
$output = true;
return $output;
* Check if the user could edit data
protected function checkEdition()
if ($this->User->idClient==1)
return true;
if ($this->checkPerm('edition'))
return true;
return false;
* checkAuth
* @param string $login
* @param string $password
* @param string $ipConnexion
* @return mixed
protected function checkAuth($login, $password, $ip)
if (empty($login)) {
* User information
$userM = new Application_Model_Sdv1Utilisateurs();
$sql = $userM->select()
->from(array('u'=>'utilisateurs'), array(
'u.login', 'u.id', 'u.email', 'u.password', 'u.idClient', 'u.typeCompte', 'u.actif',
'u.filtre_ip', 'u.profil', 'u.civilite', 'u.nom', 'u.prenom', 'u.tel', 'u.fax',
'u.mobile', 'u.pref', 'u.rechRefType', 'u.profil', 'u.nombreConnexions',
'u.dateDerniereConnexion', 'u.droits', 'u.referenceParDefaut', 'u.nbReponses', 'u.lang',
'u.formatMail', 'u.dateDebutCompte', 'u.dateFinCompte', 'u.accesWS', 'u.acceptationCGU'))
->join(array('c'=>'clients'), 'u.idClient = c.id', array(
'c.droits AS droitsClients', 'c.test AS clientTest', 'c.typeScore', 'c.timeout',
->joinLeft(array('s'=>'sdv1.utilisateurs_service'), 'u.login=s.login', array('Service AS serviceCode'))
->joinLeft(array('v'=>'sdv1.clients_version'), 'u.idClient=v.clientId', array('version'))
->where('u.actif=?', 1)
->where('u.deleted=?', 0)
* Connexion avec login = email
if (strstr($login, '@') !== false) {
$sql->where('u.email=?', $login);
* Connexion standard
else {
$sql->where('u.login=?', $login);
2015-09-01 09:49:45 +00:00
try {
$resultId = $userM->fetchAll($sql);
} catch (Zend_Db_Exception $e) {
$c = Zend_Registry::get('config');
2016-04-08 15:54:24 +02:00
2015-09-01 09:49:45 +00:00
date('Y-m-d H:i:s').'- AUTH : '.$e->getMessage()."\n", FILE_APPEND);
return '0000';
2015-06-22 13:53:34 +00:00
* No user, deleted or disable
if ( null === $resultId ) {
return false;
* Multiple compte
if ( count($resultId) > 1 ) {
return '0906';
$result = $resultId[0];
* Date de debut de compte
if ( !empty($result->dateDebutCompte) && $result->dateDebutCompte!='0000-00-00' ) {
$today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
$dateDebutCompte = mktime(0, 0, 0, substr($result->dateDebutCompte,5,2), substr($result->dateDebutCompte,8,2), substr($result->dateDebutCompte,0,4));
if ( $today < $dateDebutCompte ) {
return '0903';
* Date de fin de compte
if ( !empty($result->dateFinCompte) && $result->dateFinCompte!='0000-00-00' ) {
$today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
$dateFinCompte = mktime(0, 0, 0, substr($result->dateFinCompte,5,2), substr($result->dateFinCompte,8,2), substr($result->dateFinCompte,0,4));
if ( $today > $dateFinCompte) {
return '0903';
* Service fallback
if ($result->serviceCode === null) {
$result->serviceCode = 'DEFAULT';
* Select authentication version
if ($result->version == 2) {
$authResult = $this->authV2($result, $password, $ip);
} else {
$authResult = $this->authV1($result, $password, $ip);
$this->authLog($result->login, $authResult, $ip);
return $authResult;
* Authentification v1
* @param object $userInfos
* @param string $password
* @param string $ip
* @return string|boolean
protected function authV1($userInfos, $password, $ip)
* Acces WS, block access to other apps
if ($userInfos->accesWS == 1 && $userInfos->idClient != 1) {
// --- Webservice user don't need access to others apps
if ( in_array($ip, $this->listApplicationIp) ) {
return '0901';
} elseif ($ip != '') {
2015-07-10 08:42:07 +00:00
