From 6cc38600710f32a55c352991ed90434d335d6844 Mon Sep 17 00:00:00 2001 From: Ralf Lang Date: Sun, 22 Oct 2017 11:49:15 +0000 Subject: [PATCH 01/14] Add a Dummy authentication driver and unit tests --- lib/Horde/Auth/Dummy.php | 171 ++++++++++++++++++++ test/Horde/Auth/Unit/DummyCryptShowTest.php | 143 ++++++++++++++++ test/Horde/Auth/Unit/DummyCryptTest.php | 143 ++++++++++++++++ test/Horde/Auth/Unit/DummyPlainTest.php | 141 ++++++++++++++++ 4 files changed, 598 insertions(+) create mode 100644 lib/Horde/Auth/Dummy.php create mode 100644 test/Horde/Auth/Unit/DummyCryptShowTest.php create mode 100644 test/Horde/Auth/Unit/DummyCryptTest.php create mode 100644 test/Horde/Auth/Unit/DummyPlainTest.php diff --git a/lib/Horde/Auth/Dummy.php b/lib/Horde/Auth/Dummy.php new file mode 100644 index 0000000..7891492 --- /dev/null +++ b/lib/Horde/Auth/Dummy.php @@ -0,0 +1,171 @@ + + * @category Horde + * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 + * @package Auth + */ + +/** + * The Horde_Auth_Dummy class provides an in-memory user list. + * It is meant to be used for throwaway setups, satellite systems or for + * providing a source of administrative accounts in Composite or Cascading driver + * The driver can also be used as a mock-like backend for integration tests + * + * @author Ralf Lang + * @category Horde + * @copyright 2017-2018 Horde LLC + * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 + * @package Auth + */ +class Horde_Auth_Dummy extends Horde_Auth_Base +{ + /** + * An array of capabilities, so that the driver can report which + * operations it supports and which it doesn't. + * + * @var array + */ + protected $_capabilities = array( + 'authenticate' => true, + 'list' => true, + 'update' => true, + 'remove' => true, + 'add' => true, + ); + + /** + * Constructor. + * + * @param array $params Optional parameters: + * 
+     * 'users' - (array) Usernames are hash keys, passwords are values
+     * 'encryption' - (string) Optionally supply an encryption or hashing
+     * 'show_encryption' - (boolean) prepend encryption info to password string
+     *
+ */ + public function __construct(array $params = array()) + { + $params = array_merge( + array( + 'encryption' => 'plain', + 'users' => array(), + 'show_encryption' => false + ), + $params + ); + parent::__construct($params); + } + + /** + * Adds a set of authentication credentials. + * + * @param string $userId The userId to add. + * @param array $credentials The credentials to use. + * + * @throws Horde_Auth_Exception + */ + public function addUser($userId, $credentials) + { + // TODO: use persistence callback if given + if ($this->exists($userId)) { + throw new Horde_Auth_Exception('User already exists'); + } + $this->_params['users'][$userId] = Horde_Auth::getCryptedPassword( + $credentials['password'], + '', + $this->_params['encryption'], + $this->_params['show_encryption']); + } + + /** + * Lists all users in the system. + * + * @param boolean $sort Sort the users? + * + * @return mixed The array of userIds. + * @throws Horde_Auth_Exception + */ + public function listUsers($sort = false) + { + return $this->_sort(array_keys($this->_params['users']), $sort); + } + + /** + * Updates a set of authentication credentials for the life time of the driver. + * + * @param string $oldID The old userId. + * @param string $newID The new userId. + * @param array $credentials The new credentials + * + * @throws Horde_Auth_Exception + */ + public function updateUser($oldID, $newID, $credentials) + { + if (!$this->exists($oldID)) { + throw new Horde_Auth_Exception('User does not exist'); + } + if ($this->exists($newID) && $newID != $oldID) { + throw new Horde_Auth_Exception('Cannot rename to existing user name'); + } + $this->removeUser($oldID); + $this->addUser($newID, $credentials); + } + + /** + * Deletes a set of authentication credentials for the life of the driver. + * + * @param string $userId The userId to delete. + * + * @throws Horde_Auth_Exception + */ + public function removeUser($userId) + { + // TODO: use persistence callback if given + unset($this->_params['users'][$userId]); + } + + /** + * Authenticate. + * + * @param string $userId The userID to check. + * @param array $credentials An array of login credentials. + * + * @throws Horde_Auth_Exception + */ + protected function _authenticate($userId, $credentials) + { + if ($this->exists($userId)) { + if ($this->_comparePasswords( + $this->_params['users'][$userId], + $credentials['password'] + )) { + return; + } + } + throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN); + } + + /** + * Compare an encrypted password to a plaintext string to see if + * they match. + * + * @param string $encrypted The crypted password to compare against. + * @param string $plaintext The plaintext password to verify. + * + * @return boolean True if matched, false otherwise. + */ + protected function _comparePasswords($encrypted, $plaintext) + { + return $encrypted == Horde_Auth::getCryptedPassword($plaintext, + $encrypted, + $this->_params['encryption'], + $this->_params['show_encryption']); + } + +} diff --git a/test/Horde/Auth/Unit/DummyCryptShowTest.php b/test/Horde/Auth/Unit/DummyCryptShowTest.php new file mode 100644 index 0000000..ce9aa1a --- /dev/null +++ b/test/Horde/Auth/Unit/DummyCryptShowTest.php @@ -0,0 +1,143 @@ + + * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 + * @link http://pear.horde.org/index.php?package=Auth + */ +class Horde_Auth_Unit_DummyCryptShowTest extends Horde_Auth_TestCase +{ + public function setUp() + { + $this->driver = new Horde_Auth_Dummy( + array( + 'users' => array( + 'user1' => '{crypt}$1$S/EKq8Dg$OJvaV8Lu1HgCXKNqAo.wG/', + 'user2' => '{crypt}$1$aCWZiBAW$dK0DCmTGYR1gEX11pMxbi0', + 'tester' => '{crypt}$1$sjSx+Q9x$3WIEdh1Ei16QouYx1Xkct1' + ), + 'encryption' => 'crypt-md5', + 'show_encryption' => true + ) + ); + } + + public function testAuthenticate() + { + $this->assertTrue($this->driver->authenticate('user1', array('password' => 'user1pw'))); + $this->assertTrue($this->driver->authenticate('user2', array('password' => 'user2pw'))); + $this->assertTrue($this->driver->authenticate('tester', array('password' => 'WeirdPW92401#1'))); + // correct password extended by garbage + $this->assertFalse($this->driver->authenticate('user1', array('password' => 