YakumoLabs/user_external
4
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #192 from nextcloud/feat/configs-workflows

Browse Source
This commit is contained in:
John Molakvoæ
2022-04-15 17:05:13 +02:00
committed by GitHub
parent 3acf2e92cf 751dc7ea2a
commit 0c63939f44
29 changed files with 4902 additions and 279 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
.drone.yml
View File

@@ -1,29 +0,0 @@
kind: pipeline
name: check-app-compatbility
steps:
- name: check-app-compatbility
image: nextcloudci/php7.4:php7.4-2
environment:
APP_NAME: user_external
CORE_BRANCH: master
DB: sqlite
commands:
# Pre-setup steps
- wget https://raw.githubusercontent.com/nextcloud/travis_ci/master/before_install.sh
- bash ./before_install.sh $APP_NAME $CORE_BRANCH $DB
- cd ../server
# Code checker
- ./occ app:check-code $APP_NAME -c strong-comparison
- ./occ app:check-code $APP_NAME -c deprecation
matrix:
trigger:
branch:
- master
- stable*
event:
- pull_request
- push

164
.github/workflows/appstore-build-publish.yml vendored Normal file
View File

@@ -0,0 +1,164 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Build and publish app release
on:
release:
types: [published]
env:
PHP_VERSION: 7.4
jobs:
build_and_publish:
runs-on: ubuntu-latest
# Only allowed to be run on nextcloud-releases repositories
if: ${{ github.repository_owner == 'nextcloud-releases' }}
steps:
- name: Check actor permission
uses: skjnldsv/check-actor-permission@v2
with:
require: write
- name: Set app env
run: |
# Split and keep last
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v3
with:
path: ${{ env.APP_NAME }}
- name: Get appinfo data
id: appinfo
uses: skjnldsv/xpath-action@master
with:
filename: ${{ env.APP_NAME }}/appinfo/info.xml
expression: "//info//dependencies//nextcloud/@min-version"
- name: Read package.json node and npm engines version
uses: skjnldsv/read-package-engines-version-actions@v1.2
id: versions
# Continue if no package.json
continue-on-error: true
with:
path: ${{ env.APP_NAME }}
fallbackNode: "^12"
fallbackNpm: "^6"
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
# Skip if no package.json
if: ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
# Skip if no package.json
if: ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
- name: Set up php ${{ env.PHP_VERSION }}
uses: shivammathur/setup-php@v2
with:
php-version: ${{ env.PHP_VERSION }}
coverage: none
- name: Check composer.json
id: check_composer
uses: andstor/file-existence-action@v1
with:
files: "${{ env.APP_NAME }}/composer.json"
- name: Install composer dependencies
if: steps.check_composer.outputs.files_exists == 'true'
run: |
cd ${{ env.APP_NAME }}
composer install --no-dev
- name: Build ${{ env.APP_NAME }}
# Skip if no package.json
if: ${{ steps.versions.outputs.nodeVersion }}
run: |
cd ${{ env.APP_NAME }}
npm ci
npm run build
- name: Check Krankerl config
id: krankerl
uses: andstor/file-existence-action@v1
with:
files: ${{ env.APP_NAME }}/krankerl.toml
- name: Install Krankerl
if: steps.krankerl.outputs.files_exists == 'true'
run: |
wget https://github.com/ChristophWurst/krankerl/releases/download/v0.13.0/krankerl_0.13.0_amd64.deb
sudo dpkg -i krankerl_0.13.0_amd64.deb
- name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with krankerl
if: steps.krankerl.outputs.files_exists == 'true'
run: |
cd ${{ env.APP_NAME }}
krankerl package
- name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }} with makefile
if: steps.krankerl.outputs.files_exists != 'true'
run: |
cd ${{ env.APP_NAME }}
make appstore
- name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
continue-on-error: true
id: server-checkout
run: |
NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip
unzip latest-$NCVERSION.zip
- name: Checkout server master fallback
uses: actions/checkout@v3
if: ${{ steps.server-checkout.outcome != 'success' }}
with:
repository: nextcloud/server
path: nextcloud
- name: Sign app
run: |
# Extracting release
cd ${{ env.APP_NAME }}/build/artifacts
tar -xvf ${{ env.APP_NAME }}.tar.gz
cd ../../../
# Setting up keys
echo "${{ secrets.APP_PRIVATE_KEY }}" > ${{ env.APP_NAME }}.key
wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt"
# Signing
php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}
# Rebuilding archive
cd ${{ env.APP_NAME }}/build/artifacts
tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }}
- name: Attach tarball to github release
uses: svenstaro/upload-release-action@v2
id: attach_to_release
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz
asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz
tag: ${{ github.ref }}
overwrite: true
- name: Upload app to Nextcloud appstore
uses: nextcloud-releases/nextcloud-appstore-push-action@v1
with:
app_name: ${{ env.APP_NAME }}
appstore_token: ${{ secrets.APPSTORE_TOKEN }}
download_url: ${{ steps.attach_to_release.outputs.browser_download_url }}
app_private_key: ${{ secrets.APP_PRIVATE_KEY }}

