From 26b7abf8932af0d44b3870ef754170f0941d25da Mon Sep 17 00:00:00 2001 From: the-djmaze <> Date: Mon, 2 Oct 2023 15:51:19 +0200 Subject: [PATCH] Other solutions for nextcloud auto login #1247 due to a TOTP conflict --- .../snappymail/lib/Util/SnappyMailHelper.php | 7 ++++--- .../snappymail/lib/Util/SnappyMailHelper.php | 2 +- plugins/login-oauth2/index.php | 2 +- .../libraries/RainLoop/Actions/Accounts.php | 2 +- .../app/libraries/RainLoop/Actions/User.php | 4 ++-- .../libraries/RainLoop/Actions/UserAuth.php | 18 ++++++++---------- 6 files changed, 17 insertions(+), 18 deletions(-) diff --git a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php index 4839779d2..38c692c33 100644 --- a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php +++ b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php @@ -80,12 +80,13 @@ class SnappyMailHelper if ($doLogin && $aCredentials[1] && $aCredentials[2]) { try { $oActions->Logger()->AddSecret($aCredentials[2]); - - $bSignMe = $oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DEFAULT_OFF) === \RainLoop\Enumerations\SignMeType::DEFAULT_ON; - $oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2], $bSignMe); + $oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]); if ($oAccount) { $oActions->Plugins()->RunHook('login.success', array($oAccount)); $oActions->SetAuthToken($oAccount); + if ($oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DEFAULT_OFF) === \RainLoop\Enumerations\SignMeType::DEFAULT_ON) { + $oActions->SetSignMeToken($oAccount); + } } } catch (\Throwable $e) { // Login failure, reset password to prevent more attempts diff --git a/integrations/owncloud/snappymail/lib/Util/SnappyMailHelper.php b/integrations/owncloud/snappymail/lib/Util/SnappyMailHelper.php index 08fbfd809..73796e2df 100644 --- a/integrations/owncloud/snappymail/lib/Util/SnappyMailHelper.php +++ b/integrations/owncloud/snappymail/lib/Util/SnappyMailHelper.php @@ -137,7 +137,7 @@ class SnappyMailHelper */ if ($doLogin && $aCredentials[1] && $aCredentials[2]) { $oActions->Logger()->AddSecret($aCredentials[2]); - $oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2], false); + $oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]); if ($oAccount) { $oActions->Plugins()->RunHook('login.success', array($oAccount)); $oActions->SetAuthToken($oAccount); diff --git a/plugins/login-oauth2/index.php b/plugins/login-oauth2/index.php index 1e83dd328..e4e58fe13 100644 --- a/plugins/login-oauth2/index.php +++ b/plugins/login-oauth2/index.php @@ -89,7 +89,7 @@ class LoginOAuth2Plugin extends \RainLoop\Plugins\AbstractPlugin $iErrorCode = \RainLoop\Notifications::UnknownError; try { - $oAccount = $oActions->LoginProcess($sEmail, $sPassword, '', '', false, true); + $oAccount = $oActions->LoginProcess($sEmail, $sPassword); if ($oAccount instanceof \RainLoop\Model\Account) { $oActions->AuthToken($oAccount); $iErrorCode = 0; diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Accounts.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Accounts.php index 7316ddc2e..5a583f6e9 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Accounts.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Accounts.php @@ -93,7 +93,7 @@ trait Accounts } if ($bNew || $sPassword) { - $oNewAccount = $this->LoginProcess($sEmail, $sPassword, false, false); + $oNewAccount = $this->LoginProcess($sEmail, $sPassword, false); $aAccounts[$sEmail] = $oNewAccount->asTokenArray($oMainAccount); } else { $aAccounts[$sEmail] = \RainLoop\Model\AdditionalAccount::convertArray($aAccounts[$sEmail]); diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/User.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/User.php index 26ae9ad7a..6543aec53 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/User.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/User.php @@ -36,18 +36,18 @@ trait User { $sEmail = \MailSo\Base\Utils::Trim($this->GetActionParam('Email', '')); $sPassword = $this->GetActionParam('Password', ''); - $bSignMe = !empty($this->GetActionParam('signMe', 0)); $this->logMask($sPassword); try { - $oAccount = $this->LoginProcess($sEmail, $sPassword, $bSignMe); + $oAccount = $this->LoginProcess($sEmail, $sPassword); } catch (\Throwable $oException) { $this->loginErrorDelay(); throw $oException; } $this->SetAuthToken($oAccount); + empty($this->GetActionParam('signMe', 0)) || $this->SetSignMeToken($oAccount); $this->Plugins()->RunHook('login.success', array($oAccount)); diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php index 63d3c9737..75a1952f1 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions/UserAuth.php @@ -113,7 +113,7 @@ trait UserAuth /** * @throws \RainLoop\Exceptions\ClientException */ - public function LoginProcess(string &$sEmail, string &$sPassword, bool $bSignMe = false, bool $bMainAccount = true): Account + public function LoginProcess(string &$sEmail, string &$sPassword, bool $bMainAccount = true): Account { $sInputEmail = $sEmail; @@ -139,14 +139,6 @@ trait UserAuth $this->imapConnect($oAccount, true); if ($bMainAccount) { - if($bSignMe){ - // SetAuthToken token needs to be called before SetSignMeToken - // because $_COOKIE['smctoken'] is used by Crypt::Passphrase. - // If the $_COOKIE['smctoken'] is not set then SetSignMeToken - // throws an exception - $this->SetAuthToken($oAccount); - $this->SetSignMeToken($oAccount); - } $this->StorageProvider()->Put($oAccount, StorageType::SESSION, Utils::GetSessionToken(), 'true'); } @@ -334,8 +326,14 @@ trait UserAuth return null; } - private function SetSignMeToken(MainAccount $oAccount): void + public function SetSignMeToken(MainAccount $oAccount): void { + // SetAuthToken token needs to be called first + // because $_COOKIE['smctoken'] is used by Crypt::Passphrase. + // If the $_COOKIE['smctoken'] is not set then SetSignMeToken + // throws an exception +// $this->SetAuthToken($oAccount); + $this->ClearSignMeData(); $uuid = \SnappyMail\UUID::generate(); $data = \SnappyMail\Crypt::Encrypt($oAccount);