diff options
Diffstat (limited to 'pkgs/icingaweb2/sproxy.patch')
-rw-r--r-- | pkgs/icingaweb2/sproxy.patch | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/pkgs/icingaweb2/sproxy.patch b/pkgs/icingaweb2/sproxy.patch new file mode 100644 index 0000000..234bee7 --- /dev/null +++ b/pkgs/icingaweb2/sproxy.patch @@ -0,0 +1,92 @@ +From 64d9685260f93b5c2f18cc7abbc862575e5b2904 Mon Sep 17 00:00:00 2001 +From: Igor Pashev <pashev.igor@gmail.com> +Date: Thu, 19 Apr 2018 13:27:24 +0300 +Subject: [PATCH] Add Sproxy backend + +--- + .../Icinga/Authentication/User/SproxyBackend.php | 51 ++++++++++++++++++++++ + library/Icinga/Authentication/User/UserBackend.php | 6 +++ + 2 files changed, 57 insertions(+) + create mode 100644 library/Icinga/Authentication/User/SproxyBackend.php + +diff --git a/library/Icinga/Authentication/User/SproxyBackend.php b/library/Icinga/Authentication/User/SproxyBackend.php +new file mode 100644 +index 0000000000..f36c362374 +--- /dev/null ++++ b/library/Icinga/Authentication/User/SproxyBackend.php +@@ -0,0 +1,51 @@ ++<?php ++/* 2016 Zalora South East Asia Pte. Ltd | GPLv2+ */ ++ ++namespace Icinga\Authentication\User; ++ ++use Icinga\Data\ConfigObject; ++use Icinga\User; ++ ++/** ++ * Login with Sproxy authentication mechanism. ++ * This is similar to the "external" backend. ++ * ++ * Sproxy provides at least two HTTP headers: ++ * ++ * "From" - the user's email address. ++ * "X-Groups" - a comma-separated list of the user's groups. ++ * ++ * ++ * See <https://hackage.haskell.org/package/sproxy2>, ++ * or <https://github.com/ip1981/sproxy2>, ++ * or <https://gitlab.com/ip1981/sproxy2>, ++ * or <https://bitbucket.org/IgorPashev/sproxy2>. ++ */ ++class SproxyBackend extends ExternalBackend ++{ ++ /** ++ * {@inheritdoc} ++ */ ++ public function authenticate(User $user, $password = null) ++ { ++ if (! empty($_SERVER['HTTP_FROM'])) { ++ $email = $_SERVER['HTTP_FROM']; ++ $user->setUsername($email); ++ $user->setEmail($email); ++ $user->setExternalUserInformation($email, 'HTTP_FROM'); ++ ++ if (! empty($_SERVER['HTTP_X_GIVEN_NAME'])) { ++ $user->setFirstname($_SERVER['HTTP_X_GIVEN_NAME']); ++ } ++ if (! empty($_SERVER['HTTP_X_GROUPS'])) { ++ $user->setGroups(explode(',', $_SERVER['HTTP_X_GROUPS'])); ++ } ++ if (! empty($_SERVER['HTTP_X_FAMILY_NAME'])) { ++ $user->setLastname($_SERVER['HTTP_X_FAMILY_NAME']); ++ } ++ ++ return true; ++ } ++ return false; ++ } ++} +diff --git a/library/Icinga/Authentication/User/UserBackend.php b/library/Icinga/Authentication/User/UserBackend.php +index 8130c56cde..366b84fd4f 100644 +--- a/library/Icinga/Authentication/User/UserBackend.php ++++ b/library/Icinga/Authentication/User/UserBackend.php +@@ -22,6 +22,7 @@ class UserBackend implements ConfigAwareFactory + * @var array + */ + protected static $defaultBackends = array( ++ 'sproxy', + 'external', + 'db', + 'ldap', +@@ -176,6 +177,11 @@ public static function create($name, ConfigObject $backendConfig = null) + $backend->setName($name); + return $backend; + } ++ if ($backendType === 'sproxy') { ++ $backend = new SproxyBackend($backendConfig); ++ $backend->setName($name); ++ return $backend; ++ } + if (in_array($backendType, static::$defaultBackends)) { + // The default backend check is the first one because of performance reasons: + // Do not attempt to load a custom user backend unless it's actually required |