Loading Dockerfile +1 −1 Original line number Diff line number Diff line Loading @@ -150,9 +150,9 @@ RUN cd ${BASE_DIR} && patch -u ${BASE_DIR}/3rdparty/sabre/vobject/lib/ITip/Broke RUN patch -u ${BASE_DIR}/apps/theming/lib/Themes/CommonThemeTrait.php -i ${TMP_PATCH_DIR}/026-primary-color-fix.patch RUN patch -u ${BASE_DIR}/lib/private/Template/JSResourceLocator.php -i ${TMP_PATCH_DIR}/031-theme-custom-app-translations.patch RUN patch -u ${BASE_DIR}/lib/private/L10N/Factory.php -i ${TMP_PATCH_DIR}/032-select-lang-from-session.patch RUN patch -u ${BASE_DIR}/custom_apps/snappymail/lib/Util/SnappyMailHelper.php -i ${TMP_PATCH_DIR}/037-snappy-oidc-autologin.patch # UserConfigChangedEvent Ref: https://github.com/nextcloud/server/pull/42039 RUN cd ${BASE_DIR} && patch -p1 < ${TMP_PATCH_DIR}/036-user-config-change-event.patch RUN patch --binary -u ${BASE_DIR}/custom_apps/snappymail/lib/Util/SnappyMailHelper.php -i ${TMP_PATCH_DIR}/037-snappy-oidc-autologin.patch RUN rm -rf ${TMP_PATCH_DIR} # Custom theme Loading patches/037-snappy-oidc-autologin.patch +35 −10 Original line number Diff line number Diff line From: Avinash <avinash.gusain.ext@murena.com> Date: Wed, 01 May 2023 17:50:00 +0530 Subject: [PATCH] Fix oidc autologin in snappymail With this patch we are actually fixing the autologin in case of oidc login --- custom_apps/snappymail/lib/Util/SnappyMailHelper.php 2024-05-01 13:13:15 +++ custom_apps/snappymail/lib/Util/SnappyMailHelper-new.php 2024-05-01 13:33:06 @@ -91,9 +91,17 @@ --- SnappyMailHelper.php 2024-05-01 16:45:20 +++ SnappyMailHelper-new.php 2024-05-01 16:45:26 @@ -91,9 +91,18 @@ */ if ($doLogin && $aCredentials[1] && $aCredentials[2]) { try { - $oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]); - if ($oAccount && $oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DefaultOff) === \RainLoop\Enumerations\SignMeType::DefaultOn) { - $oActions->SetSignMeToken($oAccount); + $ocSession = \OC::$server->getSession(); + if ($ocSession->get('is_oidc')) { + $pwd = new \SnappyMail\SensitiveString($aCredentials[1]); + $oAccount = $oActions->LoginProcess($aCredentials[1], $pwd); Loading @@ -26,3 +22,32 @@ With this patch we are actually fixing the autologin in case of oidc login } } catch (\Throwable $e) { // Login failure, reset password to prevent more attempts @@ -140,22 +149,23 @@ // If the current user ID is identical to login ID (not valid when using account switching), // this has the second priority. if ($ocSession['snappymail-nc-uid'] == $sUID) { -/* + // If OpenID Connect (OIDC) is enabled and used for login, use this. // https://apps.nextcloud.com/apps/oidc_login // DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917 - if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false)) { + // if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false)) { if ($ocSession->get('is_oidc')) { // IToken->getPassword() ??? if ($sAccessToken = $ocSession->get('oidc_access_token')) { - return [$sUID, 'oidc@nextcloud', $sAccessToken]; + $sEmail = $config->getUserValue($sUID, 'settings', 'email'); + return [$sUID, $sEmail, $sAccessToken]; } \SnappyMail\Log::debug('Nextcloud', 'OIDC access_token missing'); } else { \SnappyMail\Log::debug('Nextcloud', 'No OIDC login'); } - } -*/ + //} + // Only use the user's password in the current session if they have // enabled auto-login using Nextcloud username or email address. $sEmail = ''; Loading
