Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ignore $supported_extensions when it's empty #230

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions auth-imap/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# osTicket IMAP Authentication

A backend that allows agents (staff) to login with their IMAP credentials .

## Setup
* Login to the Admin Panel and install the plugin from the Manage > Plugins > Add New Plugin page.
* Click on the plugin name in the list and configure the settings.
* Enable the plugin from the Manage > Plugins page.
* You can choose if agents can login using this plugin or not.
8 changes: 8 additions & 0 deletions auth-imap/bootstrap.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
<?php

require_once INCLUDE_DIR . 'class.plugin.php';
require_once dirname(__FILE__) . '/lib/Authenticator.php';
//require_once dirname(__FILE__) . '/lib/ClientAuthBackend.php';
require_once dirname(__FILE__) . '/lib/Config.php';
require_once dirname(__FILE__) . '/lib/Plugin.php';
require_once dirname(__FILE__) . '/lib/StaffAuthBackend.php';
39 changes: 39 additions & 0 deletions auth-imap/lib/Authenticator.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
<?php

namespace ImapAuth;

use Exception;

trait Authenticator
{
private function getConfig($key, $required = true)
{
$value = $this->config->get($key);
if (!$value && $required) {
throw new Exception("Please set the '{$key}'' configuration value.");
}
return $value;
}

private function getImapResponse($username, $password)
{
$server = $this->getConfig('imap-server');
$method = $this->getConfig('method');
$ssltls = $this->getConfig('tls-ssl');
$server = "{".$server."/".$method."/".$ssltls."/novalidate-cert}";
//$additionalParams = $this->getConfig('additionalParams', false);
$return = (object)array(
'success' => false,
'error' => null,
'user' => null
);
error_log($server);
if ($imap=imap_open( $server, $username, $password, OP_HALFOPEN )) {
$return->success = true;
$return->user = $username;
} else {
$return->error = "Username/Password not found";
}
return $return;
}
}
94 changes: 94 additions & 0 deletions auth-imap/lib/Config.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
<?php

namespace ImapAuth;

use ChoiceField;
use SectionBreakField;
use TextboxField;
use Plugin;
use PluginConfig;

class Config extends PluginConfig
{
/**
* Provide compatibility function for versions of osTicket prior to translation support (v1.9.4)
*/
public function translate()
{
if (!method_exists('Plugin', 'translate')) {
return array(
function ($x) {
return $x;
},
function ($x, $y, $n) {
return $n != 1 ? $y : $x;
},
);
}
return Plugin::translate('auth-url');
}

public function getOptions()
{
list($trans) = $this->translate();

return array(

'plugin-header' => new SectionBreakField(
array(
'label' => $trans('Plugin Settings'),
)
),

'enabled-for' => new ChoiceField(
array(
'label' => $trans('Authentication'),
'choices' => array(
'0' => $trans('Disabled'),
'staff' => $trans('Agents (Staff) Only'),
//'client' => $trans('Clients Only'),
//'all' => $trans('Agents and Clients'),
),
)
),

'imap-header' => new SectionBreakField(
array(
'label' => $trans('IMAP Settings'),
)
),

'imap-server' => new TextboxField(
array(
'label' => $trans('IMAP server'),
'configuration' => array(
'size' => 60,
'length' => 200
),
)
),

'method' => new ChoiceField(
array(
'label' => $trans('Method'),
'choices' => array(
'imap4' => 'IMAP4',
'pop3' => 'POP3',
),
)
),

'tls-ssl' => new ChoiceField(
array(
'label' => $trans('TLS/SSL'),
'choices' => array(
'tls' => 'TLS',
'ssl' => 'SSL',
),
)
),

);

}
}
27 changes: 27 additions & 0 deletions auth-imap/lib/Plugin.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
<?php

namespace ImapAuth;

class Plugin extends \Plugin
{
public $config_class = "ImapAuth\Config";

public function bootstrap()
{
$config = $this->getConfig();
$enabledFor = $config->get('enabled-for');

if ($enabledFor === 'all' || $enabledFor === 'staff') {
\StaffAuthenticationBackend::register(
new StaffAuthBackend($this->getConfig())
);
}

// TODO
/*if ($enabledFor === 'all' || $enabledFor === 'client') {
\UserAuthenticationBackend::register(
new ClientAuthBackend($this->getConfig())
);
}*/
}
}
61 changes: 61 additions & 0 deletions auth-imap/lib/StaffAuthBackend.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
<?php

namespace ImapAuth;

use AccessDenied;
use StaffAuthenticationBackend;
use StaffSession;

class StaffAuthBackend extends StaffAuthenticationBackend
{
use Authenticator;

public static $name = 'IMAP Authentication';
public static $id = 'imapauth';
private $config;

public function __construct(Config $config)
{
$this->config = $config;
}

public function supportsInteractiveAuthentication()
{
return true;
}

public function authenticate($username, $password)
{
$imapResponse = $this->getImapResponse($username, $password);
if ($imapResponse->success) {
if (($user = StaffSession::lookup($username)) && $user->getId()) {
if (!$user instanceof StaffSession) {
// osTicket <= v1.9.7 or so
$user = new StaffSession($user->getId());
}
return $user;
} else {
return new AccessDenied('Your credentials are valid but you do not have a staff account.');
}
} elseif ($imapResponse->error) {
return new AccessDenied($imapResponse->error);
} else {
return new AccessDenied('Unable to validate login.');
}
}

public function renderExternalLink()
{
return false;
}

public function supportsPasswordChange()
{
return false;
}

public function supportsPasswordReset()
{
return false;
}
}
11 changes: 11 additions & 0 deletions auth-imap/plugin.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<?php

return array(
'id' => 'auth:imap', // notrans
'version' => '1.0.0',
'name' => 'IMAP Authentication',
'author' => 'Valerio Pulese',
'description' => 'Allows staff to login with IMAP credentials.',
'url' => '',
'plugin' => 'bootstrap.php:IMAPAuth\Plugin'
);
2 changes: 1 addition & 1 deletion lib/pear-pear.php.net/net_ldap2/Net/LDAP2.php
Original file line number Diff line number Diff line change
Expand Up @@ -628,7 +628,7 @@ public function startTLS()
ignore errors, because the server may refuse to return
attributes over unencryted connections. */
$supported_extensions = $rootDSE->getValue('supportedExtension');
if (self::isError($supported_extensions)) {
if (self::isError($supported_extensions)||empty($supported_extensions)) {
/* IGNORE error, because server may refuse attribute
returning over an unencrypted connection. */
//return $this->raiseError("Unable to fetch rootDSE attribute 'supportedExtension' ".
Expand Down