Update to 25.0.6; switch mail_domain variable names

FROM nextcloud:25.0.5-fpm AS nextcloud

FROM nextcloud:25.0.6-fpm AS nextcloud

ARG BASE_DIR="/usr/src/nextcloud"

ARG TMP_PATCH_DIR="/tmp/build_patches"

ARG THEME_HELPER_JOB_ID="566446"

ARG SNAPPY_VERSION="2.26.3"

ARG SNAPPY_THEME_VERSION="1.2.3"

RUN sed -i 's/25,0,5,1/25,0,5,6/' ${BASE_DIR}/version.php

RUN sed -i 's/25,0,6,1/25,0,6,1/' ${BASE_DIR}/version.php

COPY custom_entrypoint.sh /

RUN chmod +x /custom_entrypoint.sh

RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images

only the admin user (also configured in env var) will not have his login appended with a @domain suffix

diff --git ./core/Controller/LoginController.php ./core/Controller/LoginController-new.php

--- ./core/Controller/LoginController.php	2023-04-10 11:26:27.974097676 +0530

+++ ./core/Controller/LoginController-new.php	2023-04-10 11:33:01.374096460 +0530

@@ -307,6 +307,26 @@

 				// case when a user has already logged-in, in another tab.

 				return $this->generateRedirect($redirect_url);

--- ./core/Controller/LoginController.php	2023-04-21 15:08:54.979407062 +0530

+++ ./core/Controller/LoginController-new.php	2023-04-21 15:16:48.582366408 +0530

@@ -318,6 +318,26 @@

 				$this->l10n->t('Please try again')

 			);

 		}

+		$user = trim($user);

+        $user = mb_strtolower($user, 'UTF-8');

+            $domain = $this->config->getSystemValue('mail_domain', '');

+            $domain_suffix = !empty($domain) ? '@' . $domain : '';

+            $alt_domain = $this->config->getSystemValue('alt_mail_domain', '');

+            $alt_domain_suffix = !empty($alt_domain) ? '@'  . $alt_domain : '';

+        $legacyDomain = $this->config->getSystemValue('legacy_domain', '');

+        $legacyDomainSuffix = !empty($legacyDomain) ? '@' . $legacyDomain : '';

+        $mainDomain = $this->config->getSystemValue('main_domain', '');

+        $mainDomainSuffix = !empty($mainDomain) ? '@'  . $mainDomain : '';

+        $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"];

+        $is_admin = strcmp($user, $admin_username) === 0;

+        

+            if(!$is_admin && stristr($user, $domain_suffix) !== FALSE) {

+                $user = str_replace($domain_suffix, '', $user);

+		if (!$is_admin && str_ends_with($user, $legacyDomainSuffix)) {

+            $user = str_replace($legacyDomainSuffix, '', $user);

+        }

+

+            if (!$is_admin && stristr($user, $alt_domain_suffix) !== FALSE) {

+                $user = str_replace($alt_domain_suffix, '', $user);

+        if (!$is_admin && str_ends_with($user, $mainDomainSuffix)) {

+            $user = str_replace($mainDomainSuffix, '', $user);

+        }

+

+        if (!$this->userManager->userExists($user)) {

+                $user = $user . $domain_suffix;

+                $user = $user . $legacyDomainSuffix;

+        }

 			// Clear any auth remnants like cookies to ensure a clean login

 			// For the next attempt

--- ./core/Controller/WebAuthnController.php	2022-08-18 10:33:16.150199100 +0530

+++ ./core/Controller/WebAuthnController-new.php	2022-08-18 10:34:31.880199100 +0530

@@ -37,6 +37,7 @@

 use OCP\ISession;

 use OCP\Util;

 use Webauthn\PublicKeyCredentialRequestOptions;

+use OCP\IUserManager;

 class WebAuthnController extends Controller {

 	private const WEBAUTHN_LOGIN = 'webauthn_login';

@@ -73,6 +74,25 @@

 		$data = new LoginData(

 			$this->request,

--- ./core/Controller/WebAuthnController.php	2023-04-21 15:18:58.813220092 +0530

+++ ./core/Controller/WebAuthnController-new.php	2023-04-21 15:24:40.036538414 +0530

@@ -66,6 +66,27 @@

 		$this->logger->debug('Converting login name to UID');

 		$uid = $loginName;

+

+		$uid = trim($uid);

+        $uid = mb_strtolower($uid, 'UTF-8');

+		$domain = \OC::$server->getConfig()->getSystemValue('mail_domain', '');

+		$domain_suffix = !empty($domain) ? '@' . $domain : '';

+		$alt_domain = \OC::$server->getConfig()->getSystemValue('alt_mail_domain', '');

+		$alt_domain_suffix = !empty($alt_domain) ? '@'  . $alt_domain : '';

+        $legacyDomain = \OC::$server->getConfig()->getSystemValue('legacy_domain', '');

+        $legacyDomainSuffix = !empty($legacyDomain) ? '@' . $legacyDomain : '';

+        $mainDomain = \OC::$server->getConfig()->getSystemValue('main_domain', '');

+        $mainDomainSuffix = !empty($mainDomain) ? '@'  . $mainDomain : '';

+        $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"];

+        $is_admin = strcmp($uid, $admin_username) === 0;

+        

+		if(!$is_admin && stristr($uid, $domain_suffix) !== FALSE) {

+			$uid = str_replace($domain_suffix, '', $uid);

+		if (!$is_admin && str_ends_with($uid, $legacyDomainSuffix)) {

+            $uid = str_replace($legacyDomainSuffix, '', $uid);

+        }

+		if (!$is_admin && stristr($uid, $alt_domain_suffix) !== FALSE) {

+			$uid = str_replace($alt_domain_suffix, '', $uid);

+

+        if (!$is_admin && str_ends_with($uid, $mainDomainSuffix)) {

+            $uid = str_replace($mainDomainSuffix, '', $uid);

+        }

+

+        if (!\OC::$server->get(IUserManager::class)->userExists($uid)) {

+			$uid = $uid . $domain_suffix;

+                $uid = $uid . $legacyDomainSuffix;

+        }

 		Util::emitHook(

 			'\OCA\Files_Sharing\API\Server2Server',

 			'preLoginNameUsedAsUserName',

--- ./lib/private/User/Session.php	2023-04-21 15:27:00.417034490 +0530

+++ ./lib/private/User/Session-new.php	2023-04-21 15:28:18.309111435 +0530

@@ -430,6 +430,10 @@

 		$remoteAddress = $request->getRemoteAddress();

 		$currentDelay = $throttler->sleepDelay($remoteAddress, 'login');

--- ./lib/private/User/Session.php	2023-04-10 11:42:40.124084595 +0530

+++ ./lib/private/User/Session-new.php	2023-04-10 11:44:34.384098645 +0530

@@ -428,6 +428,10 @@

 								OC\Security\Bruteforce\Throttler $throttler) {

 		$currentDelay = $throttler->sleepDelay($request->getRemoteAddress(), 'login');

+		$altDomain = $this->config->getSystemValue('alt_mail_domain', '');

+		$altDomainSuffix = !empty($altDomain) ? '@' . $altDomain : '';

+		$user = str_replace($altDomainSuffix, '', $user);

+		$mainDomain = $this->config->getSystemValue('main_domain', '');

+		$mainDomainSuffix = !empty($mainDomain) ? '@' . $mainDomain : '';

+		$user = str_replace($mainDomainSuffix, '', $user);

+

 		if ($this->manager instanceof PublicEmitter) {

 			$this->manager->emit('\OC\User', 'preLogin', [$user, $password]);