// --- For customized version, check user is in the good service
2015-06-22 13:53:34 +00:00
$clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php';
$wsClients = array();
foreach( $clients as $section => $params ){
if ($params['actif']) {
2015-07-10 08:42:07 +00:00
if (count($params['idClient']) > 0) {
foreach ($params['idClient'] as $idClient) {
$wsClients[$idClient] = $section;
2015-06-22 13:53:34 +00:00
2015-07-10 08:42:07 +00:00
if ( array_key_exists($userInfos->idClient, $wsClients) && ( $this->serviceClient === false
2015-06-22 13:53:34 +00:00
|| strtolower($this->serviceClientName) != $wsClients[$userInfos->idClient] ) ){
return '0901';
* Protect staging environment
* - No webservice access
* - Not in production
* - Not idClient 1 or 147
if ( APPLICATION_ENV=='staging' && !in_array($userInfos->idClient, array(1,147)) && $userInfos->accesWS==0 ) {
return '0905';
* IP Validation
* Get an array of IP and IP range
2015-07-10 08:42:07 +00:00
if ( !in_array($ip, $this->listApplicationIp) ) {
if ( !empty($userInfos->filtre_ip) ) {
$filtreIp = explode(';', trim($userInfos->filtre_ip, ';'));
if ( count($filtreIp)>0 ) {
// Extranet
if ( substr($password,0,7)=='iponly:' ) {
$ipToValidate = substr($password,7);
2015-06-22 13:53:34 +00:00
2015-07-10 08:42:07 +00:00
// WebService
2015-06-22 13:53:34 +00:00
else {
2015-07-10 08:42:07 +00:00
$ipToValidate = $ip;
$overallIpValidate = false;
foreach ( $filtreIp as $filtre ) {
if ( strpos($filtre, '*') ) {
$filtre = str_replace('*', '0', $filtre) . '-' . str_replace('*', '255', $filtre);
// Is it a range ?
if ( strpos($filtre, '-') ) {
$validateIp = new Scores_Validate_IpInNetwork();
$overallIpValidate = $validateIp->isValid($ipToValidate);
// Ip only
else {
if ( $filtre === $ipToValidate ) {
$overallIpValidate = true;
// Break foreach
if ( $overallIpValidate === true ) {
2015-06-22 13:53:34 +00:00
2015-07-10 08:42:07 +00:00
// Exit with error
if ( $overallIpValidate === false ) {
return '0904';
2015-06-22 13:53:34 +00:00
// Check password with database informations
if ( $userInfos->password == $password //password sent in clear
|| md5($userInfos->password) == $password //password sent with md5
|| md5($userInfos->login.'|'.$userInfos->password) == $password //password sent concat with login and crypt by md5
|| substr($password,0,7) == 'iponly:'
) {
$timeout = $userInfos->timeout;
if ($timeout==0) $timeout = 1800;
//Infos utilisateur
$this->User = new stdClass();
$this->User->login = $userInfos->login;
$this->User->id = $userInfos->id;
$this->User->civilite = $userInfos->civilite;
$this->User->nom = $userInfos->nom;
$this->User->prenom = $userInfos->prenom;
$this->User->tel = $userInfos->tel;
$this->User->fax = $userInfos->fax;
$this->User->mobile = $userInfos->mobile;
$this->User->email = $userInfos->email;
$this->User->typeCompte = $userInfos->typeCompte;
$this->User->idClient = $userInfos->idClient;
$this->User->serviceCode = $userInfos->serviceCode;
$this->User->filtre_ip = $userInfos->filtre_ip;
$this->User->ipConnexion = $ip;
$this->User->pref = $userInfos->pref;
$this->User->rechRefType = $userInfos->rechRefType;
$this->User->profil = $userInfos->profil;
$this->User->nombreConnexions = $userInfos->nombreConnexions;
$this->User->dateDerniereConnexion = $userInfos->dateDerniereConnexion;
$this->User->droits = $userInfos->droits;
$this->User->droitsClients = $userInfos->droitsClients;
$this->User->timeout = $timeout;
$this->User->clientTest = $userInfos->clientTest;
