makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-10 05:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch '3.3.x'

Browse source
This commit is contained in:
Marc Alexander 2019-11-17 14:55:30 +01:00
commit 6ecda5be44
No known key found for this signature in database
GPG key ID: 50E0D2423696F995
16 changed files with 448 additions and 326 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.travis.yml
View file

@ -42,6 +42,7 @@ install:
before_script: before_script:
- travis/setup-database.sh $DB $TRAVIS_PHP_VERSION $NOTESTS - travis/setup-database.sh $DB $TRAVIS_PHP_VERSION $NOTESTS
- travis/setup-ldap.sh $SLOWTESTS
- phantomjs --webdriver=8910 > /dev/null & - phantomjs --webdriver=8910 > /dev/null &
script: script:

15
phpBB/config/default/container/services_auth.yml
View file

@ -15,12 +15,12 @@ services:
auth.provider.db: auth.provider.db:
class: phpbb\auth\provider\db class: phpbb\auth\provider\db
arguments: arguments:
- '@dbal.conn' - '@captcha.factory'
- '@config' - '@config'
- '@dbal.conn'
- '@passwords.manager' - '@passwords.manager'
- '@request' - '@request'
- '@user' - '@user'
- '@service_container'
- '%core.root_path%' - '%core.root_path%'
- '%core.php_ext%' - '%core.php_ext%'
tags: tags:
@ -29,9 +29,9 @@ services:
auth.provider.apache: auth.provider.apache:
class: phpbb\auth\provider\apache class: phpbb\auth\provider\apache
arguments: arguments:
- '@dbal.conn'
- '@config' - '@config'
- '@passwords.manager' - '@dbal.conn'
- '@language'
- '@request' - '@request'
- '@user' - '@user'
- '%core.root_path%' - '%core.root_path%'
@ -42,9 +42,9 @@ services:
auth.provider.ldap: auth.provider.ldap:
class: phpbb\auth\provider\ldap class: phpbb\auth\provider\ldap
arguments: arguments:
- '@dbal.conn'
- '@config' - '@config'
- '@passwords.manager' - '@dbal.conn'
- '@language'
- '@user' - '@user'
tags: tags:
- { name: auth.provider } - { name: auth.provider }
@ -53,11 +53,10 @@ services:
class: phpbb\auth\provider\oauth\oauth class: phpbb\auth\provider\oauth\oauth
arguments: arguments:
- '@config' - '@config'
- '@service_container'
- '@dbal.conn' - '@dbal.conn'
- '@auth.provider.db'
- '@dispatcher' - '@dispatcher'
- '@language' - '@language'
- '@passwords.manager'
- '@request' - '@request'
- '@auth.provider.oauth.service_collection' - '@auth.provider.oauth.service_collection'
- '@user' - '@user'

75
phpBB/phpbb/auth/provider/apache.php
View file

@ -13,34 +13,55 @@
namespace phpbb\auth\provider; namespace phpbb\auth\provider;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\language\language;
use phpbb\request\request_interface;
use phpbb\request\type_cast_helper;
use phpbb\user;
/** /**
* Apache authentication provider for phpBB3 * Apache authentication provider for phpBB3
*/ */
class apache extends \phpbb\auth\provider\base class apache extends base
{ {
/** /** @var config phpBB config */
* phpBB passwords manager protected $config;
*
* @var \phpbb\passwords\manager /** @var driver_interface Database object */
*/ protected $db;
protected $passwords_manager;
/** @var language Language object */
protected $language;
/** @var request_interface Request object */
protected $request;
/** @var user User object */
protected $user;
/** @var string Relative path to phpBB root */
protected $phpbb_root_path;
/** @var string PHP file extension */
protected $php_ext;
/** /**
* Apache Authentication Constructor * Apache Authentication Constructor
* *
* @param \phpbb\db\driver\driver_interface $db Database object * @param config $config Config object
* @param \phpbb\config\config $config Config object * @param driver_interface $db Database object
* @param \phpbb\passwords\manager $passwords_manager Passwords Manager object * @param language $language Language object
* @param \phpbb\request\request $request Request object * @param request_interface $request Request object
* @param \phpbb\user $user User object * @param user $user User object
* @param string $phpbb_root_path Relative path to phpBB root * @param string $phpbb_root_path Relative path to phpBB root
* @param string $php_ext PHP file extension * @param string $php_ext PHP file extension
*/ */
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext) public function __construct(config $config, driver_interface $db, language $language, request_interface $request, user $user, $phpbb_root_path, $php_ext)
{ {
$this->db = $db;
$this->config = $config; $this->config = $config;
$this->passwords_manager = $passwords_manager; $this->db = $db;
$this->language = $language;
$this->request = $request; $this->request = $request;
$this->user = $user; $this->user = $user;
$this->phpbb_root_path = $phpbb_root_path; $this->phpbb_root_path = $phpbb_root_path;
@ -52,9 +73,9 @@ class apache extends \phpbb\auth\provider\base
*/ */
public function init() public function init()
{ {
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'))) if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')))
{ {
return $this->user->lang['APACHE_SETUP_BEFORE_USE']; return $this->language->lang('APACHE_SETUP_BEFORE_USE');
} }
return false; return false;
} }
@ -83,7 +104,7 @@ class apache extends \phpbb\auth\provider\base
); );
} }
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER)) if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{ {
return array( return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH, 'status' => LOGIN_ERROR_EXTERNAL_AUTH,
@ -137,7 +158,7 @@ class apache extends \phpbb\auth\provider\base
return array( return array(
'status' => LOGIN_SUCCESS_CREATE_PROFILE, 'status' => LOGIN_SUCCESS_CREATE_PROFILE,
'error_msg' => false, 'error_msg' => false,
'user_row' => $this->user_row($php_auth_user, $php_auth_pw), 'user_row' => $this->user_row($php_auth_user),
); );
} }
@ -154,7 +175,7 @@ class apache extends \phpbb\auth\provider\base
*/ */
public function autologin() public function autologin()
{ {
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER)) if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{ {
return array(); return array();
} }
@ -164,8 +185,8 @@ class apache extends \phpbb\auth\provider\base
if (!empty($php_auth_user) && !empty($php_auth_pw)) if (!empty($php_auth_user) && !empty($php_auth_pw))
{ {
set_var($php_auth_user, $php_auth_user, 'string', true); $type_cast_helper = new type_cast_helper();
set_var($php_auth_pw, $php_auth_pw, 'string', true); $type_cast_helper->set_var($php_auth_user, $php_auth_user, 'string', true);
$sql = 'SELECT * $sql = 'SELECT *
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
@ -185,7 +206,7 @@ class apache extends \phpbb\auth\provider\base
} }
// create the user if he does not exist yet // create the user if he does not exist yet
user_add($this->user_row($php_auth_user, $php_auth_pw)); user_add($this->user_row($php_auth_user));
$sql = 'SELECT * $sql = 'SELECT *
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
@ -208,11 +229,11 @@ class apache extends \phpbb\auth\provider\base
* function in order to create a user * function in order to create a user
* *
* @param string $username The username of the new user. * @param string $username The username of the new user.
* @param string $password The password of the new user. *
* @return array Contains data that can be passed directly to * @return array Contains data that can be passed directly to
* the user_add function. * the user_add function.
*/ */
private function user_row($username, $password) private function user_row($username)
{ {
// first retrieve default group id // first retrieve default group id
$sql = 'SELECT group_id $sql = 'SELECT group_id
@ -231,7 +252,7 @@ class apache extends \phpbb\auth\provider\base
// generate user account data // generate user account data
return array( return array(
'username' => $username, 'username' => $username,
'user_password' => $this->passwords_manager->hash($password), 'user_password' => '',
'user_email' => '', 'user_email' => '',
'group_id' => (int) $row['group_id'], 'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL, 'user_type' => USER_NORMAL,
@ -246,7 +267,7 @@ class apache extends \phpbb\auth\provider\base
public function validate_session($user) public function validate_session($user)
{ {
// Check if PHP_AUTH_USER is set and handle this case // Check if PHP_AUTH_USER is set and handle this case
if ($this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER)) if ($this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{ {
$php_auth_user = $this->request->server('PHP_AUTH_USER'); $php_auth_user = $this->request->server('PHP_AUTH_USER');

