Page MenuHomePhorge
Differential D3803 Diff 10883 src/app/Http/Controllers/API/V4/NGINXController.php

Changeset View

Standalone View

View Options

src/app/Http/Controllers/API/V4/NGINXController.php

Show First 20 LinesShow All 173 Lines▼ Show 20 Lines public function authenticate(Request $request)
* Auth-SSL-Issuer: /CN=example.com * Auth-SSL-Issuer: /CN=example.com
* Auth-SSL-Serial: C07AD56B846B5BFF * Auth-SSL-Serial: C07AD56B846B5BFF
* Auth-SSL-Fingerprint: 29d6a80a123d13355ed16b4b04605e29cb55a5ad * Auth-SSL-Fingerprint: 29d6a80a123d13355ed16b4b04605e29cb55a5ad
*/ */
$password = $request->headers->get('Auth-Pass', null); $password = $request->headers->get('Auth-Pass', null);
$username = $request->headers->get('Auth-User', null); $username = $request->headers->get('Auth-User', null);
$ip = $request->headers->get('Client-Ip', null); $ip = $request->headers->get('Client-Ip', null);
$proxy_ip = $request->headers->get('Proxy-Protocol-Addr', null);
if ($proxy_ip) {
$ip = $proxy_ip;
}
try { try {
$user = $this->authorizeRequest( $user = $this->authorizeRequest(
$username, $username,
$password, $password,
$ip, $ip,
); );
} catch (\Exception $e) { } catch (\Exception $e) {
return $this->byebye($request, $e->getMessage()); return $this->byebye($request, $e->getMessage());
} }
// All checks passed // All checks passed
switch ($request->headers->get('Auth-Protocol')) { switch ($request->headers->get('Auth-Protocol')) {
case "imap": case "imap":
return $this->authenticateIMAP($request, $user->getSetting('guam_enabled', false), $password); return $this->authenticateIMAP($request, $user->getSetting('guam_enabled', false), $password);
case "smtp": case "smtp":
return $this->authenticateSMTP($request, $password); return $this->authenticateSMTP($request, $password);
default: default:
return $this->byebye($request, "unknown protocol in request"); return $this->byebye($request, "unknown protocol in request");
} }
} }
/** /**
* Authentication request for roundcube imap.
*
* @param \Illuminate\Http\Request $request The API request.
*
* @return \Illuminate\Http\Response The response
*/
public function authenticateRoundcube(Request $request)
{
/**
* Auth-Login-Attempt: 1
* Auth-Method: plain
* Auth-Pass: simple123
* Auth-Protocol: imap
* Auth-Ssl: on
* Auth-User: john@kolab.org
* Client-Ip: 127.0.0.1
* Host: 127.0.0.1
*
* Auth-SSL: on
* Auth-SSL-Verify: SUCCESS
* Auth-SSL-Subject: /CN=example.com
* Auth-SSL-Issuer: /CN=example.com
* Auth-SSL-Serial: C07AD56B846B5BFF
* Auth-SSL-Fingerprint: 29d6a80a123d13355ed16b4b04605e29cb55a5ad
*/
$password = $request->headers->get('Auth-Pass', null);
$username = $request->headers->get('Auth-User', null);
$ip = $request->headers->get('Proxy-Protocol-Addr', null);
try {
$user = $this->authorizeRequest(
$username,
$password,
$ip,
);
} catch (\Exception $e) {
return $this->byebye($request, $e->getMessage());
}
// All checks passed
switch ($request->headers->get('Auth-Protocol')) {
case "imap":
return $this->authenticateIMAP($request, false, $password);
default:
return $this->byebye($request, "unknown protocol in request");
}
}
/**
* Create an imap authentication response. * Create an imap authentication response.
* *
* @param \Illuminate\Http\Request $request The API request. * @param \Illuminate\Http\Request $request The API request.
* @param bool $prefGuam Wether or not guam is enabled. * @param bool $prefGuam Wether or not guam is enabled.
* @param string $password The password to include in the response. * @param string $password The password to include in the response.
* *
* @return \Illuminate\Http\Response The response * @return \Illuminate\Http\Response The response
*/ */
▲ Show 20 LinesShow All 63 LinesShow Last 20 Lines