46
.github/workflows/command-rebase.yml vendored Normal file
View File

@@ -0,0 +1,46 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Rebase command
on:
issue_comment:
types: created
jobs:
rebase:
runs-on: ubuntu-latest
# On pull requests and if the comment starts with `/rebase`
if: github.event.issue.pull_request != '' && startsWith(github.event.comment.body, '/rebase')
steps:
- name: Add reaction on start
uses: peter-evans/create-or-update-comment@v2
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reaction-type: "+1"
- name: Checkout the latest code
uses: actions/checkout@v3
with:
fetch-depth: 0
token: ${{ secrets.COMMAND_BOT_PAT }}
- name: Automatic Rebase
uses: cirrus-actions/rebase@1.5
env:
GITHUB_TOKEN: ${{ secrets.COMMAND_BOT_PAT }}
- name: Add reaction on failure
uses: peter-evans/create-or-update-comment@v2
if: failure()
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
reaction-type: "-1"

30
.github/workflows/dependabot-approve-merge.yml vendored Normal file
View File

@@ -0,0 +1,30 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Dependabot
on:
pull_request_target:
branches:
- main
- master
- stable*
jobs:
auto-approve-merge:
if: github.actor == 'dependabot[bot]'
runs-on: ubuntu-latest
steps:
# Github actions bot approve
- uses: hmarr/auto-approve-action@v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
# Nextcloud bot approve and merge request
- uses: ahmadnassri/action-dependabot-auto-merge@v2
with:
target: minor
github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }}

20
.github/workflows/fixup.yml vendored Normal file
View File

@@ -0,0 +1,20 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Pull request checks
on: pull_request
jobs:
commit-message-check:
name: Block fixup and squash commits
runs-on: ubuntu-latest
steps:
- name: Run check
uses: xt0rted/block-autosquash-commits-action@v2
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}

32
.github/workflows/lint-info-xml.yml vendored Normal file
View File

@@ -0,0 +1,32 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Lint
on:
pull_request:
push:
branches:
- main
- master
- stable*
jobs:
xml-linters:
runs-on: ubuntu-latest
name: info.xml lint
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Download schema
run: wget https://raw.githubusercontent.com/nextcloud/appstore/master/nextcloudappstore/api/v1/release/info.xsd
- name: Lint info.xml
uses: ChristophWurst/xmllint-action@v1
with:
xml-file: ./appinfo/info.xml
xml-schema-file: ./info.xsd

36
.github/workflows/lint-php-cs.yml vendored Normal file
View File

@@ -0,0 +1,36 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Lint
on:
pull_request:
push:
branches:
- main
- master
- stable*
jobs:
lint:
runs-on: ubuntu-latest
name: php-cs
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up php ${{ matrix.php-versions }}
uses: shivammathur/setup-php@v2
with:
php-version: "7.4"
coverage: none
- name: Install dependencies
run: composer i
- name: Lint
run: composer run cs:check || ( echo 'Please run `composer run cs:fix` to format your code' && exit 1 )

48
.github/workflows/lint-php.yml vendored Normal file
View File

@@ -0,0 +1,48 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
name: Lint
on:
pull_request:
push:
branches:
- main
- master
- stable*
jobs:
php-lint:
runs-on: ubuntu-latest
strategy:
matrix:
php-versions: ["7.4", "8.0"]
name: php-lint
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up php ${{ matrix.php-versions }}
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
coverage: none
- name: Lint
run: composer run lint
summary:
runs-on: ubuntu-latest
needs: php-lint
if: always()
name: php-lint-summary
steps:
- name: Summary status
run: if ${{ needs.php-lint.result != 'success' && needs.php-lint.result != 'skipped' }}; then exit 1; fi

2
.gitignore vendored
View File

@@ -6,3 +6,5 @@ tests/clover.xml
# packaged app
build/artifacts
vendor
.php-cs-fixer.cache

