From 12e64d1709f2b6a39e633297d3617c5cb08b78ad Mon Sep 17 00:00:00 2001
From: "vincent@cubedesigners.com"
 <vincent@cubedesigners.com@f5622870-0f3c-0410-866d-9cb505b7a8ef>
Date: Mon, 13 Jul 2020 16:08:05 +0000
Subject: [PATCH] wip #3780 @2

---
 inc/ws/Metier/class.ws.book.parametres.php    | 10 ++++--
 .../html5/master/class.ws.html5.compiler.php  | 31 ++++++++++++++++---
 2 files changed, 35 insertions(+), 6 deletions(-)

diff --git a/inc/ws/Metier/class.ws.book.parametres.php b/inc/ws/Metier/class.ws.book.parametres.php
index 8b98607d7..9d72c1f97 100644
--- a/inc/ws/Metier/class.ws.book.parametres.php
+++ b/inc/ws/Metier/class.ws.book.parametres.php
@@ -36,6 +36,10 @@ class wsBookParametres extends wsParametres
         $xmlFilter->name = __('Liste d\'articles') . ' (*.xml)';
         $xmlFilter->extensions = '*.xml';
 
+        $htmlFilter = new stdClass();
+        $htmlFilter->name = __('Fichier HTML') . ' (*.html)';
+        $htmlFilter->extensions = '*.html';
+
         $imageFilter = new stdClass();
         $imageFilter->name = __('Images') . ' (*.jpg, *.png)';
         $imageFilter->extensions = '*.jpg;*.jpeg;*.png';
@@ -475,7 +479,7 @@ class wsBookParametres extends wsParametres
         $this->fields['splashTarget'] = ['type' => 'combo', 'datas' => $target, 'default' => '_self', 'editable' => true, 'label' => __('Ouvrir le lien'), 'grade' => 3];
         $this->fields['splashMinimalTime'] = ['type' => 'float', 'default' => '1', 'editable' => true, 'label' => __('Temps minimal d\'affichage'), 'grade' => 3];
 
-        $this->forms['splash'] = ['label' => __('Ecran de chargement'), 'fieldsnames' => ['splashImage', 'splashURL','splashTarget', 'splashMinimalTime']];
+        $this->forms['splash'] = ['label' => __('Ecran de chargement'), 'fieldsnames' => ['splashImage', 'splashURL', 'splashTarget', 'splashMinimalTime']];
 
         // Articles
         $this->fields['articlesFile'] = ['type' => 'freefile', 'default' => '', 'editable' => true,
@@ -607,13 +611,15 @@ class wsBookParametres extends wsParametres
 
         $this->fields['secureURL'] = array('type' => 'text', 'default' => 'http://', 'editable' => true, 'label' => __('URL de sécurisation'), 'grade' => 5, 'hint' => __('URL intérrogé pour vérifier si le visiteur à les droits pour consulter la publication'));
         $this->fields['secureURLRedirect'] = array('type' => 'text', 'default' => 'http://', 'editable' => true, 'label' => __('Redirection'), 'grade' => 5, 'hint' => __("Si l'authentification échoue, redirection vers cette adresse"));
+        $this->fields['secureClientSidePassword'] = ['type' => 'freefile', 'label' => 'Sécurisation par mot de passe côté client', 'editable' => true, 'default' => '', 'grade' => 3, 'fileFilter' => $htmlFilter];
+        $this->fields['secureClientSidePasswordCredentials'] = ['type' => 'textarea', 'label' => 'Utilisateurs / mots de passe', 'editable' => true, 'default' => '', 'grade' => 3, 'hint' => 'Format user:password par ligne'];
         $this->fields['preventRightClick'] = array('type' => 'boolean', 'default' => false, 'editable' => true, 'label' => __("Essayer d'empêcher le clic droit"), 'grade' => 1);
         $this->fields['restrictPrint'] = array('type' => 'boolean', 'default' => false, 'editable' => true, 'label' => __("Restreindre l'impression"), 'grade' => 5);
         $this->fields['restrictDownload'] = array('type' => 'boolean', 'default' => false, 'editable' => true, 'label' => __("Restreindre l'impression"), 'grade' => 5);
         $this->fields['restrictSendBookmark'] = array('type' => 'boolean', 'default' => false, 'editable' => true, 'label' => __("Restreindre l'envoi de marques-pages"), 'grade' => 5);
         $this->fields['restrictPrintDownload'] = ['type' => 'text', 'default' => '', 'editable' => true, 'label' => __('Paramètre de l\'url permettant de désactiver la restriction (non vide pour activer les restrictions)'), 'grade' => 5, 'hint' => __("Ne pas indiquer le ?")];
         $this->forms['secure'] = array('label' => __('Sécurisation'),
-            'fieldsnames' => array('secureURL', 'secureURLRedirect', '|', 'preventRightClick', '|', 'restrictPrintDownload', 'restrictPrint', 'restrictDownload', 'restrictSendBookmark'));
+            'fieldsnames' => array('secureURL', 'secureURLRedirect', '|', 'secureClientSidePassword', 'secureClientSidePasswordCredentials', '|', 'preventRightClick', '|', 'restrictPrintDownload', 'restrictPrint', 'restrictDownload', 'restrictSendBookmark'));
 
