From 90f60b01371df494a4de5f02dc7f65b86def0afc Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 22 Aug 2019 10:56:07 +0200 Subject: [PATCH] FIX add $context parameter in checkLoginPassEntity --- htdocs/api/class/api_login.class.php | 6 ++++-- htdocs/core/lib/security2.lib.php | 5 +++-- htdocs/dav/fileserver.php | 6 ++++-- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/htdocs/api/class/api_login.class.php b/htdocs/api/class/api_login.class.php index f8616c9722a..2c182abbb6b 100644 --- a/htdocs/api/class/api_login.class.php +++ b/htdocs/api/class/api_login.class.php @@ -64,7 +64,9 @@ class Login // Authentication mode if (empty($dolibarr_main_authentication)) $dolibarr_main_authentication = 'http,dolibarr'; - $dolibarr_main_authentication = preg_replace('/twofactor/', 'dolibarr', $dolibarr_main_authentication); + + // this is manage directly in the module with $context parameters + //$dolibarr_main_authentication = preg_replace('/twofactor/', 'dolibarr', $dolibarr_main_authentication); // Authentication mode: forceuser if ($dolibarr_main_authentication == 'forceuser') @@ -87,7 +89,7 @@ class Login if ($entity == '') $entity=1; include_once DOL_DOCUMENT_ROOT . '/core/lib/security2.lib.php'; - $login = checkLoginPassEntity($login, $password, $entity, $authmode); + $login = checkLoginPassEntity($login, $password, $entity, $authmode, 'api'); if (empty($login)) { throw new RestException(403, 'Access denied'); diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php index 0e0d4a37946..627d9cb671a 100644 --- a/htdocs/core/lib/security2.lib.php +++ b/htdocs/core/lib/security2.lib.php @@ -47,9 +47,10 @@ function dol_getwebuser($mode) * @param string $passwordtotest Password value to test * @param string $entitytotest Instance of data we must check * @param array $authmode Array list of selected authentication mode array('http', 'dolibarr', 'xxx'...) + * @param string $context Context checkLoginPassEntity was created for ('api', 'dav', ...) * @return string Login or '' */ -function checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $authmode) +function checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $authmode, $context = null) { global $conf,$langs; //global $dolauthmode; // To return authentication finally used @@ -90,7 +91,7 @@ function checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $auth { // Call function to check user/password $function='check_user_password_'.$mode; - $login=call_user_func($function, $usertotest, $passwordtotest, $entitytotest); + $login=call_user_func($function, $usertotest, $passwordtotest, $entitytotest, $context); if ($login) // Login is successfull { $test=false; // To stop once at first login success diff --git a/htdocs/dav/fileserver.php b/htdocs/dav/fileserver.php index 748f329f89f..64329e72f1e 100644 --- a/htdocs/dav/fileserver.php +++ b/htdocs/dav/fileserver.php @@ -105,7 +105,9 @@ $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $p // Authentication mode if (empty($dolibarr_main_authentication)) $dolibarr_main_authentication='dolibarr'; - $dolibarr_main_authentication = preg_replace('/twofactor/', 'dolibarr', $dolibarr_main_authentication); + + // this is manage directly in the module with $context parameters + //$dolibarr_main_authentication = preg_replace('/twofactor/', 'dolibarr', $dolibarr_main_authentication); // Authentication mode: forceuser if ($dolibarr_main_authentication == 'forceuser') @@ -121,7 +123,7 @@ $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $p $authmode = explode(',', $dolibarr_main_authentication); $entity = (GETPOST('entity', 'int') ? GETPOST('entity', 'int') : (!empty($conf->entity) ? $conf->entity : 1)); - if (checkLoginPassEntity($username, $password, $entity, $authmode) != $username) + if (checkLoginPassEntity($username, $password, $entity, $authmode, 'dav') != $username) return false; return true;