mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-07-31 22:10:45 +02:00
Code Issues Releases Wiki Activity

Merge branch '3.3.x'

Browse Source
This commit is contained in:
Marc Alexander
2019-11-17 14:55:30 +01:00
parent ba6d41ab70 f2e6bda0d1
commit 6ecda5be44
16 changed files with 448 additions and 326 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
phpBB/phpbb/auth/provider/apache.php
View File

@@ -13,34 +13,55 @@
namespace phpbb\auth\provider;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\language\language;
use phpbb\request\request_interface;
use phpbb\request\type_cast_helper;
use phpbb\user;
/**
* Apache authentication provider for phpBB3
*/
class apache extends \phpbb\auth\provider\base
class apache extends base
{
/**
* phpBB passwords manager
*
* @var \phpbb\passwords\manager
*/
protected $passwords_manager;
/** @var config phpBB config */
protected $config;
/** @var driver_interface Database object */
protected $db;
/** @var language Language object */
protected $language;
/** @var request_interface Request object */
protected $request;
/** @var user User object */
protected $user;
/** @var string Relative path to phpBB root */
protected $phpbb_root_path;
/** @var string PHP file extension */
protected $php_ext;
/**
* Apache Authentication Constructor
*
* @param \phpbb\db\driver\driver_interface $db Database object
* @param \phpbb\config\config $config Config object
* @param \phpbb\passwords\manager $passwords_manager Passwords Manager object
* @param \phpbb\request\request $request Request object
* @param \phpbb\user $user User object
* @param config $config Config object
* @param driver_interface $db Database object
* @param language $language Language object
* @param request_interface $request Request object
* @param user $user User object
* @param string $phpbb_root_path Relative path to phpBB root
* @param string $php_ext PHP file extension
*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext)
public function __construct(config $config, driver_interface $db, language $language, request_interface $request, user $user, $phpbb_root_path, $php_ext)
{
$this->db = $db;
$this->config = $config;
$this->passwords_manager = $passwords_manager;
$this->db = $db;
$this->language = $language;
$this->request = $request;
$this->user = $user;
$this->phpbb_root_path = $phpbb_root_path;
@@ -52,9 +73,9 @@ class apache extends \phpbb\auth\provider\base
*/
public function init()
{
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')))
if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')))
{
return $this->user->lang['APACHE_SETUP_BEFORE_USE'];
return $this->language->lang('APACHE_SETUP_BEFORE_USE');
}
return false;
}
@@ -83,7 +104,7 @@ class apache extends \phpbb\auth\provider\base
);
}
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER))
if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{
return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
@@ -137,7 +158,7 @@ class apache extends \phpbb\auth\provider\base
return array(
'status' => LOGIN_SUCCESS_CREATE_PROFILE,
'error_msg' => false,
'user_row' => $this->user_row($php_auth_user, $php_auth_pw),
'user_row' => $this->user_row($php_auth_user),
);
}
@@ -154,7 +175,7 @@ class apache extends \phpbb\auth\provider\base
*/
public function autologin()
{
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER))
if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{
return array();
}
@@ -164,8 +185,8 @@ class apache extends \phpbb\auth\provider\base
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
set_var($php_auth_user, $php_auth_user, 'string', true);
set_var($php_auth_pw, $php_auth_pw, 'string', true);
$type_cast_helper = new type_cast_helper();
$type_cast_helper->set_var($php_auth_user, $php_auth_user, 'string', true);
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
@@ -185,7 +206,7 @@ class apache extends \phpbb\auth\provider\base
}
// create the user if he does not exist yet
user_add($this->user_row($php_auth_user, $php_auth_pw));
user_add($this->user_row($php_auth_user));
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
@@ -208,11 +229,11 @@ class apache extends \phpbb\auth\provider\base
* function in order to create a user
*
* @param string $username The username of the new user.
* @param string $password The password of the new user.
*
* @return array Contains data that can be passed directly to
* the user_add function.
*/
private function user_row($username, $password)
private function user_row($username)
{
// first retrieve default group id
$sql = 'SELECT group_id
@@ -231,7 +252,7 @@ class apache extends \phpbb\auth\provider\base
// generate user account data
return array(
'username' => $username,
'user_password' => $this->passwords_manager->hash($password),
'user_password' => '',
'user_email' => '',
'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL,
@@ -246,7 +267,7 @@ class apache extends \phpbb\auth\provider\base
public function validate_session($user)
{
// Check if PHP_AUTH_USER is set and handle this case
if ($this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER))
if ($this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{
$php_auth_user = $this->request->server('PHP_AUTH_USER');

