Fix owncloud template

Fix sso (logout on empty hash)
This commit is contained in:
RainLoop Team 2014-05-20 02:11:54 +04:00
parent 71af876fb5
commit 8ac9920ec8
8 changed files with 59 additions and 15 deletions

View file

@ -475,6 +475,7 @@ module.exports = function (grunt) {
releasesPath = grunt.config('cfg.releasesPath'),
devVersion = grunt.config('cfg.devVersion'),
versionFull = version + '.' + release,
versionOwn = '1.1',
dist = releasesPath + '/' + versionFull + '/owncloud/'
;
@ -486,11 +487,11 @@ module.exports = function (grunt) {
content = grunt.file.read(dist + 'appinfo/info.xml');
grunt.file.write(dist + 'appinfo/info.xml',
content.replace('<version>0.0.0</version>', '<version>' + version + '</version>'));
content.replace('<version>0.0.0</version>', '<version>' + versionOwn + '</version>'));
grunt.config.set('cfg.releaseFolder', versionFull);
grunt.config.set('cfg.releaseSrcPath', dist);
grunt.config.set('cfg.releaseZipFile', 'rainloop-owncloud-app-' + versionFull + '.zip');
grunt.config.set('cfg.releaseZipFile', 'rainloop-owncloud-app-' + versionOwn + '.zip');
});
grunt.registerTask('rainloop-clear', 'RainLoop Webmail clear task', function () {

View file

@ -1,4 +1,4 @@
RainLoop Webmail (PHP)
RainLoop Webmail
==================
## About

View file

@ -0,0 +1 @@
1.1

View file

@ -32,7 +32,7 @@ else
$sPassword = OC_RainLoop_Helper::decodePassword($sPassword, md5($sEmail.$sLogin));
$sSsoHash = OC_RainLoop_Helper::getSsoHash($sUrl, $sSsoKey, $sEmail, $sPassword, $sLogin);
$sResultUrl = empty($sSsoHash) ? $sUrl : $sUrl.'?sso&hash='.$sSsoHash;
$sResultUrl = empty($sSsoHash) ? $sUrl.'?sso' : $sUrl.'?sso&hash='.$sSsoHash;
$oTemplate = new OCP\Template('rainloop', 'index', 'user');
$oTemplate->assign('rainloop-url', $sResultUrl);

View file

@ -1,3 +1,3 @@
<div style="box-sizing: border-box; width: 100%; height: 100%; padding: 0 0 5px 5px; background-color: #383c43;">
<iframe src="<?php echo $_['rainloop-url']; ?>" style="width: 100%; height: 100%;" tabindex="-1" frameBorder="0"></iframe>
</div>
<div style="box-sizing: border-box; width: 100%; height: 100%; padding: 0px; margin: 0px; background-color: #383c43; position: relative; overflow: hidden;"
><iframe style="border: none; width: 100%; height: 100%; position: absolute; top: 0px; left: 0px; right: 0px; bottom: 0px;" tabindex="-1" frameborder="0"
src="<?php echo $_['rainloop-url']; ?>"></iframe></div>

View file

@ -2,7 +2,7 @@
"name": "RainLoop",
"title": "RainLoop Webmail",
"version": "1.6.6",
"release": "928",
"release": "929",
"description": "Simple, modern & fast web-based email client",
"homepage": "http://rainloop.net",
"main": "Gruntfile.js",