18
.php-cs-fixer.dist.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
declare(strict_types=1);
require_once './vendor/autoload.php';
use Nextcloud\CodingStandard\Config;
$config = new Config();
$config
->getFinder()
->notPath('build')
->notPath('l10n')
->notPath('node_modules')
->notPath('src')
->notPath('vendor')
->in(__DIR__);
return $config;

56
.travis.yml
View File

@@ -1,56 +0,0 @@
language: php
php:
- 7.3
- 7.4
- 8.0
services:
- mysql
- postgresql
env:
global:
- APP_NAME=user_external
- PHP_COVERAGE=FALSE
matrix:
# - DB=sqlite SERVER=nextcloud/travis_ci/master SERVER_BRANCH=master
- DB=sqlite SERVER=nextcloud/travis_ci/master SERVER_BRANCH=stable21
# - DB=mysql SERVER=nextcloud/travis_ci/master SERVER_BRANCH=master PHP_COVERAGE=TRUE
- DB=mysql SERVER=nextcloud/travis_ci/master SERVER_BRANCH=stable21 PHP_COVERAGE=TRUE
# - DB=pgsql SERVER=nextcloud/travis_ci/master SERVER_BRANCH=master
- DB=pgsql SERVER=nextcloud/travis_ci/master SERVER_BRANCH=stable21
matrix:
fast_finish: true
branches:
only:
- master
- /^stable\d+(\.\d+)?$/
before_install:
- sudo apt-get -qq update
- sudo apt-get install -y libxml2-utils
- wget https://raw.githubusercontent.com/$SERVER/before_install.sh
- . ./before_install.sh "$APP_NAME" "$SERVER_BRANCH" "$DB"
- cd ../core || cd ../server
- php occ app:enable $APP_NAME
before_script:
# Test lint
- cd apps/$APP_NAME
- find . -name \*.php -exec php -l "{}" \;
script:
# Check info.xml schema validity
- wget https://apps.nextcloud.com/schema/apps/info.xsd
- xmllint appinfo/info.xml --schema info.xsd --noout
- rm info.xsd
# Run phpunit tests
# - cd tests
# - phpunit --configuration configuration.xml
# Create coverage report
# - sh -c "if [ '$PHP_COVERAGE' != 'FALSE' ]; then wget https://scrutinizer-ci.com/ocular.phar; fi"
# - sh -c "if [ '$PHP_COVERAGE' != 'FALSE' ]; then php ocular.phar code-coverage:upload --format=php-clover clover.xml; fi"

20
composer.json Normal file
View File

@@ -0,0 +1,20 @@
{
"name": "nextcloud/user_external",
"config": {
"optimize-autoloader": true,
"classmap-authoritative": true,
"platform": {
"php": "7.3"
}
},
"scripts": {
"cs:fix": "php-cs-fixer fix",
"cs:check": "php-cs-fixer fix --dry-run --diff",
"lint": "find . -name \\*.php -not -path './vendor/*' -print0 | xargs -0 -n1 php -l"
},
"require-dev": {
"nextcloud/coding-standard": "^1.0.0",
"phpunit/phpunit": "^9.5",
"christophwurst/nextcloud_testing": "^0.12.4"
}
}

4283
composer.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff

20
lib/AppInfo/Application.php
View File

@@ -8,19 +8,15 @@ use OCP\AppFramework\App;
use OCP\AppFramework\Bootstrap\IBootContext;
use OCP\AppFramework\Bootstrap\IBootstrap;
use OCP\AppFramework\Bootstrap\IRegistrationContext;
use OCP\Notification\IManager;
use OCP\User\Events;
class Application extends App implements IBootstrap {
public function __construct() {
parent::__construct('user_external');
}
public function __construct() {
parent::__construct('user_external');
}
public function register(IRegistrationContext $context): void {
}
public function register(IRegistrationContext $context): void {
}
public function boot(IBootContext $context): void {
}
}
public function boot(IBootContext $context): void {
}
}

12
lib/Base.php
View File

@@ -21,7 +21,7 @@ namespace OCA\UserExternal;
* @license http://www.gnu.org/licenses/agpl AGPL
* @link http://github.com/owncloud/apps
*/
abstract class Base extends \OC\User\Backend{
abstract class Base extends \OC\User\Backend {
protected $backend = '';
/**
@@ -80,7 +80,6 @@ abstract class Base extends \OC\User\Backend{
* @return array with all displayNames (value) and the corresponding uids (key)
*/
public function getDisplayNames($search = '', $limit = null, $offset = null) {
$connection = \OC::$server->getDatabaseConnection();
$query = $connection->getQueryBuilder();
$query->select('uid', 'displayname')
@@ -106,10 +105,10 @@ abstract class Base extends \OC\User\Backend{
}
/**
* Get a list of all users
*
* @return array with all uids
*/
* Get a list of all users
*
* @return array with all uids
*/
public function getUsers($search = '', $limit = null, $offset = null) {
$connection = \OC::$server->getDatabaseConnection();
$query = $connection->getQueryBuilder();
@@ -231,5 +230,4 @@ abstract class Base extends \OC\User\Backend{
return $users > 0;
}
}

29
lib/BasicAuth.php
View File

@@ -9,12 +9,11 @@
namespace OCA\UserExternal;
class BasicAuth extends Base {
private $authUrl;
public function __construct($authUrl) {
parent::__construct($authUrl);
$this->authUrl =$authUrl;
$this->authUrl = $authUrl;
}
/**
@@ -31,13 +30,13 @@ class BasicAuth extends Base {
* URL is indeed authenticating or not...
*/
$context = stream_context_create(array(
'http' => array(
'method' => "GET",
'follow_location' => 0
))
'http' => array(
'method' => "GET",
'follow_location' => 0
))
);
$canary = get_headers($this->authUrl, 1, $context);
if(!$canary) {
if (!$canary) {
\OC::$server->getLogger()->error(
'ERROR: Not possible to connect to BasicAuth Url: '.$this->authUrl,
['app' => 'user_external']
@@ -53,17 +52,17 @@ class BasicAuth extends Base {
}
$context = stream_context_create(array(
'http' => array(
'method' => "GET",
'header' => "authorization: Basic " . base64_encode("$uid:$password"),
'follow_location' => 0
))
'http' => array(
'method' => "GET",
'header' => "authorization: Basic " . base64_encode("$uid:$password"),
'follow_location' => 0
))
);
$headers = get_headers($this->authUrl, 1, $context);
if(!$headers) {
if (!$headers) {
\OC::$server->getLogger()->error(
'ERROR: Not possible to connect to BasicAuth Url: '.$this->authUrl,
'ERROR: Not possible to connect to BasicAuth Url: '.$this->authUrl,
['app' => 'user_external']
);
return false;
@@ -84,7 +83,7 @@ class BasicAuth extends Base {
return $uid;
case "3":
\OC::$server->getLogger()->error(
'ERROR: Too many redirects from BasicAuth Url: '.$this->authUrl,
'ERROR: Too many redirects from BasicAuth Url: '.$this->authUrl,
['app' => 'user_external']
);
return false;

20
lib/FTP.php
View File

@@ -17,7 +17,7 @@ namespace OCA\UserExternal;
* @license http://www.gnu.org/licenses/agpl AGPL
* @link http://github.com/owncloud/apps
*/
class FTP extends Base{
class FTP extends Base {
private $host;
private $secure;
private $protocol;
@@ -28,12 +28,12 @@ class FTP extends Base{
* @param string $host Hostname or IP of FTP server
* @param boolean $secure TRUE to enable SSL
*/
public function __construct($host,$secure=false) {
$this->host=$host;
$this->secure=$secure;
$this->protocol='ftp';
if($this->secure) {
$this->protocol.='s';
public function __construct($host, $secure = false) {
$this->host = $host;
$this->secure = $secure;
$this->protocol = 'ftp';
if ($this->secure) {
$this->protocol .= 's';
}
parent::__construct($this->protocol . '://' . $this->host);
}
@@ -56,11 +56,11 @@ class FTP extends Base{
}
// opendir handles the as %-encoded string, but this is not true for usernames and passwords, encode them before passing them
$url = sprintf('%s://%s:%s@%s/', $this->protocol, urlencode($uid), urlencode($password), $this->host);
$result=@opendir($url);
if(is_resource($result)) {
$result = @opendir($url);
if (is_resource($result)) {
$this->storeUser($uid);
return $uid;
}else{
} else {
return false;
}
}

11
lib/IMAP.php
View File

@@ -9,7 +9,6 @@
*/
namespace OCA\UserExternal;
/**
* User authentication against an IMAP mail server
*
@@ -59,14 +58,14 @@ class IMAP extends Base {
// Replace escaped @ symbol in uid (which is a mail address)
// but only if there is no @ symbol and if there is a %40 inside the uid
if (!(strpos($uid, '@') !== false) && (strpos($uid, '%40') !== false)) {
$uid = str_replace("%40","@",$uid);
$uid = str_replace("%40", "@", $uid);
}
$pieces = explode('@', $uid);
if ($this->domain !== '') {
if (count($pieces) === 1) {
$username = $uid . '@' . $this->domain;
} else if(count($pieces) === 2 && $pieces[1] === $this->domain) {
} elseif (count($pieces) === 2 && $pieces[1] === $this->domain) {
$username = $uid;
if ($this->stripeDomain) {
$uid = $pieces[0];
@@ -80,11 +79,11 @@ class IMAP extends Base {
}
} else {
$username = $uid;
}
}
$groups = [];
if ($this->groupDomain && $pieces[1]) {
$groups[] = $pieces[1];
$groups[] = $pieces[1];
}
$protocol = ($this->sslmode === "ssl") ? "imaps" : "imap";
@@ -101,7 +100,7 @@ class IMAP extends Base {
$canconnect = curl_exec($ch);
if($canconnect) {
if ($canconnect) {
curl_close($ch);
$uid = mb_strtolower($uid);
$this->storeUser($uid, $groups);

18
lib/SMB.php
View File

@@ -16,11 +16,11 @@ namespace OCA\UserExternal;
* @license http://www.gnu.org/licenses/agpl AGPL
* @link http://github.com/owncloud/apps
*/
class SMB extends Base{
class SMB extends Base {
private $host;
const SMBCLIENT = 'smbclient -L';
const LOGINERROR = 'NT_STATUS_LOGON_FAILURE';
public const SMBCLIENT = 'smbclient -L';
public const LOGINERROR = 'NT_STATUS_LOGON_FAILURE';
/**
* Create new samba authentication provider
@@ -29,7 +29,7 @@ class SMB extends Base{
*/
public function __construct($host) {
parent::__construct($host);
$this->host=$host;
$this->host = $host;
}
/**
@@ -48,13 +48,13 @@ class SMB extends Base{
['app' => 'user_external']
);
return false;
} else if (strpos($lastline, self::LOGINERROR) !== false) {
} elseif (strpos($lastline, self::LOGINERROR) !== false) {
//normal login error
return false;
} else if (strpos($lastline, 'NT_STATUS_BAD_NETWORK_NAME') !== false) {
} elseif (strpos($lastline, 'NT_STATUS_BAD_NETWORK_NAME') !== false) {
//login on minor error
goto login;
} else if ($retval !== 0) {
} elseif ($retval !== 0) {
//some other error
\OC::$server->getLogger()->error(
'ERROR: smbclient error: ' . trim($lastline),
@@ -78,13 +78,13 @@ class SMB extends Base{
public function checkPassword($uid, $password) {
// Check with an invalid password, if the user authenticates then fail
$attemptWithInvalidPassword = $this->tryAuthentication($uid, base64_encode($password));
if(is_string($attemptWithInvalidPassword)) {
if (is_string($attemptWithInvalidPassword)) {
return false;
}
// Check with valid password
$attemptWithValidPassword = $this->tryAuthentication($uid, $password);
if(is_string($attemptWithValidPassword)) {
if (is_string($attemptWithValidPassword)) {
$this->storeUser($uid);
return $uid;
}

24
lib/SSH.php
View File

@@ -23,10 +23,10 @@ class SSH extends Base {
private $port;
/**
* Create a new SSH authentication provider
*
* @param string $host Hostname or IP address of SSH servr
*/
* Create a new SSH authentication provider
*
* @param string $host Hostname or IP address of SSH servr
*/
public function __construct($host, $port = 22) {
parent::__construct($host);
$this->host = $host;
@@ -34,14 +34,14 @@ class SSH extends Base {
}
/**
* Check if the password is correct without logging in
* Requires the php-ssh2 pecl extension
*
* @param string $uid The username
* @param string $password The password
*
* @return true/false
*/
* Check if the password is correct without logging in
* Requires the php-ssh2 pecl extension
*
* @param string $uid The username
* @param string $password The password
*
* @return true/false
*/
public function checkPassword($uid, $password) {
if (!extension_loaded('ssh2')) {
\OC::$server->getLogger()->error(