'user1pwfalse'))); + // Existing user with all kinds of garbage + $this->assertFalse($this->driver->authenticate('user1', array('password' => 'any'))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => ''))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => null))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => '0'))); + // Unknown user with all kinds of garbage + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => 'any'))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => ''))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => null))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => '0'))); + } + + public function testRemoveUser() + { + // Delete somebody who doesn't exist + $this->driver->removeUser('user'); + $this->assertCount(3, $this->driver->listUsers()); + $this->driver->removeUser('user1'); + $this->assertCount(2, $this->driver->listUsers()); + $this->driver->removeUser('user2'); + $this->assertCount(1, $this->driver->listUsers()); + $this->driver->removeUser('tester'); + $this->assertCount(0, $this->driver->listUsers()); + // Restore setup + $this->setUp(); + } + + public function testAddUser() + { + // Add somebody who already exist + $this->driver->addUser('user4', array('password' => 'foo')); + $this->assertCount(4, $this->driver->listUsers()); + // Add somebody who already exist + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->addUser('user4', array('password' => 'foo')); + $this->assertCount(4, $this->driver->listUsers()); + + // Restore setup + $this->setUp(); + } + + public function testUpdateUser() + { + // Try a password change + $this->driver->updateUser('tester', 'tester', array('password' => 'foo')); + $this->assertCount(3, $this->driver->listUsers()); + $this->assertTrue($this->driver->exists('tester')); + // Try renaming + $this->driver->updateUser('tester', 'newname', array('password' => 'foo')); + $this->assertCount(3, $this->driver->listUsers()); + $this->assertTrue($this->driver->exists('newname')); + $this->assertFalse($this->driver->exists('tester')); + $this->setUp(); + } + + public function testUpdateUserFailDoesNotExist() + { + // Try renaming unknown user + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->updateUser('unknownuser', 'newname', array('password' => 'foo')); + $this->setUp(); + } + + public function testUpdateUserFailNewNameExists() + { + // Try renaming unknown user + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->updateUser('tester', 'user1', array('password' => 'foo')); + $this->setUp(); + } + + + + public function testExists() + { + $this->assertTrue($this->driver->exists('user1')); + $this->assertTrue($this->driver->exists('user2')); + $this->assertTrue($this->driver->exists('tester')); + $this->assertFalse($this->driver->exists('somebody')); + $this->assertFalse($this->driver->exists('')); + $this->assertFalse($this->driver->exists(null)); + } + + /** + * This is actually a test against Horde_Auth_Base + * TODO: Copy or move to a test with a phpunit mock + */ + + public function testSearchUsers() + { + $this->assertCount(2, $this->driver->searchUsers('user')); + $this->assertCount(1, $this->driver->searchUsers('test')); + $this->assertEquals(array('tester'), $this->driver->searchUsers('test')); + } + + public function testListUsers() + { + $this->assertEquals(array('tester', 'user1', 'user2'), $this->driver->listUsers(true)); + $this->assertEquals(array('user1', 'user2', 'tester'), $this->driver->listUsers(false)); + $this->assertEquals(array('user1', 'user2', 'tester'), $this->driver->listUsers()); + } +} diff --git a/test/Horde/Auth/Unit/DummyCryptTest.php b/test/Horde/Auth/Unit/DummyCryptTest.php new file mode 100644 index 0000000..52bbe67 --- /dev/null +++ b/test/Horde/Auth/Unit/DummyCryptTest.php @@ -0,0 +1,143 @@ + + * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 + * @link http://pear.horde.org/index.php?package=Auth + */ +class Horde_Auth_Unit_DummyCryptTest extends Horde_Auth_TestCase +{ + public function setUp() + { + $this->driver = new Horde_Auth_Dummy( + array( + 'users' => array( + 'user1' => '$1$S/EKq8Dg$OJvaV8Lu1HgCXKNqAo.wG/', + 'user2' => '$1$aCWZiBAW$dK0DCmTGYR1gEX11pMxbi0', + 'tester' => '$1$sjSx+Q9x$3WIEdh1Ei16QouYx1Xkct1' + ), + 'encryption' => 'crypt-md5', + 'show_encryption' => false + ) + ); + } + + public function testAuthenticate() + { + $this->assertTrue($this->driver->authenticate('user1', array('password' => 'user1pw'))); + $this->assertTrue($this->driver->authenticate('user2', array('password' => 'user2pw'))); + $this->assertTrue($this->driver->authenticate('tester', array('password' => 'WeirdPW92401#1'))); + // correct password extended by garbage + $this->assertFalse($this->driver->authenticate('user1', array('password' => 'user1pwfalse'))); + // Existing user with all kinds of garbage + $this->assertFalse($this->driver->authenticate('user1', array('password' => 'any'))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => ''))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => null))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => '0'))); + // Unknown user with all kinds of garbage + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => 'any'))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => ''))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => null))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => '0'))); + } + + public function testRemoveUser() + { + // Delete somebody who doesn't exist + $this->driver->removeUser('user'); + $this->assertCount(3, $this->driver->listUsers()); + $this->driver->removeUser('user1'); + $this->assertCount(2, $this->driver->listUsers()); + $this->driver->removeUser('user2'); + $this->assertCount(1, $this->driver->listUsers()); + $this->driver->removeUser('tester'); + $this->assertCount(0, $this->driver->listUsers()); + // Restore setup + $this->setUp(); + } + + public function testAddUser() + { + // Add somebody who already exist + $this->driver->addUser('user4', array('password' => 'foo')); + $this->assertCount(4, $this->driver->listUsers()); + // Add somebody who already exist + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->addUser('user4', array('password' => 'foo')); + $this->assertCount(4, $this->driver->listUsers()); + + // Restore