├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── SCREENSHOTS │ └── splashscreen.png └── issue-branch.yml ├── .gitignore ├── CHANGELOG.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── appinfo ├── app.php ├── info.xml └── routes.php ├── composer.json ├── composer.lock ├── css ├── casError.css ├── casError.dev.css ├── settings.css └── settings.dev.css ├── img ├── app.svg └── cas-logo.png ├── js ├── settings.dev.js └── settings.js ├── l10n ├── de.js ├── de.json ├── de │ └── user_cas.po ├── fr.js ├── fr.json ├── fr │ └── user_cas.po └── templates │ └── user_cas.pot ├── lib ├── AppInfo │ └── Application.php ├── Command │ ├── CreateUser.php │ ├── ImportUsersAd.php │ └── UpdateUser.php ├── Controller │ ├── AuthenticationController.php │ └── SettingsController.php ├── Exception │ ├── PhpCas │ │ └── PhpUserCasLibraryNotFoundException.php │ └── UserCasException.php ├── Hooks │ └── UserHooks.php ├── Panels │ └── Admin.php ├── Service │ ├── AppService.php │ ├── Import │ │ ├── AdImporter.php │ │ └── ImporterInterface.php │ ├── LoggingService.php │ ├── Merge │ │ ├── AdUserMerger.php │ │ └── MergerInterface.php │ └── UserService.php └── User │ ├── Backend.php │ ├── NextBackend.php │ └── UserCasBackendInterface.php └── templates ├── admin.php └── cas-error.php /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | 5 | --- 6 | 7 | **Describe the bug** 8 | A clear and concise description of what the bug is. 9 | 10 | **To Reproduce** 11 | Steps to reproduce the behavior: 12 | 1. Go to '...' 13 | 2. Click on '....' 14 | 3. Scroll down to '....' 15 | 4. See error 16 | 17 | **Expected behavior** 18 | A clear and concise description of what you expected to happen. 19 | 20 | **Screenshots** 21 | If applicable, add screenshots to help explain your problem. 22 | 23 | **Software (please complete the following information):** 24 | - Server-OS: [e.g. Debian 9] 25 | - HTTP-Server Version: [e.g. Apache 2.2.0] 26 | - PHP-Version: [e.g. PHP 7.0] 27 | - phpCAS-Library-Version: [e.g. phpCAS 1.3.5] 28 | - ownCloud/Nextcloud Version [e.g. ownCloud 10.0.7/Nextcloud 13.0.0] 29 | - user_cas-Version: [e.g. user_cas 1.5.0] 30 | 31 | 32 | **Additional context** 33 | Add any other context about the problem here. 34 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | 5 | --- 6 | 7 | **Is your feature request related to a problem? Please describe.** 8 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 9 | 10 | **Describe the solution you'd like** 11 | A clear and concise description of what you want to happen. 12 | 13 | **Describe alternatives you've considered** 14 | A clear and concise description of any alternative solutions or features you've considered. 15 | 16 | **Additional context** 17 | Add any other context or screenshots about the feature request here. 18 | -------------------------------------------------------------------------------- /.github/SCREENSHOTS/splashscreen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/felixrupp/user_cas/7117d50f55dc23b10308aa9bf692d4603ca6000e/.github/SCREENSHOTS/splashscreen.png -------------------------------------------------------------------------------- /.github/issue-branch.yml: -------------------------------------------------------------------------------- 1 | mode: chatops -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Created by .ignore support plugin (hsz.mobi) 2 | ### OSX template 3 | *.DS_Store 4 | .AppleDouble 5 | .LSOverride 6 | 7 | # Icon must end with two \r 8 | Icon 9 | 10 | # Thumbnails 11 | ._* 12 | 13 | # Files that might appear in the root of a volume 14 | .DocumentRevisions-V100 15 | .fseventsd 16 | .Spotlight-V100 17 | .TemporaryItems 18 | .Trashes 19 | .VolumeIcon.icns 20 | .com.apple.timemachine.donotpresent 21 | 22 | # Directories potentially created on remote AFP share 23 | .AppleDB 24 | .AppleDesktop 25 | Network Trash Folder 26 | Temporary Items 27 | .apdisk 28 | ### Windows template 29 | # Windows image file caches 30 | Thumbs.db 31 | ehthumbs.db 32 | 33 | # Folder config file 34 | Desktop.ini 35 | 36 | # Recycle Bin used on file shares 37 | $RECYCLE.BIN/ 38 | 39 | # Windows Installer files 40 | *.cab 41 | *.msi 42 | *.msm 43 | *.msp 44 | 45 | # Windows shortcuts 46 | *.lnk 47 | ### JetBrains template 48 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm 49 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 50 | 51 | # User-specific stuff: 52 | .idea/ 53 | 54 | ## File-based project format: 55 | *.iws 56 | 57 | ## Plugin-specific files: 58 | 59 | # IntelliJ 60 | /out/ 61 | 62 | # mpeltonen/sbt-idea plugin 63 | .idea_modules/ 64 | 65 | # JIRA plugin 66 | atlassian-ide-plugin.xml 67 | 68 | # Crashlytics plugin (for Android Studio and IntelliJ) 69 | com_crashlytics_export_strings.xml 70 | crashlytics.properties 71 | crashlytics-build.properties 72 | fabric.properties 73 | ### Composer template 74 | composer.phar 75 | /vendor/ 76 | 77 | # Commit your application's lock file http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file 78 | # You may choose to ignore a library lock file http://getcomposer.org/doc/02-libraries.md#lock-file 79 | # composer.lock 80 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | CHANGELOG 2 | ========= 3 | 4 | Version 1.10.0 5 | -------------- 6 | 7 | * Add compatibility for owncloud 10.10 and up to Nextcloud 24 with PHP 8.0 8 | * Bumps phpCAS library to 1.5.0 9 | 10 | 11 | Version 1.9.0 12 | ------------- 13 | 14 | * Add setting to allow json-decode for mapped group attribute (see: Issue [#51](https://github.com/felixrupp/user_cas/issues/51)) 15 | * Add mapping for user-id attribute (see: Issue [#70](https://github.com/felixrupp/user_cas/issues/70)) 16 | * Add