-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
db5bc14
commit 30760de
Showing
3 changed files
with
82 additions
and
46 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,15 @@ | ||
| From 488b781e030637ab6feafc0da640217e1d654ead Mon Sep 17 00:00:00 2001 | ||
| From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= <[email protected]> | ||
| Date: Tue, 11 Jun 2024 11:50:36 +0200 | ||
| Subject: [PATCH 1/3] Add ldap auth | ||
|
|
||
| --- | ||
| app/config/security.yml | 12 ++++++++++++ | ||
| app/config/services.yml | 7 +++++++ | ||
| 2 files changed, 19 insertions(+) | ||
|
|
||
| diff --git a/app/config/security.yml b/app/config/security.yml | ||
| index 02afc9ea..5a3f7a34 100644 | ||
| index 9ab51621..f4ea3d47 100644 | ||
| --- a/app/config/security.yml | ||
| +++ b/app/config/security.yml | ||
| @@ -13,6 +13,14 @@ security: | ||
|
|
@@ -8,39 +18,41 @@ index 02afc9ea..5a3f7a34 100644 | |
| id: fos_user.user_provider.username_email | ||
| + yunohost_users: | ||
| + ldap: | ||
| + service: yunohost.ldap | ||
| + service: Symfony\Component\Ldap\Ldap | ||
| + base_dn: ou=users,dc=yunohost,dc=org | ||
| + search_dn: | ||
| + search_password: | ||
| + filter: (&(uid={username})(objectClass=posixAccount)) | ||
| + default_roles: ROLE_USER | ||
|
|
||
| # the main part of the security, where you can set up firewalls | ||
| # for specific sections of your app | ||
| @@ -38,6 +46,9 @@ security: | ||
|
|
||
| @@ -39,6 +47,10 @@ security: | ||
| secured_area: | ||
| pattern: ^/ | ||
| + http_basic_ldap: | ||
| + service: yunohost.ldap | ||
| + provider: yunohost_users | ||
| + service: Symfony\Component\Ldap\Ldap | ||
| + dn_string: "uid={username},ou=users,dc=yunohost,dc=org" | ||
| form_login: | ||
| provider: fos_userbundle | ||
| csrf_token_generator: security.csrf.token_manager | ||
| diff --git a/app/config/services.yml b/app/config/services.yml | ||
| index 7b85d846..f23961c5 100644 | ||
| index 270e79d9..c67341e8 100644 | ||
| --- a/app/config/services.yml | ||
| +++ b/app/config/services.yml | ||
| @@ -43,6 +43,10 @@ services: | ||
| @@ -394,3 +394,10 @@ services: | ||
| public: false | ||
| tags: | ||
| - { name: kernel.event_listener, event: security.interactive_login, method: onInteractiveLogin } | ||
|
|
||
| + yunohost.ldap: | ||
| + class: Symfony\Component\Ldap\LdapClient | ||
| + arguments: ["localhost"] | ||
| - { name: pagerfanta.view, alias: default_wallabag } | ||
| + | ||
| craue_config_cache_provider: | ||
| class: Symfony\Component\Cache\Adapter\FilesystemAdapter | ||
| public: false | ||
| -- | ||
| 2.17.1 | ||
| + Symfony\Component\Ldap\Ldap: | ||
| + arguments: ['@Symfony\Component\Ldap\Adapter\ExtLdap\Adapter'] | ||
| + tags: [ldap] | ||
| + Symfony\Component\Ldap\Adapter\ExtLdap\Adapter: | ||
| + arguments: | ||
| + - host: localhost | ||
| -- | ||
| 2.45.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,31 +1,40 @@ | ||
| From 711f4a49fa7d4c471cd905870fecaa6f83156d46 Mon Sep 17 00:00:00 2001 | ||
| From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= <[email protected]> | ||
| Date: Tue, 11 Jun 2024 11:52:33 +0200 | ||
| Subject: [PATCH 2/3] Configure a custom logout success handler for yunohost | ||
| ldap | ||
|
|
||
| --- | ||
| app/config/security.yml | 2 +- | ||
| app/config/services.yml | 3 +++ | ||
| .../Security/LogoutSuccessHandler.php | 27 +++++++++++++++++++ | ||
| 3 files changed, 31 insertions(+), 1 deletion(-) | ||
