mirror of
https://github.com/the-djmaze/snappymail.git
synced 2025-01-29 01:58:23 +08:00
Disabled support for Nextcloud OpenID Connect
https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917
This commit is contained in:
the-djmaze
parent
8f037b4b46
commit
d832117ae4
5 changed files with 46 additions and 41 deletions
|
|
@ -52,8 +52,9 @@ class FetchController extends Controller {
|
|||
isset($_POST['snappymail-autologin']) ? '1' === $_POST['snappymail-autologin'] : false);
|
||||
$this->config->setAppValue('snappymail', 'snappymail-autologin-with-email',
|
||||
isset($_POST['snappymail-autologin']) ? '2' === $_POST['snappymail-autologin'] : false);
|
||||
$this->config->setAppValue('snappymail', 'snappymail-autologin-oidc', isset($_POST['snappymail-autologin-oidc']));
|
||||
$this->config->setAppValue('snappymail', 'snappymail-no-embed', isset($_POST['snappymail-no-embed']));
|
||||
// DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917
|
||||
// $this->config->setAppValue('snappymail', 'snappymail-autologin-oidc', isset($_POST['snappymail-autologin-oidc']));
|
||||
} else {
|
||||
return new JSONResponse([
|
||||
'status' => 'error',
|
||||
|
|
|
|||
|
|
@ -22,8 +22,9 @@ class AdminSettings implements ISettings
|
|||
$keys = [
|
||||
'snappymail-autologin',
|
||||
'snappymail-autologin-with-email',
|
||||
'snappymail-autologin-oidc',
|
||||
'snappymail-no-embed'
|
||||
// DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917
|
||||
// 'snappymail-autologin-oidc'
|
||||
];
|
||||
$parameters = [];
|
||||
foreach ($keys as $k) {
|
||||
|
|
|
|||
|
|
@ -127,21 +127,43 @@ class SnappyMailHelper
|
|||
private static function getLoginCredentials() : array
|
||||
{
|
||||
$sUID = \OC::$server->getUserSession()->getUser()->getUID();
|
||||
$config = \OC::$server->getConfig();
|
||||
$ocSession = \OC::$server->getSession();
|
||||
|
||||
if (\OC::$server->getSession()->get('is_oidc')) {
|
||||
$sAccessToken = \OC::$server->getSession()->get('oidc_access_token');
|
||||
if ($sAccessToken) {
|
||||
return [$sUID, "oidc@nextcloud", $sAccessToken];
|
||||
// If the user has set credentials for SnappyMail in their personal settings,
|
||||
// this has the first priority.
|
||||
$sEmail = $config->getUserValue($sUID, 'snappymail', 'snappymail-email');
|
||||
$sPassword = $config->getUserValue($sUID, 'snappymail', 'snappymail-password');
|
||||
if ($sEmail && $sPassword) {
|
||||
$sPassword = static::decodePassword($sPassword, \md5($sEmail));
|
||||
if ($sPassword) {
|
||||
return [$sUID, $sEmail, $sPassword];
|
||||
}
|
||||
}
|
||||
|
||||
$sEmail = '';
|
||||
$sPassword = '';
|
||||
$config = \OC::$server->getConfig();
|
||||
$ocSession = \OC::$server->getSession();
|
||||
// Only use the user's password in the current session if they have
|
||||
// enabled auto-login using Nextcloud username or email address.
|
||||
// If the current user ID is identical to login ID (not valid when using account switching),
|
||||
// this has the second priority.
|
||||
if ($ocSession['snappymail-nc-uid'] == $sUID) {
|
||||
/*
|
||||
// If OpenID Connect (OIDC) is enabled and used for login, use this.
|
||||
// https://apps.nextcloud.com/apps/oidc_login
|
||||
// DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917
|
||||
if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false)) {
|
||||
if ($ocSession->get('is_oidc')) {
|
||||
// IToken->getPassword() ???
|
||||
if ($sAccessToken = $ocSession->get('oidc_access_token')) {
|
||||
return [$sUID, 'oidc@nextcloud', $sAccessToken];
|
||||
}
|
||||
\SnappyMail\Log::debug('Nextcloud', 'OIDC access_token missing');
|
||||
} else {
|
||||
\SnappyMail\Log::debug('Nextcloud', 'No OIDC login');
|
||||
}
|
||||
}
|
||||
*/
|
||||
// Only use the user's password in the current session if they have
|
||||
// enabled auto-login using Nextcloud username or email address.