View file

@ -5,15 +5,13 @@ namespace RainLoop;
use RainLoop\Enumerations\UploadError;
use RainLoop\Enumerations\UploadClientError;
define('RL_CONTACTS_PER_PAGE', 30);
define('RL_CONTACTS_MAX', 300);
class Actions
{
const AUTH_TFA_SIGN_ME_TOKEN_KEY = 'rltfasmauth';
const AUTH_SIGN_ME_TOKEN_KEY = 'rlsmauth';
const AUTH_MAILTO_TOKEN_KEY = 'rlmailtoauth';
const AUTH_SPEC_TOKEN_KEY = 'rlspecauth';
const AUTH_SPEC_LOGOUT_TOKEN_KEY = 'rlspeclogout';
const AUTH_ADMIN_TOKEN_KEY = 'rlaauth';
const AUTH_LAST_ERROR = 'rllasterrorcode';
@ -359,6 +357,14 @@ class Actions
return $sFileName;
}
/**
* @return void
*/
public function SetAuthLogoutToken()
{
\RainLoop\Utils::SetCookie(self::AUTH_SPEC_TOKEN_KEY, \md5(APP_START_TIME), 0, '/', null, null, true);
}
/**
* @param \RainLoop\Account $oAccount
*
@ -400,6 +406,20 @@ class Actions
return $sResult;
}
/**
* @return string
*/
public function GetSpecAuthLogoutTokenWithDeletion()
{
$sResult = \RainLoop\Utils::GetCookie(self::AUTH_SPEC_LOGOUT_TOKEN_KEY, '');
if (0 < strlen($sResult))
{
\RainLoop\Utils::ClearCookie(self::AUTH_SPEC_LOGOUT_TOKEN_KEY);
}
return $sResult;
}
/**
* @return void
*/
@ -5983,17 +6003,17 @@ class Actions
return $this->DefaultResponse(__FUNCTION__, true);
}
/**
* @param bool $bAdmin
* @param \RainLoop\Account $oAccount
*
*
* @return array
*/
public function Capa($bAdmin, $oAccount = null)
{
$oConfig = $this->Config();
$aResult = array(\RainLoop\Enumerations\Capa::PREM);
if ($oConfig->Get('webmail', 'allow_additional_accounts', false))

View file

@ -736,6 +736,7 @@ class ServiceActions
{
$oException = null;
$oAccount = null;
$bLogout = true;
$sSsoHash = $this->oHttp->GetRequest('hash', '');
if (!empty($sSsoHash))
@ -762,6 +763,7 @@ class ServiceActions
$oAccount = $this->oActions->LoginProcess($sEmail, $sLogin, $sPassword);
$this->oActions->AuthProcess($oAccount);
$bLogout = !($oAccount instanceof \RainLoop\Account);
}
catch (\Exception $oException)
{
@ -771,6 +773,11 @@ class ServiceActions
}
}
if ($bLogout)
{
$this->oActions->SetAuthLogoutToken();
}
$this->oActions->Location('./');
return '';
}
@ -782,6 +789,7 @@ class ServiceActions
{
$oException = null;
$oAccount = null;
$bLogout = true;
$sEmail = $this->oHttp->GetEnv('REMOTE_USER', '');
$sLogin = '';
@ -795,6 +803,7 @@ class ServiceActions
$oAccount = $this->oActions->LoginProcess($sEmail, $sLogin, $sPassword);
$this->oActions->AuthProcess($oAccount);
$bLogout = !($oAccount instanceof \RainLoop\Account);
}
catch (\Exception $oException)
{
@ -802,6 +811,11 @@ class ServiceActions
}
}
if ($bLogout)
{
$this->oActions->SetAuthLogoutToken();
}
$this->oActions->Location('./');
return '';
}
@ -813,6 +827,7 @@ class ServiceActions
{
$oException = null;
$oAccount = null;
$bLogout = true;
if ($this->oActions->Config()->Get('labs', 'allow_external_login', false))
{
@ -826,11 +841,17 @@ class ServiceActions
$oAccount = $this->oActions->LoginProcess($sEmail, $sLogin, $sPassword);
$this->oActions->AuthProcess($oAccount);
$bLogout = !($oAccount instanceof \RainLoop\Account);
}
catch (\Exception $oException)
{
$this->oActions->Logger()->WriteException($oException);
}
if ($bLogout)
{
$this->oActions->SetAuthLogoutToken();
}
}
switch (\strtolower($this->oHttp->GetRequest('Output', 'Redirect')))
@ -883,6 +904,7 @@ class ServiceActions
\RainLoop\Api::Handle();
$sResult = \RainLoop\Api::GetUserSsoHash($sEmail, $sPassword, $sLogin);
$bLogout = 0 === \strlen($sResult);
switch (\strtolower($this->oHttp->GetRequest('Output', 'Plain')))
{
@ -959,7 +981,7 @@ class ServiceActions
$this->oHttp->ServerNoCache();
$sAuthAccountHash = '';
if (!$bAdmin)
if (!$bAdmin && 0 === \strlen($this->oActions->GetSpecAuthLogoutTokenWithDeletion()))
{
$sAuthAccountHash = $this->oActions->GetSpecAuthTokenWithDeletion();
if (empty($sAuthAccountHash))