61
phpBB/phpbb/auth/provider/db.php
View file

@ -13,48 +13,69 @@
namespace phpbb\auth\provider; namespace phpbb\auth\provider;
use phpbb\captcha\factory;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\passwords\manager;
use phpbb\request\request_interface;
use phpbb\user;
/** /**
* Database authentication provider for phpBB3 * Database authentication provider for phpBB3
* This is for authentication via the integrated user table * This is for authentication via the integrated user table
*/ */
class db extends \phpbb\auth\provider\base class db extends base
{ {
/** @var factory CAPTCHA factory */
protected $captcha_factory;
/** @var config phpBB config */
protected $config;
/** @var driver_interface DBAL driver instance */
protected $db;
/** @var request_interface Request object */
protected $request;
/** @var user User object */
protected $user;
/** @var string phpBB root path */
protected $phpbb_root_path;
/** @var string PHP file extension */
protected $php_ext;
/** /**
* phpBB passwords manager * phpBB passwords manager
* *
* @var \phpbb\passwords\manager * @var manager
*/ */
protected $passwords_manager; protected $passwords_manager;
/**
* DI container
*
* @var \Symfony\Component\DependencyInjection\ContainerInterface
*/
protected $phpbb_container;
/** /**
* Database Authentication Constructor * Database Authentication Constructor
* *
* @param \phpbb\db\driver\driver_interface $db * @param factory $captcha_factory
* @param \phpbb\config\config $config * @param config $config
* @param \phpbb\passwords\manager $passwords_manager * @param driver_interface $db
* @param \phpbb\request\request $request * @param manager $passwords_manager
* @param \phpbb\user $user * @param request_interface $request
* @param \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container DI container * @param user $user
* @param string $phpbb_root_path * @param string $phpbb_root_path
* @param string $php_ext * @param string $php_ext
*/ */
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext) public function __construct(factory $captcha_factory, config $config, driver_interface $db, manager $passwords_manager, request_interface $request, user $user, $phpbb_root_path, $php_ext)
{ {
$this->db = $db; $this->captcha_factory = $captcha_factory;
$this->config = $config; $this->config = $config;
$this->db = $db;
$this->passwords_manager = $passwords_manager; $this->passwords_manager = $passwords_manager;
$this->request = $request; $this->request = $request;
$this->user = $user; $this->user = $user;
$this->phpbb_root_path = $phpbb_root_path; $this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext; $this->php_ext = $php_ext;
$this->phpbb_container = $phpbb_container;
} }
/** /**
@ -155,9 +176,7 @@ class db extends \phpbb\auth\provider\base
// Every auth module is able to define what to do by itself... // Every auth module is able to define what to do by itself...
if ($show_captcha) if ($show_captcha)
{ {
/* @var $captcha_factory \phpbb\captcha\factory */ $captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']);
$captcha_factory = $this->phpbb_container->get('captcha.factory');
$captcha = $captcha_factory->get_instance($this->config['captcha_plugin']);
$captcha->init(CONFIRM_LOGIN); $captcha->init(CONFIRM_LOGIN);
$vc_response = $captcha->validate($row); $vc_response = $captcha->validate($row);
if ($vc_response) if ($vc_response)

53
phpBB/phpbb/auth/provider/ldap.php
View file

@ -1,4 +1,5 @@
<?php <?php
/** /**
* *
* This file is part of the phpBB Forum Software package. * This file is part of the phpBB Forum Software package.
@ -13,32 +14,42 @@
namespace phpbb\auth\provider; namespace phpbb\auth\provider;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\language\language;
use phpbb\user;
/** /**
* Database authentication provider for phpBB3 * Database authentication provider for phpBB3
* This is for authentication via the integrated user table * This is for authentication via the integrated user table
*/ */
class ldap extends \phpbb\auth\provider\base class ldap extends base
{ {
/** /** @var config phpBB config */
* phpBB passwords manager protected $config;
*
* @var \phpbb\passwords\manager /** @var driver_interface DBAL driver interface */
*/ protected $db;
protected $passwords_manager;
/** @var language phpBB language class */
protected $language;
/** @var user phpBB user */
protected $user;
/** /**
* LDAP Authentication Constructor * LDAP Authentication Constructor
* *
* @param \phpbb\db\driver\driver_interface $db Database object * @param driver_interface $db DBAL driver interface
* @param \phpbb\config\config $config Config object * @param config $config Config object
* @param \phpbb\passwords\manager $passwords_manager Passwords manager object * @param language $language Language object
* @param \phpbb\user $user User object * @param user $user User object
*/ */
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user) public function __construct(config $config, driver_interface $db, language $language, user $user)
{ {
$this->db = $db;
$this->config = $config; $this->config = $config;
$this->passwords_manager = $passwords_manager; $this->db = $db;
$this->language = $language;
$this->user = $user; $this->user = $user;
} }
@ -49,7 +60,7 @@ class ldap extends \phpbb\auth\provider\base
{ {
if (!@extension_loaded('ldap')) if (!@extension_loaded('ldap'))
{ {
return $this->user->lang['LDAP_NO_LDAP_EXTENSION']; return $this->language->lang('LDAP_NO_LDAP_EXTENSION');
} }
$this->config['ldap_port'] = (int) $this->config['ldap_port']; $this->config['ldap_port'] = (int) $this->config['ldap_port'];
@ -64,7 +75,7 @@ class ldap extends \phpbb\auth\provider\base
if (!$ldap) if (!$ldap)
{ {
return $this->user->lang['LDAP_NO_SERVER_CONNECTION']; return $this->language->lang('LDAP_NO_SERVER_CONNECTION');
} }
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
@ -74,7 +85,7 @@ class ldap extends \phpbb\auth\provider\base
{ {
if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password']))) if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password'])))
{ {
return $this->user->lang['LDAP_INCORRECT_USER_PASSWORD']; return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD');
} }
} }
@ -92,7 +103,7 @@ class ldap extends \phpbb\auth\provider\base
if ($search === false) if ($search === false)
{ {
return $this->user->lang['LDAP_SEARCH_FAILED']; return $this->language->lang('LDAP_SEARCH_FAILED');
} }
$result = @ldap_get_entries($ldap, $search); $result = @ldap_get_entries($ldap, $search);
@ -101,12 +112,12 @@ class ldap extends \phpbb\auth\provider\base
if (!is_array($result) || count($result) < 2) if (!is_array($result) || count($result) < 2)
{ {
return sprintf($this->user->lang['LDAP_NO_IDENTITY'], $this->user->data['username']); return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']);
} }
if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])])) if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])]))
{ {
return $this->user->lang['LDAP_NO_EMAIL']; return $this->language->lang('LDAP_NO_EMAIL');
} }
return false; return false;
@ -245,7 +256,7 @@ class ldap extends \phpbb\auth\provider\base
// generate user account data // generate user account data
$ldap_user_row = array( $ldap_user_row = array(
'username' => $username, 'username' => $username,
'user_password' => $this->passwords_manager->hash($password), 'user_password' => '',
'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '', 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '',
'group_id' => (int) $row['group_id'], 'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL, 'user_type' => USER_NORMAL,

92
phpBB/phpbb/auth/provider/oauth/oauth.php
View file

@ -13,44 +13,50 @@
namespace phpbb\auth\provider\oauth; namespace phpbb\auth\provider\oauth;
use OAuth\Common\Http\Exception\TokenResponseException;
use OAuth\ServiceFactory; use OAuth\ServiceFactory;
use OAuth\Common\Consumer\Credentials; use OAuth\Common\Consumer\Credentials;
use OAuth\Common\Service\ServiceInterface; use OAuth\Common\Service\ServiceInterface;
use OAuth\OAuth1\Service\AbstractService as OAuth1Service; use OAuth\OAuth1\Service\AbstractService as OAuth1Service;
use OAuth\OAuth2\Service\AbstractService as OAuth2Service; use OAuth\OAuth2\Service\AbstractService as OAuth2Service;
use Symfony\Component\DependencyInjection\ContainerInterface; use phpbb\auth\provider\base;
use phpbb\auth\provider\db;
use phpbb\auth\provider\oauth\service\exception; use phpbb\auth\provider\oauth\service\exception;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\di\service_collection;
use phpbb\event\dispatcher;
use phpbb\language\language;
use phpbb\request\request_interface;
use phpbb\user;
/** /**
* OAuth authentication provider for phpBB3 * OAuth authentication provider for phpBB3
*/ */
class oauth extends \phpbb\auth\provider\base class oauth extends base
{ {
/** @var \phpbb\config\config */ /** @var config */
protected $config; protected $config;
/** @var ContainerInterface */ /** @var driver_interface */
protected $container;
/** @var \phpbb\db\driver\driver_interface */
protected $db; protected $db;
/** @var \phpbb\event\dispatcher */ /** @var db */
protected $db_auth;
/** @var dispatcher */
protected $dispatcher; protected $dispatcher;
/** @var \phpbb\language\language */ /** @var language */
protected $language; protected $language;
/** @var \phpbb\passwords\manager */ /** @var request_interface */
protected $passwords_manager;
/** @var \phpbb\request\request_interface */
protected $request; protected $request;
/** @var \phpbb\di\service_collection */ /** @var service_collection */
protected $service_providers; protected $service_providers;
/** @var \phpbb\user */ /** @var user */
protected $user; protected $user;
/** @var string OAuth table: token storage */ /** @var string OAuth table: token storage */
@ -74,15 +80,14 @@ class oauth extends \phpbb\auth\provider\base
/** /**
* Constructor. * Constructor.
* *
* @param \phpbb\config\config $config Config object * @param config $config Config object
* @param ContainerInterface $container Service container object * @param driver_interface $db Database object
* @param \phpbb\db\driver\driver_interface $db Database object * @param db $db_auth DB auth provider
* @param \phpbb\event\dispatcher $dispatcher Event dispatcher object * @param dispatcher $dispatcher Event dispatcher object
* @param \phpbb\language\language $language Language object * @param language $language Language object
* @param \phpbb\passwords\manager $passwords_manager Password manager object * @param request_interface $request Request object
* @param \phpbb\request\request_interface $request Request object * @param service_collection $service_providers OAuth providers service collection
* @param \phpbb\di\service_collection $service_providers OAuth providers service collection * @param user $user User object
* @param \phpbb\user $user User object
* @param string $oauth_token_table OAuth table: token storage * @param string $oauth_token_table OAuth table: token storage
* @param string $oauth_state_table OAuth table: state * @param string $oauth_state_table OAuth table: state
* @param string $oauth_account_table OAuth table: account association * @param string $oauth_account_table OAuth table: account association
@ -91,15 +96,14 @@ class oauth extends \phpbb\auth\provider\base
* @param string $php_ext php File extension * @param string $php_ext php File extension
*/ */
public function __construct( public function __construct(
\phpbb\config\config $config, config $config,
ContainerInterface $container, driver_interface $db,
\phpbb\db\driver\driver_interface $db, db $db_auth,
\phpbb\event\dispatcher $dispatcher, dispatcher $dispatcher,
\phpbb\language\language $language, language $language,
\phpbb\passwords\manager $passwords_manager, request_interface $request,
\phpbb\request\request_interface $request, service_collection $service_providers,
\phpbb\di\service_collection $service_providers, user $user,
\phpbb\user $user,
$oauth_token_table, $oauth_token_table,
$oauth_state_table, $oauth_state_table,
$oauth_account_table, $oauth_account_table,
@ -109,10 +113,9 @@ class oauth extends \phpbb\auth\provider\base
) )
{ {
$this->config = $config; $this->config = $config;
$this->container = $container;
$this->db = $db; $this->db = $db;
$this->db_auth = $db_auth;
$this->dispatcher = $dispatcher; $this->dispatcher = $dispatcher;
$this->passwords_manager = $passwords_manager;
$this->language = $language; $this->language = $language;
$this->service_providers = $service_providers; $this->service_providers = $service_providers;
$this->request = $request; $this->request = $request;
@ -153,18 +156,7 @@ class oauth extends \phpbb\auth\provider\base
// Temporary workaround for only having one authentication provider available // Temporary workaround for only having one authentication provider available
if (!$this->request->is_set('oauth_service')) if (!$this->request->is_set('oauth_service'))
{ {
$provider = new \phpbb\auth\provider\db( return $this->db_auth->login($username, $password);
$this->db,
$this->config,
$this->passwords_manager,
$this->request,
$this->user,
$this->container,
$this->root_path,
$this->php_ext
);
return $provider->login($username, $password);
} }
// Request the name of the OAuth service // Request the name of the OAuth service
@ -822,10 +814,10 @@ class oauth extends \phpbb\auth\provider\base
switch ($service::OAUTH_VERSION) switch ($service::OAUTH_VERSION)
{ {
case 1: case 1:
return $this->request->is_set('oauth_token', \phpbb\request\request_interface::GET); return $this->request->is_set('oauth_token', request_interface::GET);
case 2: case 2:
return $this->request->is_set('code', \phpbb\request\request_interface::GET); return $this->request->is_set('code', request_interface::GET);
default: default:
return false; return false;
@ -850,7 +842,7 @@ class oauth extends \phpbb\auth\provider\base
$token = $service->requestRequestToken(); $token = $service->requestRequestToken();
$parameters = ['oauth_token' => $token->getRequestToken()]; $parameters = ['oauth_token' => $token->getRequestToken()];
} }
catch (\OAuth\Common\Http\Exception\TokenResponseException $e) catch (TokenResponseException $e)
{ {
return [ return [
'status' => LOGIN_ERROR_EXTERNAL_AUTH, 'status' => LOGIN_ERROR_EXTERNAL_AUTH,

