protected function setUp()
{
$testUser = '******';
OCP\User::$LOGGEDIN = true;
OCP\User::$USER = $testUser;
OC_RoundCube_App::$DB_USER = $testUser;
OC_RoundCube_App::$LOGIN_USER = $testUser;
}
public function testAuthHelperUnsuccessfullWithUnkownError()
{
$userRcEntries = array(array());
OC_RoundCube_App::$RC_USER_ENTRIES = $userRcEntries;
OC_RoundCube_App::$LOGIN_RESULT = false;
$params = array("uid" => 'user', "password" => 'password');
$loggedIn = OC_RoundCube_AuthHelper::login($params);
$this->assertFalse($loggedIn, 'Should not be logged in');
}
/**
* @preserveGlobalState disabled
*/
public function testLogin()
{
try {
if (!isset($_SESSION)) {
$_SESSION = array();
}
OC_RoundCube_App::login('127.0.0.1', '49080', 'roundcube', '*****@*****.**', '42');
} catch (Exception $e) {
echo OC_RoundCube_App::showMailFrame('127.0.0.1', '49080', 'roundcube')->getHtmlOutput();
}
}
public function testWithoutAutologin()
{
$_ = array('ocVersion' => 7, 'requesttoken' => 'abc1213');
$cfgClass = '';
$l = new OC_L10N('roundcube');
OCP\Config::$APPVALUE = array('autoLogin' => false);
require_once "templates/userSettings.php";
$_POST = array('appname' => 'roundcube');
$_POST = array('rc_mail_username' => 'user');
$_POST = array('rc_mail_password' => 'password');
OC_RoundCube_App::$CRYPTEMAIL = true;
//require_once("ajax/userSettings.php");
}
/**
* listener which gets invoked if password is changed within owncloud
* @param unknown $params userdata
*/
public static function changePasswordListener($params)
{
$username = $params['uid'];
$password = $params['password'];
// Try to fetch from session
$oldPrivKey = OC_RoundCube_App::getPrivateKey($username, false);
// Take the chance to alter the priv/pubkey pair
OC_RoundCube_App::generateKeyPair($username, $password);
$privKey = OC_RoundCube_App::getPrivateKey($username, $password);
$pubKey = OC_RoundCube_App::getPublicKey($username);
if ($oldPrivKey !== false) {
// Fetch credentials from data-base
$mail_userdata_entries = OC_RoundCube_App::checkLoginData($username);
foreach ($mail_userdata_entries as $mail_userdata) {
$mail_username = OC_RoundCube_App::decryptMyEntry($mail_userdata['mail_user'], $oldPrivKey);
$mail_password = OC_RoundCube_App::decryptMyEntry($mail_userdata['mail_password'], $oldPrivKey);
$myID = $mail_userdata['id'];
$mail_username = OC_RoundCube_App::cryptMyEntry($mail_username, $pubKey);
$mail_password = OC_RoundCube_App::cryptMyEntry($mail_password, $pubKey);
$stmt = OCP\DB::prepare("UPDATE *PREFIX*roundcube SET mail_user = ?, mail_password = ? WHERE id = ?");
OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->changePasswordListener():' . 'Updated mail password data due to password changed for user ' . $username, OCP\Util::DEBUG);
$result = $stmt->execute(array($mail_username, $mail_password, $myID));
}
} else {
OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->changePasswordListener():' . 'No private key for ' . $username, OCP\Util::DEBUG);
}
}
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
// set the passwort in session to fill the hidden login form with revertet and base64 encoded pass
// the *yourkey* must the same string as in autologin.php to replace this after revert and decode
$ocRoundCubeMailError['noUserdata'] = 'Please edit your maildata in your personal settings.';
$ocRoundCubeMailError['wrongUser'] = '******';
$ocRoundCubeMailError['noID'] = 'Ups we have a problem with your login. Please try again.';
$mailuserdata = OC_RoundCube_App::checkLoginData(OCP\User::getUser());
$mailUsername = OC_RoundCube_App::decryptMyEntry($mailuserdata['mailUser']);
$mailPassword = OC_RoundCube_App::decryptMyEntry($mailuserdata['mailPass']);
if ($mailuserdata['id'] != '') {
if ($mailuserdata['ocUser'] == OCP\User::getUser()) {
if ($mailuserdata['mailUser'] != '' && $mailuserdata['mailPass'] != '') {
$maildir = OCP\Config::getAppValue('roundcube', 'maildir', '');
OC_RoundCube_App::showMailFrame($maildir, $mailUsername, $mailPassword);
} else {
echo $ocRoundCubeMailError['noUserdata'];
}
} else {
echo $ocRoundCubeMailError['wrongUser'];
}
} else {
echo $ocRoundCubeMailError['noID'];
}
public function testSaveManualLoginDataWithCryptErrors()
{
$appName = "roundcube";
$ocUser = "******";
$rcUser = "******";
$rcPassword = "******";
$this->assertFalse(OC_RoundCube_App::saveUserSettings($appName, $ocUser, $rcUser, $rcPassword), 'Should snot ave settings');
}
<?php
// Init owncloud
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('roundcube');
// CSRF checks
OCP\JSON::callCheck();
$l = new OC_L10N('roundcube');
