diff options
Diffstat (limited to 'vendor/sabre/dav/lib/DAV/Auth')
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBasic.php | 38 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBearer.php | 38 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractDigest.php | 42 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/Apache.php | 35 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/BackendInterface.php | 17 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/BasicCallBack.php | 24 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/File.php | 45 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/IMAP.php | 82 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Backend/PDO.php | 26 | ||||
-rw-r--r-- | vendor/sabre/dav/lib/DAV/Auth/Plugin.php | 91 |
10 files changed, 251 insertions, 187 deletions
diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBasic.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBasic.php index 40a95f8bf..aa8b1f573 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBasic.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBasic.php @@ -1,14 +1,15 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; -use Sabre\DAV; use Sabre\HTTP; use Sabre\HTTP\RequestInterface; use Sabre\HTTP\ResponseInterface; /** - * HTTP Basic authentication backend class + * HTTP Basic authentication backend class. * * This class can be used by authentication objects wishing to use HTTP Basic * Most of the digest logic is handled, implementors just need to worry about @@ -19,8 +20,8 @@ use Sabre\HTTP\ResponseInterface; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -abstract class AbstractBasic implements BackendInterface { - +abstract class AbstractBasic implements BackendInterface +{ /** * Authentication Realm. * @@ -39,13 +40,14 @@ abstract class AbstractBasic implements BackendInterface { protected $principalPrefix = 'principals/'; /** - * Validates a username and password + * Validates a username and password. * * This method should return true or false depending on if login * succeeded. * * @param string $username * @param string $password + * * @return bool */ abstract protected function validateUserPass($username, $password); @@ -54,12 +56,10 @@ abstract class AbstractBasic implements BackendInterface { * Sets the authentication realm for this backend. * * @param string $realm - * @return void */ - function setRealm($realm) { - + public function setRealm($realm) + { $this->realm = $realm; - } /** @@ -86,12 +86,13 @@ abstract class AbstractBasic implements BackendInterface { * * principals/users/[username] * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return array */ - function check(RequestInterface $request, ResponseInterface $response) { - + public function check(RequestInterface $request, ResponseInterface $response) + { $auth = new HTTP\Auth\Basic( $this->realm, $request, @@ -103,10 +104,10 @@ abstract class AbstractBasic implements BackendInterface { return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured"]; } if (!$this->validateUserPass($userpass[0], $userpass[1])) { - return [false, "Username or password was incorrect"]; + return [false, 'Username or password was incorrect']; } - return [true, $this->principalPrefix . $userpass[0]]; + return [true, $this->principalPrefix.$userpass[0]]; } /** @@ -126,19 +127,16 @@ abstract class AbstractBasic implements BackendInterface { * append your own WWW-Authenticate header instead of overwriting the * existing one. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response - * @return void */ - function challenge(RequestInterface $request, ResponseInterface $response) { - + public function challenge(RequestInterface $request, ResponseInterface $response) + { $auth = new HTTP\Auth\Basic( $this->realm, $request, $response ); $auth->requireLogin(); - } - } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBearer.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBearer.php index ae7a8a12f..a2653b2b0 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBearer.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractBearer.php @@ -1,14 +1,15 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; -use Sabre\DAV; use Sabre\HTTP; use Sabre\HTTP\RequestInterface; use Sabre\HTTP\ResponseInterface; /** - * HTTP Bearer authentication backend class + * HTTP Bearer authentication backend class. * * This class can be used by authentication objects wishing to use HTTP Bearer * Most of the digest logic is handled, implementors just need to worry about @@ -20,8 +21,8 @@ use Sabre\HTTP\ResponseInterface; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -abstract class AbstractBearer implements BackendInterface { - +abstract class AbstractBearer implements BackendInterface +{ /** * Authentication Realm. * @@ -33,12 +34,13 @@ abstract class AbstractBearer implements BackendInterface { protected $realm = 'sabre/dav'; /** - * Validates a Bearer token + * Validates a Bearer token. * * This method should return the full principal url, or false if the * token was incorrect. * * @param string $bearerToken + * * @return string|false */ abstract protected function validateBearerToken($bearerToken); @@ -47,12 +49,10 @@ abstract class AbstractBearer implements BackendInterface { * Sets the authentication realm for this backend. * * @param string $realm - * @return void */ - function setRealm($realm) { - + public function setRealm($realm) + { $this->realm = $realm; - } /** @@ -79,12 +79,13 @@ abstract class AbstractBearer implements BackendInterface { * * principals/users/[username] * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return array */ - function check(RequestInterface $request, ResponseInterface $response) { - + public function check(RequestInterface $request, ResponseInterface $response) + { $auth = new HTTP\Auth\Bearer( $this->realm, $request, @@ -97,10 +98,10 @@ abstract class AbstractBearer implements BackendInterface { } $principalUrl = $this->validateBearerToken($bearerToken); if (!$principalUrl) { - return [false, "Bearer token was incorrect"]; + return [false, 'Bearer token was incorrect']; } - return [true, $principalUrl]; + return [true, $principalUrl]; } /** @@ -120,19 +121,16 @@ abstract class AbstractBearer implements BackendInterface { * append your own WWW-Authenticate header instead of overwriting the * existing one. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response - * @return void */ - function challenge(RequestInterface $request, ResponseInterface $response) { - + public function challenge(RequestInterface $request, ResponseInterface $response) + { $auth = new HTTP\Auth\Bearer( $this->realm, $request, $response ); $auth->requireLogin(); - } - } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractDigest.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractDigest.php index 4b47f56c9..06c9ed3a4 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractDigest.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/AbstractDigest.php @@ -1,5 +1,7 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; use Sabre\DAV; @@ -8,7 +10,7 @@ use Sabre\HTTP\RequestInterface; use Sabre\HTTP\ResponseInterface; /** - * HTTP Digest authentication backend class + * HTTP Digest authentication backend class. * * This class can be used by authentication objects wishing to use HTTP Digest * Most of the digest logic is handled, implementors just need to worry about @@ -18,8 +20,8 @@ use Sabre\HTTP\ResponseInterface; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -abstract class AbstractDigest implements BackendInterface { - +abstract class AbstractDigest implements BackendInterface +{ /** * Authentication Realm. * @@ -45,12 +47,10 @@ abstract class AbstractDigest implements BackendInterface { * existing hashes will break and nobody can authenticate. * * @param string $realm - * @return void */ - function setRealm($realm) { - + public function setRealm($realm) + { $this->realm = $realm; - } /** @@ -60,9 +60,10 @@ abstract class AbstractDigest implements BackendInterface { * * @param string $realm * @param string $username + * * @return string|null */ - abstract function getDigestHash($realm, $username); + abstract public function getDigestHash($realm, $username); /** * When this method is called, the backend must check if authentication was @@ -88,12 +89,13 @@ abstract class AbstractDigest implements BackendInterface { * * principals/users/[username] * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return array */ - function check(RequestInterface $request, ResponseInterface $response) { - + public function check(RequestInterface $request, ResponseInterface $response) + { $digest = new HTTP\Auth\Digest( $this->realm, $request, @@ -110,8 +112,8 @@ abstract class AbstractDigest implements BackendInterface { $hash = $this->getDigestHash($this->realm, $username); // If this was false, the user account didn't exist - if ($hash === false || is_null($hash)) { - return [false, "Username or password was incorrect"]; + if (false === $hash || is_null($hash)) { + return [false, 'Username or password was incorrect']; } if (!is_string($hash)) { throw new DAV\Exception('The returned value from getDigestHash must be a string or null'); @@ -119,11 +121,10 @@ abstract class AbstractDigest implements BackendInterface { // If this was false, the password or part of the hash was incorrect. if (!