12
tests/auth/fixtures/user.xml
View file

@ -1,5 +1,17 @@
<?xml version="1.0" encoding="UTF-8" ?> <?xml version="1.0" encoding="UTF-8" ?>
<dataset> <dataset>
<table name="phpbb_groups">
<column>group_id</column>
<column>group_name</column>
<column>group_type</column>
<column>group_desc</column>
<row>
<value>1</value>
<value>REGISTERED</value>
<value>3</value>
<value>foobar</value>
</row>
</table>
<table name="phpbb_users"> <table name="phpbb_users">
<column>user_id</column> <column>user_id</column>
<column>username</column> <column>username</column>

39
tests/auth/fixtures/user_533.xml
View file

@ -1,39 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<dataset>
<table name="phpbb_users">
<column>user_id</column>
<column>username</column>
<column>username_clean</column>
<column>user_password</column>
<column>user_passchg</column>
<column>user_email</column>
<column>user_type</column>
<column>user_login_attempts</column>
<column>user_permissions</column>
<column>user_sig</column>
<row>
<value>1</value>
<value>foobar</value>
<value>foobar</value>
<value>$2a$10$e01Syh9PbJjUkio66eFuUu4FhCE2nRgG7QPc1JACalsPXcIuG2bbi</value>
<value>0</value>
<value>example@example.com</value>
<value>0</value>
<value>0</value>
<value></value>
<value></value>
</row>
<row>
<value>2</value>
<value>foobar2</value>
<value>foobar2</value>
<value>$H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/</value>
<value>0</value>
<value>example@example.com</value>
<value>0</value>
<value>0</value>
<value></value>
<value></value>
</row>
</table>
</dataset>

37
tests/auth/provider_apache_test.php
View file

@ -28,41 +28,14 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case
$lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx); $lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx);
$lang = new \phpbb\language\language($lang_loader); $lang = new \phpbb\language\language($lang_loader);
$this->request = $this->createMock('\phpbb\request\request'); $this->request = $this->createMock('\phpbb\request\request');
$this->user = new \phpbb\user($lang, '\phpbb\datetime'); $this->user = new \phpbb\user($lang, '\phpbb\datetime');;
$driver_helper = new \phpbb\passwords\driver\helper($config);
$passwords_drivers = array(
'passwords.driver.bcrypt_2y' => new \phpbb\passwords\driver\bcrypt_2y($config, $driver_helper),
'passwords.driver.bcrypt' => new \phpbb\passwords\driver\bcrypt($config, $driver_helper),
'passwords.driver.salted_md5' => new \phpbb\passwords\driver\salted_md5($config, $driver_helper),
'passwords.driver.phpass' => new \phpbb\passwords\driver\phpass($config, $driver_helper),
);
$passwords_helper = new \phpbb\passwords\helper; $this->provider = new \phpbb\auth\provider\apache($config, $db, $lang, $this->request, $this->user, $phpbb_root_path, $phpEx);
// Set up passwords manager
$passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
if (version_compare(PHP_VERSION, '5.3.7', '<'))
{
$this->password_hash = '$2a$10$e01Syh9PbJjUkio66eFuUu4FhCE2nRgG7QPc1JACalsPXcIuG2bbi';
}
else
{
$this->password_hash = '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i';
}
$this->provider = new \phpbb\auth\provider\apache($db, $config, $passwords_manager, $this->request, $this->user, $phpbb_root_path, $phpEx);
} }
public function getDataSet() public function getDataSet()
{ {
if ((version_compare(PHP_VERSION, '5.3.7', '<'))) return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user_533.xml');
}
else
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
} }
/** /**
@ -109,7 +82,7 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case
'user_row' => array( 'user_row' => array(
'user_id' => '1', 'user_id' => '1',
'username' => 'foobar', 'username' => 'foobar',
'user_password' => $this->password_hash, 'user_password' => '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i',
'user_passchg' => '0', 'user_passchg' => '0',
'user_email' => 'example@example.com', 'user_email' => 'example@example.com',
'user_type' => '0', 'user_type' => '0',
@ -145,7 +118,7 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case
'user_regdate' => '0', 'user_regdate' => '0',
'username' => 'foobar', 'username' => 'foobar',
'username_clean' => 'foobar', 'username_clean' => 'foobar',
'user_password' => $this->password_hash, 'user_password' => '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i',
'user_passchg' => '0', 'user_passchg' => '0',
'user_email' => 'example@example.com', 'user_email' => 'example@example.com',
'user_email_hash' => '0', 'user_email_hash' => '0',

35
tests/auth/provider_db_test.php
View file

@ -15,14 +15,7 @@ class phpbb_auth_provider_db_test extends phpbb_database_test_case
{ {
public function getDataSet() public function getDataSet()
{ {
if ((version_compare(PHP_VERSION, '5.3.7', '<'))) return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user_533.xml');
}
else
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
} }
public function test_login() public function test_login()
@ -52,16 +45,21 @@ class phpbb_auth_provider_db_test extends phpbb_database_test_case
$passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers)); $passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
$phpbb_container = new phpbb_mock_container_builder(); $phpbb_container = new phpbb_mock_container_builder();
$plugins = new \phpbb\di\service_collection($phpbb_container);
$plugins->add('core.captcha.plugins.nogd');
$phpbb_container->set(
'captcha.factory',
new \phpbb\captcha\factory($phpbb_container, $plugins)
);
$phpbb_container->set(
'core.captcha.plugins.nogd',
new \phpbb\captcha\plugins\nogd()
);
/** @var \phpbb\captcha\factory $captcha_factory */
$captcha_factory = $phpbb_container->get('captcha.factory');
$provider = new \phpbb\auth\provider\db($db, $config, $passwords_manager, $request, $user, $phpbb_container, $phpbb_root_path, $phpEx); $provider = new \phpbb\auth\provider\db($captcha_factory, $config, $db, $passwords_manager, $request, $user, $phpbb_root_path, $phpEx);
if (version_compare(PHP_VERSION, '5.3.7', '<')) $password_hash = '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i';
{
$password_hash = '$2a$10$e01Syh9PbJjUkio66eFuUu4FhCE2nRgG7QPc1JACalsPXcIuG2bbi';
}
else
{
$password_hash = '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i';
}
$expected = array( $expected = array(
'status' => LOGIN_SUCCESS, 'status' => LOGIN_SUCCESS,
@ -88,7 +86,6 @@ class phpbb_auth_provider_db_test extends phpbb_database_test_case
// Check if convert works // Check if convert works
$login_return = $provider->login('foobar2', 'example'); $login_return = $provider->login('foobar2', 'example');
$password_start = (version_compare(PHP_VERSION, '5.3.7', '<')) ? '$2a$10$' : '$2y$10$'; $this->assertStringStartsWith('$2y$10$', $login_return['user_row']['user_password']);
$this->assertStringStartsWith($password_start, $login_return['user_row']['user_password']);
} }
} }

