Skip to content

Z
z-push
Commit 197896f6 authored by mku's avatar mku
Browse files
Options

ZP-548 #comment Autodiscover does not work for Android stock client, WARN if... 

ZP-548 #comment Autodiscover does not work for Android stock client, WARN if the auth user doesn't match email address in the XML request

git-svn-id: https://z-push.org/svn/z-push/trunk@1906 b7dd7b3b-3a3c-0410-9da9-bee62a6cc5b5
parent f3739f07
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 6 deletions
src/autodiscover/autodiscover.php
View file @ 197896f6
...@@ -104,7 +104,7 @@ class ZPushAutodiscover { ...@@ -104,7 +104,7 @@ class ZPushAutodiscover {
try { try {
$incomingXml = $this->getIncomingXml(); $incomingXml = $this->getIncomingXml();
$backend = ZPush::GetBackend(); $backend = ZPush::GetBackend();
$username = $this->login($backend); $username = $this->login($backend, $incomingXml);
$userFullname = $backend->GetUserFullname($username); $userFullname = $backend->GetUserFullname($username);
ZLog::Write(LOGLEVEL_WBXML, sprintf("Resolved user's '%s' fullname to '%s'", $username, $userFullname)); ZLog::Write(LOGLEVEL_WBXML, sprintf("Resolved user's '%s' fullname to '%s'", $username, $userFullname));
$response = $this->createResponse($incomingXml->Request->EMailAddress, $userFullname); $response = $this->createResponse($incomingXml->Request->EMailAddress, $userFullname);
...@@ -154,8 +154,9 @@ class ZPushAutodiscover { ...@@ -154,8 +154,9 @@ class ZPushAutodiscover {
throw new FatalException('Invalid input XML: no email address.'); throw new FatalException('Invalid input XML: no email address.');
} }
if ($xml->Request->EMailAddress != $_SERVER['PHP_AUTH_USER']) { if (Utils::GetLocalPartFromEmail($xml->Request->EMailAddress) != Utils::GetLocalPartFromEmail($_SERVER['PHP_AUTH_USER'])) {
throw new FatalException('Autodiscover is supported only for the auth user.'); ZLog::Write(LOGLEVEL_WARN, sprintf("The local part of the server auth user is different from the local part in the XML request ('%s' != '%s')",
Utils::GetLocalPartFromEmail($xml->Request->EMailAddress), Utils::GetLocalPartFromEmail($_SERVER['PHP_AUTH_USER'])));
} }
if (!isset($xml->Request->AcceptableResponseSchema)) { if (!isset($xml->Request->AcceptableResponseSchema)) {
...@@ -175,21 +176,22 @@ class ZPushAutodiscover { ...@@ -175,21 +176,22 @@ class ZPushAutodiscover {
* Logins using the backend's Logon function. * Logins using the backend's Logon function.
* *
* @param IBackend $backend * @param IBackend $backend
* @param String $incomingXml
* @access private * @access private
* @throws AuthenticationRequiredException if no login data was sent. * @throws AuthenticationRequiredException if no login data was sent.
* *
* @return string $username * @return string $username
*/ */
private function login($backend) { private function login($backend, $incomingXml) {
// Determine the login name depending on the configuration: complete email address or // Determine the login name depending on the configuration: complete email address or
// the local part only. // the local part only.
if (USE_FULLEMAIL_FOR_LOGIN) { if (USE_FULLEMAIL_FOR_LOGIN) {
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the complete email address for login.")); ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the complete email address for login."));
$username = $_SERVER['PHP_AUTH_USER']; $username = $incomingXml->Request->EMailAddress;
} }
else{ else{
ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the username only for login.")); ZLog::Write(LOGLEVEL_DEBUG, sprintf("Using the username only for login."));
$username = Utils::GetLocalPartFromEmail($_SERVER['PHP_AUTH_USER']); $username = Utils::GetLocalPartFromEmail($incomingXml->Request->EMailAddress);
} }
if($backend->Logon($username, "", $_SERVER['PHP_AUTH_PW']) == false) { if($backend->Logon($username, "", $_SERVER['PHP_AUTH_PW']) == false) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment