diff options
| author | Robin Appelman <robin@icewind.nl> | 2018-05-28 16:17:19 +0200 |
|---|---|---|
| committer | Robin Appelman <robin@icewind.nl> | 2018-06-22 14:25:36 +0200 |
| commit | 90be8f336cf55a3238aeecacf3a852484d5c342b (patch) | |
| tree | b7b987d2f573017c653f64abbe0af0f0a7ec16fd /apps/files_external/lib/Lib/Backend | |
| parent | ebea6d37c3fb43df4adbcb24cbc00ceb3f75a9b4 (diff) | |
| download | nextcloud-server-90be8f336cf55a3238aeecacf3a852484d5c342b.tar.gz nextcloud-server-90be8f336cf55a3238aeecacf3a852484d5c342b.zip | |
Add support for using kerberos ticket to authenticate to smb servers
Signed-off-by: Robin Appelman <robin@icewind.nl>
Diffstat (limited to 'apps/files_external/lib/Lib/Backend')
| -rw-r--r-- | apps/files_external/lib/Lib/Backend/SMB.php | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/apps/files_external/lib/Lib/Backend/SMB.php b/apps/files_external/lib/Lib/Backend/SMB.php index f5335f4940c..c871dc69771 100644 --- a/apps/files_external/lib/Lib/Backend/SMB.php +++ b/apps/files_external/lib/Lib/Backend/SMB.php @@ -22,6 +22,8 @@ namespace OCA\Files_External\Lib\Backend; +use Icewind\SMB\BasicAuth; +use Icewind\SMB\KerberosAuth; use \OCP\IL10N; use \OCA\Files_External\Lib\DefinitionParameter; use \OCA\Files_External\Lib\Auth\AuthMechanism; @@ -38,7 +40,7 @@ class SMB extends Backend { public function __construct(IL10N $l, Password $legacyAuth) { $this ->setIdentifier('smb') - ->addIdentifierAlias('\OC\Files\Storage\SMB') // legacy compat + ->addIdentifierAlias('\OC\Files\Storage\SMB')// legacy compat ->setStorageClass('\OCA\Files_External\Lib\Storage\SMB') ->setText($l->t('SMB / CIFS')) ->addParameters([ @@ -50,8 +52,8 @@ class SMB extends Backend { ->setFlag(DefinitionParameter::FLAG_OPTIONAL), ]) ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) - ->setLegacyAuthMechanism($legacyAuth) - ; + ->addAuthScheme(AuthMechanism::SCHEME_SMB) + ->setLegacyAuthMechanism($legacyAuth); } /** @@ -59,10 +61,24 @@ class SMB extends Backend { * @param IUser $user */ public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) { - $user = $storage->getBackendOption('user'); - if ($domain = $storage->getBackendOption('domain')) { - $storage->setBackendOption('user', $domain.'\\'.$user); + $auth = $storage->getAuthMechanism(); + if ($auth->getScheme() === AuthMechanism::SCHEME_PASSWORD) { + $smbAuth = new BasicAuth( + $storage->getBackendOption('user'), + $storage->getBackendOption('domain'), + $storage->getBackendOption('password') + ); + } else { + switch ($auth->getIdentifier()) { + case 'smb::kerberos': + $smbAuth = new KerberosAuth(); + break; + default: + throw new \InvalidArgumentException('unknown authentication backend'); + } } + + $storage->setBackendOption('auth', $smbAuth); } } |