Remove LOGIN parameter (login, ownCloud, sso) (Security fix)

Code refactoring
This commit is contained in:
RainLoop Team 2014-06-26 20:11:49 +04:00
parent cd448ffe91
commit 5d84af4458
22 changed files with 393 additions and 488 deletions

View file

@ -20,27 +20,25 @@ if (isset($_POST['appname'], $_POST['rainloop-password'], $_POST['rainloop-email
$sUser = OCP\User::getUser(); $sUser = OCP\User::getUser();
$sPostEmail = $_POST['rainloop-email']; $sPostEmail = $_POST['rainloop-email'];
$sPostLogin = isset($_POST['rainloop-login']) ? $_POST['rainloop-login'] : '';
OCP\Config::setUserValue($sUser, 'rainloop', 'rainloop-email', $sPostEmail); OCP\Config::setUserValue($sUser, 'rainloop', 'rainloop-email', $sPostEmail);
OCP\Config::setUserValue($sUser, 'rainloop', 'rainloop-login', $sPostLogin);
$sPass = $_POST['rainloop-password']; $sPass = $_POST['rainloop-password'];
if ('******' !== $sPass && '' !== $sPass) if ('******' !== $sPass && '' !== $sPass)
{ {
include_once OC_App::getAppPath('rainloop').'/lib/RainLoopHelper.php'; include_once OC_App::getAppPath('rainloop').'/lib/RainLoopHelper.php';
OCP\Config::setUserValue($sUser, 'rainloop', 'rainloop-password', OCP\Config::setUserValue($sUser, 'rainloop', 'rainloop-password',
OC_RainLoop_Helper::encodePassword($sPass, md5($sPostEmail.$sPostLogin))); OC_RainLoop_Helper::encodePassword($sPass, md5($sPostEmail)));
} }
$sEmail = OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-email', ''); $sEmail = OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-email', '');
$sLogin = OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-login', '');
} }
else else
{ {
OC_JSON::error(array('Message' => 'Invalid argument(s)', 'Email' => $sEmail, 'Login' => $sLogin)); OC_JSON::error(array('Message' => 'Invalid argument(s)', 'Email' => $sEmail));
return false; return false;
} }
OCP\JSON::success(array('Message' => 'Saved successfully', 'Email' => $sEmail, 'Login' => $sLogin)); OCP\JSON::success(array('Message' => 'Saved successfully', 'Email' => $sEmail));
return true; return true;

View file

@ -2,7 +2,7 @@
class OC_RainLoop_Helper class OC_RainLoop_Helper
{ {
public static function getSsoHash($sUrl, $sSsoKey, $sEmail, $sPassword, $sLogin = '') public static function getSsoHash($sUrl, $sSsoKey, $sEmail, $sPassword)
{ {
if (!function_exists('curl_init')) if (!function_exists('curl_init'))
{ {
@ -21,8 +21,7 @@ class OC_RainLoop_Helper
CURLOPT_POSTFIELDS => http_build_query(array( CURLOPT_POSTFIELDS => http_build_query(array(
'SsoKey' => $sSsoKey, 'SsoKey' => $sSsoKey,
'Email' => $sEmail, 'Email' => $sEmail,
'Password' => $sPassword, 'Password' => $sPassword
'Login' => $sLogin
), '', '&'), ), '', '&'),
CURLOPT_TIMEOUT => 5 CURLOPT_TIMEOUT => 5
)); ));

View file

@ -30,7 +30,6 @@ else
$sEmail = OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-email', ''); $sEmail = OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-email', '');
$oTemplate->assign('rainloop-email', $sEmail); $oTemplate->assign('rainloop-email', $sEmail);
$oTemplate->assign('rainloop-login', OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-login', ''));
$sPass = OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-password', ''); $sPass = OCP\Config::getUserValue($sUser, 'rainloop', 'rainloop-password', '');
$oTemplate->assign('rainloop-password', 0 === strlen($sPass) && 0 === strlen($sEmail) ? '' : '******'); $oTemplate->assign('rainloop-password', 0 === strlen($sPass) && 0 === strlen($sEmail) ? '' : '******');

View file

@ -8,9 +8,6 @@
<input type="text" id="rainloop-email" name="rainloop-email" <input type="text" id="rainloop-email" name="rainloop-email"
value="<?php echo $_['rainloop-email']; ?>" placeholder="<?php p($l->t('Email')); ?>" /> value="<?php echo $_['rainloop-email']; ?>" placeholder="<?php p($l->t('Email')); ?>" />
<input type="text" id="rainloop-email" name="rainloop-login"
value="<?php echo $_['rainloop-login']; ?>" placeholder="<?php p($l->t('Login (optional)')); ?>" />
<input type="password" id="rainloop-password" name="rainloop-password" <input type="password" id="rainloop-password" name="rainloop-password"
value="<?php echo $_['rainloop-password']; ?>" placeholder="<?php p($l->t('Password')); ?>" /> value="<?php echo $_['rainloop-password']; ?>" placeholder="<?php p($l->t('Password')); ?>" />

View file

@ -985,16 +985,6 @@ RainLoopApp.prototype.getContactsTagsAutocomplete = function (sQuery, fCallback)
})); }));
}; };
RainLoopApp.prototype.emailsPicsHashes = function ()
{
RL.remote().emailsPicsHashes(function (sResult, oData) {
if (Enums.StorageResultType.Success === sResult && oData && oData.Result)
{
RL.cache().setEmailsPicsHashesData(oData.Result);
}
});
};
/** /**
* @param {string} sMailToUrl * @param {string} sMailToUrl
* @returns {boolean} * @returns {boolean}
@ -1190,8 +1180,6 @@ RainLoopApp.prototype.bootstart = function ()
_.delay(function () { _.delay(function () {
RL.emailsPicsHashes();
RL.remote().servicesPics(function (sResult, oData) { RL.remote().servicesPics(function (sResult, oData) {
if (Enums.StorageResultType.Success === sResult && oData && oData.Result) if (Enums.StorageResultType.Success === sResult && oData && oData.Result)
{ {

View file

@ -214,15 +214,6 @@ LinkBuilder.prototype.langLink = function (sLang)
return this.sServer + '/Lang/0/' + encodeURI(sLang) + '/' + this.sVersion + '/'; return this.sServer + '/Lang/0/' + encodeURI(sLang) + '/' + this.sVersion + '/';
}; };
/**
* @param {string} sHash
* @return {string}
*/
LinkBuilder.prototype.getUserPicUrlFromHash = function (sHash)
{
return this.sServer + '/Raw/' + this.sSpecSuffix + '/UserPic/' + sHash + '/' + this.sVersion + '/';
};
/** /**
* @return {string} * @return {string}
*/ */