| create mode 100644 src/Wallabag/YunoHostBundle/Security/LogoutSuccessHandler.php | ||
|
|
||
| diff --git a/app/config/security.yml b/app/config/security.yml | ||
| index 5a3f7a34..1720e741 100644 | ||
| index f4ea3d47..de6b705b 100644 | ||
| --- a/app/config/security.yml | ||
| +++ b/app/config/security.yml | ||
| @@ -62,7 +62,7 @@ security: | ||
|
|
||
| @@ -64,7 +64,7 @@ security: | ||
| logout: | ||
| path: /logout | ||
| - target: / | ||
| + success_handler: yunohost.logout_success_handler | ||
|
|
||
| access_control: | ||
| - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } | ||
| two_factor: | ||
| provider: fos_userbundle | ||
| diff --git a/app/config/services.yml b/app/config/services.yml | ||
| index f23961c5..f266e6d1 100644 | ||
| index c67341e8..7057ca42 100644 | ||
| --- a/app/config/services.yml | ||
| +++ b/app/config/services.yml | ||
| @@ -43,6 +43,10 @@ services: | ||
| tags: | ||
| - { name: kernel.event_listener, event: security.interactive_login, method: onInteractiveLogin } | ||
|
|
||
| @@ -401,3 +401,6 @@ services: | ||
| Symfony\Component\Ldap\Adapter\ExtLdap\Adapter: | ||
| arguments: | ||
| - host: localhost | ||
| + | ||
| + yunohost.logout_success_handler: | ||
| + class: Wallabag\YunoHostBundle\Security\LogoutSuccessHandler | ||
| + | ||
| + | ||
| yunohost.ldap: | ||
| class: Symfony\Component\Ldap\LdapClient | ||
| arguments: ["localhost"] | ||
| diff --git a/src/Wallabag/YunoHostBundle/Security/LogoutSuccessHandler.php b/src/Wallabag/YunoHostBundle/Security/LogoutSuccessHandler.php | ||
| new file mode 100644 | ||
| index 00000000..b3268243 | ||
|
|
@@ -59,5 +68,6 @@ index 00000000..b3268243 | |
| + return new RedirectResponse($url); | ||
| + } | ||
| +} | ||
| -- | ||
| 2.17.1 | ||
| -- | ||
| 2.45.1 | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,11 +1,25 @@ | ||
| --- a/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php 2016-02-22 13:57:55.000000000 +0000 | ||
| +++ b/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php 2017-04-13 17:16:06.298501506 +0000 | ||
| @@ -170,7 +170,7 @@ | ||
| if (null !== $user) { | ||
| $encoder = $this->encoderFactory->getEncoder($user); | ||
| From 85c26ff4df2191bf3494491f27e2922aa6b569c8 Mon Sep 17 00:00:00 2001 | ||
| From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= <[email protected]> | ||
| Date: Tue, 11 Jun 2024 11:54:25 +0200 | ||
| Subject: [PATCH 3/3] OAuthStorage workaround | ||
|
|
||
| --- | ||
| .../oauth-server-bundle/Storage/OAuthStorage.php | 2 +- | ||
| 1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
|
||
| diff --git a/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php b/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php | ||
| index 5ab6b7c9..7cb77913 100644 | ||
| --- a/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php | ||
| +++ b/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php | ||
| @@ -158,7 +158,7 @@ class OAuthStorage implements IOAuth2RefreshTokens, IOAuth2GrantUser, IOAuth2Gra | ||
| } | ||
|
|
||
| $encoder = $this->encoderFactory->getEncoder($user); | ||
| - if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { | ||
| + if (true) { | ||
| return [ | ||
| 'data' => $user, | ||
| ]; | ||
| -- | ||
| 2.45.1 | ||
|
|
||
| - if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { | ||
| + if (true) { | ||
| return array( | ||
| 'data' => $user, | ||
| ); |