setting for adding default group, based on the user’s name and an optional prefix (see: Issue [75](https://github.com/felixrupp/user_cas/issues/75)) 17 | * Add setting to protect public share links with CAS (see: Issue [93](https://github.com/felixrupp/user_cas/issues/93)) 18 | * Possibly fixes WEBDAV problems (see: Issues [57](https://github.com/felixrupp/user_cas/issues/57) and [94](https://github.com/felixrupp/user_cas/issues/94)) 19 | * Bumps phpCAS library to 1.3.9 20 | 21 | 22 | Version 1.8.7 23 | ------------- 24 | 25 | * Raises compatibility to ownCloud 10.6 and Nextcloud 20 26 | * Changes the phpCAS Version to specify 1.3.5 or higher (was >= 1.3 before) 27 | 28 | 29 | Version 1.8.6 30 | ------------- 31 | 32 | * Raises compatibility to ownCloud 10.5 and Nextcloud 19 33 | * Fixes a static file path to the CAS login button logo on ownCloud 34 | 35 | 36 | Version 1.8.5 37 | ------------- 38 | 39 | * Improves SingleSignout to only remove CAS authtokens 40 | * Fixes Nextcloud login-flow bug (see Issue [#69](https://github.com/felixrupp/user_cas/issues/69)) - thanks to [@pingou2712](https://github.com/pingou2712>) 41 | 42 | 43 | Version 1.8.4 44 | ------------- 45 | 46 | * Adds option to disable SingleSignout requests to the ownCloud/Nextcloud instance in admin panel 47 | * Adds missing translations for options and readme entries 48 | 49 | 50 | Version 1.8.3 51 | ------------- 52 | 53 | * Fixes SingleSignOut feature - thanks to [@pingou2712](https://github.com/pingou2712>) 54 | * Fixes wrong link to Nextcloud AppStore in Readme - thanks to [@Emi94](https://github.com/Emi94) 55 | 56 | 57 | Version 1.8.2 58 | ------------- 59 | 60 | * Raises compatibility to ownCloud 10.4 61 | * Adds section in README to describe how to disable code integrity checks on dev setups 62 | 63 | 64 | Version 1.8.1 65 | ------------- 66 | 67 | * Raises compatibility to Nextcloud 18 68 | 69 | * Fixes Nextcloud 18 WebDAV bug - thanks to [@landryb](https://github.com/landryb) 70 | * Fixes internal ip checks for *»Don’t use Multi-Factor-Authentication on these client-IPs«* 71 | * Fixes typo in acceptedStrength \[ECAS\] 72 | 73 | 74 | Version 1.8.0 75 | ------------- 76 | 77 | * Drops compatibility for Nextcloud 13 78 | * Raises compatibility to Nextcloud 17 79 | 80 | * Fixes a redirect error with enabled enforce-authentication and non-authorized users 81 | * Fixes a security bug, where a user, not authorized by any groups, still had the possibility to gain access to a read only account 82 | * Fixes deprecated quota handling: all quotas should now be handled correctly (even 'none' and 'default') 83 | 84 | * Adds option to overwrite the CAS login button’s label 85 | * Adds option to keep CAS-ticket-ids in URL (see [Issue #17](https://github.com/felixrupp/user_cas/issues/17)) 86 | * Adds feature to use CAS Single-Logout 87 | 88 | * Bumps phpCAS library to 1.3.8 89 | 90 | 91 | Version 1.7.4 92 | ------------- 93 | 94 | * Fixes CAS logout service backlink 95 | 96 | 97 | Version 1.7.3 98 | ------------- 99 | 100 | * Raises compatibility to ownCloud 10.3 101 | * Adds support for cas server path "/" - thanks to [@dattn](https://github.com/dattn) 102 | 103 | 104 | Version 1.7.2 105 | ------------- 106 | 107 | * Fixes double synchronisation of DisplayName, causing overlays in DisplayName on first login 108 | * Fixes problems with local database users being converted to user_cas backend by accident 109 | * Fixes logout handling to not need a list of Logout Servers anymore 110 | 111 | * Adds error handling when CAS basic config is missing or truncated 112 | * Adds the license file for AGPL 3.0 or later 113 | * Adds ActiveDirectory import OCC command, let’s you import specific LDAP users as user_cas users to your ownCloud/Nextcloud instance 114 | * Adds options for group name filter and group umlaut replacement in "Groups" panel 115 | 116 | 117 | Version 1.7.1 118 | ------------- 119 | 120 | * Raises compatibility to ownCloud 10.2 and Nextcloud 16 121 | * Fixes Create-/UpdateCommand and synchronisation with the user_cas-Backend 122 | * Fixes user autocreation process and synchronisation with the user_cas-Backend 123 | * Fixes Nextcloud detection algorithm, it does not depend on a user-editable string anymore 124 | 125 | 126 | Version 1.7.0 127 | ------------- 128 | 129 | * Adds OCC commands to create and update CAS users directly via command line 130 | * Adds user quota mapping input in Settings Panel - user quota overwrites group quotas 131 | * Adds a filter to disable multi-factor-authentication for internal IP addresses on ECAS instances 132 | * Raises the ECAS client-version to 2.1.3 133 | * Fixes postLogin signals signature 134 | 135 | 136 | Version 1.6.2 137 | ------------- 138 | * Changes default value of the autocreate option to "on" 139 | * Fixes postLogin signals signature 140 | 141 | 142 | Version 1.6.1 143 | ------------- 144 | * Fixes 5min logout bug on Nextcloud 145 | * Unifies log levels in LoggingService 146 | * Moves hook registration to a higher level to ensure working postLoginHook 147 | 148 | 149 | Version 1.6.0 150 | ------------- 151 | * Adds compatibility for ownCloud 10.1 and Nextcloud 15 152 | * Fixes app initialization to minimize incompatibilities with other apps 153 | * Removes hard app stopping when no phpCAS library is found 154 | * Updates jasig/phpcas to 1.3.6 155 | 156 | 157 | Version 1.5.6 158 | ------------- 159 | * Changes most of the INFO log writes to DEBUG 160 | 161 | 162 | Version 1.5.5 163 | ------------- 164 | * Adds Support for ownCloud 10.0.10 and Nextcloud 14.0.0 165 | 166 | 167 | Version 1.5.4 168 | ------------- 169 | * Fixes Nextcloud log flood bug 170 | * Fixes documentation links in info.xml 171 | * Fixes ownCloud/Nextcloud Session Token-Password bug 172 | * Fixes enforce authentication issues with Database Backend 173 | * Fixes enforce authentication issues with public gallery interface 174 | 175 | 176 | * Adds support for ownCloud until version 10.0.9 and Nextcloud until version 13.0.6 177 | * Adds documentation for basic installation via release archive 178 | 179 | 180 | * Removes hardcoded PHP version requirements 181 | 182 | 183 | Version 1.5.3 184 | ------------- 185 | * Hotfixes the IP address range separator in the exclude specific IPs field and changes it from "/" to "-" 186 | * Fixes ownCloud 10.0.8 bug and raises compatibility to 10.0.8 187 | 188 | Version 1.5.2 189 | ------------- 190 | * Add settings field to exclude specific Ips and/or IP-ranges from force login 191 | * Nextcloud: Move settings panel to section "Security" (was in "Additional" before) 192 | * Remove the signature from repo (if you need a signed version, please use one of the release packages or download from ownCloud Market/Nextcloud AppStore) 193 | 194 | Version 1.5.1 195 | ------------- 196 | * Hotfixes wrong links in 403 error page if enforce authentication was on 197 | * Hotfixes wrong translation in 403 error page for ECAS instances 198 | * Removes return type hints not compatible with PHP 5.6 199 | * Adds functionality to provide more than one mapping field to ownCloud userdata fields (e.g. DisplayName can now be concatenated by a firstname and a lastname CAS-field) 200 | 201 | Version 1.5.0 202 | ------------- 203 | * Drop ownCloud 9 support 204 | * Major source code optimizations, fix several errors associated with redirection after login 205 | * Add ECAS support 206 | * Add authorization feature via groups 207 | * Add error views for when not authorized or when the CAS-Client throws errors 208 | * Support for ownCloud oauth2 App, it’s now possible to authenticate a desktop or mobile phone client with CAS via oauth2 provider 209 | 210 | Version 1.4.9 211 | ------------- 212 | * Hotfixes the autocreate bug, mentioned in Issue [#13](https://github.com/felixrupp/user_cas/issues/13). 213 | 214 | Version 1.4.8 215 | ------------- 216 | * Hotfixes the current 1.4 version to fix a major bug preventing the OCS-Api to work, while the user_cas app is installed and enabled. 217 | 218 | Version 1.4.7 219 | ------------- 220 | * Hotfixes the min version and **lowers it to 9.1.6** 221 | 222 | Version 1.4.6 223 | ------------- 224 | * Hotfix for app initialization 225 | 226 | Version 1.4.5 227 | ------------- 228 | * Fix for autocreate bug 229 | * Re-add phpcas path to use custom phpcas library, if wanted 230 | * Remove GIT submodule for jasig phpcas 231 | * Add composer dependencies instead 232 | * **Raise minimum Owncloud Version to 10.0** 233 | 234 | Version 1.4.2, 1.4.3, 1.4.4 235 | --------------------------- 236 | * Hotfixes for logging 237 | 238 | Version 1.4.1 239 | ------------- 240 | * Hotfix for group and protected group handling 241 | 242 | Version 1.4.0 243 | ------------- 244 | * Completely rewritten in object oriented code, based on Owncloud 9.1 app programming guidelines 245 | 246 | Version 0.1.1 247 | ------------- 248 | * Added CSRF protection on setting form 249 | * Use openssl_random_pseudo_bytes instead of mt_rand (if available) 250 | 251 | Version 0.1 252 | ------------- 253 | * Initial plugin 254 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | ## Submitting issues 2 | 3 | If you have questions about how to install or use ownCloud, please direct these to the [mailing list][mailinglist], the [forum][forum] or the [IRC Chat][irc]. 4 | 5 | ### Guidelines 6 | * Please search the existing issues first, it's likely that your issue was already reported or even fixed. 7 | - Go to one of the repositories, click "issues" and type any word in the top search/command bar. 8 | - You can also filter by appending e. g. "state:open" to the search string. 9 | - More info on [search syntax within github](https://help.github.com/articles/searching-issues) 10 | * This repository ([user_cas](https://github.com/felixrupp/user_cas/issues)) is *only* for issues within the ownCloud user_cas code. 11 | * __SECURITY__: Report any potential security bug to security@owncloud.com following our [security policy](https://owncloud.org/security/) instead of filing an issue in our bug tracker 12 | * Report the issue using our template, it includes all the information we need to track down the issue. 13 | 14 | Help us to maximize the effort we can spend fixing issues and adding new features, by not reporting duplicate issues. 15 | 16 | [mailinglist]: https://mailman.owncloud.org/mailman/listinfo/owncloud 17 | [forum]: https://central.owncloud.org 18 | [irc]: https://webchat.freenode.net/?channels=owncloud&uio=d4 19 | 20 | ### Contribute Code and translations 21 | Please check [core's contribution guidelines](https://github.com/owncloud/core/blob/master/CONTRIBUTING.md) for further information about contributing code and translations. 22 | -------------------------------------------------------------------------------- /appinfo/app.php: -------------------------------------------------------------------------------- 1 | 7 | * @copyright Felix Rupp 8 | * 9 | * This library is free software; you can redistribute it and/or 10 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 11 | * License as published by the Free Software Foundation; either 12 | * version 3 of the License, or any later version. 13 | * 14 | * This library is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public 20 | * License along with this library. If not, see . 