View file

@ -5,16 +5,10 @@
*/ */
function AbstractCacheStorage() function AbstractCacheStorage()
{ {
this.oEmailsPicsHashes = {};
this.oServices = {}; this.oServices = {};
this.bCapaGravatar = RL.capa(Enums.Capa.Gravatar); this.bCapaGravatar = RL.capa(Enums.Capa.Gravatar);
} }
/**
* @type {Object}
*/
AbstractCacheStorage.prototype.oEmailsPicsHashes = {};
/** /**
* @type {Object} * @type {Object}
*/ */
@ -28,7 +22,6 @@ AbstractCacheStorage.prototype.bCapaGravatar = false;
AbstractCacheStorage.prototype.clear = function () AbstractCacheStorage.prototype.clear = function ()
{ {
this.oServices = {}; this.oServices = {};
this.oEmailsPicsHashes = {};
}; };
/** /**
@ -42,19 +35,11 @@ AbstractCacheStorage.prototype.getUserPic = function (sEmail, fCallback)
var var
sUrl = '', sUrl = '',
sService = '', sService = '',
sEmailLower = sEmail.toLowerCase(), sEmailLower = sEmail.toLowerCase()
sPicHash = Utils.isUnd(this.oEmailsPicsHashes[sEmailLower]) ? '' : this.oEmailsPicsHashes[sEmailLower]
; ;
if ('' !== sPicHash) sService = sEmailLower.substr(sEmail.indexOf('@') + 1);
{ sUrl = '' !== sService && this.oServices[sService] ? this.oServices[sService] : '';
sUrl = RL.link().getUserPicUrlFromHash(sPicHash);
}
else
{
sService = sEmailLower.substr(sEmail.indexOf('@') + 1);
sUrl = '' !== sService && this.oServices[sService] ? this.oServices[sService] : '';
}
if (this.bCapaGravatar && '' === sUrl && '' !== sEmailLower) if (this.bCapaGravatar && '' === sUrl && '' !== sEmailLower)
{ {
@ -75,11 +60,3 @@ AbstractCacheStorage.prototype.setServicesData = function (oData)
{ {
this.oServices = oData; this.oServices = oData;
}; };
/**
* @param {Object} oData
*/
AbstractCacheStorage.prototype.setEmailsPicsHashesData = function (oData)
{
this.oEmailsPicsHashes = oData;
};

View file

@ -728,14 +728,6 @@ WebMailAjaxRemoteStorage.prototype.servicesPics = function (fCallback)
this.defaultRequest(fCallback, 'ServicesPics'); this.defaultRequest(fCallback, 'ServicesPics');
}; };
/**
* @param {?Function} fCallback
*/
WebMailAjaxRemoteStorage.prototype.emailsPicsHashes = function (fCallback)
{
this.defaultRequest(fCallback, 'EmailsPicsHashes');
};
/** /**
* @param {?Function} fCallback * @param {?Function} fCallback
*/ */

View file

@ -209,7 +209,6 @@ class ImapClient extends \MailSo\Net\NetClient
{ {
if ($this->oLogger) if ($this->oLogger)
{ {
$this->oLogger->AddSecret($this->EscapeString($sLogin));
$this->oLogger->AddSecret($this->EscapeString($sPassword)); $this->oLogger->AddSecret($this->EscapeString($sPassword));
} }