$this->User->typeScore = $userInfos->typeScore;
$this->User->nbReponses = $userInfos->nbReponses;
$this->User->lang = $userInfos->lang;
$this->User->formatMail = $userInfos->formatMail;
$this->User->referenceParDefaut = $userInfos->referenceParDefaut;
$this->User->dateDebutCompte = $userInfos->dateDebutCompte;
$this->User->dateFinCompte = $userInfos->dateFinCompte;
$this->User->acceptationCGU = $userInfos->acceptationCGU;
$this->User->version = $userInfos->version;
return true;
return false;
* Authentification v2
* @param object $userInfos
* @param string $credential
* @param string $ip
* @return string|boolean
protected function authV2($userInfos, $credential, $ip)
$serviceM = new Application_Model_Sdv1ClientsServices();
$sql = $serviceM->select()
->where('IdClient=?', $userInfos->idClient)
->where('Code=?', $userInfos->serviceCode);
$result = $serviceM->fetchRow($sql);
// Aucun service
if ($result === null) {
return '0906';
// Service inactif
if ($result->Active == 0) {
return '0906';
// Block WebService User on Apps
if ($result->AppWebservice == 1 && $this->authApp !== null && $userInfos->idClient != 1) {
return '0901';
// WebService customize version
if ($result->AppWebservice == 1) {
// For customized version, check user is in the good service
$clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php';
foreach( $clients as $section => $params ){
if ($params['actif']) {
$wsClients[$params['idClient']] = $section;
if ( array_key_exists($userInfos->idClient, $wsClients)
&& ( $this->serviceClient == false
|| strtolower($this->serviceClientName) != $wsClients[$userInfos->idClient] ) ){
return '0901';
//Infos utilisateur
$this->User = new stdClass();
$this->User->login = $userInfos->login;
$this->User->id = $userInfos->id;
$this->User->civilite = $userInfos->civilite;
$this->User->nom = $userInfos->nom;
$this->User->prenom = $userInfos->prenom;
$this->User->tel = $userInfos->tel;
$this->User->fax = $userInfos->fax;
$this->User->mobile = $userInfos->mobile;
$this->User->email = $userInfos->email;
$this->User->typeCompte = $userInfos->typeCompte;
$this->User->idClient = $userInfos->idClient;
$this->User->serviceCode = $userInfos->serviceCode;
$this->User->ipConnexion = $ip;
$this->User->pref = $userInfos->pref;
$this->User->rechRefType = $userInfos->rechRefType;
$this->User->profil = $userInfos->profil;
$this->User->droits = $userInfos->droits;
$this->User->clientTest = $userInfos->clientTest;
$this->User->typeScore = $userInfos->typeScore;
$this->User->nbReponses = $userInfos->nbReponses;
$this->User->lang = $userInfos->lang;
$this->User->formatMail = $userInfos->formatMail;
$this->User->referenceParDefaut = $userInfos->referenceParDefaut;
$this->User->dateDebutCompte = $userInfos->dateDebutCompte;
$this->User->dateFinCompte = $userInfos->dateFinCompte;
$this->User->acceptationCGU = $userInfos->acceptationCGU;
$this->User->version = $userInfos->version;
//Add Service Parameter to user definition
$this->User->typeScore = $result->TypeScore;
$this->User->timeout = $result->Timeout;
* Type de connexion
* userPassword => Vérifier le mot de passe
* userPasswordCrypt => Vérifier le mot de passe crypté
* userIP => Vérifier uniquement l'utilisateur et son IP de connexion
switch($result->TypeAcces) {
case 'userPassword':
if ($this->authIP($ip) === false) {
return '0904';
if ($this->authPassword($userInfos, $credential) === true) {
$this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode);
return true;