94
tests/auth/provider_ldap_test.php Normal file
View file

@ -0,0 +1,94 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
/**
* @group slow
*/
class phpbb_auth_provider_ldap_test extends phpbb_database_test_case
{
/** @var \phpbb\auth\provider\ldap */
protected $provider;
protected $user;
protected function setup() : void
{
parent::setUp();
global $phpbb_root_path, $phpEx;
$db = $this->new_dbal();
$config = new \phpbb\config\config([
'ldap_server' => 'localhost',
'ldap_port' => 3389,
'ldap_base_dn' => 'dc=example,dc=com',
'ldap_uid' => 'uid',
'ldap_email' => 'mail',
]);
$lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx);
$lang = new \phpbb\language\language($lang_loader);
$this->user = new \phpbb\user($lang, '\phpbb\datetime');
$this->user->data['username'] = 'admin';
$this->provider = new \phpbb\auth\provider\ldap($config, $db, $lang, $this->user);
}
public function getDataSet()
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
/**
* Test to see if a user is identified to Apache. Expects false if they are.
*/
public function test_init()
{
$this->assertFalse($this->provider->init());
}
public function test_login()
{
$username = 'admin';
$password = 'adminadmin';
$expected = array(
'status' => LOGIN_SUCCESS_CREATE_PROFILE, // successful login and user created
'error_msg' => false,
'user_row' => array(
'username' => 'admin',
'user_password' => '',
'user_email' => 'admin@example.com',
'user_type' => 0,
'group_id' => 1,
'user_new' => 0,
'user_ip' => '',
),
);
$this->assertEquals($expected, $this->provider->login($username, $password));
}
public function test_autologin()
{
$this->assertNull($this->provider->autologin());
}
public function test_validate_session()
{
$user = array(
'username' => 'admin',
);
$this->assertNull($this->provider->validate_session($user));
}
}

25
tests/functions/user_delete_test.php
View file

@ -60,13 +60,34 @@ class phpbb_functions_user_delete_test extends phpbb_database_test_case
// Set up passwords manager // Set up passwords manager
$passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers)); $passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
$plugins = new \phpbb\di\service_collection($phpbb_container);
$plugins->add('core.captcha.plugins.nogd');
$phpbb_container->set(
'captcha.factory',
new \phpbb\captcha\factory($phpbb_container, $plugins)
);
$phpbb_container->set(
'core.captcha.plugins.nogd',
new \phpbb\captcha\plugins\nogd()
);
// Set up passwords manager
$db_auth_provider = new \phpbb\auth\provider\db(
new \phpbb\captcha\factory($phpbb_container, $plugins),
$config,
$db,
$passwords_manager,
$request,
$user,
$phpbb_root_path,
$phpEx
);
$oauth_provider = new \phpbb\auth\provider\oauth\oauth( $oauth_provider = new \phpbb\auth\provider\oauth\oauth(
$config, $config,
$phpbb_container,
$db, $db,
$db_auth_provider,
$phpbb_dispatcher, $phpbb_dispatcher,
$lang, $lang,
$passwords_manager,
$request, $request,
$oauth_provider_collection, $oauth_provider_collection,
$user, $user,

