/** * */ public function __construct() { $app = App::getInstance(); $config = $app->get('Config'); $this->proxyconfig = $config->get('jmapproxy'); $this->logger = Logger::get('jmapproxy'); }
/** * Do authenticate the given request data (password) * * @param array Data submitted with the authentication request * @return mixed Roundcube\Server\Auth\AuthenticatedIdentity on success, false on failure */ public function authenticate(array $data) { $session = $this->app->get('Session'); Logger::get('2fa')->debug('authenticate', ['data' => $data, 'identity' => $session->get('Auth\\identity')]); // return the AuthenticatedIdentity already stored in session if (!empty($data['value']) && $data['value'] === $this->options['code'] && $session->get('Auth\\identity')) { $this->authSuccess = true; return $session->get('Auth\\identity'); } else { throw new AuthenticationAbortedException("TOTP code doesn't match"); } return false; }
/** * */ public function __construct() { $this->sapi = new HTTP\Sapi(); $this->httpResponse = new HTTP\Response(); $this->httpRequest = $this->sapi->getRequest(); $this->logger = Logger::get('controller'); // FIXME: JMAP Authorization headers don't get through to the Request object if (function_exists('apache_request_headers')) { $hdrs = apache_request_headers(); if (isset($hdrs['Authorization'])) { $this->httpRequest->setHeader('Authorization', $hdrs['Authorization']); } } // plugins can add more callbacks directly to $this->routes }
/** * */ public function process() { $this->emit('process:before', [['request' => $this->httpRequest]]); // set Content Security Policy and CORS headers $this->httpResponse->addHeader('Content-Security-Policy', "default-src *"); $this->httpResponse->addHeader('X-Content-Security-Policy', "default-src *"); if ($this->httpRequest->hasHeader('Origin')) { // TODO: allow to configure allowed origins $this->httpResponse->addHeader('Access-Control-Allow-Origin', "*"); } // FIXME: respond to OPTIONS requests directly and without validation if ($this->httpRequest->getMethod() == 'OPTIONS') { $this->httpResponse->addHeader('Access-Control-Request-Method', 'GET, POST, OPTIONS'); $this->httpResponse->addHeader('Access-Control-Allow-Headers', $this->httpRequest->getHeader('Access-Control-Request-Headers')); $this->httpResponse->setStatus(204); $this->sapi->sendResponse($this->httpResponse); return; } // extract route from request (jmap, auth|.well-known/jmap, upload) if ($route = $this->getRouteMatch($this->httpRequest->getPath())) { try { call_user_func($this->routes[$route], $this->httpRequest, $this->httpResponse); } catch (\RuntimeException $e) { if ($e instanceof Exception\ProcessorException) { $this->httpResponse->setStatus($e->getStatusCode()); } else { $this->httpResponse->setStatus(500); } $this->logger->err(strval($e)); $this->emit('process:error', [['request' => $this->httpRequest, 'exception' => $e]]); } } else { // TODO: throw invalid route error $this->httpResponse->setStatus(404); } $this->emit('process:after', [['response' => $this->httpResponse]]); $this->sapi->sendResponse($this->httpResponse); }
/** * Subroutine to load and initialize plugins enabled in config */ protected function loadPlugins() { $config = $this->get('Config'); $logger = Logger::get('app'); $plugins = []; // load configured plugins foreach ((array) $config->get('plugins', []) as $plugin) { if (empty($plugin['service'])) { continue; } try { $options = !empty($plugin['options']) ? $plugin['options'] : []; $plugins[] = $this->loadPlugin($plugin['service'], $options); } catch (\RuntimeException $e) { $logger->err(strval($e)); continue; } } // initialize loaded plugins foreach ($plugins as $plugin) { $plugin->init(); } }
define('ROUNDCUBE_ENV', 'prod'); } // use composer's autoloader for both dependencies and local lib $loader = (require_once ROUNDCUBE_INSTALL_ROOT . '/vendor/autoload.php'); $loader->set('Roundcube', [ROUNDCUBE_INSTALL_ROOT . '/lib']); // register Roundcube namespace use Roundcube\Logger; use Roundcube\Server; // create server app instance $app = Server\App::getInstance(ROUNDCUBE_ENV); $server = $app->get('Server\\Controller'); if (php_sapi_name() !== 'cli-server' && isset($_SERVER['DOCUMENT_ROOT']) && isset($_SERVER['SCRIPT_FILENAME'])) { $server->httpRequest->setBaseUrl(substr(dirname($_SERVER['SCRIPT_FILENAME']), strlen($_SERVER['DOCUMENT_ROOT'])) . '/'); } // attach debug logger $server->on('process:before', function ($e) { $request = $e['request']; $request->setBody($request->getBodyAsString()); // read stdin as string and write back Logger::get('http')->debug('process:before', ['request' => strval($request)]); }); $server->on('process:after', function ($e) { Logger::get('http')->debug('process:after', ['response' => strval($e['response'])]); }); foreach (['jmap:auth:init', 'jmap:auth:more', 'jmap:auth:continue', 'jmap:query', 'jmap:response'] as $eventname) { $server->on($eventname, function ($e) use($eventname) { Logger::get('jmap')->debug($eventname, $e); }); } // process request $server->process();