From 7a079ca18b517010a32980d9a5c2f98674f2eb61 Mon Sep 17 00:00:00 2001 From: Lukasz Janyst Date: Sat, 6 Apr 2013 22:25:31 +0200 Subject: [PATCH] Make it possible to switch DAV to Basic HTTP authentication --- Core/Frameworks/Baikal/Core/PDOBasicAuth.php | 81 +++++++++++++++++++ .../Baikal/Model/Config/Standard.php | 14 ++++ Core/Frameworks/Baikal/WWWRoot/cal.php | 6 +- Core/Frameworks/Baikal/WWWRoot/card.php | 6 +- 4 files changed, 105 insertions(+), 2 deletions(-) create mode 100644 Core/Frameworks/Baikal/Core/PDOBasicAuth.php mode change 100755 => 100644 Core/Frameworks/Baikal/Model/Config/Standard.php mode change 100755 => 100644 Core/Frameworks/Baikal/WWWRoot/cal.php mode change 100755 => 100644 Core/Frameworks/Baikal/WWWRoot/card.php diff --git a/Core/Frameworks/Baikal/Core/PDOBasicAuth.php b/Core/Frameworks/Baikal/Core/PDOBasicAuth.php new file mode 100644 index 0000000..433eade --- /dev/null +++ b/Core/Frameworks/Baikal/Core/PDOBasicAuth.php @@ -0,0 +1,81 @@ + + * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License + */ +class PDOBasicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic { + + /** + * Reference to PDO connection + * + * @var PDO + */ + protected $pdo; + + /** + * PDO table name we'll be using + * + * @var string + */ + protected $tableName; + + /** + * Authentication realm + * + * @var string + */ + protected $authRealm; + + /** + * Creates the backend object. + * + * If the filename argument is passed in, it will parse out the specified file fist. + * + * @param PDO $pdo + * @param string $tableName The PDO table name to use + */ + public function __construct(\PDO $pdo, $authRealm, $tableName = 'users') { + + $this->pdo = $pdo; + $this->tableName = $tableName; + $this->authRealm = $authRealm; + } + + /** + * Validates a username and password + * + * This method should return true or false depending on if login + * succeeded. + * + * @param string $username + * @param string $password + * @return bool + */ + public function validateUserPass($username, $password) { + + $stmt = $this->pdo->prepare('SELECT username, digesta1 FROM '.$this->tableName.' WHERE username = ?'); + $stmt->execute(array($username)); + $result = $stmt->fetchAll(); + + + if (!count($result)) return false; + + $hash = md5( $username . ':' . $this->authRealm . ':' . $password ); + if( $result[0]['digesta1'] == $hash ) + { + $this->currentUser = $username; + return true; + } + return false; + + } + +} diff --git a/Core/Frameworks/Baikal/Model/Config/Standard.php b/Core/Frameworks/Baikal/Model/Config/Standard.php old mode 100755 new mode 100644 index 53dc2eb..f7353a0 --- a/Core/Frameworks/Baikal/Model/Config/Standard.php +++ b/Core/Frameworks/Baikal/Model/Config/Standard.php @@ -41,6 +41,10 @@ class Standard extends \Baikal\Model\Config { "type" => "boolean", "comment" => "CalDAV ON/OFF switch; default TRUE", ), + "BAIKAL_DAV_AUTH_TYPE" => array( + "type" => "string", + "comment" => "HTTP authentication type for WebDAV; default Digest" + ), "BAIKAL_ADMIN_ENABLED" => array( "type" => "boolean", "comment" => "Baïkal Web Admin ON/OFF switch; default TRUE", @@ -60,6 +64,7 @@ class Standard extends \Baikal\Model\Config { "PROJECT_TIMEZONE" => "Europe/Paris", "BAIKAL_CARD_ENABLED" => TRUE, "BAIKAL_CAL_ENABLED" => TRUE, + "BAIKAL_DAV_AUTH_TYPE" => "Digest", "BAIKAL_ADMIN_ENABLED" => TRUE, "BAIKAL_ADMIN_AUTOLOCKENABLED" => FALSE, "BAIKAL_ADMIN_PASSWORDHASH" => "" @@ -85,6 +90,12 @@ class Standard extends \Baikal\Model\Config { "prop" => "BAIKAL_CARD_ENABLED", "label" => "Enable CardDAV" ))); + + $oMorpho->add(new \Formal\Element\Listbox(array( + "prop" => "BAIKAL_DAV_AUTH_TYPE", + "label" => "WebDAV authentication type", + "options" => array( "Digest", "Basic" ) + ))); $oMorpho->add(new \Formal\Element\Password(array( "prop" => "BAIKAL_ADMIN_PASSWORDHASH", @@ -193,6 +204,9 @@ define("BAIKAL_CARD_ENABLED", TRUE); # CalDAV ON/OFF switch; default TRUE define("BAIKAL_CAL_ENABLED", TRUE); +# WebDAV authentication type; default Digest +define("BAIKAL_DAV_AUTH_TYPE", "Digest") + # Baïkal Web Admin ON/OFF switch; default TRUE define("BAIKAL_ADMIN_ENABLED", TRUE); diff --git a/Core/Frameworks/Baikal/WWWRoot/cal.php b/Core/Frameworks/Baikal/WWWRoot/cal.php old mode 100755 new mode 100644 index f1cd4a4..f5f4749 --- a/Core/Frameworks/Baikal/WWWRoot/cal.php +++ b/Core/Frameworks/Baikal/WWWRoot/cal.php @@ -47,7 +47,11 @@ if(!defined("BAIKAL_CAL_ENABLED") || BAIKAL_CAL_ENABLED !== TRUE) { } # Backends -$authBackend = new \Sabre\DAV\Auth\Backend\PDO($GLOBALS["DB"]->getPDO()); +if( BAIKAL_DAV_AUTH_TYPE == "Basic" ) + $authBackend = new \Baikal\Core\PDOBasicAuth($GLOBALS["DB"]->getPDO(), BAIKAL_AUTH_REALM); +else + $authBackend = new \Sabre\DAV\Auth\Backend\PDO($GLOBALS["DB"]->getPDO()); + $principalBackend = new \Sabre\DAVACL\PrincipalBackend\PDO($GLOBALS["DB"]->getPDO()); $calendarBackend = new \Sabre\CalDAV\Backend\PDO($GLOBALS["DB"]->getPDO()); diff --git a/Core/Frameworks/Baikal/WWWRoot/card.php b/Core/Frameworks/Baikal/WWWRoot/card.php old mode 100755 new mode 100644 index b3906a9..ced85d7 --- a/Core/Frameworks/Baikal/WWWRoot/card.php +++ b/Core/Frameworks/Baikal/WWWRoot/card.php @@ -48,7 +48,11 @@ if(!defined("BAIKAL_CARD_ENABLED") || BAIKAL_CARD_ENABLED !== TRUE) { } # Backends -$authBackend = new \Sabre\DAV\Auth\Backend\PDO($GLOBALS["DB"]->getPDO()); +if( BAIKAL_DAV_AUTH_TYPE == "Basic" ) + $authBackend = new \Baikal\Core\PDOBasicAuth($GLOBALS["DB"]->getPDO(), BAIKAL_AUTH_REALM); +else + $authBackend = new \Sabre\DAV\Auth\Backend\PDO($GLOBALS["DB"]->getPDO()); + $principalBackend = new \Sabre\DAVACL\PrincipalBackend\PDO($GLOBALS["DB"]->getPDO()); $carddavBackend = new \Sabre\CardDAV\Backend\PDO($GLOBALS["DB"]->getPDO());