add KerberosApacheAuth support to files_external

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
author: Arthur Schiwon <blizzz@arthur-schiwon.de> 2021-10-20 22:39:13 +0200
committer: Robin Appelman <robin@icewind.nl> 2022-01-20 16:08:34 +0100
commit: a96d46198871f1c77fc160a6da0814c91a57338e (patch)
tree: 382fa71d700a756ef5a49e481a44ae530a963cf2 /apps/files_external/lib/Lib/Backend
parent: 31af141879d46dfaf2bcbaa32c78433084645dee (diff)
download: nextcloud-server-a96d46198871f1c77fc160a6da0814c91a57338e.tar.gz
nextcloud-server-a96d46198871f1c77fc160a6da0814c91a57338e.zip
1 files changed, 28 insertions, 5 deletions
diff --git a/apps/files_external/lib/Lib/Backend/SMB.php b/apps/files_external/lib/Lib/Backend/SMB.php
index 867648824ac..99e48b1433d 100644
--- a/apps/files_external/lib/Lib/Backend/SMB.php
+++ b/apps/files_external/lib/Lib/Backend/SMB.php
@@ -24,16 +24,18 @@
  * along with this program. If not, see <http://www.gnu.org/licenses/>
  *
  */
+
 namespace OCA\Files_External\Lib\Backend;
 
 use Icewind\SMB\BasicAuth;
+use Icewind\SMB\KerberosApacheAuth;
 use Icewind\SMB\KerberosAuth;
 use OCA\Files_External\Lib\Auth\AuthMechanism;
 use OCA\Files_External\Lib\Auth\Password\Password;
 use OCA\Files_External\Lib\DefinitionParameter;
+use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
 use OCA\Files_External\Lib\LegacyDependencyCheckPolyfill;
 use OCA\Files_External\Lib\StorageConfig;
-
 use OCP\IL10N;
 use OCP\IUser;
 
@@ -69,10 +71,6 @@ class SMB extends Backend {
 			->setLegacyAuthMechanism($legacyAuth);
 	}
 
-	/**
-	 * @param StorageConfig $storage
-	 * @param IUser $user
-	 */
 	public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
 		$auth = $storage->getAuthMechanism();
 		if ($auth->getScheme() === AuthMechanism::SCHEME_PASSWORD) {
@@ -90,6 +88,31 @@ class SMB extends Backend {
 				case 'smb::kerberos':
 					$smbAuth = new KerberosAuth();
 					break;
+				case 'smb::kerberosapache':
+					$credentialsStore = $auth->getCredentialsStore();
+					$kerb_auth = new KerberosApacheAuth();
+					if ($kerb_auth->checkTicket()) {
+						$kerb_auth->registerApacheKerberosTicket();
+						$smbAuth = $kerb_auth;
+					} else {
+						try {
+							$credentials = $credentialsStore->getLoginCredentials();
+							$user = $credentials->getLoginName();
+							$pass = $credentials->getPassword();
+							if (preg_match('/(.*)@(.*)/', $user, $matches) !== 1) {
+								throw new InsufficientDataForMeaningfulAnswerException('No valid session credentials');
+							}
+							$smbAuth = new BasicAuth(
+								$matches[0],
+								$matches[1],
+								$pass
+							);
+						} catch (\Exception $e) {
+							throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved');
+						}
+					}
+
+					break;
 				default:
 					throw new \InvalidArgumentException('unknown authentication backend');
 			}
author	Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-10-20 22:39:13 +0200
committer	Robin Appelman <robin@icewind.nl>	2022-01-20 16:08:34 +0100
commit	a96d46198871f1c77fc160a6da0814c91a57338e (patch)
tree	382fa71d700a756ef5a49e481a44ae530a963cf2 /apps/files_external/lib/Lib/Backend
parent	31af141879d46dfaf2bcbaa32c78433084645dee (diff)
download	nextcloud-server-a96d46198871f1c77fc160a6da0814c91a57338e.tar.gz nextcloud-server-a96d46198871f1c77fc160a6da0814c91a57338e.zip