setup + $this->setUp(); + } + + public function testUpdateUser() + { + // Try a password change + $this->driver->updateUser('tester', 'tester', array('password' => 'foo')); + $this->assertCount(3, $this->driver->listUsers()); + $this->assertTrue($this->driver->exists('tester')); + // Try renaming + $this->driver->updateUser('tester', 'newname', array('password' => 'foo')); + $this->assertCount(3, $this->driver->listUsers()); + $this->assertTrue($this->driver->exists('newname')); + $this->assertFalse($this->driver->exists('tester')); + $this->setUp(); + } + + public function testUpdateUserFailDoesNotExist() + { + // Try renaming unknown user + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->updateUser('unknownuser', 'newname', array('password' => 'foo')); + $this->setUp(); + } + + public function testUpdateUserFailNewNameExists() + { + // Try renaming unknown user + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->updateUser('tester', 'user1', array('password' => 'foo')); + $this->setUp(); + } + + + + public function testExists() + { + $this->assertTrue($this->driver->exists('user1')); + $this->assertTrue($this->driver->exists('user2')); + $this->assertTrue($this->driver->exists('tester')); + $this->assertFalse($this->driver->exists('somebody')); + $this->assertFalse($this->driver->exists('')); + $this->assertFalse($this->driver->exists(null)); + } + + /** + * This is actually a test against Horde_Auth_Base + * TODO: Copy or move to a test with a phpunit mock + */ + + public function testSearchUsers() + { + $this->assertCount(2, $this->driver->searchUsers('user')); + $this->assertCount(1, $this->driver->searchUsers('test')); + $this->assertEquals(array('tester'), $this->driver->searchUsers('test')); + } + + public function testListUsers() + { + $this->assertEquals(array('tester', 'user1', 'user2'), $this->driver->listUsers(true)); + $this->assertEquals(array('user1', 'user2', 'tester'), $this->driver->listUsers(false)); + $this->assertEquals(array('user1', 'user2', 'tester'), $this->driver->listUsers()); + } +} diff --git a/test/Horde/Auth/Unit/DummyPlainTest.php b/test/Horde/Auth/Unit/DummyPlainTest.php new file mode 100644 index 0000000..73ef0c2 --- /dev/null +++ b/test/Horde/Auth/Unit/DummyPlainTest.php @@ -0,0 +1,141 @@ + + * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 + * @link http://pear.horde.org/index.php?package=Auth + */ +class Horde_Auth_Unit_DummyPlainTest extends Horde_Auth_TestCase +{ + public function setUp() + { + $this->driver = new Horde_Auth_Dummy( + array( + 'users' => array( + 'user1' => 'user1pw', + 'user2' => 'user2pw', + 'tester' => 'WeirdPW92401#1' + ) + ) + ); + } + + public function testAuthenticate() + { + $this->assertTrue($this->driver->authenticate('user1', array('password' => 'user1pw'))); + $this->assertTrue($this->driver->authenticate('user2', array('password' => 'user2pw'))); + $this->assertTrue($this->driver->authenticate('tester', array('password' => 'WeirdPW92401#1'))); + // correct password extended by garbage + $this->assertFalse($this->driver->authenticate('user1', array('password' => 'user1pwfalse'))); + // Existing user with all kinds of garbage + $this->assertFalse($this->driver->authenticate('user1', array('password' => 'any'))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => ''))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => null))); + $this->assertFalse($this->driver->authenticate('user1', array('password' => '0'))); + // Unknown user with all kinds of garbage + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => 'any'))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => ''))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => null))); + $this->assertFalse($this->driver->authenticate('unknownuser', array('password' => '0'))); + } + + public function testRemoveUser() + { + // Delete somebody who doesn't exist + $this->driver->removeUser('user'); + $this->assertCount(3, $this->driver->listUsers()); + $this->driver->removeUser('user1'); + $this->assertCount(2, $this->driver->listUsers()); + $this->driver->removeUser('user2'); + $this->assertCount(1, $this->driver->listUsers()); + $this->driver->removeUser('tester'); + $this->assertCount(0, $this->driver->listUsers()); + // Restore setup + $this->setUp(); + } + + public function testAddUser() + { + // Add somebody who already exist + $this->driver->addUser('user4', array('password' => 'foo')); + $this->assertCount(4, $this->driver->listUsers()); + // Add somebody who already exist + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->addUser('user4', array('password' => 'foo')); + $this->assertCount(4, $this->driver->listUsers()); + + // Restore setup + $this->setUp(); + } + + public function testUpdateUser() + { + // Try a password change + $this->driver->updateUser('tester', 'tester', array('password' => 'foo')); + $this->assertCount(3, $this->driver->listUsers()); + $this->assertTrue($this->driver->exists('tester')); + // Try renaming + $this->driver->updateUser('tester', 'newname', array('password' => 'foo')); + $this->assertCount(3, $this->driver->listUsers()); + $this->assertTrue($this->driver->exists('newname')); + $this->assertFalse($this->driver->exists('tester')); + $this->setUp(); + } + + public function testUpdateUserFailDoesNotExist() + { + // Try renaming unknown user + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->updateUser('unknownuser', 'newname', array('password' => 'foo')); + $this->setUp(); + } + + public function testUpdateUserFailNewNameExists() + { + // Try renaming unknown user + $this->setExpectedException(Horde_Auth_Exception::class); + $this->driver->updateUser('tester', 'user1', array('password' => 'foo')); + $this->setUp(); + } + + + + public function testExists() + { + $this->assertTrue($this->driver->exists('user1')); + $this->assertTrue($this->driver->exists('user2')); + $this->assertTrue($this->driver->exists('tester')); + $this->assertFalse($this->driver->exists('somebody')); + $this->assertFalse($this->driver->exists('')); + $this->assertFalse($this->driver->exists(null)); + } + + /** + * This is actually a test against Horde_Auth_Base + * TODO: Copy or move to a test with a phpunit mock + */ + + public function