$digest->validateA1($hash)) { - return [false, "Username or password was incorrect"]; + return [false, 'Username or password was incorrect']; } - return [true, $this->principalPrefix . $username]; - + return [true, $this->principalPrefix.$username]; } /** @@ -143,12 +144,11 @@ abstract class AbstractDigest implements BackendInterface { * append your own WWW-Authenticate header instead of overwriting the * existing one. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response - * @return void */ - function challenge(RequestInterface $request, ResponseInterface $response) { - + public function challenge(RequestInterface $request, ResponseInterface $response) + { $auth = new HTTP\Auth\Digest( $this->realm, $request, @@ -162,7 +162,5 @@ abstract class AbstractDigest implements BackendInterface { // Preventing the digest utility from modifying the http status code, // this should be handled by the main plugin. $response->setStatus($oldStatus); - } - } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/Apache.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/Apache.php index e203d2685..201fe615c 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/Apache.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/Apache.php @@ -1,24 +1,26 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; use Sabre\HTTP\RequestInterface; use Sabre\HTTP\ResponseInterface; /** - * Apache authenticator + * Apache (or NGINX) authenticator. * * This authentication backend assumes that authentication has been - * configured in apache, rather than within SabreDAV. + * configured in apache (or NGINX), rather than within SabreDAV. * - * Make sure apache is properly configured for this to work. + * Make sure apache (or NGINX) is properly configured for this to work. * * @copyright Copyright (C) fruux GmbH (https://fruux.com/) * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -class Apache implements BackendInterface { - +class Apache implements BackendInterface +{ /** * This is the prefix that will be used to generate principal urls. * @@ -50,22 +52,25 @@ class Apache implements BackendInterface { * * principals/users/[username] * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return array */ - function check(RequestInterface $request, ResponseInterface $response) { - + public function check(RequestInterface $request, ResponseInterface $response) + { $remoteUser = $request->getRawServerValue('REMOTE_USER'); if (is_null($remoteUser)) { $remoteUser = $request->getRawServerValue('REDIRECT_REMOTE_USER'); } if (is_null($remoteUser)) { - return [false, 'No REMOTE_USER property was found in the PHP $_SERVER super-global. This likely means your server is not configured correctly']; + $remoteUser = $request->getRawServerValue('PHP_AUTH_USER'); + } + if (is_null($remoteUser)) { + return [false, 'No REMOTE_USER, REDIRECT_REMOTE_USER, or PHP_AUTH_USER property was found in the PHP $_SERVER super-global. This likely means your server is not configured correctly']; } - return [true, $this->principalPrefix . $remoteUser]; - + return [true, $this->principalPrefix.$remoteUser]; } /** @@ -85,12 +90,10 @@ class Apache implements BackendInterface { * append your own WWW-Authenticate header instead of overwriting the * existing one. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response - * @return void */ - function challenge(RequestInterface $request, ResponseInterface $response) { - + public function challenge(RequestInterface $request, ResponseInterface $response) + { } - } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/BackendInterface.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/BackendInterface.php index 0fb2210f4..8598791fb 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/BackendInterface.