Skip to content

Commit

Permalink
Allow email to be retrieve by SSO ReverseProxy
Browse files Browse the repository at this point in the history 
If REMOTE_EMAIL header is set, use it as user email.
If REVERSE_PROXY_DEFAULT_DOMAIN is set but not REMOTE_EMAIL, use the current construct.
  • Loading branch information
@mildis
mildis authored Aug 29, 2020
1 parent 4dd586c commit 33c3b32
Show file tree
Hide file tree
Showing 6 changed files with 42 additions and 3 deletions.
3 changes: 2 additions & 1 deletion app/Auth/ReverseProxyAuth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,10 +43,11 @@ public function getName()
public function authenticate()
{
$username = $this->request->getRemoteUser();
$email = $this->request->getRemoteEmail();

if (! empty($username)) {
$userProfile = $this->userCacheDecorator->getByUsername($username);
$this->userInfo = new ReverseProxyUserProvider($username, $userProfile ?: array());
$this->userInfo = new ReverseProxyUserProvider($username, $email, $userProfile ?: array());
return true;
}

Expand Down
11 changes: 11 additions & 0 deletions app/Core/Http/Request.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -270,6 +270,17 @@ public function getRemoteUser()
return $this->getServerVariable(REVERSE_PROXY_USER_HEADER);
}

/**
* Get remote email
*
* @access public
* @return string
*/
public function getRemoteEmail()
{
return $this->getServerVariable(REVERSE_PROXY_EMAIL_HEADER);
}

/**
* Returns query string
*
Expand Down
18 changes: 16 additions & 2 deletions app/User/ReverseProxyUserProvider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,14 @@ class ReverseProxyUserProvider implements UserProviderInterface
*/
protected $username = '';

/**
* Email
*
* @access protected
* @var string
*/
protected $email = '';

/**
* User profile if the user already exists
*
Expand All @@ -34,10 +42,12 @@ class ReverseProxyUserProvider implements UserProviderInterface
*
* @access public
* @param string $username
* @param string $email
*/
public function __construct($username, array $userProfile = array())
public function __construct($username, $email, array $userProfile = array())
{
$this->username = $username;
$this->email = $email;
$this->userProfile = $userProfile;
}

Expand Down Expand Up @@ -134,7 +144,11 @@ public function getName()
*/
public function getEmail()
{
return REVERSE_PROXY_DEFAULT_DOMAIN !== '' ? $this->username.'@'.REVERSE_PROXY_DEFAULT_DOMAIN : '';
if (REVERSE_PROXY_DEFAULT_DOMAIN !== '' && $this->email === '') {
return $this->username.'@'.REVERSE_PROXY_DEFAULT_DOMAIN;
}

return $this->email;
}

/**
Expand Down
1 change: 1 addition & 0 deletions app/constants.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@
defined('REVERSE_PROXY_AUTH') or define('REVERSE_PROXY_AUTH', strtolower(getenv('REVERSE_PROXY_AUTH')) === 'true');
defined('REVERSE_PROXY_USER_HEADER') or define('REVERSE_PROXY_USER_HEADER', getenv('REVERSE_PROXY_USER_HEADER') ?: 'REMOTE_USER');
defined('REVERSE_PROXY_DEFAULT_ADMIN') or define('REVERSE_PROXY_DEFAULT_ADMIN', getenv('REVERSE_PROXY_DEFAULT_ADMIN') ?: '');
defined('REVERSE_PROXY_EMAIL_HEADER') or define('REVERSE_PROXY_EMAIL_HEADER', getenv('REVERSE_PROXY_EMAIL_HEADER') ?: 'REMOTE_EMAIL');
defined('REVERSE_PROXY_DEFAULT_DOMAIN') or define('REVERSE_PROXY_DEFAULT_DOMAIN', getenv('REVERSE_PROXY_DEFAULT_DOMAIN') ?: '');

// Remember me authentication
Expand Down
3 changes: 3 additions & 0 deletions config.default.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,9 @@
// Username of the admin, by default blank
define('REVERSE_PROXY_DEFAULT_ADMIN', '');

// Header name to use for the username
define('REVERSE_PROXY_EMAIL_HEADER', 'REMOTE_EMAIL');

// Default domain to use for setting the email address
define('REVERSE_PROXY_DEFAULT_DOMAIN', '');

Expand Down
9 changes: 9 additions & 0 deletions tests/units/Core/Http/RequestTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,6 +140,15 @@ public function testGetRemoteUser()
$this->assertEquals('test', $request->getRemoteUser());
}

public function testGetRemoteEmail()
{
$request = new Request($this->container, array(), array(), array(), array(), array());
$this->assertEmpty($request->getRemoteEmail());

$request = new Request($this->container, array(REVERSE_PROXY_EMAIL_HEADER => 'test@example.com'), array(), array(), array(), array());
$this->assertEquals('test@example.com', $request->getRemoteEmail());
}

public function testGetQueryString()
{
$request = new Request($this->container, array(), array(), array(), array(), array());
Expand Down

0 comments on commit 33c3b32

Please sign in to comment.