View file

@ -158,14 +158,6 @@ class Actions
return $this->sSpecAuthToken; return $this->sSpecAuthToken;
} }
/**
* @return string
*/
public function BuildSsoCacherKey($sSsoHash)
{
return '/Sso/Data/'.$sSsoHash.'/Login/';
}
/** /**
* @return \RainLoop\Application * @return \RainLoop\Application
*/ */
@ -409,8 +401,9 @@ class Actions
$this->StorageProvider()->Put(null, $this->StorageProvider()->Put(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'SignMe/UserToken/'.$oAccount->SignMeToken(), \RainLoop\KeyPathHelper::SignMeUserToken($oAccount->SignMeToken()),
$oAccount->GetAuthToken()); $oAccount->GetAuthToken()
);
} }
} }
} }
@ -975,7 +968,7 @@ class Actions
{ {
$oAccount = $this->GetAccountFromCustomToken($this->StorageProvider()->Get(null, $oAccount = $this->GetAccountFromCustomToken($this->StorageProvider()->Get(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'SignMe/UserToken/'.$sSignMeToken \RainLoop\KeyPathHelper::SignMeUserToken($sSignMeToken)
), false, false); ), false, false);
} }
@ -1418,7 +1411,6 @@ class Actions
/** /**
* @param string $sEmail * @param string $sEmail
* @param string $sLogin
* @param string $sPassword * @param string $sPassword
* @param string $sSignMeToken = '' * @param string $sSignMeToken = ''
* @param string $sAdditionalCode = '' * @param string $sAdditionalCode = ''
@ -1427,7 +1419,7 @@ class Actions
* @return \RainLoop\Account * @return \RainLoop\Account
* @throws \RainLoop\Exceptions\ClientException * @throws \RainLoop\Exceptions\ClientException
*/ */
public function LoginProcess(&$sEmail, &$sLogin, &$sPassword, $sSignMeToken = '', public function LoginProcess(&$sEmail, &$sPassword, $sSignMeToken = '',
$sAdditionalCode = '', $bAdditionalCodeSignMeSignMe = false) $sAdditionalCode = '', $bAdditionalCodeSignMeSignMe = false)
{ {
if (false === \strpos($sEmail, '@') && 0 < \strlen(\trim($this->Config()->Get('login', 'default_domain', '')))) if (false === \strpos($sEmail, '@') && 0 < \strlen(\trim($this->Config()->Get('login', 'default_domain', ''))))
@ -1435,13 +1427,13 @@ class Actions
$sEmail = $sEmail.'@'.\trim(\trim($this->Config()->Get('login', 'default_domain', '')), ' @'); $sEmail = $sEmail.'@'.\trim(\trim($this->Config()->Get('login', 'default_domain', '')), ' @');
} }
if (0 === \strlen($sLogin)) $this->Logger()->AddSecret($sPassword);
{
$sLogin = $sEmail;
}
$sLogin = $sEmail;
$this->Plugins()->RunHook('filter.login-credentials', array(&$sEmail, &$sLogin, &$sPassword)); $this->Plugins()->RunHook('filter.login-credentials', array(&$sEmail, &$sLogin, &$sPassword));
$this->Logger()->AddSecret($sPassword);
$oAccount = $this->LoginProvide($sEmail, $sLogin, $sPassword, $sSignMeToken); $oAccount = $this->LoginProvide($sEmail, $sLogin, $sPassword, $sSignMeToken);
if (!($oAccount instanceof \RainLoop\Account)) if (!($oAccount instanceof \RainLoop\Account))
{ {
@ -1538,14 +1530,11 @@ class Actions
$sAdditionalCode = $this->GetActionParam('AdditionalCode', ''); $sAdditionalCode = $this->GetActionParam('AdditionalCode', '');
$bAdditionalCodeSignMe = '1' === (string) $this->GetActionParam('AdditionalCodeSignMe', '0'); $bAdditionalCodeSignMe = '1' === (string) $this->GetActionParam('AdditionalCodeSignMe', '0');
$this->Logger()->AddSecret($sPassword);
$oAccount = null; $oAccount = null;
try try
{ {
$sLogin = ''; $oAccount = $this->LoginProcess($sEmail, $sPassword,
$oAccount = $this->LoginProcess($sEmail, $sLogin, $sPassword,
$bSignMe ? \md5(\microtime(true).APP_SALT.\rand(10000, 99999).$sEmail) : '', $bSignMe ? \md5(\microtime(true).APP_SALT.\rand(10000, 99999).$sEmail) : '',
$sAdditionalCode, $bAdditionalCodeSignMe); $sAdditionalCode, $bAdditionalCodeSignMe);
} }
@ -1592,10 +1581,11 @@ class Actions
{ {
$sAccounts = $this->StorageProvider()->Get(null, $sAccounts = $this->StorageProvider()->Get(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'Webmail/Accounts/'.$sParentEmail.'/Array', null); \RainLoop\KeyPathHelper::WebmailAccounts($sParentEmail),
null
);
$aAccounts = $sAccounts ? @\unserialize($sAccounts) : array(); $aAccounts = $sAccounts ? @\unserialize($sAccounts) : array();
if (\is_array($aAccounts) && 0 < \count($aAccounts)) if (\is_array($aAccounts) && 0 < \count($aAccounts))
{ {
if (1 === \count($aAccounts)) if (1 === \count($aAccounts))
@ -1670,12 +1660,12 @@ class Actions
(1 === \count($aAccounts) && !empty($aAccounts[$sParentEmail]))) (1 === \count($aAccounts) && !empty($aAccounts[$sParentEmail])))
{ {
$this->StorageProvider()->Clear(null, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, $this->StorageProvider()->Clear(null, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'Webmail/Accounts/'.$sParentEmail.'/Array'); \RainLoop\KeyPathHelper::WebmailAccounts($sParentEmail));
} }
else else
{ {
$this->StorageProvider()->Put(null, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, $this->StorageProvider()->Put(null, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'Webmail/Accounts/'.$sParentEmail.'/Array', @\serialize($aAccounts)); \RainLoop\KeyPathHelper::WebmailAccounts($sParentEmail), @\serialize($aAccounts));
} }
} }
@ -1720,8 +1710,6 @@ class Actions
$sEmail = \trim($this->GetActionParam('Email', '')); $sEmail = \trim($this->GetActionParam('Email', ''));
$sPassword = $this->GetActionParam('Password', ''); $sPassword = $this->GetActionParam('Password', '');
$this->Logger()->AddSecret($sPassword);
$sParentEmail = $oAccount->ParentEmailHelper(); $sParentEmail = $oAccount->ParentEmailHelper();
$sEmail = \MailSo\Base\Utils::IdnToAscii($sEmail, true); $sEmail = \MailSo\Base\Utils::IdnToAscii($sEmail, true);
@ -1730,8 +1718,7 @@ class Actions
throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::AccountAlreadyExists); throw new \RainLoop\Exceptions\ClientException(\RainLoop\Notifications::AccountAlreadyExists);
} }
$sLogin = ''; $oNewAccount = $this->LoginProcess($sEmail, $sPassword);
$oNewAccount = $this->LoginProcess($sEmail, $sLogin, $sPassword);
$oNewAccount->SetParentEmail($sParentEmail); $oNewAccount->SetParentEmail($sParentEmail);
$aAccounts = $this->GetAccounts($oAccount); $aAccounts = $this->GetAccounts($oAccount);
@ -1938,7 +1925,8 @@ class Actions
$this->StorageProvider()->Clear(null, $this->StorageProvider()->Clear(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'SignMe/UserToken/'.$oAccount->SignMeToken()); \RainLoop\KeyPathHelper::SignMeUserToken($oAccount->SignMeToken())
);
} }
} }
@ -2325,10 +2313,10 @@ class Actions
if (2 < \strlen($sDomain)) if (2 < \strlen($sDomain))
{ {
$sValue = ''; $sValue = '';
$iTime = $this->Cacher()->GetTimer('Licensing/DomainKey/Value/'.$sDomain); $iTime = $this->Cacher()->GetTimer(\RainLoop\KeyPathHelper::LicensingDomainKeyValue($sDomain));
if (!$sForce && $iTime + 60 * 5 > \time()) if (!$sForce && $iTime + 60 * 5 > \time())
{ {
$sValue = $this->Cacher()->Get('Licensing/DomainKey/Value/'.$sDomain); $sValue = $this->Cacher()->Get(\RainLoop\KeyPathHelper::LicensingDomainKeyValue($sDomain));
} }
if (0 === \strlen($sValue)) if (0 === \strlen($sValue))
@ -2350,8 +2338,8 @@ class Actions
\sleep(1); \sleep(1);
} }
$this->Cacher()->Set('Licensing/DomainKey/Value/'.$sDomain, $sValue); $this->Cacher()->Set(\RainLoop\KeyPathHelper::LicensingDomainKeyValue($sDomain), $sValue);
$this->Cacher()->SetTimer('Licensing/DomainKey/Value/'.$sDomain); $this->Cacher()->SetTimer(\RainLoop\KeyPathHelper::LicensingDomainKeyValue($sDomain));
} }
$aMatch = array(); $aMatch = array();
@ -2663,7 +2651,7 @@ class Actions
$oHttp = \MailSo\Base\Http::SingletonInstance(); $oHttp = \MailSo\Base\Http::SingletonInstance();
$sCacheKey = 'UPDATER/('.$sRepo.')/'.$sRepoFile; $sCacheKey = \RainLoop\KeyPathHelper::RepositoryCacheFile($sRepo, $sRepoFile);
$sRep = $this->Cacher()->Get($sCacheKey); $sRep = $this->Cacher()->Get($sCacheKey);
if ('' !== $sRep) if ('' !== $sRep)
{ {
@ -2747,7 +2735,7 @@ class Actions
$oHttp = \MailSo\Base\Http::SingletonInstance(); $oHttp = \MailSo\Base\Http::SingletonInstance();
$sCacheKey = 'CORE-UPDATER/'.$sRepo; $sCacheKey = \RainLoop\KeyPathHelper::RepositoryCacheCore($sRepo);
$sRep = $this->Cacher()->Get($sCacheKey); $sRep = $this->Cacher()->Get($sCacheKey);
