-
Notifications
You must be signed in to change notification settings - Fork 112
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Max Dor
authored
Mar 23, 2018
1 parent
d93b546
commit 3fc8646
Showing
17 changed files
with
813 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
# Wordpress | ||
This Identity store allows you to use user accounts registered on your Wordpress setup. | ||
Two types of connections are required for full support: | ||
- [REST API](https://developer.wordpress.org/rest-api/) with JWT authentication | ||
- Direct SQL access | ||
|
||
This Identity store supports the following features: | ||
- [Authentication](../features/authentication.md) | ||
- [Directory](../features/directory-users.md) | ||
- [Identity](../features/identity.md) | ||
|
||
## Requirements | ||
- [Wordpress](https://wordpress.org/download/) >= 4.4 | ||
- Permalink structure set to `Post Name` | ||
- [JWT Auth plugin for REST API](https://wordpress.org/plugins/jwt-authentication-for-wp-rest-api/) | ||
- SQL Credentials to the Wordpress Database | ||
|
||
## Configuration | ||
### Wordpress | ||
#### JWT Auth | ||
Set a JWT secret into `wp-config.php` like so: | ||
``` | ||
define('JWT_AUTH_SECRET_KEY', 'your-top-secret-key'); | ||
``` | ||
`your-top-secret-key` should be set to a randomly generated value which is kept secret. | ||
|
||
#### Rewrite of `index.php` | ||
Wordpress is normally configured with rewrite of `index.php` so it does not appear in URLs. | ||
If this is not the case for your installation, the mxisd URL will need to be appended with `/index.php` | ||
|
||
### mxisd | ||
Enable in the configuration: | ||
``` | ||
wordpress.enabled: true | ||
``` | ||
Configure the URL to your Wordpress installation - see above about added `/index.php`: | ||
``` | ||
wordpress.rest.base: 'http://localhost:8080' | ||
``` | ||
Configure the SQL connection to your Wordpress database: | ||
``` | ||
wordpress.sql.connection: '//127.0.0.1/wordpress?user=root&password=example' | ||
``` | ||
|
||
--- | ||
|
||
By default, MySQL database is expected. If you use another database, use: | ||
``` | ||
wordpress.sql.type: 'jdbc-scheme' | ||
``` | ||
With possible values: | ||
- `mysql` | ||
- `mariadb` | ||
- `postgresql` | ||
- `sqlite` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
62 changes: 62 additions & 0 deletions
62
src/main/java/io/kamax/mxisd/backend/wordpress/WordpressAuthData.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
/* | ||
* mxisd - Matrix Identity Server Daemon | ||
* Copyright (C) 2018 Kamax Sàrl | ||
* | ||
* https://www.kamax.io/ | ||
* | ||
* This program is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU Affero General Public License as | ||
* published by the Free Software Foundation, either version 3 of the | ||
* License, or (at your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Affero General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public License | ||
* along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
*/ | ||
|
||
package io.kamax.mxisd.backend.wordpress; | ||
|
||
public class WordpressAuthData { | ||
|
||
public String token; | ||
private String userEmail; | ||
private String userNicename; | ||
private String userDisplayName; | ||
|
||
public String getToken() { | ||
return token; | ||
} | ||
|
||
public void setToken(String token) { | ||
this.token = token; | ||
} | ||
|
||
public String getUserEmail() { | ||
return userEmail; | ||
} | ||
|
||
public void setUserEmail(String userEmail) { | ||
this.userEmail = userEmail; | ||
} | ||
|
||
public String getUserNicename() { | ||
return userNicename; | ||
} | ||
|
||
public void setUserNicename(String userNicename) { | ||
this.userNicename = userNicename; | ||
} | ||
|
||
public String getUserDisplayName() { | ||
return userDisplayName; | ||
} | ||
|
||
public void setUserDisplayName(String userDisplayName) { | ||
this.userDisplayName = userDisplayName; | ||
} | ||
|
||
} |
68 changes: 68 additions & 0 deletions
68
src/main/java/io/kamax/mxisd/backend/wordpress/WordpressAuthProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
/* | ||
* mxisd - Matrix Identity Server Daemon | ||
* Copyright (C) 2018 Kamax Sàrl | ||
* | ||
* https://www.kamax.io/ | ||
* | ||
* This program is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU Affero General Public License as | ||
* published by the Free Software Foundation, either version 3 of the | ||
* License, or (at your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Affero General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public License | ||
* along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
*/ | ||
|
||
package io.kamax.mxisd.backend.wordpress; | ||
|
||
import io.kamax.matrix._MatrixID; | ||
import io.kamax.mxisd.ThreePid; | ||
import io.kamax.mxisd.UserIdType; | ||
import io.kamax.mxisd.auth.provider.AuthenticatorProvider; | ||
import io.kamax.mxisd.auth.provider.BackendAuthResult; | ||
import org.apache.commons.lang.StringUtils; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.stereotype.Component; | ||
