diff options
Diffstat (limited to 'phpBB/phpbb/auth')
| -rw-r--r-- | phpBB/phpbb/auth/auth.php | 19 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/base.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/ldap.php | 5 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/oauth.php | 9 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/token_storage.php | 7 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/provider_interface.php | 6 |
6 files changed, 37 insertions, 11 deletions
diff --git a/phpBB/phpbb/auth/auth.php b/phpBB/phpbb/auth/auth.php index b59f0e60ec..b7634e04ce 100644 --- a/phpBB/phpbb/auth/auth.php +++ b/phpBB/phpbb/auth/auth.php @@ -928,6 +928,7 @@ class auth function login($username, $password, $autologin = false, $viewonline = 1, $admin = 0) { global $db, $user, $phpbb_root_path, $phpEx, $phpbb_container; + global $phpbb_dispatcher; $provider_collection = $phpbb_container->get('auth.provider_collection'); @@ -982,6 +983,24 @@ class auth redirect($url); } + /** + * Event is triggered after checking for valid username and password, and before the actual session creation. + * + * @event core.auth_login_session_create_before + * @var array login Variable containing login array + * @var bool admin Boolean variable whether user is logging into the ACP + * @var string username Username of user to log in + * @var bool autologin Boolean variable signaling whether login is triggered via auto login + * @since 3.1.7-RC1 + */ + $vars = array( + 'login', + 'admin', + 'username', + 'autologin', + ); + extract($phpbb_dispatcher->trigger_event('core.auth_login_session_create_before', compact($vars))); + // If login succeeded, we will log the user in... else we pass the login array through... if ($login['status'] == LOGIN_SUCCESS) { diff --git a/phpBB/phpbb/auth/provider/base.php b/phpBB/phpbb/auth/provider/base.php index 4c49070eaf..dea27ccc25 100644 --- a/phpBB/phpbb/auth/provider/base.php +++ b/phpBB/phpbb/auth/provider/base.php @@ -61,7 +61,7 @@ abstract class base implements \phpbb\auth\provider\provider_interface /** * {@inheritdoc} */ - public function get_auth_link_data() + public function get_auth_link_data($user_id = 0) { return; } diff --git a/phpBB/phpbb/auth/provider/ldap.php b/phpBB/phpbb/auth/provider/ldap.php index d32e7504eb..c48b771ab0 100644 --- a/phpBB/phpbb/auth/provider/ldap.php +++ b/phpBB/phpbb/auth/provider/ldap.php @@ -289,7 +289,6 @@ class ldap extends \phpbb\auth\provider\base /** * {@inheritdoc} */ - public function acp() { // These are fields required in the config table @@ -306,9 +305,9 @@ class ldap extends \phpbb\auth\provider\base return array( 'TEMPLATE_FILE' => 'auth_provider_ldap.html', 'TEMPLATE_VARS' => array( - 'AUTH_LDAP_DN' => $new_config['ldap_base_dn'], + 'AUTH_LDAP_BASE_DN' => $new_config['ldap_base_dn'], 'AUTH_LDAP_EMAIL' => $new_config['ldap_email'], - 'AUTH_LDAP_PASSORD' => $new_config['ldap_password'], + 'AUTH_LDAP_PASSORD' => $new_config['ldap_password'] !== '' ? '********' : '', 'AUTH_LDAP_PORT' => $new_config['ldap_port'], 'AUTH_LDAP_SERVER' => $new_config['ldap_server'], 'AUTH_LDAP_UID' => $new_config['ldap_uid'], diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c0ce3f1fba..be0fbf5831 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -553,13 +553,13 @@ class oauth extends \phpbb\auth\provider\base /** * {@inheritdoc} */ - public function get_auth_link_data() + public function get_auth_link_data($user_id = 0) { $block_vars = array(); // Get all external accounts tied to the current user $data = array( - 'user_id' => (int) $this->user->data['user_id'], + 'user_id' => ($user_id <= 0) ? (int) $this->user->data['user_id'] : (int) $user_id, ); $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' WHERE ' . $this->db->sql_build_array('SELECT', $data); @@ -616,10 +616,13 @@ class oauth extends \phpbb\auth\provider\base return 'LOGIN_LINK_MISSING_DATA'; } + // Remove user specified in $link_data if possible + $user_id = isset($link_data['user_id']) ? $link_data['user_id'] : $this->user->data['user_id']; + // Remove the link $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . " WHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "' - AND user_id = " . (int) $this->user->data['user_id']; + AND user_id = " . (int) $user_id; $this->db->sql_query($sql); // Clear all tokens belonging to the user on this servce diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index 023cf402ca..9b6afae255 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -13,7 +13,6 @@ namespace phpbb\auth\provider\oauth; - use OAuth\OAuth1\Token\StdOAuth1Token; use OAuth\Common\Token\TokenInterface; use OAuth\Common\Storage\TokenStorageInterface; @@ -117,7 +116,8 @@ class token_storage implements TokenStorageInterface { $service = $this->get_service_name_for_db($service); - if ($this->cachedToken) { + if ($this->cachedToken) + { return true; } @@ -232,7 +232,8 @@ class token_storage implements TokenStorageInterface { $service = $this->get_service_name_for_db($service); - if ($this->cachedToken instanceof TokenInterface) { + if ($this->cachedToken instanceof TokenInterface) + { return $this->cachedToken; } diff --git a/phpBB/phpbb/auth/provider/provider_interface.php b/phpBB/phpbb/auth/provider/provider_interface.php index 613297cefc..35e0f559a1 100644 --- a/phpBB/phpbb/auth/provider/provider_interface.php +++ b/phpBB/phpbb/auth/provider/provider_interface.php @@ -166,6 +166,10 @@ interface provider_interface /** * Returns an array of data necessary to build the ucp_auth_link page * + * @param int $user_id User ID for whom the data should be retrieved. + * defaults to 0, which is not a valid ID. The method + * should fall back to the current user's ID in this + * case. * @return array|null If this function is not implemented on an auth * provider then it returns null. If it is implemented * it will return an array of up to four elements of @@ -181,7 +185,7 @@ interface provider_interface * 'VARS' => array(...), * ) */ - public function get_auth_link_data(); + public function get_auth_link_data($user_id = 0); /** * Unlinks an external account from a phpBB account. |