if ('' !== $sRep) if ('' !== $sRep)
{ {
@ -3419,14 +3407,6 @@ class Actions
$this->setSettingsFromParams($oSettings, 'SignatureToAll', 'bool'); $this->setSettingsFromParams($oSettings, 'SignatureToAll', 'bool');
$this->setSettingsFromParams($oSettings, 'EnableTwoFactor', 'bool'); $this->setSettingsFromParams($oSettings, 'EnableTwoFactor', 'bool');
$this->setSettingsFromParams($oSettings, 'CustomThemeImg', 'string');
if ('' === $oSettings->GetConf('CustomThemeImg', ''))
{
$this->StorageProvider()->Clear($oAccount,
\RainLoop\Providers\Storage\Enumerations\StorageType::USER, 'CustomThemeBackground');
}
return $this->DefaultResponse(__FUNCTION__, return $this->DefaultResponse(__FUNCTION__,
$this->SettingsProvider()->Save($oAccount, $oSettings)); $this->SettingsProvider()->Save($oAccount, $oSettings));
} }
@ -4725,7 +4705,7 @@ class Actions
$sFolderFullName = $this->GetActionParam('MessageFolder', ''); $sFolderFullName = $this->GetActionParam('MessageFolder', '');
$sUid = $this->GetActionParam('MessageUid', ''); $sUid = $this->GetActionParam('MessageUid', '');
$this->Cacher()->Set('/ReadReceipt/'.$oAccount->Email().'/'.$sFolderFullName.'/'.$sUid, '1'); $this->Cacher()->Set(\RainLoop\KeyPathHelper::ReadReceiptCache($oAccount->Email(), $sFolderFullName, $sUid), '1');
if (0 < \strlen($sFolderFullName) && 0 < \strlen($sUid)) if (0 < \strlen($sFolderFullName) && 0 < \strlen($sUid))
{ {
@ -4779,7 +4759,8 @@ class Actions
{ {
$mResult = null; $mResult = null;
$sData = $this->StorageProvider()->Get($oAccount->ParentEmailHelper(), $sData = $this->StorageProvider()->Get(
$oAccount->ParentEmailHelper(),
\RainLoop\Providers\Storage\Enumerations\StorageType::CONFIG, \RainLoop\Providers\Storage\Enumerations\StorageType::CONFIG,
'contacts_sync' 'contacts_sync'
); );
@ -4821,7 +4802,8 @@ class Actions
$mData = $this->getContactsSyncData($oAccount); $mData = $this->getContactsSyncData($oAccount);
$bResult = $this->StorageProvider()->Put($oAccount->ParentEmailHelper(), $bResult = $this->StorageProvider()->Put(
$oAccount->ParentEmailHelper(),
\RainLoop\Providers\Storage\Enumerations\StorageType::CONFIG, \RainLoop\Providers\Storage\Enumerations\StorageType::CONFIG,
'contacts_sync', 'contacts_sync',
\RainLoop\Utils::EncodeKeyValues(array( \RainLoop\Utils::EncodeKeyValues(array(
@ -4883,7 +4865,7 @@ class Actions
$sData = $this->StorageProvider()->Get(null, $sData = $this->StorageProvider()->Get(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'TwoFactorAuth/User/'.$sEmail.'/Data/' \RainLoop\KeyPathHelper::TwoFactorAuthUserData($sEmail)
); );
if ($sData) if ($sData)
@ -4941,7 +4923,7 @@ class Actions
$sData = $this->StorageProvider()->Get(null, $sData = $this->StorageProvider()->Get(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'TwoFactorAuth/User/'.$sEmail.'/Data/' \RainLoop\KeyPathHelper::TwoFactorAuthUserData($sEmail)
); );
if ($sData) if ($sData)
@ -4957,7 +4939,7 @@ class Actions
return $this->StorageProvider()->Put(null, return $this->StorageProvider()->Put(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'TwoFactorAuth/User/'.$sEmail.'/Data/', \RainLoop\KeyPathHelper::TwoFactorAuthUserData($sEmail),
\RainLoop\Utils::EncodeKeyValues($mData) \RainLoop\Utils::EncodeKeyValues($mData)
); );
} }
@ -5005,7 +4987,7 @@ class Actions
$this->StorageProvider()->Put(null, $this->StorageProvider()->Put(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'TwoFactorAuth/User/'.$sEmail.'/Data/', \RainLoop\KeyPathHelper::TwoFactorAuthUserData($sEmail),
\RainLoop\Utils::EncodeKeyValues(array( \RainLoop\Utils::EncodeKeyValues(array(
'User' => $sEmail, 'User' => $sEmail,
'Enable' => false, 'Enable' => false,
@ -5060,7 +5042,7 @@ class Actions
{ {
$bResult = $this->StorageProvider()->Put(null, $bResult = $this->StorageProvider()->Put(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'TwoFactorAuth/User/'.$sEmail.'/Data/', \RainLoop\KeyPathHelper::TwoFactorAuthUserData($sEmail),
\RainLoop\Utils::EncodeKeyValues(array( \RainLoop\Utils::EncodeKeyValues(array(
'User' => $sEmail, 'User' => $sEmail,
'Enable' => '1' === \trim($this->GetActionParam('Enable', '0')), 'Enable' => '1' === \trim($this->GetActionParam('Enable', '0')),
@ -5109,7 +5091,7 @@ class Actions
$this->StorageProvider()->Clear(null, $this->StorageProvider()->Clear(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY, \RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
'TwoFactorAuth/User/'.$oAccount->ParentEmailHelper().'/Data/' \RainLoop\KeyPathHelper::TwoFactorAuthUserData($oAccount->ParentEmailHelper())
); );
return $this->DefaultResponse(__FUNCTION__, return $this->DefaultResponse(__FUNCTION__,
@ -5288,7 +5270,6 @@ class Actions
$aResult = \array_slice($aResult, 0, $iLimit); $aResult = \array_slice($aResult, 0, $iLimit);
} }
// Plugins
$this->Plugins()->RunHook('ajax.suggestions-post', array(&$aResult, $sQuery, $oAccount, $iLimit)); $this->Plugins()->RunHook('ajax.suggestions-post', array(&$aResult, $sQuery, $oAccount, $iLimit));
if ($iLimit < \count($aResult)) if ($iLimit < \count($aResult))
@ -5299,15 +5280,6 @@ class Actions
return $this->DefaultResponse(__FUNCTION__, $aResult); return $this->DefaultResponse(__FUNCTION__, $aResult);
} }
/**
* @return array
*/
public function DoEmailsPicsHashes()
{
// $oAccount = $this->getAccountFromToken();
return $this->DefaultResponse(__FUNCTION__, array());
}
/** /**
* @return array * @return array
*/ */
@ -6188,6 +6160,7 @@ class Actions
{ {
$sIfModifiedSince = $this->Http()->GetHeader('If-Modified-Since', ''); $sIfModifiedSince = $this->Http()->GetHeader('If-Modified-Since', '');
$sIfNoneMatch = $this->Http()->GetHeader('If-None-Match', ''); $sIfNoneMatch = $this->Http()->GetHeader('If-None-Match', '');
if (!empty($sIfModifiedSince) || !empty($sIfNoneMatch)) if (!empty($sIfModifiedSince) || !empty($sIfNoneMatch))
{ {
$this->Http()->StatusHeader(304); $this->Http()->StatusHeader(304);
@ -6308,42 +6281,6 @@ class Actions
$this->AddressBookProvider($oAccount)->Export($oAccount->ParentEmailHelper(), 'csv') : false; $this->AddressBookProvider($oAccount)->Export($oAccount->ParentEmailHelper(), 'csv') : false;
} }
/**
* @return bool
*/
public function RawUserPic()
{
$sRawKey = (string) $this->GetActionParam('RawKey', '');
if (!empty($sRawKey))
{
$this->verifyCacheByKey($sRawKey);
}
$oAccount = $this->getAccountFromToken();
$sData = $this->StorageProvider()->Get($oAccount,
\RainLoop\Providers\Storage\Enumerations\StorageType::USER, 'contacts/'.$sRawKey);
if ($sData)
{
$aData = \explode('|||', $sData, 2);
if (\is_array($aData) && 2 === \count($aData) && !empty($aData[0]) && !empty($aData[1]))
{
header('Content-Type: '.$aData[0]);
header('Content-Disposition: inline; filename="'.\preg_replace('/[^a-zA-Z0-9]+/', '.', $aData[0]).'"', true);
header('Accept-Ranges: none', true);
header('Content-Transfer-Encoding: binary');
$this->cacheByKey($sRawKey);
echo \MailSo\Base\Utils::Base64Decode($aData[1]);
return true;
}
}
return false;
}
/** /**
* @return \RainLoop\Account|bool * @return \RainLoop\Account|bool
*/ */
@ -6878,7 +6815,6 @@ class Actions
{ {
$aNames = explode('\\', get_class($oData)); $aNames = explode('\\', get_class($oData));
$mResult = array( $mResult = array(
// '@Action' => $sParent,
'@Object' => end($aNames) '@Object' => end($aNames)
); );
@ -7147,7 +7083,7 @@ class Actions
try try
{ {
$oReadReceipt = \MailSo\Mime\Email::Parse($mResult['ReadReceipt']); $oReadReceipt = \MailSo\Mime\Email::Parse($mResult['ReadReceipt']);
if (!$oReadReceipt || ($oReadReceipt && $oAccount->Email() === $oReadReceipt->GetEmail())) if (!$oReadReceipt)
{ {
$mResult['ReadReceipt'] = ''; $mResult['ReadReceipt'] = '';
} }
@ -7156,7 +7092,7 @@ class Actions
} }
if (0 < \strlen($mResult['ReadReceipt']) && '1' === $this->Cacher()->Get( if (0 < \strlen($mResult['ReadReceipt']) && '1' === $this->Cacher()->Get(
'/ReadReceipt/'.$oAccount->Email().'/'.$mResult['Folder'].'/'.$mResult['Uid'], '0')) \RainLoop\KeyPathHelper::ReadReceiptCache($oAccount->Email(), $mResult['Folder'], $mResult['Uid']), '0'))
{ {
$mResult['ReadReceipt'] = ''; $mResult['ReadReceipt'] = '';
} }