if (isset($_POST['appname']) && $_POST['appname'] == "roundcube") {
$ocUser = OCP\User::getUser();
$result = OC_RoundCube_App::cryptEmailIdentity($ocUser, $_POST['rc_mail_username'], $_POST['rc_mail_password']);
if ($result) {
// update login credentials
$maildir = OCP\Config::getAppValue('roundcube', 'maildir', '');
$rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', '');
if ($rc_host == '') {
$rc_host = OC_Request::serverHost();
}
$rc_port = OCP\Config::getAppValue('roundcube', 'rcPort', null);
OC_RoundCube_App::login($rc_host, $rc_port, $maildir, $_POST['rc_mail_username'], $_POST['rc_mail_password']);
} else {
OC_JSON::error(array("data" => array("message" => $l->t("Unable to store email credentials in the data-base."))));
return false;
}
} else {
OC_JSON::error(array("data" => array("message" => $l->t("Not submitted for us."))));
return false;
}
OCP\JSON::success(array('data' => array('message' => $l->t('Email-user credentials successfully stored.'))));
return true;
}
$rc_port = OCP\Config::getAppValue('roundcube', 'rcPort', null);
OCP\Util::writeLog('roundcube', 'tpl.mail.php: Opening iframe for RC-host '.$rc_host.' with port '.$rc_port, OCP\Util::DEBUG);
OCP\Util::writeLog('roundcube', 'tpl.mail.php: Preparing pre-check before rendering mail view ', OCP\Util::INFO);
if ($mail_userdata['id'] != '') {
if ($mail_userdata['oc_user'] == OCP\User::getUser()) {
if (!$enable_autologin && empty($mail_userdata)) {
OCP\Util::writeLog('roundcube', 'tpl.mail.php: No valid user login data found.', OCP\Util::ERROR);
$html_output = $html_output . $this -> inc("part.error.no-settings");
}
else {
OCP\Util::writeLog('roundcube', 'tpl.mail.php: Found valid user login data.', OCP\Util::DEBUG);
if ($maildir != '') {
$mailAppReturn = OC_RoundCube_App::showMailFrame($rc_host, $rc_port, $maildir);
if ($mailAppReturn -> isErrorOccurred()) {
OCP\Util::writeLog('roundcube', 'Not rendering roundcube iframe view due to errors', OCP\Util::ERROR);
OCP\Util::writeLog('roundcube', 'Got the following error code: '.$mailAppReturn -> getErrorCode(),OCP\Util::ERROR);
switch ($mailAppReturn -> getErrorCode()) {
case OC_Mail_Object::ERROR_CODE_NETWORK :
$html_output = $this -> inc("part.error.error-settings");
$html_output = $html_output . $mailAppReturn -> getErrorDetails();
break;
case OC_Mail_Object::ERROR_CODE_LOGIN :
$html_output = $this -> inc("part.error.wrong-auth");
$html_output = $html_output . $mailAppReturn -> getErrorDetails();
break;
case OC_Mail_Object::ERROR_CODE_RC_NOT_FOUND :
$html_output = $this -> inc("part.error.error-settings");
$html_output = $html_output . $mailAppReturn -> getErrorDetails();
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$mailuserdata = OC_RoundCube_App::checkLoginData(OCP\User::getUser());
$mailUsername = OC_RoundCube_App::decryptMyEntry($mailuserdata['mailUser']);
$mailPassword = OC_RoundCube_App::decryptMyEntry($mailuserdata['mailPass']);
?>
<form id="usermail" action="#" method="post">
<fieldset class="personalblock">
<legend><strong><?php
echo $l->t('RoundCube Mailaccount');
?>
</strong></legend>
<p>
<label for="usermail"><?php
echo $l->t('Username');
?>
<input type="text" id="mailUsername" name="mailUsername" value="<?php
echo $mailUsername;
?>
* @author Martin Reinhardt and David Jaedke
* @copyright 2012 Martin Reinhardt contact@martinreinhardt-online.de
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
if ($_POST) {
$myID = OC_RoundCube_App::existLoginData(OCP\User::getUser());
$mailuser = OC_RoundCube_App::cryptMyEntry($_POST['mailUsername']);
$mailpass = OC_RoundCube_App::cryptMyEntry($_POST['mailPassword']);
$stmt = OCP\DB::prepare("UPDATE *PREFIX*roundcube SET mailUser = '******', mailPass = '******' WHERE id = {$myID}");
$result = $stmt->execute();
}
// fill template
$tmpl = new OCP\Template('roundcube', 'userSettings');
foreach ($params as $param) {
$value = OCP\Config::getAppValue('roundcube', $param, '');
$tmpl->assign($param, $value);
}
return $tmpl->fetchPage();
/**
*
* @brief showing up roundcube iFrame
* @param roundcube host $rcHost
* @param roundcube port $rcPort
* @param path to roundcube installation, Note: The first parameter is the URL-path of the RC inst
* NOT the file-system path http://host.com/path/to/roundcube/ --> "/path/to/roundcube" $maildir
*
*/
public static function showMailFrame($rcHost, $rcPort, $maildir)
{
$returnObject = new OC_Mail_Object();
$enableDebug = OCP\Config::getAppValue('roundcube', 'enableDebug', true);
$enableAutologin = OCP\Config::getAppValue('roundcube', 'autoLogin', false);
// Create RC login object.