14
lib/WebDavAuth.php
View File

@@ -9,12 +9,11 @@
namespace OCA\UserExternal;
class WebDavAuth extends Base {
private $webDavAuthUrl;
public function __construct($webDavAuthUrl) {
parent::__construct($webDavAuthUrl);
$this->webDavAuthUrl =$webDavAuthUrl;
$this->webDavAuthUrl = $webDavAuthUrl;
}
/**
@@ -27,21 +26,20 @@ class WebDavAuth extends Base {
*/
public function checkPassword($uid, $password) {
$arr = explode('://', $this->webDavAuthUrl, 2);
if( ! isset($arr) OR count($arr) !== 2) {
if (! isset($arr) or count($arr) !== 2) {
\OC::$server->getLogger()->error('ERROR: Invalid WebdavUrl: "'.$this->webDavAuthUrl.'" ', ['app' => 'user_external']);
return false;
}
list($protocol, $path) = $arr;
$url= $protocol.'://'.urlencode($uid).':'.urlencode($password).'@'.$path;
$url = $protocol.'://'.urlencode($uid).':'.urlencode($password).'@'.$path;
$headers = get_headers($url);
if($headers === false) {
if ($headers === false) {
\OC::$server->getLogger()->error('ERROR: Not possible to connect to WebDAV Url: "'.$protocol.'://'.$path.'" ', ['app' => 'user_external']);
return false;
}
$returnCode= substr($headers[0], 9, 3);
$returnCode = substr($headers[0], 9, 3);
if(substr($returnCode, 0, 1) === '2') {
if (substr($returnCode, 0, 1) === '2') {
$this->storeUser($uid);
return $uid;
} else {

124
lib/XMPP.php
View File

@@ -34,89 +34,89 @@ class XMPP extends Base {
}
public function hmacSha1($key, $data) {
if (strlen($key) > 64) {
$key = str_pad(sha1($key, true), 64, chr(0));
if (strlen($key) > 64) {
$key = str_pad(sha1($key, true), 64, chr(0));
}
if (strlen($key) < 64) {
$key = str_pad($key, 64, chr(0));
if (strlen($key) < 64) {
$key = str_pad($key, 64, chr(0));
}
$oPad = str_repeat(chr(0x5C), 64);
$iPad = str_repeat(chr(0x36), 64);
$oPad = str_repeat(chr(0x5C), 64);
$iPad = str_repeat(chr(0x36), 64);
for ($i = 0; $i < strlen($key); $i++) {
$oPad[$i] = $oPad[$i] ^ $key[$i];
$iPad[$i] = $iPad[$i] ^ $key[$i];
}
return sha1($oPad.sha1($iPad.$data, true));
}
for ($i = 0; $i < strlen($key); $i++) {
$oPad[$i] = $oPad[$i] ^ $key[$i];
$iPad[$i] = $iPad[$i] ^ $key[$i];
}
return sha1($oPad.sha1($iPad.$data, true));
}
public function validateHashedPassword($user, $uid, $submittedPassword){
foreach ($user as $key){
if($key[3] === "salt") {
$internalSalt = $key['value'];
}
if($key[3] === "server_key") {
$internalServerKey = $key['value'];
}
if($key[3] === "stored_key") {
$internalStoredKey = $key['value'];
}
}
unset($user);
$internalIteration = '4096';
$newSaltedPassword = hash_pbkdf2('sha1', $submittedPassword, $internalSalt, $internalIteration, 0, true);
$newServerKey = $this->hmacSha1($newSaltedPassword, 'Server Key');
$newClientKey = $this->hmacSha1($newSaltedPassword, 'Client Key');
$newStoredKey = sha1(hex2bin($newClientKey));
public function validateHashedPassword($user, $uid, $submittedPassword) {
foreach ($user as $key) {
if ($key[3] === "salt") {
$internalSalt = $key['value'];
}
if ($key[3] === "server_key") {
$internalServerKey = $key['value'];
}
if ($key[3] === "stored_key") {
$internalStoredKey = $key['value'];
}
}
unset($user);
$internalIteration = '4096';
$newSaltedPassword = hash_pbkdf2('sha1', $submittedPassword, $internalSalt, $internalIteration, 0, true);
$newServerKey = $this->hmacSha1($newSaltedPassword, 'Server Key');
$newClientKey = $this->hmacSha1($newSaltedPassword, 'Client Key');
$newStoredKey = sha1(hex2bin($newClientKey));
if ($newServerKey === $internalServerKey
&& $newStoredKey === $internalStoredKey) {
$uid = mb_strtolower($uid);
$this->storeUser($uid);
return $uid;
} else {
return false;
}
if ($newServerKey === $internalServerKey
&& $newStoredKey === $internalStoredKey) {
$uid = mb_strtolower($uid);
$this->storeUser($uid);
return $uid;
} else {
return false;
}
}
public function validatePlainPassword($user, $uid, $submittedPassword) {
foreach ($user as $key) {
if($key[3] === "password") {
$internalPlainPassword = $key['value'];
}
}
foreach ($user as $key) {
if ($key[3] === "password") {
$internalPlainPassword = $key['value'];
}
}
unset($user);
if ($submittedPassword === $internalPlainPassword) {
$uid = mb_strtolower($uid);
$this->storeUser($uid);
return $uid;
} else {
return false;
}
if ($submittedPassword === $internalPlainPassword) {
$uid = mb_strtolower($uid);
$this->storeUser($uid);
return $uid;
} else {
return false;
}
}
public function checkPassword($uid, $password){
public function checkPassword($uid, $password) {
$pdo = new \PDO("mysql:host=$this->host;dbname=$this->xmppDb", $this->xmppDbUser, $this->xmppDbPassword);
if(isset($uid)
if (isset($uid)
&& isset($password)) {
if(!filter_var($uid, FILTER_VALIDATE_EMAIL)
|| !strpos($uid, $this->xmppDomain)
if (!filter_var($uid, FILTER_VALIDATE_EMAIL)
|| !strpos($uid, $this->xmppDomain)
|| substr($uid, -strlen($this->xmppDomain)) !== $this->xmppDomain
) {
return false;
}
$user = explode("@", $uid);
$userName = strtolower($user[0]);
$submittedPassword = $password;
$statement = $pdo->prepare("SELECT * FROM prosody WHERE user = :user AND host = :xmppDomain AND store = 'accounts'");
$result = $statement->execute(array(
'user' => $userName,
$userName = strtolower($user[0]);
$submittedPassword = $password;
$statement = $pdo->prepare("SELECT * FROM prosody WHERE user = :user AND host = :xmppDomain AND store = 'accounts'");
$result = $statement->execute(array(
'user' => $userName,
'xmppDomain' => $this->xmppDomain
));
$user = $statement->fetchAll();
if(empty($user)) {
return false;
$user = $statement->fetchAll();
if (empty($user)) {
return false;
}
if ($this->passwordHashed === true) {