View file

@ -70,19 +70,17 @@ class Api
/** /**
* @param string $sEmail * @param string $sEmail
* @param string $sPassword * @param string $sPassword
* @param string $sLogin = ''
* @param bool $bUseTimeout = true * @param bool $bUseTimeout = true
* *
* @return string * @return string
*/ */
public static function GetUserSsoHash($sEmail, $sPassword, $sLogin = '', $bUseTimeout = true) public static function GetUserSsoHash($sEmail, $sPassword, $bUseTimeout = true)
{ {
$sSsoHash = \sha1(\rand(10000, 99999).$sEmail.$sPassword.$sLogin.\microtime(true)); $sSsoHash = \sha1(\rand(10000, 99999).$sEmail.$sPassword.\microtime(true));
return self::Actions()->Cacher()->Set(self::Actions()->BuildSsoCacherKey($sSsoHash), \RainLoop\Utils::EncodeKeyValues(array( return self::Actions()->Cacher()->Set(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash), \RainLoop\Utils::EncodeKeyValues(array(
'Email' => $sEmail, 'Email' => $sEmail,
'Password' => $sPassword, 'Password' => $sPassword,
'Login' => $sLogin,
'Time' => $bUseTimeout ? \time() : 0 'Time' => $bUseTimeout ? \time() : 0
))) ? $sSsoHash : ''; ))) ? $sSsoHash : '';
} }
@ -94,6 +92,23 @@ class Api
*/ */
public static function ClearUserSsoHash($sSsoHash) public static function ClearUserSsoHash($sSsoHash)
{ {
return self::Actions()->Delete(self::Actions()->BuildSsoCacherKey($sSsoHash)); return self::Actions()->Cacher()->Delete(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash));
}
/**
* @todo
* @param string $sEmail
*
* @return bool
*/
public static function ClearUserDateStorage($sEmail)
{
$sEmail = \MailSo\Base\Utils::IdnToAscii($sEmail);
// TwoFactor Auth User Data
self::Actions()->StorageProvider()->Clear(null,
\RainLoop\Providers\Storage\Enumerations\StorageType::NOBODY,
\RainLoop\KeyPathHelper::TwoFactorAuthUserData($sEmail)
);
} }
} }

View file

@ -0,0 +1,132 @@
<?php
namespace RainLoop;
class KeyPathHelper
{
/**
* @param string $sEmail
*
* @return string
*/
static public function TwoFactorAuthUserData($sEmail)
{
return 'TwoFactorAuth/User/'.$sEmail.'/Data/';
}
/**
* @param string $sSsoHash
*
* @return string
*/
static public function SsoCacherKey($sSsoHash)
{
return '/Sso/Data/'.$sSsoHash.'/Login/';
}
/**
* @param string $sSignMeToken
*
* @return string
*/
static public function SignMeUserToken($sSignMeToken)
{
return '/SignMe/UserToken/'.$sSignMeToken;
}
/**
* @param string $sEmail
*
* @return string
*/
static public function WebmailAccounts($sEmail)
{
return 'Webmail/Accounts/'.$sEmail.'/Array';
}
/**
* @param string $sDomain
*
* @return string
*/
static public function LicensingDomainKeyValue($sDomain)
{
return 'Licensing/DomainKey/Value/'.$sDomain;
}
/**
* @param string $sRepo
* @param string $sRepoFile
*
* @return string
*/
static public function RepositoryCacheFile($sRepo, $sRepoFile)
{
return 'RepositoryCache/Repo/'.$sRepo.'/File/'.$sRepoFile;
}
/**
* @param string $sRepo
*
* @return string
*/
static public function RepositoryCacheCore($sRepo)
{
return 'RepositoryCache/CoreRepo/'.$sRepo;
}
/**
* @param string $sEmail
* @param string $sFolderFullName
* @param string $sUid
*
* @return string
*/
static public function ReadReceiptCache($sEmail, $sFolderFullName, $sUid)
{
return '/ReadReceipt/'.$sEmail.'/'.$sFolderFullName.'/'.$sUid;
}
/**
* @param string $sLanguage
* @param string $sPluginsHash
*
* @return string
*/
static public function LangCache($sLanguage, $sPluginsHash)
{
return '/LangCache/'.$sPluginsHash.'/'.$sLanguage.'/'.APP_VERSION.'/';
}
/**
* @param bool $bAdmin
* @param string $sPluginsHash
*
* @return string
*/
static public function TemplatesCache($bAdmin, $sPluginsHash)
{
return '/TemplatesCache/'.$sPluginsHash.'/'.($bAdmin ? 'Admin' : 'App').'/'.APP_VERSION.'/';
}
/**
* @param string $sPluginsHash
*
* @return string
*/
static public function PluginsJsCache($sPluginsHash)
{
return '/PluginsJsCache/'.$sPluginsHash.'/'.APP_VERSION.'/';
}
/**
* @param string $sTheme
* @param string $sPluginsHash
*
* @return string
*/
static public function CssCache($sPluginsHash)
{
return '/CssCache/'.$sPluginsHash.'/'.$sTheme.'/'.APP_VERSION.'/';
}
}

View file

@ -229,6 +229,8 @@ class PdoAddressBook
'password' => $sPassword 'password' => $sPassword
); );
$this->oLogger->AddSecret($sPassword);
if (!empty($sProxy)) if (!empty($sProxy))
{ {
$aSettings['proxy'] = $sProxy; $aSettings['proxy'] = $sProxy;
@ -239,7 +241,6 @@ class PdoAddressBook
$oClient = new \Sabre\DAV\Client($aSettings); $oClient = new \Sabre\DAV\Client($aSettings);
$oClient->setVerifyPeer(false); $oClient->setVerifyPeer(false);
$this->oLogger->AddSecret($sPassword);
$this->oLogger->Write('User: '.$aSettings['userName'].', Url: '.$sUrl, \MailSo\Log\Enumerations\Type::INFO, 'DAV'); $this->oLogger->Write('User: '.$aSettings['userName'].', Url: '.$sUrl, \MailSo\Log\Enumerations\Type::INFO, 'DAV');
$aRemoteSyncData = $this->prepearRemoteSyncData($oClient, $sPath); $aRemoteSyncData = $this->prepearRemoteSyncData($oClient, $sPath);

View file

@ -85,11 +85,8 @@ class Service
break; break;
} }
if (!\in_array($sErrStr, array('iconv(): Detected an illegal character in input string'))) $this->oActions->Logger()->Write($sErrFile.' [line:'.$iErrLine.', code:'.$iErrNo.']', $iType, 'PHP');
{ $this->oActions->Logger()->Write('Error: '.$sErrStr, $iType, 'PHP');
$this->oActions->Logger()->Write($sErrFile.' [line:'.$iErrLine.', code:'.$iErrNo.']', $iType, 'PHP');
$this->oActions->Logger()->Write('Error: '.$sErrStr, $iType, 'PHP');
}
return false; return false;
} }

View file

@ -351,27 +351,9 @@ class ServiceActions
$aData = \RainLoop\Utils::DecodeKeyValues($sData); $aData = \RainLoop\Utils::DecodeKeyValues($sData);
if (\is_array($aData) && !empty($aData['Token']) && !empty($aData['Url']) && $aData['Token'] === \RainLoop\Utils::GetConnectionToken()) if (\is_array($aData) && !empty($aData['Token']) && !empty($aData['Url']) && $aData['Token'] === \RainLoop\Utils::GetConnectionToken())
{ {
$sUrl = $aData['Url']; $iCode = 404;
$sContentType = '';
$aOptions = array( $mResult = $this->oHttp->GetUrlAsString($aData['Url'], 'RainLoop External Proxy', $sContentType, $iCode);
CURLOPT_URL => $sUrl,
CURLOPT_HEADER => false,
CURLOPT_USERAGENT => 'RainLoop External Proxy',
CURLOPT_FAILONERROR => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => false,
CURLOPT_TIMEOUT => (int) 10
);
$oCurl = \curl_init();
\curl_setopt_array($oCurl, $aOptions);
$mResult = \curl_exec($oCurl);
$iCode = (int) \curl_getinfo($oCurl, CURLINFO_HTTP_CODE);
$sContentType = (string) \curl_getinfo($oCurl, CURLINFO_CONTENT_TYPE);
$sContentType = \trim(\strtolower($sContentType));
if (false !== $mResult && 200 === $iCode && if (false !== $mResult && 200 === $iCode &&
\in_array($sContentType, array('image/png', 'image/jpeg', 'image/jpg', 'image/bmp', 'image/gif'))) \in_array($sContentType, array('image/png', 'image/jpeg', 'image/jpg', 'image/bmp', 'image/gif')))
@ -383,11 +365,6 @@ class ServiceActions
\header('Content-Type: '.$sContentType); \header('Content-Type: '.$sContentType);
echo $mResult; echo $mResult;
} }
if (\is_resource($oCurl))
{
\curl_close($oCurl);
}
} }
} }
@ -480,7 +457,7 @@ class ServiceActions
$sCacheFileName = ''; $sCacheFileName = '';
if ($bCacheEnabled) if ($bCacheEnabled)
{ {
$sCacheFileName = 'LANG:'.$this->oActions->Plugins()->Hash().$sLanguage.APP_VERSION; $sCacheFileName = \RainLoop\KeyPathHelper::LangCache($sLanguage, $this->oActions->Plugins()->Hash());
$sResult = $this->Cacher()->Get($sCacheFileName); $sResult = $this->Cacher()->Get($sCacheFileName);
} }
@ -521,7 +498,7 @@ class ServiceActions
$sCacheFileName = ''; $sCacheFileName = '';
if ($bCacheEnabled) if ($bCacheEnabled)
{ {
$sCacheFileName = 'TEMPLATES:'.($bAdmin ? 'Admin/' : 'App/').$this->oActions->Plugins()->Hash().APP_VERSION; $sCacheFileName = \RainLoop\KeyPathHelper::TemplatesCache($bAdmin, $this->oActions->Plugins()->Hash());
$sResult = $this->Cacher()->Get($sCacheFileName); $sResult = $this->Cacher()->Get($sCacheFileName);
} }
@ -561,7 +538,7 @@ class ServiceActions
$sCacheFileName = ''; $sCacheFileName = '';
if ($bCacheEnabled) if ($bCacheEnabled)
{ {
$sCacheFileName = 'PLUGIN:'.$this->oActions->Plugins()->Hash().APP_VERSION; $sCacheFileName = \RainLoop\KeyPathHelper::PluginsJsCache($this->oActions->Plugins()->Hash());
$sResult = $this->Cacher()->Get($sCacheFileName); $sResult = $this->Cacher()->Get($sCacheFileName);
} }
@ -622,7 +599,7 @@ class ServiceActions
$sCacheFileName = ''; $sCacheFileName = '';
if ($bCacheEnabled) if ($bCacheEnabled)
{ {
$sCacheFileName = 'THEMES/PLUGINS:'.$sTheme.':'.$this->Plugins()->Hash(); $sCacheFileName = \RainLoop\KeyPathHelper::CssCache($sTheme, $this->oActions->Plugins()->Hash());
$sResult = $this->Cacher()->Get($sCacheFileName); $sResult = $this->Cacher()->Get($sCacheFileName);
} }
@ -811,27 +788,24 @@ class ServiceActions
if (!empty($sSsoHash)) if (!empty($sSsoHash))
{ {
$mData = null; $mData = null;
$sSsoKey = $this->oActions->BuildSsoCacherKey($sSsoHash);
$sSsoSubData = $this->Cacher()->Get($sSsoKey); $sSsoSubData = $this->Cacher()->Get(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash));
if (!empty($sSsoSubData)) if (!empty($sSsoSubData))
{ {
$mData = \RainLoop\Utils::DecodeKeyValues($sSsoSubData); $mData = \RainLoop\Utils::DecodeKeyValues($sSsoSubData);
$this->Cacher()->Delete($sSsoKey); $this->Cacher()->Delete(\RainLoop\KeyPathHelper::SsoCacherKey($sSsoHash));
if (\is_array($mData) && !empty($mData['Email']) && isset($mData['Password'], $mData['Time']) && if (\is_array($mData) && !empty($mData['Email']) && isset($mData['Password'], $mData['Time']) &&
(0 === $mData['Time'] || \time() - 10 < $mData['Time'])) (0 === $mData['Time'] || \time() - 10 < $mData['Time']))
{ {
$sEmail = \trim($mData['Email']); $sEmail = \trim($mData['Email']);
$sPassword = $mData['Password']; $sPassword = $mData['Password'];
$sLogin = isset($mData['Login']) ? $mData['Login'] : '';
try try
{ {
$this->oActions->Logger()->AddSecret($sPassword); $oAccount = $this->oActions->LoginProcess($sEmail, $sPassword);
$oAccount = $this->oActions->LoginProcess($sEmail, $sLogin, $sPassword);
$this->oActions->AuthProcess($oAccount); $this->oActions->AuthProcess($oAccount);
$bLogout = !($oAccount instanceof \RainLoop\Account); $bLogout = !($oAccount instanceof \RainLoop\Account);
} }
catch (\Exception $oException) catch (\Exception $oException)
@ -861,16 +835,13 @@ class ServiceActions
$bLogout = true; $bLogout = true;
$sEmail = $this->oHttp->GetEnv('REMOTE_USER', ''); $sEmail = $this->oHttp->GetEnv('REMOTE_USER', '');
$sLogin = '';
$sPassword = $this->oHttp->GetEnv('REMOTE_PASSWORD', ''); $sPassword = $this->oHttp->GetEnv('REMOTE_PASSWORD', '');
if (0 < \strlen($sEmail) && 0 < \strlen(\trim($sPassword))) if (0 < \strlen($sEmail) && 0 < \strlen(\trim($sPassword)))
{ {
try try
{ {
$this->oActions->Logger()->AddSecret($sPassword); $oAccount = $this->oActions->LoginProcess($sEmail, $sPassword);
$oAccount = $this->oActions->LoginProcess($sEmail, $sLogin, $sPassword);
$this->oActions->AuthProcess($oAccount); $this->oActions->AuthProcess($oAccount);
$bLogout = !($oAccount instanceof \RainLoop\Account); $bLogout = !($oAccount instanceof \RainLoop\Account);
} }
@ -901,14 +872,11 @@ class ServiceActions
if ($this->oActions->Config()->Get('labs', 'allow_external_login', false)) if ($this->oActions->Config()->Get('labs', 'allow_external_login', false))
{ {
$sEmail = \trim($this->oHttp->GetRequest('Email', '')); $sEmail = \trim($this->oHttp->GetRequest('Email', ''));
$sLogin = \trim($this->oHttp->GetRequest('Login', ''));
$sPassword = $this->oHttp->GetRequest('Password', ''); $sPassword = $this->oHttp->GetRequest('Password', '');
try try
{ {
$this->oActions->Logger()->AddSecret($sPassword); $oAccount = $this->oActions->LoginProcess($sEmail, $sPassword);
$oAccount = $this->oActions->LoginProcess($sEmail, $sLogin, $sPassword);
$this->oActions->AuthProcess($oAccount); $this->oActions->AuthProcess($oAccount);
$bLogout = !($oAccount instanceof \RainLoop\Account); $bLogout = !($oAccount instanceof \RainLoop\Account);
} }
@ -963,34 +931,42 @@ class ServiceActions
*/ */
public function ServiceExternalSso() public function ServiceExternalSso()
{ {
$sResult = '';
$bLogout = true;
$sKey = $this->oActions->Config()->Get('labs', 'external_sso_key', ''); $sKey = $this->oActions->Config()->Get('labs', 'external_sso_key', '');
if ($this->oActions->Config()->Get('labs', 'allow_external_sso', false) && if ($this->oActions->Config()->Get('labs', 'allow_external_sso', false) &&
!empty($sKey) && $sKey === \trim($this->oHttp->GetRequest('SsoKey', ''))) !empty($sKey) && $sKey === \trim($this->oHttp->GetRequest('SsoKey', '')))
{ {
$sEmail = \trim($this->oHttp->GetRequest('Email', '')); $sEmail = \trim($this->oHttp->GetRequest('Email', ''));
$sLogin = \trim($this->oHttp->GetRequest('Login', ''));
$sPassword = $this->oHttp->GetRequest('Password', ''); $sPassword = $this->oHttp->GetRequest('Password', '');
\RainLoop\Api::Handle(); \RainLoop\Api::Handle();
$sResult = \RainLoop\Api::GetUserSsoHash($sEmail, $sPassword, $sLogin);
$sResult = \RainLoop\Api::GetUserSsoHash($sEmail, $sPassword);
$bLogout = 0 === \strlen($sResult); $bLogout = 0 === \strlen($sResult);
switch (\strtolower($this->oHttp->GetRequest('Output', 'Plain'))) switch (\strtolower($this->oHttp->GetRequest('Output', 'Plain')))
{ {
case 'plain': case 'plain':
@\header('Content-Type: text/plain'); @\header('Content-Type: text/plain');
return $sResult; break;
case 'json': case 'json':
@\header('Content-Type: application/json; charset=utf-8'); @\header('Content-Type: application/json; charset=utf-8');
return \MailSo\Base\Utils::Php2js(array( $sResult = \MailSo\Base\Utils::Php2js(array(
'Action' => 'ExternalSso', 'Action' => 'ExternalSso',
'Result' => $sResult 'Result' => $sResult
), $this->Logger()); ), $this->Logger());
break;
} }
} }
return ''; if ($bLogout)
{
$this->oActions->SetAuthLogoutToken();
}
return $sResult;
} }
/** /**