154
tests/passwords/manager_test.php
View file

@ -51,26 +51,13 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
public function hash_password_data() public function hash_password_data()
{ {
if (version_compare(PHP_VERSION, '5.3.7', '<')) return array(
{ array('', '2y', 60),
return array( array('passwords.driver.bcrypt_2y', '2y', 60),
array('', '2a', 60), array('passwords.driver.bcrypt', '2a', 60),
array('passwords.driver.bcrypt_2y', '2a', 60), array('passwords.driver.salted_md5', 'H', 34),
array('passwords.driver.bcrypt', '2a', 60), array('passwords.driver.foobar', '', false),
array('passwords.driver.salted_md5', 'H', 34), );
array('passwords.driver.foobar', '', false),
);
}
else
{
return array(
array('', '2y', 60),
array('passwords.driver.bcrypt_2y', '2y', 60),
array('passwords.driver.bcrypt', '2a', 60),
array('passwords.driver.salted_md5', 'H', 34),
array('passwords.driver.foobar', '', false),
);
}
} }
/** /**
@ -100,23 +87,12 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
public function check_password_data() public function check_password_data()
{ {
if (version_compare(PHP_VERSION, '5.3.7', '<')) return array(
{ array('passwords.driver.bcrypt_2y'),
return array( array('passwords.driver.bcrypt'),
array('passwords.driver.bcrypt'), array('passwords.driver.salted_md5'),
array('passwords.driver.salted_md5'), array('passwords.driver.phpass'),
array('passwords.driver.phpass'), );
);
}
else
{
return array(
array('passwords.driver.bcrypt_2y'),
array('passwords.driver.bcrypt'),
array('passwords.driver.salted_md5'),
array('passwords.driver.phpass'),
);
}
} }
/** /**
@ -136,7 +112,7 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
} }
// Check if convert_flag is correctly set // Check if convert_flag is correctly set
$default_type = (version_compare(PHP_VERSION, '5.3.7', '<')) ? 'passwords.driver.bcrypt' : 'passwords.driver.bcrypt_2y'; $default_type = 'passwords.driver.bcrypt_2y';
$this->assertEquals(($hash_type !== $default_type), $this->manager->convert_flag); $this->assertEquals(($hash_type !== $default_type), $this->manager->convert_flag);
} }
@ -200,79 +176,43 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
public function test_hash_password_8bit_bcrypt() public function test_hash_password_8bit_bcrypt()
{ {
$this->assertEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt')); $this->assertEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt'));
if (version_compare(PHP_VERSION, '5.3.7', '<')) $this->assertNotEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt_2y'));
{
$this->assertEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt_2y'));
}
else
{
$this->assertNotEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt_2y'));
}
} }
public function combined_hash_data() public function combined_hash_data()
{ {
if (version_compare(PHP_VERSION, '5.3.7', '<')) return array(
{ array(
return array( 'passwords.driver.salted_md5',
array( array('passwords.driver.bcrypt_2y'),
'passwords.driver.salted_md5', ),
array('passwords.driver.bcrypt'), array(
), 'passwords.driver.salted_md5',
array( array('passwords.driver.bcrypt'),
'passwords.driver.phpass', ),
array('passwords.driver.salted_md5'), array(
), 'passwords.driver.phpass',
array( array('passwords.driver.salted_md5'),
'passwords.driver.salted_md5', ),
array('passwords.driver.phpass', 'passwords.driver.bcrypt'), array(
), 'passwords.driver.salted_md5',
array( array('passwords.driver.bcrypt_2y', 'passwords.driver.bcrypt'),
'passwords.driver.salted_md5', ),
array('passwords.driver.salted_md5'), array(
false, 'passwords.driver.salted_md5',
), array('passwords.driver.salted_md5'),
array( false,
'$H$', ),
array('$2a$'), array(
), 'passwords.driver.bcrypt_2y',
); array('passwords.driver.salted_md4'),
} false,
else ),
{ array(
return array( '$H$',
array( array('$2y$'),
'passwords.driver.salted_md5', ),
array('passwords.driver.bcrypt_2y'), );
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt'),
),
array(
'passwords.driver.phpass',
array('passwords.driver.salted_md5'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt_2y', 'passwords.driver.bcrypt'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.salted_md5'),
false,
),
array(
'passwords.driver.bcrypt_2y',
array('passwords.driver.salted_md4'),
false,
),
array(
'$H$',
array('$2y$'),
),
);
}
} }
/** /**

41
travis/ldap/base.ldif Normal file
View file

@ -0,0 +1,41 @@
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
dn: ou=foo,dc=example,dc=com
objectClass: organizationalUnit
ou: foo
dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9NytMR2gveUxTMzdsc3RRd1V1dENZSVA0TWdYdm9SdDY=
dn: ou=group,dc=example,dc=com
objectClass: organizationalUnit
ou: group
dn: cn=admin,ou=foo,dc=example,dc=com
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
loginShell: /bin/bash
homeDirectory: /home/admin
uid: admin
cn: admin
uidNumber: 10000
gidNumber: 10000
sn: admin
mail: admin@example.com
userPassword:: e1NTSEF9WHpueGZURHZZc21JSkl6czdMVXBjdCtWYTA1dlMzVlQ=
dn: cn=admin,ou=group,dc=example,dc=com
objectClass: posixGroup
gidNumber: 10000
cn: admin

17
travis/ldap/slapd.conf Normal file
View file

@ -0,0 +1,17 @@
# See slapd.conf(5) for details on configuration options.
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
pidfile /tmp/slapd/slapd.pid
argsfile /tmp/slapd/slapd.args
modulepath /usr/lib/openldap
database ldif
directory /tmp/slapd
suffix "dc=example,dc=com"
rootdn "cn=admin,dc=example,dc=com"
rootpw adminadmin

23
travis/setup-ldap.sh Executable file
View file

@ -0,0 +1,23 @@
#!/bin/bash
#
# This file is part of the phpBB Forum Software package.
#
# @copyright (c) phpBB Limited <https://www.phpbb.com>
# @license GNU General Public License, version 2 (GPL-2.0)
#
# For full copyright and license information, please see
# the docs/CREDITS.txt file.
#
set -e
set -x
SLOWTESTS=$1
if [ "$SLOWTESTS" == '1' ]
then
sudo apt-get -y install ldap-utils slapd php-ldap
mkdir /tmp/slapd
slapd -f travis/ldap/slapd.conf -h ldap://localhost:3389 &
sleep 3
ldapadd -h localhost:3389 -D "cn=admin,dc=example,dc=com" -w adminadmin -f travis/ldap/base.ldif
fi