diff --git a/integrations/nextcloud/snappymail/lib/Controller/FetchController.php b/integrations/nextcloud/snappymail/lib/Controller/FetchController.php index 4e69e1e21..06dff2f10 100644 --- a/integrations/nextcloud/snappymail/lib/Controller/FetchController.php +++ b/integrations/nextcloud/snappymail/lib/Controller/FetchController.php @@ -52,8 +52,9 @@ class FetchController extends Controller { isset($_POST['snappymail-autologin']) ? '1' === $_POST['snappymail-autologin'] : false); $this->config->setAppValue('snappymail', 'snappymail-autologin-with-email', isset($_POST['snappymail-autologin']) ? '2' === $_POST['snappymail-autologin'] : false); - $this->config->setAppValue('snappymail', 'snappymail-autologin-oidc', isset($_POST['snappymail-autologin-oidc'])); $this->config->setAppValue('snappymail', 'snappymail-no-embed', isset($_POST['snappymail-no-embed'])); + // DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917 +// $this->config->setAppValue('snappymail', 'snappymail-autologin-oidc', isset($_POST['snappymail-autologin-oidc'])); } else { return new JSONResponse([ 'status' => 'error', diff --git a/integrations/nextcloud/snappymail/lib/Settings/AdminSettings.php b/integrations/nextcloud/snappymail/lib/Settings/AdminSettings.php index 59745fbc0..4dca45612 100644 --- a/integrations/nextcloud/snappymail/lib/Settings/AdminSettings.php +++ b/integrations/nextcloud/snappymail/lib/Settings/AdminSettings.php @@ -22,8 +22,9 @@ class AdminSettings implements ISettings $keys = [ 'snappymail-autologin', 'snappymail-autologin-with-email', - 'snappymail-autologin-oidc', 'snappymail-no-embed' + // DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917 +// 'snappymail-autologin-oidc' ]; $parameters = []; foreach ($keys as $k) { diff --git a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php index fc1892411..1752da30a 100644 --- a/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php +++ b/integrations/nextcloud/snappymail/lib/Util/SnappyMailHelper.php @@ -127,21 +127,43 @@ class SnappyMailHelper private static function getLoginCredentials() : array { $sUID = \OC::$server->getUserSession()->getUser()->getUID(); + $config = \OC::$server->getConfig(); + $ocSession = \OC::$server->getSession(); - if (\OC::$server->getSession()->get('is_oidc')) { - $sAccessToken = \OC::$server->getSession()->get('oidc_access_token'); - if ($sAccessToken) { - return [$sUID, "oidc@nextcloud", $sAccessToken]; + // If the user has set credentials for SnappyMail in their personal settings, + // this has the first priority. + $sEmail = $config->getUserValue($sUID, 'snappymail', 'snappymail-email'); + $sPassword = $config->getUserValue($sUID, 'snappymail', 'snappymail-password'); + if ($sEmail && $sPassword) { + $sPassword = static::decodePassword($sPassword, \md5($sEmail)); + if ($sPassword) { + return [$sUID, $sEmail, $sPassword]; } } - $sEmail = ''; - $sPassword = ''; - $config = \OC::$server->getConfig(); - $ocSession = \OC::$server->getSession(); - // Only use the user's password in the current session if they have - // enabled auto-login using Nextcloud username or email address. + // If the current user ID is identical to login ID (not valid when using account switching), + // this has the second priority. if ($ocSession['snappymail-nc-uid'] == $sUID) { +/* + // If OpenID Connect (OIDC) is enabled and used for login, use this. + // https://apps.nextcloud.com/apps/oidc_login + // DISABLED https://github.com/the-djmaze/snappymail/issues/1420#issuecomment-1933045917 + if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false)) { + if ($ocSession->get('is_oidc')) { + // IToken->getPassword() ??? + if ($sAccessToken = $ocSession->get('oidc_access_token')) { + return [$sUID, 'oidc@nextcloud', $sAccessToken]; + } + \SnappyMail\Log::debug('Nextcloud', 'OIDC access_token missing'); + } else { + \SnappyMail\Log::debug('Nextcloud', 'No OIDC login'); + } + } +*/ + // Only use the user's password in the current session if they have + // enabled auto-login using Nextcloud username or email address. + $sEmail = ''; + $sPassword = ''; if ($config->getAppValue('snappymail', 'snappymail-autologin', false)) { $sEmail = $sUID; $sPassword = $ocSession['snappymail-password']; @@ -151,37 +173,12 @@ class SnappyMailHelper } else { \SnappyMail\Log::debug('Nextcloud', 'snappymail-autologin is off'); } - if ($config->getAppValue('snappymail', 'snappymail-autologin-oidc', false) && $ocSession->get('is_oidc')) { - $sAccessToken = $ocSession->get('oidc_access_token'); - if ($sAccessToken) { - $sPassword = $sAccessToken; - } else { - \SnappyMail\Log::debug('Nextcloud', 'OIDC no access_token'); - } - } else if ($sPassword) { - $sPassword = static::decodePassword($sPassword, $sUID); - } else { - \SnappyMail\Log::debug('Nextcloud', 'OIDC is off'); + if ($sPassword) { + return [$sUID, $sEmail, static::decodePassword($sPassword, $sUID)]; } } - // If the user has set credentials for SnappyMail in their personal - // settings, override everything before and use those instead. - $sCustomEmail = $config->getUserValue($sUID, 'snappymail', 'snappymail-email'); - if ($sCustomEmail) { - $sEmail = $sCustomEmail; - $sPassword = $config->getUserValue($sUID, 'snappymail', 'snappymail-password'); - if ($sPassword) { - $sPassword = static::decodePassword($sPassword, \md5($sEmail)); - } - } else if ($aRainLoop = RainLoop::getLoginCredentials($sUID, $config)) { - $sEmail = $aRainLoop[0]; - $config->setUserValue($sUID, 'snappymail', 'snappymail-email', $sEmail); - if ($aRainLoop[1]) { - $config->setUserValue($sUID, 'snappymail', 'snappymail-password', static::encodePassword($aRainLoop[1], \md5($sEmail))); - } - } - return [$sUID, $sEmail, $sPassword ?: '']; + return [$sUID, '', '']; } public static function getAppUrl() : string diff --git a/integrations/nextcloud/snappymail/templates/admin-local.php b/integrations/nextcloud/snappymail/templates/admin-local.php index ea7ec0eaa..e4cfeac4b 100644 --- a/integrations/nextcloud/snappymail/templates/admin-local.php +++ b/integrations/nextcloud/snappymail/templates/admin-local.php @@ -38,6 +38,7 @@
>