View file

@ -355,11 +355,9 @@ class Social
$aUserData = \RainLoop\Utils::DecodeKeyValues($sUserData); $aUserData = \RainLoop\Utils::DecodeKeyValues($sUserData);
if ($aUserData && \is_array($aUserData) && if ($aUserData && \is_array($aUserData) &&
!empty($aUserData['Email']) && !empty($aUserData['Email']) && isset($aUserData['Password']))
!empty($aUserData['Login']) &&
isset($aUserData['Password']))
{ {
$oAccount = $this->oActions->LoginProcess($aUserData['Email'], $aUserData['Login'], $aUserData['Password']); $oAccount = $this->oActions->LoginProcess($aUserData['Email'], $aUserData['Password']);
if ($oAccount instanceof \RainLoop\Account) if ($oAccount instanceof \RainLoop\Account)
{ {
$this->oActions->AuthProcess($oAccount); $this->oActions->AuthProcess($oAccount);
@ -377,7 +375,6 @@ class Social
{ {
$aUserData = array( $aUserData = array(
'Email' => $oAccount->Email(), 'Email' => $oAccount->Email(),
'Login' => $oAccount->IncLogin(),
'Password' => $oAccount->Password() 'Password' => $oAccount->Password()
); );
@ -489,7 +486,6 @@ class Social
{ {
$aUserData = array( $aUserData = array(
'Email' => $oAccount->Email(), 'Email' => $oAccount->Email(),
'Login' => $oAccount->IncLogin(),
'Password' => $oAccount->Password() 'Password' => $oAccount->Password()
); );
@ -539,11 +535,9 @@ class Social
} }
if ($aUserData && \is_array($aUserData) && if ($aUserData && \is_array($aUserData) &&
!empty($aUserData['Email']) && !empty($aUserData['Email']) && isset($aUserData['Password']))
!empty($aUserData['Login']) &&
isset($aUserData['Password']))
{ {
$oAccount = $this->oActions->LoginProcess($aUserData['Email'], $aUserData['Login'], $aUserData['Password']); $oAccount = $this->oActions->LoginProcess($aUserData['Email'], $aUserData['Password']);
if ($oAccount instanceof \RainLoop\Account) if ($oAccount instanceof \RainLoop\Account)
{ {
$this->oActions->AuthProcess($oAccount); $this->oActions->AuthProcess($oAccount);
@ -652,7 +646,6 @@ class Social
$aUserData = array( $aUserData = array(
'Email' => $oAccount->Email(), 'Email' => $oAccount->Email(),
'Login' => $oAccount->IncLogin(),
'Password' => $oAccount->Password() 'Password' => $oAccount->Password()
); );
@ -722,10 +715,9 @@ class Social
if ($aUserData && \is_array($aUserData) && if ($aUserData && \is_array($aUserData) &&
!empty($aUserData['Email']) && !empty($aUserData['Email']) &&
!empty($aUserData['Login']) &&
isset($aUserData['Password'])) isset($aUserData['Password']))
{ {
$oAccount = $this->oActions->LoginProcess($aUserData['Email'], $aUserData['Login'], $aUserData['Password']); $oAccount = $this->oActions->LoginProcess($aUserData['Email'], $aUserData['Password']);
if ($oAccount instanceof \RainLoop\Account) if ($oAccount instanceof \RainLoop\Account)
{ {
$this->oActions->AuthProcess($oAccount); $this->oActions->AuthProcess($oAccount);