Dockerfile +1 −1 Original line number Diff line number Diff line Loading @@ -150,9 +150,9 @@ RUN cd ${BASE_DIR} && patch -u ${BASE_DIR}/3rdparty/sabre/vobject/lib/ITip/Broke RUN patch -u ${BASE_DIR}/apps/theming/lib/Themes/CommonThemeTrait.php -i ${TMP_PATCH_DIR}/026-primary-color-fix.patch RUN patch -u ${BASE_DIR}/lib/private/Template/JSResourceLocator.php -i ${TMP_PATCH_DIR}/031-theme-custom-app-translations.patch RUN patch -u ${BASE_DIR}/lib/private/L10N/Factory.php -i ${TMP_PATCH_DIR}/032-select-lang-from-session.patch RUN patch -u ${BASE_DIR}/custom_apps/snappymail/lib/Util/SnappyMailHelper.php -i ${TMP_PATCH_DIR}/037-snappy-oidc-autologin.patch # UserConfigChangedEvent Ref: https://github.com/nextcloud/server/pull/42039 RUN cd ${BASE_DIR} && patch -p1 < ${TMP_PATCH_DIR}/036-user-config-change-event.patch RUN patch --binary -u ${BASE_DIR}/custom_apps/snappymail/lib/Util/SnappyMailHelper.php -i ${TMP_PATCH_DIR}/037-snappy-oidc-autologin.patch RUN rm -rf ${TMP_PATCH_DIR} # Custom theme Loading
patches/037-snappy-oidc-autologin.patch +35 −10 Original line number Diff line number Diff line From: Avinash <avinash.gusain.ext@murena.com> Date: Wed, 01 May 2023 17:50:00 +0530 Subject: [PATCH] Fix oidc autologin in snappymail With this patch we are actually fixing the autologin in case of oidc login --- custom_apps/snappymail/lib/Util/SnappyMailHelper.php 2024-05-01 13:13:15 +++ custom_apps/snappymail/lib/Util/SnappyMailHelper-new.php 2024-05-01 13:33:06 @@ -91,9 +91,17 @@ --- SnappyMailHelper.php 2024-05-01 16:45:20 +++ SnappyMailHelper-new.php 2024-05-01 16:45:26 @@ -91,9 +91,18 @@ */ if ($doLogin && $aCredentials[1] && $aCredentials[2]) { try { - $oAccount = $oActions->LoginProcess($aCredentials[1], $aCredentials[2]); - if ($oAccount && $oConfig->Get('login', 'sign_me_auto', \RainLoop\Enumerations\SignMeType::DefaultOff) === \RainLoop\Enumerations\SignMeType::DefaultOn) { - $oActions->SetSignMeToken($oAccount); + $ocSession = \OC::$server->getSession(); + if ($ocSession->get('is_oidc')) { + $pwd = new \SnappyMail\SensitiveString($aCredentials[1]); + $oAccount = $oActions->LoginProcess($aCredentials[1], $pwd); Loading @@ -26,3 +22,32 @@ With this patch we are actually fixing the autologin in case of oidc login } } catch (\Throwable $e) { // Login failure, reset password to prevent more attempts @@ -140,22 +149,23 @@ // If the current user ID is identical to login ID (not valid when using account switching), // this has the second priority. if ($ocSession['snappymail-nc-uid'] == $sUID) { -/* + // If OpenID Connect (OIDC) is enabled and used for login, use this. // https://apps.nextcloud.com/apps/oidc_login // DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917 - if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false)) { + // if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false)) { if ($ocSession->get('is_oidc')) { // IToken->getPassword() ??? if ($sAccessToken = $ocSession->get('oidc_access_token')) { - return [$sUID, 'oidc@nextcloud', $sAccessToken]; + $sEmail = $config->getUserValue($sUID, 'settings', 'email'); + return [$sUID, $sEmail, $sAccessToken]; } \SnappyMail\Log::debug('Nextcloud', 'OIDC access_token missing'); } else { \SnappyMail\Log::debug('Nextcloud', 'No OIDC login'); } - } -*/ + //} + // Only use the user's password in the current session if they have // enabled auto-login using Nextcloud username or email address. $sEmail = '';