21 | */ 22 | 23 | use OCA\UserCAS\AppInfo\Application; 24 | use OCA\UserCAS\Service\AppService; 25 | use OCA\UserCAS\Service\LoggingService; 26 | use OCA\UserCAS\Service\UserService; 27 | 28 | /** @var Application $app */ 29 | $app = new Application(); 30 | $c = $app->getContainer(); 31 | 32 | $requestUri = (isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''); 33 | 34 | if (\OCP\App::isEnabled($c->getAppName()) && !\OC::$CLI) { 35 | 36 | /** @var UserService $userService */ 37 | $userService = $c->query('UserService'); 38 | 39 | /** @var AppService $appService */ 40 | $appService = $c->query('AppService'); 41 | 42 | # Check for valid setup, only enable app if we have at least a CAS host, port and path 43 | if ($appService->isSetupValid()) { 44 | 45 | // Register User Backend 46 | $userService->registerBackend($c->query('Backend')); 47 | 48 | $loginScreen = (strpos($requestUri, '/login') !== FALSE && strpos($requestUri, '/apps/user_cas/login') === FALSE); 49 | $publicShare = (strpos($requestUri, '/index.php/s/') !== FALSE && $appService->arePublicSharesProtected()); 50 | 51 | if ($requestUri === '/' || $loginScreen || $publicShare) { 52 | 53 | if ($_SERVER['REQUEST_METHOD'] !== 'POST') { // POST is used for single logout requests 54 | 55 | // Register UserHooks 56 | $c->query('UserHooks')->register(); 57 | 58 | // URL params and redirect_url cookie 59 | setcookie("user_cas_enforce_authentication", "0", null, '/'); 60 | $urlParams = ''; 61 | 62 | if (isset($_REQUEST['redirect_url'])) { 63 | 64 | $urlParams = $_REQUEST['redirect_url']; 65 | // Save the redirect_rul to a cookie 66 | $cookie = setcookie("user_cas_redirect_url", "$urlParams", null, '/'); 67 | }/* 68 | else { 69 | 70 | setcookie("user_cas_redirect_url", '/', null, '/'); 71 | }*/ 72 | 73 | // Register alternative LogIn 74 | $appService->registerLogIn(); 75 | 76 | /** @var boolean $isEnforced */ 77 | $isEnforced = $appService->isEnforceAuthentication($_SERVER['REMOTE_ADDR'], $requestUri); 78 | 79 | // Check if public share, if yes, enforce regardless the enforce-flag 80 | if($publicShare) { 81 | $isEnforced = true; 82 | } 83 | 84 | // Check for enforced authentication 85 | if ($isEnforced && (!isset($_COOKIE['user_cas_enforce_authentication']) || (isset($_COOKIE['user_cas_enforce_authentication']) && $_COOKIE['user_cas_enforce_authentication'] === '0'))) { 86 | 87 | /** @var LoggingService $loggingService */ 88 | $loggingService = $c->query("LoggingService"); 89 | 90 | $loggingService->write(LoggingService::DEBUG, 'Enforce Authentication was: ' . $isEnforced); 91 | setcookie("user_cas_enforce_authentication", '1', null, '/'); 92 | 93 | // Initialize app 94 | if (!$appService->isCasInitialized()) { 95 | 96 | try { 97 | 98 | $appService->init(); 99 | 100 | //if (!\phpCAS::isAuthenticated()) { 101 | 102 | $loggingService->write(LoggingService::DEBUG, 'Enforce Authentication was on and phpCAS is not authenticated. Redirecting to CAS Server.'); 103 | 104 | $cookie = setcookie("user_cas_redirect_url", urlencode($requestUri), null, '/'); 105 | 106 | header("Location: " . $appService->linkToRouteAbsolute($c->getAppName() . '.authentication.casLogin')); 107 | die(); 108 | //} 109 | 110 | } catch (\OCA\UserCAS\Exception\PhpCas\PhpUserCasLibraryNotFoundException $e) { 111 | 112 | $loggingService->write(LoggingService::ERROR, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 113 | } 114 | } 115 | } 116 | } 117 | } else { 118 | 119 | # Filter DAV requests 120 | if(strpos($requestUri, '/remote.php') === FALSE && strpos($requestUri, '/webdav') === FALSE && strpos($requestUri, '/dav') === FALSE) { 121 | // Register UserHooks 122 | $c->query('UserHooks')->register(); 123 | } 124 | } 125 | } else { 126 | 127 | $appService->unregisterLogIn(); 128 | } 129 | } -------------------------------------------------------------------------------- /appinfo/info.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | user_cas 4 | CAS user and group backend 5 | This app provides in-depth features to authenticate and authorize users against a [jasig/apereo Central Authentication Server (CAS)](https://www.apereo.org/projects/cas). The app provides all necessary options needed to connect to your CAS instance and also advanced features to manage the groups accessible by your CAS infrastructure to implement an authorization feature. This version supports ECAS instances used by the European Commission. Additionally this version supports ActiveDirectory (LDAP) import via commandline. Commercial support for user_cas is available through ownCloud GmbH and myself personally. 6 | Authenticate users against an jasig/apereo CAS Server (https://github.com/apereo/cas) 7 | AGPL 8 | https://raw.githubusercontent.com/felixrupp/user_cas/master/.github/SCREENSHOTS/splashscreen.png 9 | Felix Rupp 10 | UserCAS 11 | 1.10.0 12 | 13 | 14 | 15 | 16 | 17 | security 18 | 19 | https://github.com/felixrupp/user_cas 20 | 21 | 22 | https://github.com/felixrupp/user_cas/blob/master/README.md 23 | https://github.com/felixrupp/user_cas/blob/master/README.md 24 | https://github.com/felixrupp/user_cas/blob/master/README.md 25 | 26 | 27 | https://github.com/felixrupp/user_cas/issues 28 | 29 | https://github.com/felixrupp/user_cas.git 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | OCA\UserCAS\Command\CreateUser 38 | OCA\UserCAS\Command\UpdateUser 39 | OCA\UserCAS\Command\ImportUsersAd 40 | 41 | 42 | 43 | OCA\UserCAS\Panels\Admin 44 | 45 | 46 | -------------------------------------------------------------------------------- /appinfo/routes.php: -------------------------------------------------------------------------------- 1 | 7 | * @copyright Felix Rupp 8 | * 9 | * This library is free software; you can redistribute it and/or 10 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 11 | * License as published by the Free Software Foundation; either 12 | * version 3 of the License, or any later version. 