$rcl = new OC_RoundCube_Login($rcHost, $rcPort, $maildir, $enableDebug);
try {
if (!$rcl->isLoggedIn()) {
// If the login fails, display an error message in the loggs
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): Not logged in.', OCP\Util::ERROR);
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): Trying to refresh session.', OCP\Util::INFO);
if (!OC_RoundCube_App::refresh($rcHost, $rcPort, $maildir)) {
throw new OC_Mail_LoginException("Unable to login to roundcube");
}
}
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): Preparing iFrame for roundcube:' . $rcl->getRedirectPath(), OCP\Util::DEBUG);
// loader image
$loader_image = OCP\Util::imagePath('roundcube', 'loader.gif');
$disable_header_nav = OCP\Config::getAppValue('roundcube', 'removeHeaderNav', 'false');
$disable_control_nav = OCP\Config::getAppValue('roundcube', 'removeControlNav', 'false');
// create iFrame begin
$returnObject->appendHtmlOutput('<img src="' . $loader_image . '" id="roundcubeLoader">');
$returnObject->appendHtmlOutput('<iframe src="' . $rcl->getRedirectPath() . '" id="roundcubeFrame" name="roundcube" width="100%" style="display:none;"> </iframe>');
$returnObject->appendHtmlOutput('<input type="hidden" id="disable_header_nav" value="' . $disable_header_nav . '"/>');
$returnObject->appendHtmlOutput('<input type="hidden" id="disable_control_nav" value="' . $disable_control_nav . '"/>');
// create iFrame end
} catch (OC_Mail_NetworkingException $ex_net) {
$returnObject->setErrorOccurred(true);
$returnObject->setErrorCode(OC_Mail_Object::ERROR_CODE_NETWORK);
$returnObject->setHtmlOutput('');
$returnObject->setErrorDetails("ERROR: Technical problem during trying to connect to roundcube server, " . $ex_net->getMessage());
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): RoundCube can\'t login to roundcube due to a network connection exception to roundcube', OCP\Util::ERROR);
} catch (OC_Mail_LoginException $ex_login) {
$returnObject->setErrorOccurred(true);
if ($enableAutologin) {
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): Autologin is enabled. Seems that the owncloud and roundcube login details do not match', OCP\Util::ERROR);
$returnObject->setErrorCode(OC_Mail_Object::ERROR_CODE_AUTOLOGIN);
} else {
$returnObject->setErrorCode(OC_Mail_Object::ERROR_CODE_LOGIN);
}
$returnObject->setHtmlOutput('');
$returnObject->setErrorDetails("ERROR: Technical problem, " . $ex_login->getMessage());
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): RoundCube can\'t login to roundcube due to a login exception to roundcube', OCP\Util::ERROR);
} catch (OC_Mail_RC_InstallNotFoundException $ex_login) {
$returnObject->setErrorOccurred(true);
$returnObject->setErrorCode(OC_Mail_Object::ERROR_CODE_RC_NOT_FOUND);
$returnObject->setHtmlOutput('');
$returnObject->setErrorDetails("ERROR: Technical problem, " . $ex_login->getMessage());
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): RoundCube can\'t be found on the given path.', OCP\Util::ERROR);
} catch (Exception $ex_login) {
$returnObject->setErrorOccurred(true);
$returnObject->setErrorCode(OC_Mail_Object::ERROR_CODE_GENERAL);
$returnObject->setHtmlOutput('');
$returnObject->setErrorDetails("ERROR: Technical problem, " . $ex_login->getMessage());
OCP\Util::writeLog('roundcube', 'OC_RoundCube_App.class.php->showMailFrame(): RoundCube can\'t login to roundcube due to a unkown exception to roundcube', OCP\Util::ERROR);
}
return $returnObject;
}
/**
* listener which gets invoked if password is changed within owncloud
*
* @param unknown $params
* userdata
*/
public static function changePasswordListener($params)
{
$username = $params['uid'];
$password = $params['password'];
// Try to fetch from session
$oldPrivKey = OC_RoundCube_App::getSessionVariable(OC_RoundCube_App::SESSION_ATTR_RCPRIVKEY);
