Page MenuHomePhorge
Files F117917910

D5872.1775416578.diff
No OneTemporary
Actions

Authored By
Unknown
Size
4 KB
Referenced Files
None
Subscribers
None

D5872.1775416578.diff
View Options

diff --git a/plugins/kolab/Kolab/Configuration.php b/plugins/kolab/Kolab/Configuration.php
--- a/plugins/kolab/Kolab/Configuration.php
+++ b/plugins/kolab/Kolab/Configuration.php
@@ -7,6 +7,8 @@
*/
class Configuration extends Feature
{
+ private $done = false;
+
/**
* Feature initialization
*/
@@ -14,6 +16,7 @@
{
$this->plugin->add_hook('startup', [$this, 'startupHook']);
$this->plugin->add_hook('ready', [$this, 'readyHook']);
+ $this->plugin->add_hook('authenticate', [$this, 'authenticateHook']);
}
/**
@@ -51,15 +54,17 @@
continue 2;
case 'plugins':
foreach ($value as $plugin) {
- // Note that kolab_2fa plugin does not work when kolab_auth plugin is disabled,
- // it does not inject itself into authentication process. We may be able to fix
- // that, but since in Kolab4 we use SSO this should not be an issue.
- // The 2FA UI should still work.
- // In the future we might move this UI into Cockpit or use companion app
- // and drop the plugin completely.
-
if (!$this->rc->plugins->get_plugin($plugin)) {
- $this->rc->plugins->load_plugin($plugin);
+ $loaded = $this->rc->plugins->load_plugin($plugin);
+
+ // Depending on whether we load the kolab_2fa plugin from startup hook
+ // or other (in logon process or in settings) we might need to invoke its
+ // startup initialization code
+ if ($loaded && $plugin == 'kolab_2fa' && $this->rc->task != 'settings') {
+ /** @var \kolab_2fa $kolab_2fa */
+ $kolab_2fa = $this->rc->plugins->get_plugin($plugin);
+ $kolab_2fa->startup(['task' => $this->rc->task ?? '', 'action' => $this->rc->action ?? '']);
+ }
}
}
@@ -146,6 +151,24 @@
}
}
+ /**
+ * Authentication hook handler
+ */
+ public function authenticateHook($args): array
+ {
+ // Startup handler is not enough to properly load kolab_2fa plugin
+ // for the webmail logon page
+ if (defined('RCMAIL_START') && empty($args['abort']) && !empty($args['valid'])
+ && empty($args['sso']) && $args['user'] !== '' && $args['pass'] !== ''
+ ) {
+ $this->rc->user->data = ['username' => $args['user']];
+ $this->rc->password = $args['pass'];
+ $this->applyConfiguration($this->getConfig());
+ }
+
+ return $args;
+ }
+
/**
* Startup hook handler
*/
@@ -153,7 +176,14 @@
{
// For Kolab Syncroton we have to use the 'ready' hook.
if ($args['task'] != 'syncroton') {
- $this->applyConfiguration(Client::getMyConfig());
+ // For the 2FA logon step we have to use user credentials from the session
+ // to get the configuration and be able to enable the kolab_2fa plugin
+ if ($args['task'] == 'login' && !empty($_SESSION['kolab_2fa_factors'])) {
+ // note: password is already set in session
+ $this->rc->user->data = ['username' => $_SESSION['username']];
+ }
+
+ $this->applyConfiguration($this->getConfig());
}
return $args;
@@ -167,9 +197,26 @@
// For Kolab Syncroton we have to use the 'ready' hook. In 'startup' hook
// user is not yet authenticated.
if ($args['task'] == 'syncroton') {
- $this->applyConfiguration(Client::getMyConfig());
+ $this->applyConfiguration($this->getConfig());
}
return $args;
}
+
+ /**
+ * Get webmail configuration for Kolab API
+ */
+ private function getConfig(): array
+ {
+ if ($this->done) {
+ // We make sure to trigger configuration once per request
+ return [];
+ }
+
+ $config = Client::getMyConfig();
+
+ $this->done = !empty($config);
+
+ return $config;
+ }
}

File Metadata

Mime Type
text/plain
Expires
Sun, Apr 5, 7:16 PM (57 m, 44 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18834099
Default Alt Text
D5872.1775416578.diff (4 KB)

Event Timeline