13 | * 14 | * This library is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public 20 | * License along with this library. If not, see . 21 | * 22 | */ 23 | 24 | namespace OCA\UserCAS\AppInfo; 25 | 26 | /** @var \OCA\UserCAS\AppInfo\Application $application */ 27 | $application = new \OCA\UserCAS\AppInfo\Application(); 28 | $application->registerRoutes($this, array( 29 | 'routes' => [ 30 | array('name' => 'settings#saveSettings', 'url' => '/settings/save', 'verb' => 'POST'), 31 | array('name' => 'authentication#casLogin', 'url' => '/login', 'verb' => 'GET'), 32 | array('name' => 'authentication#casLogout', 'url' => '/login', 'verb' => 'POST') 33 | ] 34 | )); -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "felixrupp/user_cas", 3 | "description": "This is the package for Ownclouds 3rd Party App user_cas", 4 | "minimum-stability": "stable", 5 | "license": "AGPL-3.0-or-later", 6 | "authors": [ 7 | { 8 | "name": "Felix Rupp", 9 | "email": "kontakt@felixrupp.com" 10 | } 11 | ], 12 | "require": { 13 | "jasig/phpcas": "^1.5.0", 14 | "ec-europa/ecas-phpcas-parser": "^0.3", 15 | "php": "^7.3", 16 | "ext-json": "*" 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /composer.lock: -------------------------------------------------------------------------------- 1 | { 2 | "_readme": [ 3 | "This file locks the dependencies of your project to a known state", 4 | "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", 5 | "This file is @generated automatically" 6 | ], 7 | "content-hash": "235842ee68d7ffe987ec8fe5ff6a0efd", 8 | "packages": [ 9 | { 10 | "name": "ec-europa/ecas-phpcas-parser", 11 | "version": "0.3", 12 | "source": { 13 | "type": "git", 14 | "url": "https://github.com/ec-europa/ecas-phpcas-parser.git", 15 | "reference": "1ecfb9a80ab0832580d9dbbdc38632d720659057" 16 | }, 17 | "dist": { 18 | "type": "zip", 19 | "url": "https://api.github.com/repos/ec-europa/ecas-phpcas-parser/zipball/1ecfb9a80ab0832580d9dbbdc38632d720659057", 20 | "reference": "1ecfb9a80ab0832580d9dbbdc38632d720659057", 21 | "shasum": "" 22 | }, 23 | "require": { 24 | "jasig/phpcas": ">=1.3.5 <2.0" 25 | }, 26 | "type": "library", 27 | "autoload": { 28 | "psr-4": { 29 | "EcasPhpCASParser\\": "src" 30 | } 31 | }, 32 | "notification-url": "https://packagist.org/downloads/", 33 | "license": [ 34 | "EUPL" 35 | ], 36 | "authors": [ 37 | { 38 | "name": "Gregory Boddin", 39 | "email": "gregory@siwhine.net" 40 | } 41 | ], 42 | "description": "phpCAS attribute parser for ECAS", 43 | "support": { 44 | "issues": "https://github.com/ec-europa/ecas-phpcas-parser/issues", 45 | "source": "https://github.com/ec-europa/ecas-phpcas-parser/tree/0.3" 46 | }, 47 | "abandoned": true, 48 | "time": "2017-04-14T09:26:19+00:00" 49 | }, 50 | { 51 | "name": "jasig/phpcas", 52 | "version": "1.5.0", 53 | "source": { 54 | "type": "git", 55 | "url": "https://github.com/apereo/phpCAS.git", 56 | "reference": "d6f5797fb568726f34c8e48741776d81e4a2646b" 57 | }, 58 | "dist": { 59 | "type": "zip", 60 | "url": "https://api.github.com/repos/apereo/phpCAS/zipball/d6f5797fb568726f34c8e48741776d81e4a2646b", 61 | "reference": "d6f5797fb568726f34c8e48741776d81e4a2646b", 62 | "shasum": "" 63 | }, 64 | "require": { 65 | "ext-curl": "*", 66 | "ext-dom": "*", 67 | "php": ">=7.1.0", 68 | "psr/log": "^1.0 || ^2.0 || ^3.0" 69 | }, 70 | "require-dev": { 71 | "monolog/monolog": "^1.0.0 || ^2.0.0", 72 | "phpstan/phpstan": "^1.5", 73 | "phpunit/phpunit": ">=7.5" 74 | }, 75 | "type": "library", 76 | "extra": { 77 | "branch-alias": { 78 | "dev-master": "1.3.x-dev" 79 | } 80 | }, 81 | "autoload": { 82 | "classmap": [ 83 | "source/" 84 | ] 85 | }, 86 | "notification-url": "https://packagist.org/downloads/", 87 | "license": [ 88 | "Apache-2.0" 89 | ], 90 | "authors": [ 91 | { 92 | "name": "Joachim Fritschi", 93 | "email": "jfritschi@freenet.de", 94 | "homepage": "https://github.com/jfritschi" 95 | }, 96 | { 97 | "name": "Adam Franco", 98 | "homepage": "https://github.com/adamfranco" 99 | }, 100 | { 101 | "name": "Henry Pan", 102 | "homepage": "https://github.com/phy25" 103 | } 104 | ], 105 | "description": "Provides a simple API for authenticating users against a CAS server", 106 | "homepage": "https://wiki.jasig.org/display/CASC/phpCAS", 107 | "keywords": [ 108 | "apereo", 109 | "cas", 110 | "jasig" 111 | ], 112 | "support": { 113 | "issues": "https://github.com/apereo/phpCAS/issues", 114 | "source": "https://github.com/apereo/phpCAS/tree/1.5.0" 115 | }, 116 | "time": "2022-05-03T21:12:54+00:00" 117 | }, 118 | { 119 | "name": "psr/log", 120 | "version": "1.1.4", 121 | "source": { 122 | "type": "git", 123 | "url": "https://github.com/php-fig/log.git", 124 | "reference": "d49695b909c3b7628b6289db5479a1c204601f11" 125 | }, 126 | "dist": { 127 | "type": "zip", 128 | "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11", 129 | "reference": "d49695b909c3b7628b6289db5479a1c204601f11", 130 | "shasum": "" 131 | }, 132 | "require": { 133 | "php": ">=5.3.0" 134 | }, 135 | "type": "library", 136 | "extra": { 137 | "branch-alias": { 138 | "dev-master": "1.1.x-dev" 139 | } 140 | }, 141 | "autoload": { 142 | "psr-4": { 143 | "Psr\\Log\\": "Psr/Log/" 144 | } 145 | }, 146 | "notification-url": "https://packagist.org/downloads/", 147 | "license": [ 148 | "MIT" 149 | ], 150 | "authors": [ 151 | { 152 | "name": "PHP-FIG", 153 | "homepage": "https://www.php-fig.org/" 154 | } 155 | ], 156 | "description": "Common interface