// Take the chance to alter the priv/pubkey pair
OC_RoundCube_App::generateKeyPair($username, $password);
$privKey = OC_RoundCube_App::getPrivateKey($username, $password);
$pubKey = OC_RoundCube_App::getPublicKey($username);
if ($oldPrivKey !== false) {
// Fetch credentials from data-base
$mail_userdata_entries = OC_RoundCube_App::checkLoginData($username);
foreach ($mail_userdata_entries as $mail_userdata) {
$mail_username = OC_RoundCube_App::decryptMyEntry($mail_userdata['mail_user'], $oldPrivKey);
$mail_password = OC_RoundCube_App::decryptMyEntry($mail_userdata['mail_password'], $oldPrivKey);
OC_RoundCube_App::cryptEmailIdentity($username, $mail_username, $mail_password);
OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->changePasswordListener():' . 'Updated mail password data due to password changed for user ' . $username, OCP\Util::DEBUG);
}
} else {
OCP\Util::writeLog('roundcube', 'OC_RoundCube_AuthHelper.class.php->changePasswordListener():' . 'No private key for ' . $username, OCP\Util::DEBUG);
}
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$ocVersion = $_['ocVersion'];
$cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
$table_exists = OC_RoundCube_DB_Util::tableExists();
if (!$table_exists) {
OCP\Util::writeLog('roundcube', 'DB table entries do not exist ...', OCP\Util::ERROR);
echo $this->inc("part.error.db");
} else {
$mail_userdata_entries = OC_RoundCube_App::checkLoginData(OCP\User::getUser());
?>
<form id="roundcube" action="#" method="post">
<!-- Prevent CSRF attacks-->
<input type="hidden" name="requesttoken" value="<?php
echo $_['requesttoken'];
?>
" id="requesttoken">
<input type="hidden" name="appname" value="roundcube">
<fieldset class="<?php
echo $cfgClass;
?>
">
<h2>RoundCube</h2>
<em><?php
<?php
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('roundcube');
// CSRF checks
OCP\JSON::callCheck();
return OC_RoundCube_App::saveUserSettings($_POST['appname'], OCP\User::getUser(), $_POST['rc_mail_username'], $_POST['rc_mail_password']);
echo $cfgClass;
?>
" id="roundcube">
<h2>
<?php
p($l->t('RoundCube Mailaccount'));
?>
</h2>
<?php
$enable_auto_login = OCP\Config::getAppValue('roundcube', 'autoLogin', false);
if (!$enable_auto_login) {
$username = OCP\User::getUser();
$privKey = OC_RoundCube_App::getPrivateKey($username, false);
foreach ($mail_userdata_entries as $mail_userdata) {
$mail_username = OC_RoundCube_App::decryptMyEntry($mail_userdata['mail_user'], $privKey);
$mail_password = OC_RoundCube_App::decryptMyEntry($mail_userdata['mail_password'], $privKey);
// TODO use template and add button for adding entries
?>
<input type="text" id="rc_mail_username" name="rc_mail_username"
value="<?php
echo $mail_username;
?>
" placeholder="<?php
p($l->t('Email Login Name'));
?>
" />
<input type="password" id="rc_mail_password" name="rc_mail_password"
placeholder="<?php
p($l->t('Email Password'));
?>
" data-typetoggle="rc_mail_password_show" />
// Init owncloud
// Check if we are a user
OCP\JSON::checkLoggedIn();
OCP\JSON::checkAppEnabled('roundcube');
// CSRF checks
OCP\JSON::callCheck();
$l = new OC_L10N('roundcube');
if (isset($_POST['appname']) && $_POST['appname'] == "roundcube") {
$ocUser = OCP\User::getUser();
$result = OC_RoundCube_App::cryptEmailIdentity($ocUser, $_POST['rc_mail_username'], $_POST['rc_mail_password'], true);
if ($result) {
// update login credentials
$maildir = OCP\Config::getAppValue('roundcube', 'maildir', '');
$rc_host = OCP\Config::getAppValue('roundcube', 'rcHost', '');
if ($rc_host == '') {
$rc_host = OC_Request::serverHost();
}
$params= array(
"uid" => $_POST['rc_mail_username'],
"password" => $_POST['rc_mail_password'],
);
// first logout
// then login again
OC_RoundCube_AuthHelper::logout($params);
