diff options
Diffstat (limited to 'apps/files_external/lib/Lib/Backend/SMB.php')
| -rw-r--r-- | apps/files_external/lib/Lib/Backend/SMB.php | 26 |
1 files changed, 12 insertions, 14 deletions
diff --git a/apps/files_external/lib/Lib/Backend/SMB.php b/apps/files_external/lib/Lib/Backend/SMB.php index 3549f69cbe3..e86ad98880c 100644 --- a/apps/files_external/lib/Lib/Backend/SMB.php +++ b/apps/files_external/lib/Lib/Backend/SMB.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2018-2024 Nextcloud GmbH and Nextcloud contributors * SPDX-FileCopyrightText: 2016 ownCloud, Inc. @@ -8,8 +9,8 @@ namespace OCA\Files_External\Lib\Backend; use Icewind\SMB\BasicAuth; -use Icewind\SMB\KerberosApacheAuth; use Icewind\SMB\KerberosAuth; +use Icewind\SMB\KerberosTicket; use Icewind\SMB\Native\NativeServer; use Icewind\SMB\Wrapped\Server; use OCA\Files_External\Lib\Auth\AuthMechanism; @@ -59,10 +60,7 @@ class SMB extends Backend { ->setLegacyAuthMechanism($legacyAuth); } - /** - * @return void - */ - public function manipulateStorageConfig(StorageConfig &$storage, ?IUser $user = null) { + public function manipulateStorageConfig(StorageConfig &$storage, ?IUser $user = null): void { $auth = $storage->getAuthMechanism(); if ($auth->getScheme() === AuthMechanism::SCHEME_PASSWORD) { if (!is_string($storage->getBackendOption('user')) || !is_string($storage->getBackendOption('password'))) { @@ -84,33 +82,33 @@ class SMB extends Backend { throw new \InvalidArgumentException('invalid authentication backend'); } $credentialsStore = $auth->getCredentialsStore(); - $kerbAuth = new KerberosApacheAuth(); + $kerbAuth = new KerberosAuth(); + $kerbAuth->setTicket(KerberosTicket::fromEnv()); // check if a kerberos ticket is available, else fallback to session credentials - if ($kerbAuth->checkTicket()) { + if ($kerbAuth->getTicket()?->isValid()) { $smbAuth = $kerbAuth; } else { try { $credentials = $credentialsStore->getLoginCredentials(); - $user = $credentials->getLoginName(); + $loginName = $credentials->getLoginName(); $pass = $credentials->getPassword(); - preg_match('/(.*)@(.*)/', $user, $matches); + preg_match('/(.*)@(.*)/', $loginName, $matches); $realm = $storage->getBackendOption('default_realm'); if (empty($realm)) { $realm = 'WORKGROUP'; } if (count($matches) === 0) { - $username = $user; + $username = $loginName; $workgroup = $realm; } else { - $username = $matches[1]; - $workgroup = $matches[2]; + [, $username, $workgroup] = $matches; } $smbAuth = new BasicAuth( $username, $workgroup, $pass ); - } catch (\Exception $e) { + } catch (\Exception) { throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved'); } } @@ -124,7 +122,7 @@ class SMB extends Backend { $storage->setBackendOption('auth', $smbAuth); } - public function checkDependencies() { + public function checkDependencies(): array { $system = \OCP\Server::get(SystemBridge::class); if (NativeServer::available($system)) { return []; |