         $this->fields['home'] = array('type' => 'text', 'default' => '', 'editable' => true, 'label' => __("Accueil de l'interface multibrochure"), 'grade' => 5);
         $this->fields['multilang'] = array('type' => 'textarea', 'default' => '', 'editable' => true, 'label' => __('Langues'), 'hint' => __('Code langue') . ',' . __('Code pays') . ',' . __('URL'));
diff --git a/inc/ws/Util/html5/master/class.ws.html5.compiler.php b/inc/ws/Util/html5/master/class.ws.html5.compiler.php
index 7d7948726..2f618df38 100644
--- a/inc/ws/Util/html5/master/class.ws.html5.compiler.php
+++ b/inc/ws/Util/html5/master/class.ws.html5.compiler.php
@@ -23,15 +23,16 @@ class wsHTML5Compiler
 //			],
         'jquery' =>
             ['js/libs/jquery/jquery.min.js',
-                'js/libs/jquery/jquery.transform.js',
-                'js/libs/jquery/jquery.form.min.js',
-                'js/libs/jquery/jquery.mousewheel.min.js',
-                'js/libs/jquery/jquery.hashchange.min.js'
             ],
+        'jquery-extra' => ['js/libs/jquery/jquery.transform.js',
+            'js/libs/jquery/jquery.form.min.js',
+            'js/libs/jquery/jquery.mousewheel.min.js',
+            'js/libs/jquery/jquery.hashchange.min.js'],
         'bluebird' => ['js/libs/bluebird.min.js'],
         'screenfull' => ['js/libs/screenfull.min.js'],
         'storage' => ['js/libs/storage.js',],
         'hotkeys' => ['js/libs/hotkeys.min.js',],
+        'forge' => ['js/libs/forge/forge-sha256.min.js',],
         'perfectscrollbar' => ['js/libs/perfect-scrollbar/perfect-scrollbar.min.js',
             'js/libs/perfect-scrollbar/perfect-scrollbar.jquery.js'],
         'mmenu' =>
@@ -574,6 +575,7 @@ class wsHTML5Compiler
             $this->book->parametres->seoVersion = false;
         }
 
+        $this->writeSecure();
         $this->log('Copied assets');
         $this->loadPlugins();
         $this->log('Plugins loaded');
@@ -613,6 +615,27 @@ class wsHTML5Compiler
         $this->log('Files Synced');
     }
 
+    protected function writeSecure()
+    {
+        if ($this->book->parametres->secureClientSidePassword !== '') {
+            $credentials = CubeIT_Text::explodeNewLines($this->book->parametres->secureClientSidePasswordCredentials);
+            $users = [];
+            foreach ($credentials as $credential) {
+                $salt = bin2hex(random_bytes(5));
+                $e = explode(':', $credential);
+                if (count($e) <= 1) {
+                    continue;
+                }
+                $users[$e[0]] = ['salt' => $salt, 'hash' => hash("sha256", $salt . '-' . $e[1])];
+            }
+
+            $secure = file_get_contents($this->wdir . '/' . $this->book->parametres->secureClientSidePassword);
+            $secure = str_replace('$CREDENTIALS', 'var CREDENTIALS=' . json_encode($users) . ';', $secure);
+            $this->vdir->file_put_contents('secure.html', $secure);
+
+            $this->config->secureClientSidePasswordCredentials = $users;
+        }
+    }
 
     protected function loadPlugins()
     {
-- 
2.39.5