for logging libraries", 157 | "homepage": "https://github.com/php-fig/log", 158 | "keywords": [ 159 | "log", 160 | "psr", 161 | "psr-3" 162 | ], 163 | "support": { 164 | "source": "https://github.com/php-fig/log/tree/1.1.4" 165 | }, 166 | "time": "2021-05-03T11:20:27+00:00" 167 | } 168 | ], 169 | "packages-dev": [], 170 | "aliases": [], 171 | "minimum-stability": "stable", 172 | "stability-flags": [], 173 | "prefer-stable": false, 174 | "prefer-lowest": false, 175 | "platform": { 176 | "php": "^7.3", 177 | "ext-json": "*" 178 | }, 179 | "platform-dev": [], 180 | "plugin-api-version": "2.0.0" 181 | } 182 | -------------------------------------------------------------------------------- /css/casError.css: -------------------------------------------------------------------------------- 1 | .casError{text-align:center!important} -------------------------------------------------------------------------------- /css/casError.dev.css: -------------------------------------------------------------------------------- 1 | .casError { 2 | text-align: center !important; 3 | } -------------------------------------------------------------------------------- /css/settings.css: -------------------------------------------------------------------------------- 1 | #casSettings fieldset{border-bottom:1px solid #ddd;border-left:1px solid #ddd;border-right:1px solid #ddd;margin-bottom:10px}#casSettings input[type=text]{width:15em;margin-left:3px}#casSettings label{display:inline-block;width:31em}#casSettings label.no-indent{width:auto}#casSettings label.checkbox{display:inline;width:auto}#casSettings .csh{font-size:90%} -------------------------------------------------------------------------------- /css/settings.dev.css: -------------------------------------------------------------------------------- 1 | #casSettings fieldset { 2 | border-bottom: 1px solid #DDD; 3 | border-left: 1px solid #DDD; 4 | border-right: 1px solid #DDD; 5 | margin-bottom: 10px; 6 | } 7 | 8 | #casSettings input[type="text"] { 9 | width: 15em; 10 | margin-left: 3px; 11 | } 12 | 13 | #casSettings label { 14 | display: inline-block; 15 | width: 31em; 16 | } 17 | 18 | #casSettings label.no-indent { 19 | width: auto; 20 | } 21 | 22 | #casSettings label.checkbox { 23 | display: inline; 24 | width: auto; 25 | } 26 | 27 | #casSettings .csh { 28 | font-size: 90%; 29 | } -------------------------------------------------------------------------------- /img/app.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /img/cas-logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/felixrupp/user_cas/7117d50f55dc23b10308aa9bf692d4603ca6000e/img/cas-logo.png -------------------------------------------------------------------------------- /js/settings.dev.js: -------------------------------------------------------------------------------- 1 | $(document).ready(function () { 2 | 3 | $('#user_cas #casSettings').tabs(); 4 | 5 | // Force Login and Disable Logout 6 | $("#user_cas #cas_force_login").on('change', function (event) { 7 | 8 | if ($(this).is(':checked')) { 9 | 10 | $("#user_cas #cas_disable_logout").attr("disabled", true); 11 | $("#user_cas #cas_disable_logout").prop('checked', false); 12 | 13 | $("#user_cas #cas_force_login_exceptions").attr("disabled", false); 14 | } else { 15 | 16 | $("#user_cas #cas_disable_logout").attr("disabled", false); 17 | $("#user_cas #cas_force_login_exceptions").attr("disabled", true); 18 | } 19 | }); 20 | 21 | // LogoutServers and Disable SSO 22 | $("#user_cas #cas_disable_singlesignout").on('change', function (event) { 23 | 24 | if ($(this).is(':checked')) { 25 | 26 | $("#user_cas #cas_handlelogout_servers").attr("disabled", true); 27 | } else { 28 | 29 | $("#user_cas #cas_handlelogout_servers").attr("disabled", false); 30 | } 31 | }); 32 | 33 | $("#user_cas #casSettingsSubmit").on('click', function (event) { 34 | 35 | event.preventDefault(); 36 | 37 | //console.log("Submit button clicked."); 38 | 39 | var postData = $('#user_cas').serialize(); 40 | var method = $('#user_cas').attr('method'); 41 | var url = OC.generateUrl('/apps/user_cas/settings/save'); 42 | 43 | $.ajax({ 44 | method: method, 45 | url: url, 46 | data: postData, 47 | success: function (data) { 48 | 49 | var notification = OC.Notification.show(data.message); 50 | 51 | setTimeout(function () { 52 | OC.Notification.hide(notification); 53 | }, 5000); 54 | 55 | }, 56 | error: function (data) { 57 | 58 | var notification = OC.Notification.show(data.message); 59 | 60 | setTimeout(function () { 61 | OC.Notification.hide(notification); 62 | }, 5000); 63 | } 64 | }); 65 | }); 66 | 67 | 68 | $('input[type=range]').on('input', function () { 69 | $(this).trigger('change'); 70 | }); 71 | 72 | $('#cas_import_ad_sync_pagesize').on ('change', function() { 73 | 74 | console.log($(this).val()); 75 | $("#cas_import_ad_sync_pagesize_value").val($(this).val()); 76 | }); 77 | 78 | $('#cas_import_ad_sync_pagesize_value').on('keyup', function() { 79 | 80 | console.log($(this).val()); 81 | $("#cas_import_ad_sync_pagesize").val($(this).val()); 82 | }); 83 | }); -------------------------------------------------------------------------------- /js/settings.js: -------------------------------------------------------------------------------- 1 | $(document).ready(function(){$("#user_cas #casSettings").tabs();$("#user_cas #cas_force_login").on("change",function(event){if($(this).is(":checked")){$("#user_cas #cas_disable_logout").attr("disabled",true);$("#user_cas #cas_disable_logout").prop("checked",false);$("#user_cas #cas_force_login_exceptions").attr("disabled",false);}else{$("#user_cas #cas_disable_logout").attr("disabled",false);$("#user_cas #cas_force_login_exceptions").attr("disabled",true);}});$("#user_cas #cas_disable_singlesignout").on("change",function(event){if($(this).is(":checked")){$("#user_cas #cas_handlelogout_servers").attr("disabled",true);}else{$("#user_cas #cas_handlelogout_servers").attr("disabled",false);}});$("#user_cas #casSettingsSubmit").on("click",function(event){event.preventDefault();var postData=$("#user_cas").serialize();var method=$("#user_cas").attr("method");var url=OC.generateUrl("/apps/user_cas/settings/save");$.ajax({method:method,url:url,data:postData,success:function(data){var notification=OC.Notification.show(data.message);setTimeout(function(){OC.Notification.hide(notification);},5000);},error:function(data){var notification=OC.Notification.show(data.message);setTimeout(function(){OC.Notification.hide(notification);},5000);}});});$("input[type=range]").on("input",function(){$(this).trigger("change");});$("#cas_import_ad_sync_pagesize").on("change",function(){console.log($(this).val());$("#cas_import_ad_sync_pagesize_value").val($(this).val());});$("#cas_import_ad_sync_pagesize_value").on("keyup",function(){console.log($(this).val());$("#cas_import_ad_sync_pagesize").val($(this).val());});}); -------------------------------------------------------------------------------- /l10n/de.js: -------------------------------------------------------------------------------- 1 | OC.L10N.register( 2 | "user_cas", 3 | { 4 | "CAS Authentication backend": "CAS Authentifizierungsbackend", 5 | "CAS Server": "CAS Server", 6 | "Basic": "Grundeinstellungen", 7 | "Mapping": "Zuordnungen", 8 | "phpCAS Library": "phpCAS Bibliothek", 9 | "CAS Server Version": "CAS Server Version", 10 | "CAS Server Hostname": "CAS Server Hostname", 11 | "CAS Server Port": "CAS Server Port", 12 | "CAS Server Path": "CAS Server Pfad", 13 | "Service URL": "Dienst URL", 14 | "Certification file path (.crt).": "Pfad zur Zertifikatsdatei (.crt).", 15 | "Leave empty if you don’t want to validate your CAS server instance": "Nicht ausfüllen, wenn Sie ihren CAS-Server nicht validieren möchten", 16 | "Use CAS proxy initialization": "CAS Proxy Initialisierung verwenden", 17 | "Force user login using CAS?": "CAS Login erzwingen?", 18 | "Don’t use force login on these client-IPs": "Login bei diesen Client-IPs nicht erzwingen", 19 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to login if \"Force user login\" is enabled (e.g. 192.168.1.1-254,192.168.2.5)": "Kommagetrennte Liste an Client-IP-Adressen (oder Adressräumen), die nicht zum Login gezwungen werden, wenn \"CAS Login erzwingen\" aktiviert ist (z.B: 192.168.1.1-254,192.168.2.5)", 20 | "Disable CAS logout (do not logout CAS-session, only instance-session)": "CAS Logout deaktivieren (nicht die CAS-Session, sondern nur die Instanz-Session ausloggen)", 21 | "Disable CAS SingleSignout (do not logout instance-session if CAS-server sends SSO-Request)": "CAS SingleSignout deaktivieren (nicht die Instanz-Session ausloggen, wenn der CAS-Server einen SSO-Request sendet)", 22 | "SingleSignout Servers": "Logout Server", 23 | "Comma separated list of servers which can send SingleSignout requests (leave empty if you do not have to restrict SingleSignout to defined servers)": "Kommagetrennte Liste an Servern, die SingleSingout-Requests an ihren CAS-Server senden dürfen (Nicht ausfüllen, wenn Sie SingleSignouts nicht beschränken/erlauben müssen)", 24 | "Autocreate user after first CAS login?": "Benutzer nach erstem CAS Login automatisch erstellen?", 25 | "Keep CAS-ticket-ids in URL?": "CAS-Ticket-IDs nicht aus der URL entfernen", 26 | "Beware: Potential security risk! Only activate, if you know what you are doing.": "Achtung: Potentielles Sicherheitsrisiko! Nur aktivieren, wenn Sie wissen, was Sie tun.", 27 | "Overwrite Login Button Label": "Login Button Label überschreiben", 28 | "Protect \"public share\" links with CAS": "Öffentliche Teilen-Links mit CAS schützen", 29 | "Link CAS authentication with LDAP users and groups backend": "CAS Authentifizierung mit LDAP Backend verknüpfen", 30 | "Update user data after each CAS login?": "Benutzerdaten nach jedem CAS Login aktualisieren?", 31 | "Locked Groups": "Geschützte Gruppen", 32 | "Groups that will not be unlinked from the user when sync the CAS server and the owncloud": "Gruppen, die beim Synchronisieren mit dem CAS Server nicht vom ownCloud Benutzer entfernt werden", 33 | "Multivalued field, use comma to separate values": "Mehrzeiliges Feld, nutzen Sie komma separierte Werte", 34 | "Default Group": "Standardgruppe", 35 | "Default group when autocreating users and no group data was found for the user": "Standardgruppe, die beim automatischen Neuerstellen von ownCloud Benutzern vergeben wird", 36 | "Authorized CAS Groups": "Authorisierte CAS Gruppen", 37 | "Users in the following groups will be able to log into ownCloud, users not in one of the groups will be logged out immediately": "Benutzer in den folgenden Gruppen können sich in ownCloud anmelden, Benutzer, die nicht in einer der Gruppen sind, werden sofort ausgeloggt", 38 | "Group Quotas": "Gruppenquotas", 39 | "Use ECAS Attribute Parser?": "ECAS Attribute Parser verwenden?", 40 | "Request full user details?": "Vollständige Benutzerdetails anfordern?", 41 | "ECAS Strength": "ECAS Strength", 42 | "Not set": "Nicht gesetzt", 43 | "ECAS AssuranceLevel": "ECAS AssuranceLevel", 44 | "Query ECAS groups": "Gruppen in ECAS-Abfrage", 45 | "Note down all groups which you want to receive from your ECAS instance, * returns all groups": "Setzen Sie alle Gruppen, die Sie von Ihrer ECAS-Instanz zurück erhalten möchten, * gibt alle Gruppen zurück", 46 | "Don’t use Multi-Factor-Authentication on