Merge pull request #2093 from kosli/master

IMAP login can be restricted to a specific domain name.
owncloud-archive · Oct 21, 2016 · 49fd3bd · 49fd3bd
2 parents ea75d5f + b9c8252
commit 49fd3bd
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 3 deletions.
diff --git a/user_external/README.md b/user_external/README.md
@@ -66,12 +66,16 @@ Add the following to your `config.php`:
   array(
   'class' => 'OC_User_IMAP',
   'arguments' => array(
-  '{127.0.0.1:143/imap/readonly}',
+  '{127.0.0.1:143/imap/readonly}', 'example.com'
   ),
   ),
  ),
 
 This connects to the IMAP server on IP `127.0.0.1`, in readonly mode.
+If a domain name (e.g. example.com) is specified, then this makes sure that 
+only users from this domain will be allowed to login. After successfull
+login the domain part will be striped and the rest used as username in
+ownCloud. e.g. 'username@example.com' will be 'username' in ownCloud.
 
 Read the [imap_open][0] PHP manual page to learn more about the allowed
 parameters.

diff --git a/user_external/lib/imap.php b/user_external/lib/imap.php
@@ -17,16 +17,18 @@
  */
 class OC_User_IMAP extends \OCA\user_external\Base {
  private $mailbox;
+ private $domain;
 
  /**
  * Create new IMAP authentication provider
  *
  * @param string $mailbox PHP imap_open mailbox definition, e.g.
  * {127.0.0.1:143/imap/readonly}
  */
- public function __construct($mailbox) {
+ public function __construct($mailbox, $domain = '') {
  parent::__construct($mailbox);
  $this->mailbox=$mailbox;
+ $this->domain=$domain;
  }
 
  /**
@@ -42,7 +44,23 @@ public function checkPassword($uid, $password) {
  OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR);
  return false;
  }
- $mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN, 1);
+
+ // Check if we only want logins from ONE domain and strip the domain part from UID 
+ if($this->domain != '') {
+ $pieces = explode('@', $uid);
+ if(count($pieces) == 1) {
+ $username = $uid . "@" . $this->domain;
+ }elseif((count($pieces) == 2) and ($pieces[1] == $this->domain)) {
+ $username = $uid;
+ $uid = $pieces[0];
+ }else{
+ return false;
+ }
+ }else{
+ $username = $uid;
+ }
+
+ $mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1);
  imap_errors();
  imap_alerts();
  if($mbox !== FALSE) {