61
phpBB/phpbb/auth/provider/db.php
View File

@@ -13,48 +13,69 @@
namespace phpbb\auth\provider;
use phpbb\captcha\factory;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\passwords\manager;
use phpbb\request\request_interface;
use phpbb\user;
/**
* Database authentication provider for phpBB3
* This is for authentication via the integrated user table
*/
class db extends \phpbb\auth\provider\base
class db extends base
{
/** @var factory CAPTCHA factory */
protected $captcha_factory;
/** @var config phpBB config */
protected $config;
/** @var driver_interface DBAL driver instance */
protected $db;
/** @var request_interface Request object */
protected $request;
/** @var user User object */
protected $user;
/** @var string phpBB root path */
protected $phpbb_root_path;
/** @var string PHP file extension */
protected $php_ext;
/**
* phpBB passwords manager
*
* @var \phpbb\passwords\manager
* @var manager
*/
protected $passwords_manager;
/**
* DI container
*
* @var \Symfony\Component\DependencyInjection\ContainerInterface
*/
protected $phpbb_container;
/**
* Database Authentication Constructor
*
* @param \phpbb\db\driver\driver_interface $db
* @param \phpbb\config\config $config
* @param \phpbb\passwords\manager $passwords_manager
* @param \phpbb\request\request $request
* @param \phpbb\user $user
* @param \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container DI container
* @param factory $captcha_factory
* @param config $config
* @param driver_interface $db
* @param manager $passwords_manager
* @param request_interface $request
* @param user $user
* @param string $phpbb_root_path
* @param string $php_ext
*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext)
public function __construct(factory $captcha_factory, config $config, driver_interface $db, manager $passwords_manager, request_interface $request, user $user, $phpbb_root_path, $php_ext)
{
$this->db = $db;
$this->captcha_factory = $captcha_factory;
$this->config = $config;
$this->db = $db;
$this->passwords_manager = $passwords_manager;
$this->request = $request;
$this->user = $user;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext;
$this->phpbb_container = $phpbb_container;
}
/**
@@ -155,9 +176,7 @@ class db extends \phpbb\auth\provider\base
// Every auth module is able to define what to do by itself...
if ($show_captcha)
{
/* @var $captcha_factory \phpbb\captcha\factory */
$captcha_factory = $this->phpbb_container->get('captcha.factory');
$captcha = $captcha_factory->get_instance($this->config['captcha_plugin']);
$captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']);
$captcha->init(CONFIRM_LOGIN);
$vc_response = $captcha->validate($row);
if ($vc_response)

53
phpBB/phpbb/auth/provider/ldap.php
View File

@@ -1,4 +1,5 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
@@ -13,32 +14,42 @@
namespace phpbb\auth\provider;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\language\language;
use phpbb\user;
/**
* Database authentication provider for phpBB3
* This is for authentication via the integrated user table
*/
class ldap extends \phpbb\auth\provider\base
class ldap extends base
{
/**
* phpBB passwords manager
*
* @var \phpbb\passwords\manager
*/
protected $passwords_manager;
/** @var config phpBB config */
protected $config;
/** @var driver_interface DBAL driver interface */
protected $db;
/** @var language phpBB language class */
protected $language;
/** @var user phpBB user */
protected $user;
/**
* LDAP Authentication Constructor
*
* @param \phpbb\db\driver\driver_interface $db Database object
* @param \phpbb\config\config $config Config object
* @param \phpbb\passwords\manager $passwords_manager Passwords manager object
* @param \phpbb\user $user User object
* @param driver_interface $db DBAL driver interface
* @param config $config Config object
* @param language $language Language object
* @param user $user User object
*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user)
public function __construct(config $config, driver_interface $db, language $language, user $user)
{
$this->db = $db;
$this->config = $config;
$this->passwords_manager = $passwords_manager;
$this->db = $db;
$this->language = $language;
$this->user = $user;
}
@@ -49,7 +60,7 @@ class ldap extends \phpbb\auth\provider\base
{
if (!@extension_loaded('ldap'))
{
return $this->user->lang['LDAP_NO_LDAP_EXTENSION'];
return $this->language->lang('LDAP_NO_LDAP_EXTENSION');
}
$this->config['ldap_port'] = (int) $this->config['ldap_port'];
@@ -64,7 +75,7 @@ class ldap extends \phpbb\auth\provider\base
if (!$ldap)
{
return $this->user->lang['LDAP_NO_SERVER_CONNECTION'];
return $this->language->lang('LDAP_NO_SERVER_CONNECTION');
}
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
@@ -74,7 +85,7 @@ class ldap extends \phpbb\auth\provider\base
{
if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password'])))
{
return $this->user->lang['LDAP_INCORRECT_USER_PASSWORD'];
return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD');
}
}
@@ -92,7 +103,7 @@ class ldap extends \phpbb\auth\provider\base
if ($search === false)
{
return $this->user->lang['LDAP_SEARCH_FAILED'];
return $this->language->lang('LDAP_SEARCH_FAILED');
}
$result = @ldap_get_entries($ldap, $search);
@@ -101,12 +112,12 @@ class ldap extends \phpbb\auth\provider\base
if (!is_array($result) || count($result) < 2)
{
return sprintf($this->user->lang['LDAP_NO_IDENTITY'], $this->user->data['username']);
return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']);
}
if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])]))
{
return $this->user->lang['LDAP_NO_EMAIL'];
return $this->language->lang('LDAP_NO_EMAIL');
}
return false;
@@ -245,7 +256,7 @@ class ldap extends \phpbb\auth\provider\base
// generate user account data
$ldap_user_row = array(
'username' => $username,
'user_password' => $this->passwords_manager->hash($password),
'user_password' => '',
'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '',
'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL,

