From 4c0f7c60bf91f9b02f4e0872b4523c8fcb655efa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Tue, 11 Jun 2024 11:56:55 +0200 Subject: [PATCH] Update patches --- sources/patches/main-00-ldap-auth.patch | 29 ++++++++++----- .../main-01-logout-success-handler.patch | 36 +++++++++++++------ .../patches/main-02-oauth-workaround.patch | 34 ++++++++++++------ 3 files changed, 69 insertions(+), 30 deletions(-) diff --git a/sources/patches/main-00-ldap-auth.patch b/sources/patches/main-00-ldap-auth.patch index 3a36f5e..52a0561 100644 --- a/sources/patches/main-00-ldap-auth.patch +++ b/sources/patches/main-00-ldap-auth.patch @@ -1,5 +1,15 @@ +From e8027b881cffa0ed75de2c809fd88cf3cee42a0a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= +Date: Tue, 11 Jun 2024 11:50:36 +0200 +Subject: [PATCH 1/4] Add ldap auth + +--- + app/config/security.yml | 11 +++++++++++ + app/config/services.yml | 4 ++++ + 2 files changed, 15 insertions(+) + diff --git a/app/config/security.yml b/app/config/security.yml -index 02afc9ea..5a3f7a34 100644 +index 9ab51621..675d8905 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -13,6 +13,14 @@ security: @@ -14,11 +24,11 @@ index 02afc9ea..5a3f7a34 100644 + search_password: + filter: (&(uid={username})(objectClass=posixAccount)) + default_roles: ROLE_USER - + # the main part of the security, where you can set up firewalls # for specific sections of your app -@@ -38,6 +46,9 @@ security: - +@@ -39,6 +47,9 @@ security: + secured_area: pattern: ^/ + http_basic_ldap: @@ -28,13 +38,13 @@ index 02afc9ea..5a3f7a34 100644 provider: fos_userbundle csrf_token_generator: security.csrf.token_manager diff --git a/app/config/services.yml b/app/config/services.yml -index 7b85d846..f23961c5 100644 +index 270e79d9..efdd34d5 100644 --- a/app/config/services.yml +++ b/app/config/services.yml -@@ -43,6 +43,10 @@ services: +@@ -176,6 +176,10 @@ services: tags: - { name: kernel.event_listener, event: security.interactive_login, method: onInteractiveLogin } - + + yunohost.ldap: + class: Symfony\Component\Ldap\LdapClient + arguments: ["localhost"] @@ -42,5 +52,6 @@ index 7b85d846..f23961c5 100644 craue_config_cache_provider: class: Symfony\Component\Cache\Adapter\FilesystemAdapter public: false --- -2.17.1 +-- +2.45.1 + diff --git a/sources/patches/main-01-logout-success-handler.patch b/sources/patches/main-01-logout-success-handler.patch index d321d54..5fac906 100644 --- a/sources/patches/main-01-logout-success-handler.patch +++ b/sources/patches/main-01-logout-success-handler.patch @@ -1,24 +1,37 @@ +From 1a9312652c4ecb7b84aed0328c294b105763f816 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= +Date: Tue, 11 Jun 2024 11:52:33 +0200 +Subject: [PATCH 2/4] Configure a custom logout success handler for yunohost + ldap + +--- + app/config/security.yml | 2 +- + app/config/services.yml | 4 +++ + .../Security/LogoutSuccessHandler.php | 27 +++++++++++++++++++ + 3 files changed, 32 insertions(+), 1 deletion(-) + create mode 100644 src/Wallabag/YunoHostBundle/Security/LogoutSuccessHandler.php + diff --git a/app/config/security.yml b/app/config/security.yml -index 5a3f7a34..1720e741 100644 +index 675d8905..876f4471 100644 --- a/app/config/security.yml +++ b/app/config/security.yml -@@ -62,7 +62,7 @@ security: - +@@ -63,7 +63,7 @@ security: + logout: path: /logout - target: / + success_handler: yunohost.logout_success_handler - - access_control: - - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } + + two_factor: + provider: fos_userbundle diff --git a/app/config/services.yml b/app/config/services.yml -index f23961c5..f266e6d1 100644 +index efdd34d5..584b63c6 100644 --- a/app/config/services.yml +++ b/app/config/services.yml -@@ -43,6 +43,10 @@ services: +@@ -176,6 +176,10 @@ services: tags: - { name: kernel.event_listener, event: security.interactive_login, method: onInteractiveLogin } - + + yunohost.logout_success_handler: + class: Wallabag\YunoHostBundle\Security\LogoutSuccessHandler + @@ -59,5 +72,6 @@ index 00000000..b3268243 + return new RedirectResponse($url); + } +} --- -2.17.1 +-- +2.45.1 + diff --git a/sources/patches/main-02-oauth-workaround.patch b/sources/patches/main-02-oauth-workaround.patch index 6326570..20c5476 100644 --- a/sources/patches/main-02-oauth-workaround.patch +++ b/sources/patches/main-02-oauth-workaround.patch @@ -1,11 +1,25 @@ ---- a/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php 2016-02-22 13:57:55.000000000 +0000 -+++ b/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php 2017-04-13 17:16:06.298501506 +0000 -@@ -170,7 +170,7 @@ - if (null !== $user) { - $encoder = $this->encoderFactory->getEncoder($user); +From 7dc04c8bc50149998aa03a31f31674535a98ada9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= +Date: Tue, 11 Jun 2024 11:54:25 +0200 +Subject: [PATCH 4/4] OAuthStorage workaround + +--- + .../oauth-server-bundle/Storage/OAuthStorage.php | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php b/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php +index 5ab6b7c9..7cb77913 100644 +--- a/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php ++++ b/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php +@@ -158,7 +158,7 @@ class OAuthStorage implements IOAuth2RefreshTokens, IOAuth2GrantUser, IOAuth2Gra + } + + $encoder = $this->encoderFactory->getEncoder($user); +- if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { ++ if (true) { + return [ + 'data' => $user, + ]; +-- +2.45.1 -- if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { -+ if (true) { - return array( - 'data' => $user, - );