18
php-cs-fixer.dist.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
declare(strict_types=1);
require_once './vendor/autoload.php';
use Nextcloud\CodingStandard\Config;
$config = new Config();
$config
->getFinder()
->notPath('build')
->notPath('l10n')
->notPath('node_modules')
->notPath('src')
->notPath('vendor')
->in(__DIR__);
return $config;

16
tests/basic_auth.php
View File

@@ -16,20 +16,20 @@ class Test_User_BasicAuth extends \Test\TestCase {
return include(__DIR__.'/config.php');
}
function skip() {
$config=$this->getConfig();
public function skip() {
$config = $this->getConfig();
$this->skipUnless($config['basic_auth']['run']);
}
protected function setUp() {
parent::setUp();
$config=$this->getConfig();
$this->instance=new OC_User_BasicAuth($config['basic_auth']['url']);
$config = $this->getConfig();
$this->instance = new OC_User_BasicAuth($config['basic_auth']['url']);
}
function testLogin() {
$config=$this->getConfig();
$this->assertEquals($config['basic_auth']['user'],$this->instance->checkPassword($config['basic_auth']['user'],$config['basic_auth']['password']));
$this->assertFalse($this->instance->checkPassword($config['basic_auth']['user'],$config['basic_auth']['password'].'foo'));
public function testLogin() {
$config = $this->getConfig();
$this->assertEquals($config['basic_auth']['user'], $this->instance->checkPassword($config['basic_auth']['user'], $config['basic_auth']['password']));
$this->assertFalse($this->instance->checkPassword($config['basic_auth']['user'], $config['basic_auth']['password'].'foo'));
}
}

3
tests/bootstrap.php
View File

@@ -1,4 +1,5 @@
<?php
if (!defined('PHPUNIT_RUN')) {
define('PHPUNIT_RUN', 1);
}
@@ -9,7 +10,7 @@ if (!class_exists('\PHPUnit\Framework\TestCase')) {
\OC_App::loadApp('user_external');
$dummyClass = \OC::$SERVERROOT . '/tests/lib/Util/User/Dummy.php';
if(file_exists($dummyClass)) {
if (file_exists($dummyClass)) {
require_once($dummyClass);
}
OC_Hook::clear();