|
||||
$sEmail = '';
|
||||
$sPassword = '';
|
||||
if ($config->getAppValue('snappymail', 'snappymail-autologin', false)) {
|
||||
$sEmail = $sUID;
|
||||
$sPassword = $ocSession['snappymail-password'];
|
||||
|
|
@ -151,37 +173,12 @@ class SnappyMailHelper
|
|||
} else {
|
||||
\SnappyMail\Log::debug('Nextcloud', 'snappymail-autologin is off');
|
||||
}
|
||||
if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false) && $ocSession->get('is_oidc')) {
|
||||
$sAccessToken = $ocSession->get('oidc_access_token');
|
||||
if ($sAccessToken) {
|
||||
$sPassword = $sAccessToken;
|
||||
} else {
|
||||
\SnappyMail\Log::debug('Nextcloud', 'OIDC no access_token');
|
||||
}
|
||||
} else if ($sPassword) {
|
||||
$sPassword = static::decodePassword($sPassword, $sUID);
|
||||
} else {
|
||||
\SnappyMail\Log::debug('Nextcloud', 'OIDC is off');
|
||||
if ($sPassword) {
|
||||
return [$sUID, $sEmail, static::decodePassword($sPassword, $sUID)];
|
||||
}
|
||||
}
|
||||
|
||||
// If the user has set credentials for SnappyMail in their personal
|
||||
// settings, override everything before and use those instead.
|
||||
$sCustomEmail = $config->getUserValue($sUID, 'snappymail', 'snappymail-email');
|
||||
if ($sCustomEmail) {
|
||||
$sEmail = $sCustomEmail;
|
||||
$sPassword = $config->getUserValue($sUID, 'snappymail', 'snappymail-password');
|
||||
if ($sPassword) {
|
||||
$sPassword = static::decodePassword($sPassword, \md5($sEmail));
|
||||
}
|
||||
} else if ($aRainLoop = RainLoop::getLoginCredentials($sUID, $config)) {
|
||||
$sEmail = $aRainLoop[0];
|
||||
$config->setUserValue($sUID, 'snappymail', 'snappymail-email', $sEmail);
|
||||
if ($aRainLoop[1]) {
|
||||
$config->setUserValue($sUID, 'snappymail', 'snappymail-password', static::encodePassword($aRainLoop[1], \md5($sEmail)));
|
||||
}
|
||||
}
|
||||
return [$sUID, $sEmail, $sPassword ?: ''];
|
||||
return [$sUID, '', ''];
|
||||
}
|
||||
|
||||
public static function getAppUrl() : string
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@
|
|||
</div>
|
||||
</p>
|
||||
<br />
|
||||
<!-- DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917
|
||||
<p>
|
||||
<input id="snappymail-autologin-oidc" name="snappymail-autologin-oidc" type="checkbox" class="checkbox" <?php if ($_['snappymail-autologin-oidc']) echo 'checked="checked"'; ?>>
|
||||
<label for="snappymail-autologin-oidc">
|
||||
|
|
@ -45,6 +46,7 @@
|
|||
</label>
|
||||
</p>
|
||||
<br />
|
||||
-->
|
||||
<p>
|
||||
<input id="snappymail-no-embed" name="snappymail-no-embed" type="checkbox" class="checkbox" <?php if ($_['snappymail-no-embed']) echo 'checked="checked"'; ?>>
|
||||
<label for="snappymail-no-embed">
|
||||
|
|
|
|||
|
|
@ -35,10 +35,12 @@ class NextcloudPlugin extends \RainLoop\Plugins\AbstractPlugin
|
|||
|
||||
$this->addTemplate('templates/PopupsNextcloudFiles.html');
|
||||
$this->addTemplate('templates/PopupsNextcloudCalendars.html');
|
||||
|
||||
/*
|
||||
// DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917
|
||||
$this->addHook('imap.before-login', 'oidcLogin');
|
||||
$this->addHook('smtp.before-login', 'oidcLogin');
|
||||
$this->addHook('sieve.before-login', 'oidcLogin');
|
||||
*/
|
||||
} else {
|
||||
\SnappyMail\Log::debug('Nextcloud', 'NOT integrated');
|
||||
// \OC::$server->getConfig()->getAppValue('snappymail', 'snappymail-no-embed');
|
||||
|
|
@ -68,6 +70,8 @@ class NextcloudPlugin extends \RainLoop\Plugins\AbstractPlugin
|
|||
return static::IsIntegrated() && \OC::$server->getUserSession()->isLoggedIn();
|
||||
}
|
||||
|
||||
// https://apps.nextcloud.com/apps/oidc_login
|
||||
// DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917
|
||||
public function oidcLogin(\RainLoop\Model\Account $oAccount, \MailSo\Net\NetClient $oClient, \MailSo\Net\ConnectSettings $oSettings) : void
|
||||
{
|
||||
if (\OC::$server->getConfig()->getAppValue('snappymail', 'snappymail-autologin-oidc', false)
|
||||
|
|
|
|||
Loading…
Reference in a new issue