|
||
@Component | ||
public class WordpressAuthProvider implements AuthenticatorProvider { | ||
|
||
private final Logger log = LoggerFactory.getLogger(WordpressAuthProvider.class); | ||
|
||
private WordpressRestBackend wordpress; | ||
|
||
@Autowired | ||
public WordpressAuthProvider(WordpressRestBackend wordpress) { | ||
this.wordpress = wordpress; | ||
} | ||
|
||
@Override | ||
public boolean isEnabled() { | ||
return wordpress.isEnabled(); | ||
} | ||
|
||
@Override | ||
public BackendAuthResult authenticate(_MatrixID mxid, String password) { | ||
try { | ||
WordpressAuthData data = wordpress.authenticate(mxid.getLocalPart(), password); | ||
BackendAuthResult result = new BackendAuthResult(); | ||
if (StringUtils.isNotBlank(data.getUserEmail())) { | ||
result.withThreePid(new ThreePid("email", data.getUserEmail())); | ||
} | ||
result.succeed(mxid.getId(), UserIdType.MatrixID.getId(), data.getUserDisplayName()); | ||
return result; | ||
} catch (IllegalArgumentException e) { | ||
log.error("Authentication failed for {}: {}", mxid.getId(), e.getMessage()); | ||
return BackendAuthResult.failure(); | ||
} | ||
|
||
} | ||
|
||
} |
112 changes: 112 additions & 0 deletions
112
src/main/java/io/kamax/mxisd/backend/wordpress/WordpressDirectoryProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,112 @@ | ||
/* | ||
* mxisd - Matrix Identity Server Daemon | ||
* Copyright (C) 2018 Kamax Sàrl | ||
* | ||
* https://www.kamax.io/ | ||
* | ||
* This program is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU Affero General Public License as | ||
* published by the Free Software Foundation, either version 3 of the | ||
* License, or (at your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Affero General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public License | ||
* along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
*/ | ||
|
||
package io.kamax.mxisd.backend.wordpress; | ||
|
||
import io.kamax.matrix.MatrixID; | ||
import io.kamax.mxisd.config.MatrixConfig; | ||
import io.kamax.mxisd.config.wordpress.WordpressConfig; | ||
import io.kamax.mxisd.controller.directory.v1.io.UserDirectorySearchResult; | ||
import io.kamax.mxisd.directory.IDirectoryProvider; | ||
import io.kamax.mxisd.exception.InternalServerError; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.stereotype.Component; | ||
|
||
import java.sql.Connection; | ||
import java.sql.PreparedStatement; | ||
import java.sql.ResultSet; | ||
import java.sql.SQLException; | ||
import java.util.Optional; | ||
|
||
@Component | ||
public class WordpressDirectoryProvider implements IDirectoryProvider { | ||
|
||
private final Logger log = LoggerFactory.getLogger(WordpressDirectoryProvider.class); | ||
|
||
private WordpressConfig cfg; | ||
private WordressSqlBackend wordpress; | ||
private MatrixConfig mxCfg; | ||
|
||
@Autowired | ||
public WordpressDirectoryProvider(WordpressConfig cfg, WordressSqlBackend wordpress, MatrixConfig mxCfg) { | ||
this.cfg = cfg; | ||
this.wordpress = wordpress; | ||
this.mxCfg = mxCfg; | ||
} | ||
|
||
@Override | ||
public boolean isEnabled() { | ||
return wordpress.isEnabled(); | ||
} | ||
|
||
protected void setParameters(PreparedStatement stmt, String searchTerm) throws SQLException { | ||
for (int i = 1; i <= stmt.getParameterMetaData().getParameterCount(); i++) { | ||
stmt.setString(i, "%" + searchTerm + "%"); | ||
} | ||
} | ||
|
||
protected Optional<UserDirectorySearchResult.Result> processRow(ResultSet rSet) throws SQLException { | ||
UserDirectorySearchResult.Result item = new UserDirectorySearchResult.Result(); | ||
item.setUserId(rSet.getString(1)); | ||
item.setDisplayName(rSet.getString(2)); | ||
return Optional.of(item); | ||
} | ||
|
||
public UserDirectorySearchResult search(String searchTerm, String query) { | ||
try (Connection conn = wordpress.getConnection()) { | ||
log.info("Will execute query: {}", query); | ||
try (PreparedStatement stmt = conn.prepareStatement(query)) { | ||
setParameters(stmt, searchTerm); | ||
|
||
try (ResultSet rSet = stmt.executeQuery()) { | ||
UserDirectorySearchResult result = new UserDirectorySearchResult(); | ||
result.setLimited(false); | ||
|
||
while (rSet.next()) { | ||
processRow(rSet).ifPresent(e -> { | ||
e.setUserId(MatrixID.from(e.getUserId(), mxCfg.getDomain()).valid().getId()); | ||
result.addResult(e); | ||
}); | ||
} | ||
|
||
return result; | ||
} | ||
} | ||
} catch (SQLException e) { | ||
e.printStackTrace(); | ||
throw new InternalServerError(e); | ||
} | ||
} | ||
|
||
@Override | ||
public UserDirectorySearchResult searchByDisplayName(String searchTerm) { | ||
log.info("Searching users by display name using '{}'", searchTerm); | ||
return search(searchTerm, cfg.getSql().getQuery().getDirectory().get("name")); | ||
} | ||
|
||
@Override | ||
public UserDirectorySearchResult searchBy3pid(String searchTerm) { | ||
log.info("Searching users by 3PID using '{}'", searchTerm); | ||
return search(searchTerm, cfg.getSql().getQuery().getDirectory().get("threepid")); | ||
} | ||
|
||
} |
Oops, something went wrong.