Skip to content
This repository has been archived by the owner on Nov 14, 2018. It is now read-only.

IMAP login can be restricted to a specific domain name. #2093

Merged
merged 1 commit into from
Oct 21, 2016
Merged

IMAP login can be restricted to a specific domain name. #2093

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion user_external/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,12 +66,16 @@ Add the following to your `config.php`:
array(
'class' => 'OC_User_IMAP',
'arguments' => array(
'{127.0.0.1:143/imap/readonly}',
'{127.0.0.1:143/imap/readonly}', 'example.com'
),
),
),

This connects to the IMAP server on IP `127.0.0.1`, in readonly mode.
If a domain name (e.g. example.com) is specified, then this makes sure that
only users from this domain will be allowed to login. After successfull
login the domain part will be striped and the rest used as username in
ownCloud. e.g. 'username@example.com' will be 'username' in ownCloud.

Read the [imap_open][0] PHP manual page to learn more about the allowed
parameters.
Expand Down
22 changes: 20 additions & 2 deletions user_external/lib/imap.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,16 +17,18 @@
*/
class OC_User_IMAP extends \OCA\user_external\Base {
private $mailbox;
private $domain;

/**
* Create new IMAP authentication provider
*
* @param string $mailbox PHP imap_open mailbox definition, e.g.
* {127.0.0.1:143/imap/readonly}
*/
public function __construct($mailbox) {
public function __construct($mailbox, $domain = '') {
parent::__construct($mailbox);
$this->mailbox=$mailbox;
$this->domain=$domain;
}

/**
Expand All @@ -42,7 +44,23 @@ public function checkPassword($uid, $password) {
OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR);
return false;
}
$mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN, 1);

// Check if we only want logins from ONE domain and strip the domain part from UID
if($this->domain != '') {
$pieces = explode('@', $uid);
if(count($pieces) == 1) {
$username = $uid . "@" . $this->domain;
}elseif((count($pieces) == 2) and ($pieces[1] == $this->domain)) {
$username = $uid;
$uid = $pieces[0];
}else{
return false;
}
}else{
$username = $uid;
}

$mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1);
imap_errors();
imap_alerts();
if($mbox !== FALSE) {
Expand Down