View file

@ -3773,15 +3773,6 @@ LinkBuilder.prototype.langLink = function (sLang)
return this.sServer + '/Lang/0/' + encodeURI(sLang) + '/' + this.sVersion + '/'; return this.sServer + '/Lang/0/' + encodeURI(sLang) + '/' + this.sVersion + '/';
}; };
/**
* @param {string} sHash
* @return {string}
*/
LinkBuilder.prototype.getUserPicUrlFromHash = function (sHash)
{
return this.sServer + '/Raw/' + this.sSpecSuffix + '/UserPic/' + sHash + '/' + this.sVersion + '/';
};
/** /**
* @return {string} * @return {string}
*/ */
@ -7900,16 +7891,10 @@ AdminAjaxRemoteStorage.prototype.adminPing = function (fCallback)
*/ */
function AbstractCacheStorage() function AbstractCacheStorage()
{ {
this.oEmailsPicsHashes = {};
this.oServices = {}; this.oServices = {};
this.bCapaGravatar = RL.capa(Enums.Capa.Gravatar); this.bCapaGravatar = RL.capa(Enums.Capa.Gravatar);
} }
/**
* @type {Object}
*/
AbstractCacheStorage.prototype.oEmailsPicsHashes = {};
/** /**
* @type {Object} * @type {Object}
*/ */
@ -7923,7 +7908,6 @@ AbstractCacheStorage.prototype.bCapaGravatar = false;
AbstractCacheStorage.prototype.clear = function () AbstractCacheStorage.prototype.clear = function ()
{ {
this.oServices = {}; this.oServices = {};
this.oEmailsPicsHashes = {};
}; };
/** /**
@ -7937,19 +7921,11 @@ AbstractCacheStorage.prototype.getUserPic = function (sEmail, fCallback)
var var
sUrl = '', sUrl = '',
sService = '', sService = '',
sEmailLower = sEmail.toLowerCase(), sEmailLower = sEmail.toLowerCase()
sPicHash = Utils.isUnd(this.oEmailsPicsHashes[sEmailLower]) ? '' : this.oEmailsPicsHashes[sEmailLower]
; ;
if ('' !== sPicHash) sService = sEmailLower.substr(sEmail.indexOf('@') + 1);
{ sUrl = '' !== sService && this.oServices[sService] ? this.oServices[sService] : '';
sUrl = RL.link().getUserPicUrlFromHash(sPicHash);
}
else
{
sService = sEmailLower.substr(sEmail.indexOf('@') + 1);
sUrl = '' !== sService && this.oServices[sService] ? this.oServices[sService] : '';
}
if (this.bCapaGravatar && '' === sUrl && '' !== sEmailLower) if (this.bCapaGravatar && '' === sUrl && '' !== sEmailLower)
{ {
@ -7971,14 +7947,6 @@ AbstractCacheStorage.prototype.setServicesData = function (oData)
this.oServices = oData; this.oServices = oData;
}; };
/**
* @param {Object} oData
*/
AbstractCacheStorage.prototype.setEmailsPicsHashesData = function (oData)
{
this.oEmailsPicsHashes = oData;
};
/* RainLoop Webmail (c) RainLoop Team | Licensed under CC BY-NC-SA 3.0 */ /* RainLoop Webmail (c) RainLoop Team | Licensed under CC BY-NC-SA 3.0 */
/** /**

File diff suppressed because one or more lines are too long

View file

@ -3776,15 +3776,6 @@ LinkBuilder.prototype.langLink = function (sLang)
return this.sServer + '/Lang/0/' + encodeURI(sLang) + '/' + this.sVersion + '/'; return this.sServer + '/Lang/0/' + encodeURI(sLang) + '/' + this.sVersion + '/';
}; };
/**
* @param {string} sHash
* @return {string}
*/
LinkBuilder.prototype.getUserPicUrlFromHash = function (sHash)
{
return this.sServer + '/Raw/' + this.sSpecSuffix + '/UserPic/' + sHash + '/' + this.sVersion + '/';
};
/** /**
* @return {string} * @return {string}
*/ */
@ -18095,14 +18086,6 @@ WebMailAjaxRemoteStorage.prototype.servicesPics = function (fCallback)
this.defaultRequest(fCallback, 'ServicesPics'); this.defaultRequest(fCallback, 'ServicesPics');
}; };
/**
* @param {?Function} fCallback
*/
WebMailAjaxRemoteStorage.prototype.emailsPicsHashes = function (fCallback)
{
this.defaultRequest(fCallback, 'EmailsPicsHashes');
};
/** /**
* @param {?Function} fCallback * @param {?Function} fCallback
*/ */
@ -18167,16 +18150,10 @@ WebMailAjaxRemoteStorage.prototype.socialUsers = function (fCallback)
*/ */
function AbstractCacheStorage() function AbstractCacheStorage()
{ {
this.oEmailsPicsHashes = {};
this.oServices = {}; this.oServices = {};
this.bCapaGravatar = RL.capa(Enums.Capa.Gravatar); this.bCapaGravatar = RL.capa(Enums.Capa.Gravatar);
} }
/**
* @type {Object}
*/
AbstractCacheStorage.prototype.oEmailsPicsHashes = {};
/** /**
* @type {Object} * @type {Object}
*/ */
@ -18190,7 +18167,6 @@ AbstractCacheStorage.prototype.bCapaGravatar = false;
AbstractCacheStorage.prototype.clear = function () AbstractCacheStorage.prototype.clear = function ()
{ {
this.oServices = {}; this.oServices = {};
this.oEmailsPicsHashes = {};
}; };
/** /**
@ -18204,19 +18180,11 @@ AbstractCacheStorage.prototype.getUserPic = function (sEmail, fCallback)
var var
sUrl = '', sUrl = '',
sService = '', sService = '',
sEmailLower = sEmail.toLowerCase(), sEmailLower = sEmail.toLowerCase()
sPicHash = Utils.isUnd(this.oEmailsPicsHashes[sEmailLower]) ? '' : this.oEmailsPicsHashes[sEmailLower]
; ;
if ('' !== sPicHash) sService = sEmailLower.substr(sEmail.indexOf('@') + 1);
{ sUrl = '' !== sService && this.oServices[sService] ? this.oServices[sService] : '';
sUrl = RL.link().getUserPicUrlFromHash(sPicHash);
}
else
{
sService = sEmailLower.substr(sEmail.indexOf('@') + 1);
sUrl = '' !== sService && this.oServices[sService] ? this.oServices[sService] : '';
}
if (this.bCapaGravatar && '' === sUrl && '' !== sEmailLower) if (this.bCapaGravatar && '' === sUrl && '' !== sEmailLower)
{ {
@ -18238,14 +18206,6 @@ AbstractCacheStorage.prototype.setServicesData = function (oData)
this.oServices = oData; this.oServices = oData;
}; };
/**
* @param {Object} oData
*/
AbstractCacheStorage.prototype.setEmailsPicsHashesData = function (oData)
{
this.oEmailsPicsHashes = oData;
};
/* RainLoop Webmail (c) RainLoop Team | Licensed under CC BY-NC-SA 3.0 */ /* RainLoop Webmail (c) RainLoop Team | Licensed under CC BY-NC-SA 3.0 */
/** /**
@ -20314,16 +20274,6 @@ RainLoopApp.prototype.getContactsTagsAutocomplete = function (sQuery, fCallback)
})); }));
}; };
RainLoopApp.prototype.emailsPicsHashes = function ()
{
RL.remote().emailsPicsHashes(function (sResult, oData) {
if (Enums.StorageResultType.Success === sResult && oData && oData.Result)
{
RL.cache().setEmailsPicsHashesData(oData.Result);
}
});
};
/** /**
* @param {string} sMailToUrl * @param {string} sMailToUrl
* @returns {boolean} * @returns {boolean}
@ -20519,8 +20469,6 @@ RainLoopApp.prototype.bootstart = function ()
_.delay(function () { _.delay(function () {
RL.emailsPicsHashes();
RL.remote().servicesPics(function (sResult, oData) { RL.remote().servicesPics(function (sResult, oData) {
if (Enums.StorageResultType.Success === sResult && oData && oData.Result) if (Enums.StorageResultType.Success === sResult && oData && oData.Result)
{ {

File diff suppressed because one or more lines are too long