testSearchUsers() + { + $this->assertCount(2, $this->driver->searchUsers('user')); + $this->assertCount(1, $this->driver->searchUsers('test')); + $this->assertEquals(array('tester'), $this->driver->searchUsers('test')); + } + + public function testListUsers() + { + $this->assertEquals(array('tester', 'user1', 'user2'), $this->driver->listUsers(true)); + $this->assertEquals(array('user1', 'user2', 'tester'), $this->driver->listUsers(false)); + $this->assertEquals(array('user1', 'user2', 'tester'), $this->driver->listUsers()); + } +} From c1e79af3f983b25d4778e30bf701f7b61aa9c7cf Mon Sep 17 00:00:00 2001 From: Ralf Lang Date: Tue, 24 Oct 2017 11:44:18 +0000 Subject: [PATCH 02/14] Updated package.xml --- package.xml | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/package.xml b/package.xml index f50968f..a8aeb50 100644 --- a/package.xml +++ b/package.xml @@ -23,7 +23,7 @@ slusarz@horde.org yes - 2017-10-20 + 2017-10-24 2.2.3 2.2.0 @@ -34,7 +34,7 @@ LGPL-2.1 -* +* [rla] Add a dummy authentication driver. @@ -49,6 +49,7 @@ + @@ -172,6 +173,9 @@ + + + @@ -183,6 +187,7 @@ + @@ -304,12 +309,14 @@ + + @@ -363,6 +370,9 @@ + + + @@ -1119,10 +1129,10 @@ stable stable - 2017-10-20 + 2017-10-24 LGPL-2.1 -* +* [rla] Add a dummy authentication driver. From 2485db2e437109802f570493cc7d6a606b5ee1cd Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Tue, 24 Oct 2017 14:03:36 +0200 Subject: [PATCH 03/14] PEAR on 5.6 and 7.0 is fixed. --- .travis.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index 1e1ebf7..7687992 100644 --- a/.travis.yml +++ b/.travis.yml @@ -13,12 +13,6 @@ matrix: - php: nightly before_script: - phpenv config-rm xdebug.ini || echo "XDebug not enabled" - - if [ "$TRAVIS_PHP_VERSION" == "5.6" ] || [ "$TRAVIS_PHP_VERSION" == "7.0" ]; - then - echo "include_path = .:$HOME/.phpenv/versions/$(phpenv version-name)/lib/php/pear" >> ~/.phpenv/versions/$(phpenv version-name)/etc/php.ini; - pear channel-discover pear.horde.org; - fi - - pear install channel://pear.horde.org/Horde_Test - pear install -a -B package.xml script: From 2012c381b1d17dd080250cf2dc04dd012fe1d01c Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Tue, 24 Oct 2017 14:05:12 +0200 Subject: [PATCH 04/14] Enable 7.2 builds. --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 7687992..8fe21b1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,6 +6,7 @@ php: - 5.6 - 7.0 - 7.1 + - 7.2 - nightly matrix: fast_finish: true From 754c5dbffb8d3e17c70758adb72ea26414162bc6 Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Wed, 25 Oct 2017 18:19:25 +0200 Subject: [PATCH 05/14] Update composer.json. --- composer.json | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/composer.json b/composer.json index 1aea59c..2fc69c2 100644 --- a/composer.json +++ b/composer.json @@ -21,8 +21,8 @@ "role": "lead" } ], - "version": "2.2.2", - "time": "2017-06-22", + "version": "2.2.3", + "time": "2017-10-20", "repositories": [ { "type": "pear", @@ -31,21 +31,21 @@ ], "require": { "php": "^5.3 || ^7", - "pear-pear.horde.org/Horde_Exception": "^2@stable", - "pear-pear.horde.org/Horde_Translation": "^2.2@stable", - "pear-pear.horde.org/Horde_Util": "^2@stable", + "pear-pear.horde.org/Horde_Exception": "^2", + "pear-pear.horde.org/Horde_Translation": "^2.2", + "pear-pear.horde.org/Horde_Util": "^2", "ext-hash": "*" }, "suggest": { - "pear-pear.horde.org/Horde_Db": "^2@stable", - "pear-pear.horde.org/Horde_History": "^2@stable", - "pear-pear.horde.org/Horde_Lock": "^2@stable", - "pear-pear.horde.org/Horde_Imap_Client": "^2@stable", - "pear-pear.horde.org/Horde_Kolab_Session": "^2@stable", - "pear-pear.horde.org/Horde_Ldap": "^2@stable", - "pear-pear.horde.org/Horde_Imsp": "^2@stable", - "pear-pear.horde.org/Horde_Http": "^2@stable", - "pear-pear.horde.org/Horde_Test": "^2.1@stable", + "pear-pear.horde.org/Horde_Db": "^2", + "pear-pear.horde.org/Horde_History": "^2", + "pear-pear.horde.org/Horde_Lock": "^2", + "pear-pear.horde.org/Horde_Imap_Client": "^2", + "pear-pear.horde.org/Horde_Kolab_Session": "^2", + "pear-pear.horde.org/Horde_Ldap": "^2", + "pear-pear.horde.org/Horde_Imsp": "^2", + "pear-pear.horde.org/Horde_Http": "^2", + "pear-pear.horde.org/Horde_Test": "^2.1", "pear-pecl.php.net/pam": "*", "pear-pecl.php.net/sasl": "*", "ext-ctype": "*", From 1546e75f04dd6f35e9685c5d26bb9cab927ab3e3 Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Wed, 25 Oct 2017 18:25:54 +0200 Subject: [PATCH 06/14] Update .horde.yml with extended information. --- .horde.yml | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/.horde.yml b/.horde.yml index 8628602..03231d1 100644 --- a/.horde.yml +++ b/.horde.yml @@ -7,3 +7,57 @@ description: > for the Horde authentication system. list: dev type: library +homepage: https://www.horde.org/libraries/Horde_Auth +authors: + - + name: Chuck Hagenbuch + user: chuck + email: chuck@horde.org + active: true + role: lead + - + name: Jan Schneider + user: jan + email: jan@horde.org + active: true + role: lead + - + name: Michael Slusarz + user: slusarz + email: slusarz@horde.org + active: true + role: lead +version: + release: 2.2.3 + api: 2.2.0 +state: + release: stable + api: stable +license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 +dependencies: + required: + php: ^5.3 || ^7 + pear: + pear.horde.org/Horde_Exception: ^2 + pear.horde.org/Horde_Translation: ^2.2 + pear.horde.org/Horde_Util: ^2 + ext: + hash: '*' + optional: + pear: + pear.horde.org/Horde_Db: ^2 + pear.horde.org/Horde_History: ^2 + pear.horde.org/Horde_Lock: ^2 + pear.horde.org/Horde_Imap_Client: ^2 + pear.horde.org/Horde_Kolab_Session: ^2 + pear.horde.org/Horde_Ldap: ^2 + pear.horde.org/Horde_Imsp: ^2 + pear.horde.org/Horde_Http: ^2 + pear.horde.org/Horde_Test: ^2.1 + pecl.php.net/pam: '*' + pecl.php.net/sasl: '*' + ext: + ctype: '*' + ftp: '*' From 76ee2c1d18199caf33021390e5e9c6d8e3c92065 Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Fri, 27 Oct 2017 11:04:46 +0200 Subject: [PATCH 07/14] Build changelog.yml from existing changelog(s). --- doc/Horde/Auth/changelog.yml | 630 +++++++++++++++++++++++++++++++++++ 1 file changed, 630 insertions(+) create mode 100644 doc/Horde/Auth/changelog.yml diff --git a/doc/Horde/Auth/changelog.yml b/doc/Horde/Auth/changelog.yml new file mode 100644 index 0000000..14a9b4b --- /dev/null +++ b/doc/Horde/Auth/changelog.yml @@ -0,0 +1,630 @@ +--- +2.2.3: + api: 2.2.0 + state: + release: stable + api: stable + date: 2017-10-20 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: +2.2.2: + api: 2.2.0 + state: + release: stable + api: stable + date: 2017-06-22 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Turkish translation (İTÜ BİDB ). +2.2.1: + api: 2.2.0 + state: + release: stable + api: stable + date: 2016-12-03 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Use more efficient database access in SQL backend. +2.2.0: + api: 2.2.0 + state: + release: stable + api: stable + date: 2016-07-28 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add searchUsers() method. +2.1.12: + api: 2.1.0 + state: + release: stable + api: stable + date: 2016-04-05 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mjr] Fix creating/removing mailbox in cyrsql driver (federico.mennite@lifeware.ch, Bug #14295). +2.1.11: + api: 2.1.0 + state: + release: stable + api: stable + date: 2016-02-01 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Mark PHP 7 as supported. +2.1.10: + api: 2.1.0 + state: + release: stable + api: stable + date: 2015-07-06 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] SECURITY: Don't allow to login to LDAP with an emtpy password. +2.1.9: + api: 2.1.0 + state: + release: stable + api: stable + date: 2015-06-29 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mjr] Ensure we rebind as configured user after testing auth user credentials. +2.1.8: + api: 2.1.0 + state: + release: stable + api: stable + date: 2015-04-28 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Fix issues with certain locales like Turkish. +2.1.7: + api: 2.1.0 + state: + release: stable + api: stable + date: 2015-04-13 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Improve salt generation for Blowfish hashes. +2.1.6: + api: 2.1.0 + state: + release: stable + api: stable + date: 2015-01-08 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Support loading translations from Composer-installed package. + [jan] Improve PSR-2 compatibility. +2.1.5: + api: 2.1.0 + state: + release: stable + api: stable + date: 2014-06-17 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Polish translation (Maciej Uhlig ). +2.1.4: + api: 2.1.0 + state: + release: stable + api: stable + date: 2014-05-21 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Hungarian translation (Andras Galos ). +2.1.3: + api: 2.1.0 + state: + release: stable + api: stable + date: 2014-04-03 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Danish translation (Erling Preben Hansen ). +2.1.2: + api: 2.1.0 + state: + release: stable + api: stable + date: 2014-03-03 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add MySQL password hashing (Request #12962). + [rla] Add joomla encrypted password format (Request #12889). + [mms] Fix parsing salted SHA256 entries (Adam James ). +2.1.1: + api: 2.1.0 + state: + release: stable + api: stable + date: 2013-10-15 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mms] Password strength testing is now case-insensitive (delrio@mie.utoronto.ca, Request #12708). +2.1.0: + api: 2.1.0 + state: + release: stable + api: stable + date: 2013-09-02 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mjr] Add X509 authentication driver. +2.0.6: + api: 2.0.0 + state: + release: stable + api: stable + date: 2013-07-16 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mms] Fix adding/deleting users via IMAP administration (Bug #12426). +2.0.5: + api: 2.0.0 + state: + release: stable + api: stable + date: 2013-07-16 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add password policy for minimum number of non-alphabetic characters (Friedrich Haubensak , Request #12243). + [jan] Fix resetting passwords with LDAP driver (Bug #12317). + [mms] Fix authentication with the Http auth driver. +2.0.4: + api: 2.0.0 + state: + release: stable + api: stable + date: 2013-03-05 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Improve documentation. +2.0.3: + api: 2.0.0 + state: + release: stable + api: stable + date: 2013-01-29 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add French translation (Paul De Vlieger ). + [jan] Fix argument reading in Samba drivers (Bug #11926). + [mms] Remove call-time pass-by-reference, which was causing PAM authentication driver to fail in PHP 5.4+ (Bug #10965). +2.0.2: + api: 2.0.0 + state: + release: stable + api: stable + date: 2013-01-09 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Basque translation (Ibon Igartua ). + [jan] Fix updating users in LDAP driver (Bug #11791). +2.0.1: + api: 2.0.0 + state: + release: stable + api: stable + date: 2012-11-19 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mms] Use new Horde_Test layout. +2.0.0: + api: 2.0.0 + state: + release: stable + api: stable + date: 2012-10-30 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + First stable release for Horde 5. +2.0.0beta2: + api: 2.0.0beta1 + state: + release: beta + api: beta + date: 2012-10-12 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Fix setting IMAP ACLs in IMAP and Cyrsql drivers. + [mms] Fix user management in Passwd driver. + [mms] Fix setting soft expiration in SQL driver. +2.0.0beta1: + api: 2.0.0beta1 + state: + release: beta + api: beta + date: 2012-07-19 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + First beta release for Horde 5. + [rla] Use constant for permanent lock and provide more verbose feedback (Request #11254). +2.0.0alpha1: + api: 2.0.0alpha1 + state: + release: alpha + api: alpha + date: 2012-07-05 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + First alpha release for Horde 5. + [mms] Removed charset parameter for Imap and Cyrsql drivers. +1.4.10: + api: 1.4.0 + state: + release: stable + api: stable + date: 2012-03-20 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mms] Fix Horde_Auth_Passwd#updateUser(). +1.4.9: + api: 1.4.0 + state: + release: stable + api: stable + date: 2012-03-20 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Finnish translation (Leena Heino ). +1.4.8: + api: 1.4.0 + state: + release: stable + api: stable + date: 2012-01-31 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add optimized exists() implementation to LDAP driver (Marco Ferrante , Request #10944). + [jan] Add Spanish translation (Manuel P. Ayala ). +1.4.7: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-12-13 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Latvian translation (Jānis Eisaks ). +1.4.6: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-12-06 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Japanese translation (Hiromi Kimura ). +1.4.5: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-11-22 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add Estonian translation. +1.4.4: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-11-08 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Allow to run unit tests from installed package. +1.4.3: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-10-18 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Catch exceptions from imap library (Bug #10272). +1.4.2: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-10-04 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Fix detecting locale directory from PEAR installation (Bug #10589). +1.4.1: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-10-03 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add missing locale directory (Bug #10589). +1.4.0: + api: 1.4.0 + state: + release: stable + api: stable + date: 2011-09-28 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Add checkPasswordPolicy() and checkPasswordSimilarity() methods. +1.3.0: + api: 1.3.0 + state: + release: stable + api: stable + date: 2011-09-20 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Dynamically disable capabilities of Customsql authentication driver if queries are empty (Michael Gröne, Request #10510). + [jan] Fix updating users in LDAP while using preauthenticate hooks. + [jan] Add support for resetting passwords to LDAP driver. +1.2.0: + api: 1.2.0 + state: + release: stable + api: stable + date: 2011-08-31 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [rla] Add bad login blocking and account locking to the base driver. + [rla] Fix SQL driver when using soft_expiration and hard_expiration features. + [rla] No longer enforce lowercase fieldnames. +1.1.0: + api: 1.1.0 + state: + release: stable + api: stable + date: 2011-07-05 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [rla] Add sort parameter to listUsers() method. + [mms] Fix addUser() for Cyrsql driver (vilius@lnk.lt, Bug #10239). +1.0.4: + api: 1.0.0 + state: + release: stable + api: stable + date: 2011-06-08 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] SECURITY: Fix propagating failed login in composite driver (Bug #10211). +1.0.3: + api: 1.0.0 + state: + release: stable + api: stable + date: 2011-05-18 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mms] Cyrsql driver doesn't support resetting passwords currently (Bug #10060). +1.0.2: + api: 1.0.0 + state: + release: stable + api: stable + date: 2011-05-03 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [jan] Fix listing users in Customsql driver (Bug #9963). +1.0.1: + api: 1.0.0 + state: + release: stable + api: stable + date: 2011-04-20 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + [mms] Fix default userhierarchy for Cyrsql driver (Bug #9895). + [cjh] Add crypt-sha256 and crypt-sha512 password hashes (patrickdk@patrickdk.com, Request #6991). + [mms] Fix addUser() in Customsql driver (Bug #9832). +1.0.0: + api: 1.0.0 + state: + release: stable + api: stable + date: 2011-04-06 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + First stable release for Horde 4. + [jan] Fix Cyrsql driver (Vilius Sumskas , Bug #9781). + [jan] Add SHA-256 hashing and add SHA as alias for SHA1. +1.0.0RC2: + api: 1.0.0 + state: + release: beta + api: beta + date: 2011-03-29 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + Second release candidate for Horde 4. + Remove Cyrus driver. + Remove support for pam_auth (Ticket #6860). +1.0.0RC1: + api: 1.0.0 + state: + release: beta + api: beta + date: 2011-03-22 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + First release candidate for Horde 4. +1.0.0beta1: + api: 1.0.0 + state: + release: beta + api: beta + date: 2011-03-16 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + First beta release for Horde 4. +1.0.0alpha1: + api: 1.0.0 + state: + release: alpha + api: alpha + date: 2011-03-08 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + First alpha release for Horde 4. + Remove dependency on horde/Core. + Remove all non-authentication backend related code. + Removed Krb5 driver. + Moved signup code to horde/Core. + Split Horde_Auth into Horde_Auth and Horde_Auth_Base components. +0.1.1: + api: 0.1.0 + state: + release: beta + api: beta + date: 2008-10-29 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + Imap driver now uses Horde_Imap_Client library. + Add signup drivers to package.xml (Bug #7345). + Fix the "overwriting realm info from application auth drivers" (Bug #6749) + Switched Kolab auth handling from IMAP to LDAP by using Kolab_Server. + Added "add user" capability to the Kolab driver. + Adapted the Kolab auth driver to the changes in Kolab_Server. +0.1.0: + api: 0.1.0 + state: + release: beta + api: beta + date: 2008-09-16 + license: + identifier: LGPL-2.1 + uri: http://www.horde.org/licenses/lgpl21 + notes: | + Fixed error handling when removing user data. + Retrieve password where necessary for salt calculations in the custom SQL driver (Bug #3739). + Added a query for checking existance of a user to the custom SQL driver (Request #5151). + Completed Cyrus virtual domain support in the cyrsql driver. + Fixed handling of UID logins in the Kolab driver (Bugs #1317, #4662). + Fixed case handling in the LDAP driver (Bug #2435). + Rewrote PAM driver to use PAM extension from PECL. + Fixed the PAM driver authentication so that it works with both pam and pam_auth extensions (Bug #6860). + Ensured that the LDAP driver always uses the configured filter. + Renamed Auth_sasl to Auth_peclsasl (Bug #4547). + Allow signup hooks to override the user_name and password fields (Request #2904). + Created an SQL driver for signups and allowing backends other than DataTree (Request #7161). + Added smbclient driver as an alternative to the smb driver which requires a PHP extension. + Fix handling of SSHA and