92
phpBB/phpbb/auth/provider/oauth/oauth.php
View File

@@ -13,44 +13,50 @@
namespace phpbb\auth\provider\oauth;
use OAuth\Common\Http\Exception\TokenResponseException;
use OAuth\ServiceFactory;
use OAuth\Common\Consumer\Credentials;
use OAuth\Common\Service\ServiceInterface;
use OAuth\OAuth1\Service\AbstractService as OAuth1Service;
use OAuth\OAuth2\Service\AbstractService as OAuth2Service;
use Symfony\Component\DependencyInjection\ContainerInterface;
use phpbb\auth\provider\base;
use phpbb\auth\provider\db;
use phpbb\auth\provider\oauth\service\exception;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\di\service_collection;
use phpbb\event\dispatcher;
use phpbb\language\language;
use phpbb\request\request_interface;
use phpbb\user;
/**
* OAuth authentication provider for phpBB3
*/
class oauth extends \phpbb\auth\provider\base
class oauth extends base
{
/** @var \phpbb\config\config */
/** @var config */
protected $config;
/** @var ContainerInterface */
protected $container;
/** @var \phpbb\db\driver\driver_interface */
/** @var driver_interface */
protected $db;
/** @var \phpbb\event\dispatcher */
/** @var db */
protected $db_auth;
/** @var dispatcher */
protected $dispatcher;
/** @var \phpbb\language\language */
/** @var language */
protected $language;
/** @var \phpbb\passwords\manager */
protected $passwords_manager;
/** @var \phpbb\request\request_interface */
/** @var request_interface */
protected $request;
/** @var \phpbb\di\service_collection */
/** @var service_collection */
protected $service_providers;
/** @var \phpbb\user */
/** @var user */
protected $user;
/** @var string OAuth table: token storage */
@@ -74,15 +80,14 @@ class oauth extends \phpbb\auth\provider\base
/**
* Constructor.
*
* @param \phpbb\config\config $config Config object
* @param ContainerInterface $container Service container object
* @param \phpbb\db\driver\driver_interface $db Database object
* @param \phpbb\event\dispatcher $dispatcher Event dispatcher object
* @param \phpbb\language\language $language Language object
* @param \phpbb\passwords\manager $passwords_manager Password manager object
* @param \phpbb\request\request_interface $request Request object
* @param \phpbb\di\service_collection $service_providers OAuth providers service collection
* @param \phpbb\user $user User object
* @param config $config Config object
* @param driver_interface $db Database object
* @param db $db_auth DB auth provider
* @param dispatcher $dispatcher Event dispatcher object
* @param language $language Language object
* @param request_interface $request Request object
* @param service_collection $service_providers OAuth providers service collection
* @param user $user User object
* @param string $oauth_token_table OAuth table: token storage
* @param string $oauth_state_table OAuth table: state
* @param string $oauth_account_table OAuth table: account association
@@ -91,15 +96,14 @@ class oauth extends \phpbb\auth\provider\base
* @param string $php_ext php File extension
*/
public function __construct(
\phpbb\config\config $config,
ContainerInterface $container,
\phpbb\db\driver\driver_interface $db,
\phpbb\event\dispatcher $dispatcher,
\phpbb\language\language $language,
\phpbb\passwords\manager $passwords_manager,
\phpbb\request\request_interface $request,
\phpbb\di\service_collection $service_providers,
\phpbb\user $user,
config $config,
driver_interface $db,
db $db_auth,
dispatcher $dispatcher,
language $language,
request_interface $request,
service_collection $service_providers,
user $user,
$oauth_token_table,
$oauth_state_table,
$oauth_account_table,
@@ -109,10 +113,9 @@ class oauth extends \phpbb\auth\provider\base
)
{
$this->config = $config;
$this->container = $container;
$this->db = $db;
$this->db_auth = $db_auth;
$this->dispatcher = $dispatcher;
$this->passwords_manager = $passwords_manager;
$this->language = $language;
$this->service_providers = $service_providers;
$this->request = $request;
@@ -153,18 +156,7 @@ class oauth extends \phpbb\auth\provider\base
// Temporary workaround for only having one authentication provider available
if (!$this->request->is_set('oauth_service'))
{
$provider = new \phpbb\auth\provider\db(
$this->db,
$this->config,
$this->passwords_manager,
$this->request,
$this->user,
$this->container,
$this->root_path,
$this->php_ext
);
return $provider->login($username, $password);
return $this->db_auth->login($username, $password);
}
// Request the name of the OAuth service
@@ -822,10 +814,10 @@ class oauth extends \phpbb\auth\provider\base
switch ($service::OAUTH_VERSION)
{
case 1:
return $this->request->is_set('oauth_token', \phpbb\request\request_interface::GET);
return $this->request->is_set('oauth_token', request_interface::GET);
case 2:
return $this->request->is_set('code', \phpbb\request\request_interface::GET);
return $this->request->is_set('code', request_interface::GET);
default:
return false;
@@ -850,7 +842,7 @@ class oauth extends \phpbb\auth\provider\base
$token = $service->requestRequestToken();
$parameters = ['oauth_token' => $token->getRequestToken()];
}
catch (\OAuth\Common\Http\Exception\TokenResponseException $e)
catch (TokenResponseException $e)
{
return [
'status' => LOGIN_ERROR_EXTERNAL_AUTH,