case 'userPasswordCrypt':
if ($this->authIP($ip) === false) {
return '0904';
if ($this->authPasswordCrypt($userInfos, $credential) === true) {
$this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode);
return true;
case 'userIP':
if (substr($credential,0,7) == 'iponly:') {
$ip = substr($credential,7);
if ($this->authIP($ip) === true) {
$this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode);
return true;
return false;
* Check password
* @todo :
* Check how password is check
* md5 => standard method md5 ( login | password )
* key => get associated key with crypt method
* cert => get associated certificat
* @param unknown $userInfos
* @param unknown $password
* @return boolean
protected function authPassword($userInfos, $password)
if ( $userInfos->password == $password //password sent in clear
|| md5($userInfos->password) == $password //password sent with md5
|| md5($userInfos->login.'|'.$userInfos->password) == $password //password sent concat with login and crypt by md5
) {
return true;
return false;
* Check password
* @param object $userInfos
* @param string $password
protected function authPasswordCrypt($userInfos, $password)
if ( substr($password, 0, 4) == '$2y$' && strlen($password) == 60 && $password == $userInfos->password ) {
return true;
elseif ( password_verify($password, $userInfos->password) === true ) {
return true;
return false;
* Check ip
* @param string $ip
* @return string
protected function authIP($ip)
//Check IP
if (!in_array($ip, $this->listApplicationIp)) {
$serviceIPM = new Application_Model_Sdv1ClientsServicesIP();
$sql = $serviceIPM->select(true)->columns('IP')
->where('IdClient=?', $this->User->idClient)
->where('Service=?', $this->User->serviceCode);
$ipResult = $serviceIPM->fetchAll($sql);
if (count($ipResult) > 0) {
$overallIpValidate = false;
foreach ($ipResult->IP as $filtre) {
if (trim($filtre) != '') {
// Is it a range ?
if ( strpos($filtre, '-') ) {
$validateIp = new Scores_Validate_IpInNetwork();
$overallIpValidate = $validateIp->isValid($ip);
// Ip only
else {
if ( $filtre === $ip ) {
$overallIpValidate = true;
// Break foreach
if ( $overallIpValidate === true ) {
// Exit with error
if ( $overallIpValidate === false ) {
return '0904';
* Log les erreurs d'authentification
* @param mixed $result
* @param string $ip
* @return void
protected function authLog($login, $result, $ip)
$authenticate = null;
if ($result === false) {
$authenticate = 'KO';
} else if (is_string($result)) {
$authenticate = $result;
if ($authenticate !== null) {
$data = array(
'login' => $login,
'authenticate' => $authenticate,
'ip' => $ip,
2015-09-01 09:49:45 +00:00
'dateInsert' => date('YmdHis'),
2015-06-22 13:53:34 +00:00
try {
$authLogM = new Application_Model_Sdv1UtilisateursAuthLog();
} catch (Zend_Db_Exception $e) {}
* Get Service Access List
* @param int $clientId
* @param string $serviceCode
* @return array
protected function getAccessList($clientId, $serviceCode)
$accesM = new Application_Model_Sdv1ClientsServicesDroits();
$sql = $accesM->select(true)->columns(array('Acces'))
->where('IdClient=?', $this->User->idClient)
->where('Service=?', $this->User->serviceCode);
try {
$accesResult = $accesM->fetchAll($sql);
} catch ( Zend_Db_Exception $e ) {
$list = array();
if (count($accesResult) > 0 ) {
foreach ($accesResult as $row) {
$list[] = $row->Acces;
return $list;
protected function trigger($event, $args)
//Est ce que l'utilisateur à un trigger
//Pour chaque trigger - Executer l'action