SMD5 salts (ulrich-horde@topfen.net, Bug #2863). + Added readSessionData() function to get Horde authentication data from session strings. + Allow drivers to include their own isAdmin() implementations (Request #5521). + Add Active Directory extension of LDAP driver (Request #3769). + Hide the cyrus account in cyrsql driver (vilius@lnk.lt, Request #5626). + Bring the passwd driver into compliance with the Auth API. + Remove dependency on the mhash extension for some encryption types. + Add authentication against a remote HTTP Authentication endpoint (duck@obala.net). + CSRF token protections for logout links. + Call the postauthenticate hook in Horde_Auth::setAuth() instead of authenticate(). + Modified the Kolab driver to use the new Kolab_Server package. + Improved handling of multiple IMAP server setups in the Kolab driver. From c177f6cd39a5b682298e0c390a5055008af3e220 Mon Sep 17 00:00:00 2001 From: Jan Schneider Date: Fri, 27 Oct 2017 11:08:39 +0200 Subject: [PATCH 08/14] Regenerate package.xml from changelog.yml. --- package.xml | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/package.xml b/package.xml index a8aeb50..6af5f3d 100644 --- a/package.xml +++ b/package.xml @@ -23,7 +23,7 @@ slusarz@horde.org yes - 2017-10-24 + 2017-10-29 2.2.3 2.2.0 @@ -34,10 +34,18 @@ LGPL-2.1 -* [rla] Add a dummy authentication driver. +* [rla] Add Mock authentication driver. + + + + + + + + @@ -49,7 +57,6 @@ - @@ -58,6 +65,7 @@ + @@ -173,10 +181,10 @@ - - - + + + @@ -310,13 +318,14 @@ + + - @@ -326,6 +335,7 @@ + @@ -370,10 +380,10 @@ - - - + + + @@ -1129,10 +1139,10 @@ stable stable - 2017-10-24 + 2017-10-29 LGPL-2.1 -* [rla] Add a dummy authentication driver. +* [rla] Add Mock authentication driver. From a4577db09505dadb914a0ccc8c2b37322d835888 Mon Sep 17 00:00:00 2001 From: Ralf Lang Date: Sun, 29 Oct 2017 07:30:22 +0000 Subject: [PATCH 09/14] Not yet 2018 --- lib/Horde/Auth/Dummy.php | 2 +- test/Horde/Auth/Unit/DummyCryptShowTest.php | 2 +- test/Horde/Auth/Unit/DummyCryptTest.php | 2 +- test/Horde/Auth/Unit/DummyPlainTest.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/Horde/Auth/Dummy.php b/lib/Horde/Auth/Dummy.php index 7891492..83154f6 100644 --- a/lib/Horde/Auth/Dummy.php +++ b/lib/Horde/Auth/Dummy.php @@ -1,6 +1,6 @@ Date: Sun, 29 Oct 2017 07:40:08 +0000 Subject: [PATCH 10/14] ws --- lib/Horde/Auth/Dummy.php | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/lib/Horde/Auth/Dummy.php b/lib/Horde/Auth/Dummy.php index 83154f6..e57bf11 100644 --- a/lib/Horde/Auth/Dummy.php +++ b/lib/Horde/Auth/Dummy.php @@ -13,13 +13,14 @@ /** * The Horde_Auth_Dummy class provides an in-memory user list. + * * It is meant to be used for throwaway setups, satellite systems or for * providing a source of administrative accounts in Composite or Cascading driver * The driver can also be used as a mock-like backend for integration tests * * @author Ralf Lang * @category Horde - * @copyright 2017-2018 Horde LLC + * @copyright 2017 Horde LLC * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 * @package Auth */ @@ -77,10 +78,10 @@ public function addUser($userId, $credentials) throw new Horde_Auth_Exception('User already exists'); } $this->_params['users'][$userId] = Horde_Auth::getCryptedPassword( - $credentials['password'], - '', - $this->_params['encryption'], - $this->_params['show_encryption']); + $credentials['password'], + '', + $this->_params['encryption'], + $this->_params['show_encryption']); } /** @@ -162,10 +163,11 @@ protected function _authenticate($userId, $credentials) */ protected function _comparePasswords($encrypted, $plaintext) { - return $encrypted == Horde_Auth::getCryptedPassword($plaintext, - $encrypted, - $this->_params['encryption'], - $this->_params['show_encryption']); + return $encrypted == Horde_Auth::getCryptedPassword( + $plaintext, + $encrypted, + $this->_params['encryption'], + $this->_params['show_encryption']); } } From e9a57cf9529a2d0eee6fb4808e7b89317399b0ba Mon Sep 17 00:00:00 2001 From: Ralf Lang Date: Sun, 29 Oct 2017 07:42:55 +0000 Subject: [PATCH 11/14] Remove throws comment if the library doesn't throw anything --- lib/Horde/Auth/Dummy.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib/Horde/Auth/Dummy.php b/lib/Horde/Auth/Dummy.php index e57bf11..949a347 100644 --- a/lib/Horde/Auth/Dummy.php +++ b/lib/Horde/Auth/Dummy.php @@ -90,7 +90,6 @@ public function addUser($userId, $credentials) * @param boolean $sort Sort the users? * * @return mixed The array of userIds. - * @throws Horde_Auth_Exception */ public function listUsers($sort = false) { @@ -122,8 +121,6 @@ public function updateUser($oldID, $newID, $credentials) * Deletes a set of authentication credentials for the life of the driver. * * @param string $userId The userId to delete. - * - * @throws Horde_Auth_Exception */ public function removeUser($userId) { From 224d1bb69c732ec2f22191358ef0cc7dba4f2c9b Mon Sep 17 00:00:00 2001 From: Ralf Lang Date: Sun, 29 Oct 2017 07:51:52 +0000 Subject: [PATCH 12/14] Make exception test cases php5.4 compatible Remove unnecessary comment line --- test/Horde/Auth/Unit/DummyCryptShowTest.php | 7 +++---- test/Horde/Auth/Unit/DummyCryptTest.php | 7 +++---- test/Horde/Auth/Unit/DummyPlainTest.php | 7 +++---- 3 files changed, 9 insertions(+), 12 deletions(-) diff --git a/test/Horde/Auth/Unit/DummyCryptShowTest.php b/test/Horde/Auth/Unit/DummyCryptShowTest.php index 4da7894..d7e9cc3 100644 --- a/test/Horde/Auth/Unit/DummyCryptShowTest.php +++ b/test/Horde/Auth/Unit/DummyCryptShowTest.php @@ -1,6 +1,5 @@ driver->addUser('user4', array('password' => 'foo')); $this->assertCount(4, $this->driver->listUsers()); // Add somebody who already exist - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->addUser('user4', array('password' => 'foo')); $this->assertCount(4, $this->driver->listUsers()); @@ -97,7 +96,7 @@ public function testUpdateUser() public function testUpdateUserFailDoesNotExist() { // Try renaming unknown user - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->updateUser('unknownuser', 'newname', array('password' => 'foo')); $this->setUp(); } @@ -105,7 +104,7 @@ public function testUpdateUserFailDoesNotExist() public function testUpdateUserFailNewNameExists() { // Try renaming unknown user - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->updateUser('tester', 