Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/NGINXController.php
Show First 20 Lines • Show All 173 Lines • ▼ Show 20 Lines | public function authenticate(Request $request) | ||||
* Auth-SSL-Issuer: /CN=example.com | * Auth-SSL-Issuer: /CN=example.com | ||||
* Auth-SSL-Serial: C07AD56B846B5BFF | * Auth-SSL-Serial: C07AD56B846B5BFF | ||||
* Auth-SSL-Fingerprint: 29d6a80a123d13355ed16b4b04605e29cb55a5ad | * Auth-SSL-Fingerprint: 29d6a80a123d13355ed16b4b04605e29cb55a5ad | ||||
*/ | */ | ||||
$password = $request->headers->get('Auth-Pass', null); | $password = $request->headers->get('Auth-Pass', null); | ||||
$username = $request->headers->get('Auth-User', null); | $username = $request->headers->get('Auth-User', null); | ||||
$ip = $request->headers->get('Client-Ip', null); | $ip = $request->headers->get('Client-Ip', null); | ||||
$proxy_ip = $request->headers->get('Proxy-Protocol-Addr', null); | |||||
if ($proxy_ip) { | |||||
$ip = $proxy_ip; | |||||
} | |||||
try { | try { | ||||
$user = $this->authorizeRequest( | $user = $this->authorizeRequest( | ||||
$username, | $username, | ||||
$password, | $password, | ||||
$ip, | $ip, | ||||
); | ); | ||||
} catch (\Exception $e) { | } catch (\Exception $e) { | ||||
return $this->byebye($request, $e->getMessage()); | return $this->byebye($request, $e->getMessage()); | ||||
} | } | ||||
// All checks passed | // All checks passed | ||||
switch ($request->headers->get('Auth-Protocol')) { | switch ($request->headers->get('Auth-Protocol')) { | ||||
case "imap": | case "imap": | ||||
return $this->authenticateIMAP($request, $user->getSetting('guam_enabled', false), $password); | return $this->authenticateIMAP($request, $user->getSetting('guam_enabled', false), $password); | ||||
case "smtp": | case "smtp": | ||||
return $this->authenticateSMTP($request, $password); | return $this->authenticateSMTP($request, $password); | ||||
default: | default: | ||||
return $this->byebye($request, "unknown protocol in request"); | return $this->byebye($request, "unknown protocol in request"); | ||||
} | } | ||||
} | } | ||||
/** | /** | ||||
* Authentication request for roundcube imap. | |||||
* | |||||
* @param \Illuminate\Http\Request $request The API request. | |||||
* | |||||
* @return \Illuminate\Http\Response The response | |||||
*/ | |||||
public function authenticateRoundcube(Request $request) | |||||
{ | |||||
/** | |||||
* Auth-Login-Attempt: 1 | |||||
* Auth-Method: plain | |||||
* Auth-Pass: simple123 | |||||
* Auth-Protocol: imap | |||||
* Auth-Ssl: on | |||||
* Auth-User: john@kolab.org | |||||
* Client-Ip: 127.0.0.1 | |||||
* Host: 127.0.0.1 | |||||
* | |||||
* Auth-SSL: on | |||||
* Auth-SSL-Verify: SUCCESS | |||||
* Auth-SSL-Subject: /CN=example.com | |||||
* Auth-SSL-Issuer: /CN=example.com | |||||
* Auth-SSL-Serial: C07AD56B846B5BFF | |||||
* Auth-SSL-Fingerprint: 29d6a80a123d13355ed16b4b04605e29cb55a5ad | |||||
*/ | |||||
$password = $request->headers->get('Auth-Pass', null); | |||||
$username = $request->headers->get('Auth-User', null); | |||||
$ip = $request->headers->get('Proxy-Protocol-Addr', null); | |||||
try { | |||||
$user = $this->authorizeRequest( | |||||
$username, | |||||
$password, | |||||
$ip, | |||||
); | |||||
} catch (\Exception $e) { | |||||
return $this->byebye($request, $e->getMessage()); | |||||
} | |||||
// All checks passed | |||||
switch ($request->headers->get('Auth-Protocol')) { | |||||
case "imap": | |||||
return $this->authenticateIMAP($request, false, $password); | |||||
default: | |||||
return $this->byebye($request, "unknown protocol in request"); | |||||
} | |||||
} | |||||
/** | |||||
* Create an imap authentication response. | * Create an imap authentication response. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request The API request. | * @param \Illuminate\Http\Request $request The API request. | ||||
* @param bool $prefGuam Wether or not guam is enabled. | * @param bool $prefGuam Wether or not guam is enabled. | ||||
* @param string $password The password to include in the response. | * @param string $password The password to include in the response. | ||||
* | * | ||||
* @return \Illuminate\Http\Response The response | * @return \Illuminate\Http\Response The response | ||||
*/ | */ | ||||
▲ Show 20 Lines • Show All 63 Lines • Show Last 20 Lines |