extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-21 23:43:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Calendar: freebusy.php uses .vfb extension for better Outlook compatibility and fix using "cred" GET parameter with base64 encoded credentials

Browse Source
This commit is contained in:
ralf 2023-06-23 14:55:31 +02:00
parent 742c067740
commit 8aca24e520
1 changed files with 17 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
calendar/freebusy.php
View File

@ -32,11 +32,16 @@ $GLOBALS['egw_info'] = array(
require_once __DIR__.'/../api/src/autoload.php'; require_once __DIR__.'/../api/src/autoload.php';
if (!($logged_in = !empty(Api\Session::get_sessionid()))) if (!($logged_in = !empty(Api\Session::get_sessionid())))
{ {
// support basic auth for regular user-credentials // support basic auth and $_GET[cred] for regular user-credentials
if (!empty($_SERVER['PHP_AUTH_PW']) || !empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) if (!empty($_SERVER['PHP_AUTH_PW']) || !empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) || !empty($_GET['cred']))
{ {
$GLOBALS['egw_info']['flags']['autocreate_session_callback'] = Api\Header\Authenticate::class.'::autocreate_session_callback'; $GLOBALS['egw_info']['flags']['autocreate_session_callback'] = Api\Header\Authenticate::class.'::autocreate_session_callback';
$logged_in = true; // header sends 401, if not authenticated $logged_in = true; // header sends 401, if not authenticated
// make $_GET[cred] work by using REDIRECT_HTTP_AUTHORIZATION
if (!empty($_GET['cred']))
{
$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = 'Basic '.$_GET['cred'];
}
} }
else else
{ {
@ -54,7 +59,7 @@ if (!$logged_in)
// fix for SOGo connector, which does not decode the = in our f/b url // fix for SOGo connector, which does not decode the = in our f/b url
if (strpos($_SERVER['QUERY_STRING'],'=3D') !== false && substr($_GET['user'],0,2) == '3D') if (strpos($_SERVER['QUERY_STRING'],'=3D') !== false && substr($_GET['user'],0,2) == '3D')
{ {
foreach(['user', 'email', 'password', 'cred'] as $name) foreach(['user', 'email', 'password'] as $name)
{ {
if (isset($_GET[$name])) $_GET[$name] = substr($_GET[$name],2); if (isset($_GET[$name])) $_GET[$name] = substr($_GET[$name],2);
} }
@ -79,43 +84,14 @@ if ($user === false || !($username = $GLOBALS['egw']->accounts->id2name($user)))
} }
if (!$logged_in) if (!$logged_in)
{ {
if (empty($_GET['cred'])) $GLOBALS['egw_info']['user']['account_id'] = $user;
{ $GLOBALS['egw_info']['user']['account_lid'] = $username;
$GLOBALS['egw_info']['user']['account_id'] = $user; $GLOBALS['egw']->preferences->account_id = $user;
$GLOBALS['egw_info']['user']['account_lid'] = $username; $GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();
$GLOBALS['egw']->preferences->account_id = $user; $cal_prefs = &$GLOBALS['egw_info']['user']['preferences']['calendar'];
$GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();
$cal_prefs = &$GLOBALS['egw_info']['user']['preferences']['calendar']; if (!($logged_in = !empty($cal_prefs['freebusy']) &&
$logged_in = !empty($cal_prefs['freebusy']) && (empty($cal_prefs['freebusy_pw']) || $cal_prefs['freebusy_pw'] == $_GET['password'])))
(empty($cal_prefs['freebusy_pw']) || $cal_prefs['freebusy_pw'] == $_GET['password']);
}
else
{
$credentials = base64_decode($_GET['cred']);
list($authuser, $password) = explode(':', $credentials, 2);
if (strpos($authuser, '@') === false)
{
$domain = $GLOBALS['egw_info']['server']['default_domain'];
$authuser .= '@' . $domain;
}
else
{
list(, $domain) = explode('@',$authuser, 2);
}
if (array_key_exists($domain, $GLOBALS['egw_domain']))
{
$_POST['login'] = $authuser;
$_REQUEST['domain'] = $domain;
$GLOBALS['egw_info']['server']['default_domain'] = $domain;
$GLOBALS['egw_info']['user']['domain'] = $domain;
$GLOBALS['egw_info']['flags']['currentapp'] = 'login';
$GLOBALS['egw_info']['flags']['noapi'] = false;
$logged_in = $GLOBALS['egw']->session->create($authuser, $password, 'text');
session_unset();
session_destroy();
}
}
if (!$logged_in)
{ {
throw new Api\Exception\NoPermission\AuthenticationRequired(lang("freebusy: unknown user '%1', or not available for unauthenticated users!", $_GET['user'])); throw new Api\Exception\NoPermission\AuthenticationRequired(lang("freebusy: unknown user '%1', or not available for unauthenticated users!", $_GET['user']));
} }
@ -126,7 +102,7 @@ if ($_GET['debug'])
} }
else else
{ {
Api\Header\Content::type('freebusy.ifb','text/calendar'); Api\Header\Content::type('freebusy.vfb','text/calendar');
} }
$ical = new calendar_ical(); $ical = new calendar_ical();
echo $ical->freebusy($user, $_GET['end']); echo $ical->freebusy($user, $_GET['end']);