Skip to content
This repository has been archived by the owner on Nov 14, 2018. It is now read-only.

Commit

Permalink
IMAP login can be restricted to a specific domain name.
Browse files Browse the repository at this point in the history
  • Loading branch information
kosli committed Jul 30, 2015
1 parent a983b28 commit b9c8252
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 3 deletions.
6 changes: 5 additions & 1 deletion user_external/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -66,12 +66,16 @@ Add the following to your `config.php`:
array(
'class' => 'OC_User_IMAP',
'arguments' => array(
'{127.0.0.1:143/imap/readonly}',
'{127.0.0.1:143/imap/readonly}', 'example.com'
),
),
),

This connects to the IMAP server on IP `127.0.0.1`, in readonly mode.
If a domain name (e.g. example.com) is specified, then this makes sure that
only users from this domain will be allowed to login. After successfull
login the domain part will be striped and the rest used as username in
ownCloud. e.g. 'username@example.com' will be 'username' in ownCloud.

Read the [imap_open][0] PHP manual page to learn more about the allowed
parameters.
Expand Down
22 changes: 20 additions & 2 deletions user_external/lib/imap.php
Original file line number Diff line number Diff line change
Expand Up @@ -17,16 +17,18 @@
*/
class OC_User_IMAP extends \OCA\user_external\Base {
private $mailbox;
private $domain;

/**
* Create new IMAP authentication provider
*
* @param string $mailbox PHP imap_open mailbox definition, e.g.
* {127.0.0.1:143/imap/readonly}
*/
public function __construct($mailbox) {
public function __construct($mailbox, $domain = '') {
parent::__construct($mailbox);
$this->mailbox=$mailbox;
$this->domain=$domain;
}

/**
Expand All @@ -42,7 +44,23 @@ public function checkPassword($uid, $password) {
OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR);
return false;
}
$mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN, 1);

// Check if we only want logins from ONE domain and strip the domain part from UID
if($this->domain != '') {
$pieces = explode('@', $uid);
if(count($pieces) == 1) {
$username = $uid . "@" . $this->domain;
}elseif((count($pieces) == 2) and ($pieces[1] == $this->domain)) {
$username = $uid;
$uid = $pieces[0];
}else{
return false;
}
}else{
$username = $uid;
}

$mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1);
imap_errors();
imap_alerts();
if($mbox !== FALSE) {
Expand Down

0 comments on commit b9c8252

Please sign in to comment.