'user1', array('password' => 'foo')); $this->setUp(); } diff --git a/test/Horde/Auth/Unit/DummyCryptTest.php b/test/Horde/Auth/Unit/DummyCryptTest.php index 154c1b3..3b200b2 100644 --- a/test/Horde/Auth/Unit/DummyCryptTest.php +++ b/test/Horde/Auth/Unit/DummyCryptTest.php @@ -1,6 +1,5 @@ driver->addUser('user4', array('password' => 'foo')); $this->assertCount(4, $this->driver->listUsers()); // Add somebody who already exist - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->addUser('user4', array('password' => 'foo')); $this->assertCount(4, $this->driver->listUsers()); @@ -97,7 +96,7 @@ public function testUpdateUser() public function testUpdateUserFailDoesNotExist() { // Try renaming unknown user - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->updateUser('unknownuser', 'newname', array('password' => 'foo')); $this->setUp(); } @@ -105,7 +104,7 @@ public function testUpdateUserFailDoesNotExist() public function testUpdateUserFailNewNameExists() { // Try renaming unknown user - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->updateUser('tester', 'user1', array('password' => 'foo')); $this->setUp(); } diff --git a/test/Horde/Auth/Unit/DummyPlainTest.php b/test/Horde/Auth/Unit/DummyPlainTest.php index caadee8..d074423 100644 --- a/test/Horde/Auth/Unit/DummyPlainTest.php +++ b/test/Horde/Auth/Unit/DummyPlainTest.php @@ -1,6 +1,5 @@ driver->addUser('user4', array('password' => 'foo')); $this->assertCount(4, $this->driver->listUsers()); // Add somebody who already exist - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->addUser('user4', array('password' => 'foo')); $this->assertCount(4, $this->driver->listUsers()); @@ -95,7 +94,7 @@ public function testUpdateUser() public function testUpdateUserFailDoesNotExist() { // Try renaming unknown user - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->updateUser('unknownuser', 'newname', array('password' => 'foo')); $this->setUp(); } @@ -103,7 +102,7 @@ public function testUpdateUserFailDoesNotExist() public function testUpdateUserFailNewNameExists() { // Try renaming unknown user - $this->setExpectedException(Horde_Auth_Exception::class); + $this->setExpectedException('Horde_Auth_Exception'); $this->driver->updateUser('tester', 'user1', array('password' => 'foo')); $this->setUp(); } From 016b8fdf15f67f0b1bf04071f8573903787a065c Mon Sep 17 00:00:00 2001 From: Ralf Lang Date: Sun, 29 Oct 2017 08:02:53 +0000 Subject: [PATCH 13/14] Change for better readability. --- lib/Horde/Auth/Dummy.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/lib/Horde/Auth/Dummy.php b/lib/Horde/Auth/Dummy.php index 949a347..caa2e36 100644 --- a/lib/Horde/Auth/Dummy.php +++ b/lib/Horde/Auth/Dummy.php @@ -138,15 +138,14 @@ public function removeUser($userId) */ protected function _authenticate($userId, $credentials) { - if ($this->exists($userId)) { - if ($this->_comparePasswords( + if (!$this->exists($userId) || + !$this->_comparePasswords( $this->_params['users'][$userId], $credentials['password'] )) { - return; - } + throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN); } - throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN); + return; } /** From ea59e1d5ff6e001aceeb50371d22d668a19087ec Mon Sep 17 00:00:00 2001 From: Ralf Lang Date: Sun, 29 Oct 2017 08:08:39 +0000 Subject: [PATCH 14/14] Rename the driver to mock driver --- lib/Horde/Auth/{Dummy.php => Mock.php} | 4 ++-- .../Unit/{DummyCryptShowTest.php => MockCryptShowTest.php} | 6 +++--- .../Auth/Unit/{DummyCryptTest.php => MockCryptTest.php} | 6 +++--- .../Auth/Unit/{DummyPlainTest.php => MockPlainTest.php} | 6 +++--- 4 files changed, 11 insertions(+), 11 deletions(-) rename lib/Horde/Auth/{Dummy.php => Mock.php} (97%) rename test/Horde/Auth/Unit/{DummyCryptShowTest.php => MockCryptShowTest.php} (97%) rename test/Horde/Auth/Unit/{DummyCryptTest.php => MockCryptTest.php} (97%) rename test/Horde/Auth/Unit/{DummyPlainTest.php => MockPlainTest.php} (97%) diff --git a/lib/Horde/Auth/Dummy.php b/lib/Horde/Auth/Mock.php similarity index 97% rename from lib/Horde/Auth/Dummy.php rename to lib/Horde/Auth/Mock.php index caa2e36..7ff5262 100644 --- a/lib/Horde/Auth/Dummy.php +++ b/lib/Horde/Auth/Mock.php @@ -12,7 +12,7 @@ */ /** - * The Horde_Auth_Dummy class provides an in-memory user list. + * The Horde_Auth_Mock class provides an in-memory user list. * * It is meant to be used for throwaway setups, satellite systems or for * providing a source of administrative accounts in Composite or Cascading driver @@ -24,7 +24,7 @@ * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 * @package Auth */ -class Horde_Auth_Dummy extends Horde_Auth_Base +class Horde_Auth_Mock extends Horde_Auth_Base { /** * An array of capabilities, so that the driver can report which diff --git a/test/Horde/Auth/Unit/DummyCryptShowTest.php b/test/Horde/Auth/Unit/MockCryptShowTest.php similarity index 97% rename from test/Horde/Auth/Unit/DummyCryptShowTest.php rename to test/Horde/Auth/Unit/MockCryptShowTest.php index d7e9cc3..7b2a164 100644 --- a/test/Horde/Auth/Unit/DummyCryptShowTest.php +++ b/test/Horde/Auth/Unit/MockCryptShowTest.php @@ -1,6 +1,6 @@ driver = new Horde_Auth_Dummy( + $this->driver = new Horde_Auth_Mock( array( 'users' => array( 'user1' => '{crypt}$1$S/EKq8Dg$OJvaV8Lu1HgCXKNqAo.wG/', diff --git a/test/Horde/Auth/Unit/DummyCryptTest.php b/test/Horde/Auth/Unit/MockCryptTest.php similarity index 97% rename from test/Horde/Auth/Unit/DummyCryptTest.php rename to test/Horde/Auth/Unit/MockCryptTest.php index 3b200b2..a0245d6 100644 --- a/test/Horde/Auth/Unit/DummyCryptTest.php +++ b/test/Horde/Auth/Unit/MockCryptTest.php @@ -1,6 +1,6 @@ driver = new Horde_Auth_Dummy( + $this->driver = new Horde_Auth_Mock( array( 'users' => array( 'user1' => '$1$S/EKq8Dg$OJvaV8Lu1HgCXKNqAo.wG/', diff --git a/test/Horde/Auth/Unit/DummyPlainTest.php b/test/Horde/Auth/Unit/MockPlainTest.php similarity index 97% rename from test/Horde/Auth/Unit/DummyPlainTest.php rename to test/Horde/Auth/Unit/MockPlainTest.php index d074423..51bea2b 100644 --- a/test/Horde/Auth/Unit/DummyPlainTest.php +++ b/test/Horde/Auth/Unit/MockPlainTest.php @@ -1,6 +1,6 @@ driver = new Horde_Auth_Dummy( + $this->driver = new Horde_Auth_Mock( array( 'users' => array( 'user1' => 'user1pw',