40
tests/config.php
View File

@@ -8,28 +8,28 @@
OC_App::loadApp('user_external');
return array(
'imap'=>array(
'run'=>false,
'mailbox'=>'{imap.gmail.com:993/imap/ssl}INBOX', //see http://php.net/manual/en/function.imap-open.php
'user'=>'foo',//valid username/password combination
'password'=>'bar',
'imap' => array(
'run' => false,
'mailbox' => '{imap.gmail.com:993/imap/ssl}INBOX', //see http://php.net/manual/en/function.imap-open.php
'user' => 'foo',//valid username/password combination
'password' => 'bar',
),
'smb'=>array(
'run'=>false,
'host'=>'localhost',
'user'=>'test',//valid username/password combination
'password'=>'test',
'smb' => array(
'run' => false,
'host' => 'localhost',
'user' => 'test',//valid username/password combination
'password' => 'test',
),
'ftp'=>array(
'run'=>false,
'host'=>'localhost',
'user'=>'test',//valid username/password combination
'password'=>'test',
'ftp' => array(
'run' => false,
'host' => 'localhost',
'user' => 'test',//valid username/password combination
'password' => 'test',
),
'basic_auth'=>array(
'run'=>false,
'url'=>'localhost/basic_auth',
'user'=>'test',//valid username/password combination
'password'=>'test',
'basic_auth' => array(
'run' => false,
'url' => 'localhost/basic_auth',
'user' => 'test',//valid username/password combination
'password' => 'test',
),
);

16
tests/ftp.php
View File

@@ -16,20 +16,20 @@ class Test_User_FTP extends \Test\TestCase {
return include(__DIR__.'/config.php');
}
function skip() {
$config=$this->getConfig();
public function skip() {
$config = $this->getConfig();
$this->skipUnless($config['ftp']['run']);
}
protected function setUp() {
parent::setUp();
$config=$this->getConfig();
$this->instance=new OC_User_FTP($config['ftp']['host']);
$config = $this->getConfig();
$this->instance = new OC_User_FTP($config['ftp']['host']);
}
function testLogin() {
$config=$this->getConfig();
$this->assertEquals($config['ftp']['user'],$this->instance->checkPassword($config['ftp']['user'],$config['ftp']['password']));
$this->assertFalse($this->instance->checkPassword($config['ftp']['user'],$config['ftp']['password'].'foo'));
public function testLogin() {
$config = $this->getConfig();
$this->assertEquals($config['ftp']['user'], $this->instance->checkPassword($config['ftp']['user'], $config['ftp']['password']));
$this->assertFalse($this->instance->checkPassword($config['ftp']['user'], $config['ftp']['password'].'foo'));
}
}

16
tests/imap.php
View File

@@ -16,21 +16,21 @@ class Test_User_Imap extends \Test\TestCase {
return include(__DIR__.'/config.php');
}
function skip() {
$config=$this->getConfig();
public function skip() {
$config = $this->getConfig();
$this->skipUnless($config['imap']['run']);
}
protected function setUp() {
parent::setUp();
$config=$this->getConfig();
$this->instance=new OC_User_IMAP($config['imap']['mailbox']);
$config = $this->getConfig();
$this->instance = new OC_User_IMAP($config['imap']['mailbox']);
}
function testLogin() {
$config=$this->getConfig();
$this->assertEquals($config['imap']['user'],$this->instance->checkPassword($config['imap']['user'],$config['imap']['password']));
$this->assertFalse($this->instance->checkPassword($config['imap']['user'],$config['imap']['password'].'foo'));
public function testLogin() {
$config = $this->getConfig();
$this->assertEquals($config['imap']['user'], $this->instance->checkPassword($config['imap']['user'], $config['imap']['password']));
$this->assertFalse($this->instance->checkPassword($config['imap']['user'], $config['imap']['password'].'foo'));
}
}

16
tests/smb.php
View File

@@ -16,21 +16,21 @@ class Test_User_SMB extends \Test\TestCase {
return include(__DIR__.'/config.php');
}
function skip() {
$config=$this->getConfig();
public function skip() {
$config = $this->getConfig();
$this->skipUnless($config['smb']['run']);
}
protected function setUp() {
parent::setUp();
$config=$this->getConfig();
$this->instance=new OC_User_SMB($config['smb']['host']);
$config = $this->getConfig();
$this->instance = new OC_User_SMB($config['smb']['host']);
}
function testLogin() {
$config=$this->getConfig();
$this->assertEquals($config['smb']['user'],$this->instance->checkPassword($config['smb']['user'],$config['smb']['password']));
$this->assertFalse($this->instance->checkPassword($config['smb']['user'],$config['smb']['password'].'foo'));
public function testLogin() {
$config = $this->getConfig();
$this->assertEquals($config['smb']['user'], $this->instance->checkPassword($config['smb']['user'], $config['smb']['password']));
$this->assertFalse($this->instance->checkPassword($config['smb']['user'], $config['smb']['password'].'foo'));
}
}