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/BackendInterface.php @@ -1,5 +1,7 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; use Sabre\HTTP\RequestInterface; @@ -12,8 +14,8 @@ use Sabre\HTTP\ResponseInterface; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -interface BackendInterface { - +interface BackendInterface +{ /** * When this method is called, the backend must check if authentication was * successful. @@ -38,11 +40,12 @@ interface BackendInterface { * * principals/users/[username] * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return array */ - function check(RequestInterface $request, ResponseInterface $response); + public function check(RequestInterface $request, ResponseInterface $response); /** * This method is called when a user could not be authenticated, and @@ -61,10 +64,8 @@ interface BackendInterface { * append your own WWW-Authenticate header instead of overwriting the * existing one. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response - * @return void */ - function challenge(RequestInterface $request, ResponseInterface $response); - + public function challenge(RequestInterface $request, ResponseInterface $response); } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/BasicCallBack.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/BasicCallBack.php index 7ad8f48b2..aab3c5e1c 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/BasicCallBack.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/BasicCallBack.php @@ -1,5 +1,7 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; /** @@ -14,10 +16,10 @@ namespace Sabre\DAV\Auth\Backend; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -class BasicCallBack extends AbstractBasic { - +class BasicCallBack extends AbstractBasic +{ /** - * Callback + * Callback. * * @var callable */ @@ -30,29 +32,27 @@ class BasicCallBack extends AbstractBasic { * password. * * @param callable $callBack - * @return void */ - function __construct(callable $callBack) { - + public function __construct(callable $callBack) + { $this->callBack = $callBack; - } /** - * Validates a username and password + * Validates a username and password. * * This method should return true or false depending on if login * succeeded. * * @param string $username * @param string $password + * * @return bool */ - protected function validateUserPass($username, $password) { - + protected function validateUserPass($username, $password) + { $cb = $this->callBack; - return $cb($username, $password); + return $cb($username, $password); } - } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php index 3a687d747..ea2d39679 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/File.php @@ -1,5 +1,7 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; use Sabre\DAV; @@ -13,10 +15,10 @@ use Sabre\DAV; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -class File extends AbstractDigest { - +class File extends AbstractDigest +{ /** - * List of users + * List of users. * * @var array */ @@ -29,11 +31,11 @@ class File extends AbstractDigest { * * @param string|null $filename */ - function __construct($filename = null) { - - if (!is_null($filename)) + public function __construct($filename = null) + { + if (!is_null($filename)) { $this->loadFile($filename); - + } } /** @@ -41,37 +43,32 @@ class File extends AbstractDigest { * more than 1 file is used. * * @param string $filename - * @return void */ - function loadFile($filename) { - + public function loadFile($filename) + { foreach (file($filename, FILE_IGNORE_NEW_LINES) as $line) { - - if (substr_count($line, ":") !== 2) + if (2 !== substr_count($line, ':')) { throw new DAV\Exception('Malformed htdigest file. Every line should contain 2 colons'); - + } list($username, $realm, $A1) = explode(':', $line); - if (!preg_match('/^[a-zA-Z0-9]{32}$/', $A1)) + if (!preg_match('/^[a-zA-Z0-9]{32}$/', $A1)) { throw new DAV\Exception('Malformed htdigest file. Invalid md5 hash'); - - $this->users[$realm . ':' . $username] = $A1; - + } + $this->users[$realm.':'.$username] = $A1; } - } /** - * Returns a users' information + * Returns a users' information. * * @param string $realm * @param string $username + * * @return string */ - function getDigestHash($realm, $username) { - - return isset($this->users[$realm . ':' . $username]) ? $this->users[$realm . ':' . $username] : false; - + public function getDigestHash($realm, $username) + { + return isset($this->users[$realm.':'.$username]) ? $this->users[$realm.':'.$username] : false; } - } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/IMAP.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/IMAP.php new file mode 100644 index 000000000..3a1831116 --- /dev/null +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/IMAP.php @@ -0,0 +1,82 @@ +<?php + +namespace Sabre\DAV\Auth\Backend; + +/** + * This is an authentication backend that uses imap. + * + * @copyright Copyright (C) fruux GmbH (https://fruux.com/) + * @author Michael Niewöhner (foss@mniewoehner.de) + * @author rosali (https://github.com/rosali) + * @author Evert Pot (http://evertpot.com/) + * @license http://sabre.io/license/ Modified BSD License + */ +class IMAP extends AbstractBasic +{ + /** + * IMAP server in the form {host[:port][/flag1/flag2...]}. + * + * @see http://php.net/manual/en/function.imap-open.php + * + * @var string + */ + protected $mailbox; + + /** + * Creates the backend object. + * + * @param string $mailbox + */ + public function __construct($mailbox) + { + $this->mailbox = $mailbox; + } + + /** + * Connects to an IMAP server and tries to authenticate. + * + * @param string $username + * @param string $password + * + * @return bool + */ + protected function imapOpen($username, $password) + { + $success = false; + + try { + $imap = imap_open($this->mailbox, $username, $password, OP_HALFOPEN | OP_READONLY, 1); + if ($imap) { + $success = true; + } + } catch (\ErrorException $e) { + error_log($e->getMessage()); + } + + $errors = imap_errors(); + if ($errors) { + foreach ($errors as $error) { + error_log($error); + } + } + + if (isset($imap) && $imap) { + imap_close($imap); + } + + return $success; + } + + /** + * Validates a username and password by trying to authenticate against IMAP. + * + * @param string $username + * @param string $password + * + * @return bool + */ + protected function validateUserPass($username, $password) + { + return $this->imapOpen($username, $password); + } +} diff --git a/vendor/sabre/dav/lib/DAV/Auth/Backend/PDO.php b/vendor/sabre/dav/lib/DAV/Auth/Backend/PDO.php index c2f6de974..87ead6fcd 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Backend/PDO.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Backend/PDO.php @@ -1,5 +1,7 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth\Backend; /** @@ -9,23 +11,22 @@ namespace Sabre\DAV\Auth\Backend; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -class PDO extends AbstractDigest { - +class PDO extends AbstractDigest +{ /** - * Reference to PDO connection + * Reference to PDO connection. * * @var PDO */ protected $pdo; /** - * PDO table name we'll be using + * PDO table name we'll be using. * * @var string */ public $tableName = 'users'; - /** * Creates the backend object. * @@ -33,10 +34,9 @@ class PDO extends AbstractDigest { * * @param \PDO $pdo */ - function __construct(\PDO $pdo) { - + public function __construct(\PDO $pdo) + { $this->pdo = $pdo; - } /** @@ -44,14 +44,14 @@ class PDO extends AbstractDigest { * * @param string $realm * @param string $username + * * @return string|null */ - function getDigestHash($realm, $username) { - - $stmt = $this->pdo->prepare('SELECT digesta1 FROM ' . $this->tableName . ' WHERE username = ?'); + public function getDigestHash($realm, $username) + { + $stmt = $this->pdo->prepare('SELECT digesta1 FROM '.$this->tableName.' WHERE username = ?'); $stmt->execute([$username]); - return $stmt->fetchColumn() ?: null; + return $stmt->fetchColumn() ?: null; } - } diff --git a/vendor/sabre/dav/lib/DAV/Auth/Plugin.php b/vendor/sabre/dav/lib/DAV/Auth/Plugin.php index bbb5d180d..9be90283f 100644 --- a/vendor/sabre/dav/lib/DAV/Auth/Plugin.php +++ b/vendor/sabre/dav/lib/DAV/Auth/Plugin.php @@ -1,5 +1,7 @@ <?php +declare(strict_types=1); + namespace Sabre\DAV\Auth; use Sabre\DAV\Exception\NotAuthenticated; @@ -22,8 +24,8 @@ use Sabre\HTTP\ResponseInterface; * @author Evert Pot (http://evertpot.com/) * @license http://sabre.io/license/ Modified BSD License */ -class Plugin extends ServerPlugin { - +class Plugin extends ServerPlugin +{ /** * By default this plugin will require that the user is authenticated, * and refuse any access if the user is not authenticated. @@ -39,7 +41,7 @@ class Plugin extends ServerPlugin { public $autoRequireLogin = true; /** - * authentication backends + * authentication backends. */ protected $backends; @@ -52,40 +54,35 @@ class Plugin extends ServerPlugin { protected $currentPrincipal; /** - * Creates the authentication plugin + * Creates the authentication plugin. * * @param Backend\BackendInterface $authBackend */ - function __construct(Backend\BackendInterface $authBackend = null) { - + public function __construct(Backend\BackendInterface $authBackend = null) + { if (!is_null($authBackend)) { $this->addBackend($authBackend); } - } /** * Adds an authentication backend to the plugin. * * @param Backend\BackendInterface $authBackend - * @return void */ - function addBackend(Backend\BackendInterface $authBackend) { - + public function addBackend(Backend\BackendInterface $authBackend) + { $this->backends[] = $authBackend; - } /** - * Initializes the plugin. This function is automatically called by the server + * Initializes the plugin. This function is automatically called by the server. * * @param Server $server - * @return void */ - function initialize(Server $server) { - - $server->on('beforeMethod', [$this, 'beforeMethod'], 10); - + public function initialize(Server $server) + { + $server->on('beforeMethod:*', [$this, 'beforeMethod'], 10); } /** @@ -96,10 +93,9 @@ class Plugin extends ServerPlugin { * * @return string */ - function getPluginName() { - + public function getPluginName() + { return 'auth'; - } /** @@ -114,23 +110,22 @@ class Plugin extends ServerPlugin { * * @return string|null */ - function getCurrentPrincipal() { - + public function getCurrentPrincipal() + { return $this->currentPrincipal; - } /** - * This method is called before any HTTP method and forces users to be authenticated + * This method is called before any HTTP method and forces users to be authenticated. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return bool */ - function beforeMethod(RequestInterface $request, ResponseInterface $response) { - + public function beforeMethod(RequestInterface $request, ResponseInterface $response) + { if ($this->currentPrincipal) { - // We already have authentication information. This means that the // event has already fired earlier, and is now likely fired for a // sub-request. @@ -144,7 +139,6 @@ class Plugin extends ServerPlugin { // // See issue #580 for more information about that. return; - } $authResult = $this->check($request, $response); @@ -153,11 +147,10 @@ class Plugin extends ServerPlugin { // Auth was successful $this->currentPrincipal = $authResult[1]; $this->loginFailedReasons = null; + return; } - - // If we got here, it means that no authentication backend was // successful in authenticating the user. $this->currentPrincipal = null; @@ -167,7 +160,6 @@ class Plugin extends ServerPlugin { $this->challenge($request, $response); throw new NotAuthenticated(implode(', ', $authResult[1])); } - } /** @@ -184,24 +176,24 @@ class Plugin extends ServerPlugin { * unsuccessful. For every auth backend there will be one reason, so usually * there's just one. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return array */ - function check(RequestInterface $request, ResponseInterface $response) { - + public function check(RequestInterface $request, ResponseInterface $response) + { if (!$this->backends) { throw new \Sabre\DAV\Exception('No authentication backends were configured on this server.'); } $reasons = []; foreach ($this->backends as $backend) { - $result = $backend->check( $request, $response ); - if (!is_array($result) || count($result) !== 2 || !is_bool($result[0]) || !is_string($result[1])) { + if (!is_array($result) || 2 !== count($result) || !is_bool($result[0]) || !is_string($result[1])) { throw new \Sabre\DAV\Exception('The authentication backend did not return a correct value from the check() method.'); } @@ -211,11 +203,9 @@ class Plugin extends ServerPlugin { return [true, $result[1]]; } $reasons[] = $result[1]; - } return [false, $reasons]; - } /** @@ -225,16 +215,16 @@ class Plugin extends ServerPlugin { * WWW-Authorization header, indicating to the client that it should * authenticate. * - * @param RequestInterface $request + * @param RequestInterface $request * @param ResponseInterface $response + * * @return array */ - function challenge(RequestInterface $request, ResponseInterface $response) { - + public function challenge(RequestInterface $request, ResponseInterface $response) + { foreach ($this->backends as $backend) { $backend->challenge($request, $response); } - } /** @@ -255,10 +245,9 @@ class Plugin extends ServerPlugin { * * @return string[]|null */ - function getLoginFailedReasons() { - + public function getLoginFailedReasons() + { return $this->loginFailedReasons; - } /** @@ -272,14 +261,12 @@ class Plugin extends ServerPlugin { * * @return array */ - function getPluginInfo() { - + public function getPluginInfo() + { return [ - 'name' => $this->getPluginName(), + 'name' => $this->getPluginName(), 'description' => 'Generic authentication plugin', - 'link' => 'http://sabre.io/dav/authentication/', + 'link' => 'http://sabre.io/dav/authentication/', ]; - } - } |