these client-IPs": "Multi-Faktor-Authentifizierung bei diesen Client-IPs deaktivieren", 47 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to use Multi-Factor-Authentication if \"ECAS AssuranceLevel\" is at least MEDIUM (e.g. 192.168.1.1-254,192.168.2.5)": "Kommagetrennte Liste an Client-IP-Adressen (oder Adressräumen), die nicht zur Multi-Faktor-Authentifizierung gezwungen werden, wenn der \"ECAS AssuranceLevel\" mindestens MEDIUM ist (z.B: 192.168.1.1-254,192.168.2.5)", 48 | "User-ID": "Benutzername", 49 | "Only map this attribute, if you want one specific CAS attribute as your user’s id. If left blank, the default CAS user-id is used.": "Verwenden Sie das Attribut nur, wenn Sie ein spezifisches CAS-Attribut als Benutzername verwenden wollen. Lassen Sie das Attribut leer, um den Standard CAS Benutzernamen zu verwenden.", 50 | "Email": "E-Mail", 51 | "Display Name": "Anzeigename", 52 | "Groups": "Gruppen", 53 | "Group Name: JSON Decode": "Gruppen Name: JSON-Decode aktivieren", 54 | "Overwrite phpCAS path (CAS.php file)": "phpCAS Pfad überschreiben (CAS.php Datei)", 55 | "Optional: Overwrite phpCAS path (CAS.php file) if you want to use your own version. Leave blank to use the shipped version.": "Optional: Überschreiben Sie den phpCAS Pfad (CAS.php Datei), wenn Sie eine eigene Version verwenden möchten. Nicht ausfüllen, wenn Sie die Standardversion verwenden möchten", 56 | "PHP CAS debug file": "PHP CAS debug Datei", 57 | "Save": "Speichern", 58 | "Your CAS settings have been updated.": "Ihre CAS Einstellungen wurden gespeichert.", 59 | "Your CAS settings could not be updated. Please try again.": "Ihre CAS Einstellungen konnten nicht gespeichert werden. Bitte versuchen Sie es erneut.", 60 | "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you.": "Verboten. Sie haben keinen Zugriff auf diese Anwendung. Bitte wenden Sie sich an Ihren Administrator, wenn Sie denken, dass etwas nicht stimmt.", 61 | "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you.": "Sie haben keinen Zugriff auf diese JRCbox Anwendung. Bitte wenden Sie sich an den JRCbox Administrator, wenn Sie denken, dass etwas nicht stimmt.", 62 | "Internal Server Error. The server encountered an error. Please try again.": "Interner Serverfehler. Die Serveranfrage war fehlerhaft, bitte versuchen Sie es erneut.", 63 | "Go back to the login page": "Zurück zur Startseite", 64 | 65 | "Import CLI": "Import CLI", 66 | "ActiveDirectory (LDAP)": "ActiveDirectory (LDAP)", 67 | "LDAP Host": "LDAP Host", 68 | "LDAP User and Domain": "LDAP Benutzer und Domain", 69 | "LDAP User Password": "LDAP Benutzerpasswort", 70 | "LDAP Base DN": "LDAP Basis DN", 71 | "LDAP Sync Filter": "LDAP Sync Filter", 72 | "LDAP Sync Pagesize (1–1500)": "LDAP Sync Seitengröße (1–1500)", 73 | "CLI Attribute Mapping": "CLI Attributzuordnung", 74 | "UID/Username": "UID/Benutzername", 75 | "Group Name Field": "Gruppen Namensfeld", 76 | "Group Name Filter": "Gruppen Namensfeld Filter", 77 | "Attention: You must use PHP (PCRE) Regex syntax for the filter.": "Achtung: Sie müssen die PHP (PCRE) Regex Syntax für diesen Filter einhalten.", 78 | "Group Name: Replace Umlauts": "Gruppen Name: Ersetze Umlaute", 79 | "Enable": "Aktivierung", 80 | "Calculate Enable Attribute Bitwise AND with": "Berechne die Nutzer-Aktivierung 'Bitwise AND' mit", 81 | "Merge Accounts": "Accounts zusammenführen", 82 | "Prefer Enabled over Disabled Accounts on Merge": "Aktivierte Accounts beim Zusammenführen bevorzugen", 83 | "Merge Two Active Accounts by": "Zwei aktivierte Accounts zusammenfügen mit Hilfe vom Attribut", 84 | "Merge Two Active Accounts by: Filterstring": "Filterstring für das Zusammenfügen zweier aktivierter Accounts" 85 | }, 86 | "nplurals=2; plural=(n != 1);"); 87 | -------------------------------------------------------------------------------- /l10n/de.json: -------------------------------------------------------------------------------- 1 | { 2 | "translations": { 3 | "CAS Authentication backend": "CAS Authentifizierungsbackend", 4 | "CAS Server": "CAS Server", 5 | "Basic": "Grundeinstellungen", 6 | "Mapping": "Zuordnungen", 7 | "phpCAS Library": "phpCAS Bibliothek", 8 | "CAS Server Version": "CAS Server Version", 9 | "CAS Server Hostname": "CAS Server Hostname", 10 | "CAS Server Port": "CAS Server Port", 11 | "CAS Server Path": "CAS Server Pfad", 12 | "Service URL": "Dienst URL", 13 | "Certification file path (.crt).": "Pfad zur Zertifikatsdatei (.crt).", 14 | "Leave empty if you don’t want to validate your CAS server instance": "Nicht ausfüllen, wenn Sie ihren CAS-Server nicht validieren möchten", 15 | "Use CAS proxy initialization": "CAS Proxy Initialisierung verwenden", 16 | "Force user login using CAS?": "CAS Login erzwingen?", 17 | "Disable CAS logout (do not logout CAS-session, only instance-session)": "CAS Logout deaktivieren (nicht die CAS-Session, sondern nur die Instanz-Session ausloggen)", 18 | "Disable CAS SingleSignout (do not logout instance-session if CAS-server sends SSO-Request)": "CAS SingleSignout deaktivieren (nicht die Instanz-Session ausloggen, wenn der CAS-Server einen SSO-Request sendet)", 19 | "Don’t use force login on these client-IPs": "Login bei diesen Client-IPs nicht erzwingen", 20 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to login if \"Force user login\" is enabled (e.g. 192.168.1.1-254,192.168.2.5)": "Kommagetrennte Liste an Client-IP-Adressen (oder Adressräumen), die nicht zum Login gezwungen werden, wenn \"CAS Login erzwingen\" aktiviert ist (z.B: 192.168.1.1-254,192.168.2.5)", 21 | "SingleSignout Servers": "Logout Server", 22 | "Comma separated list of servers which can send SingleSignout requests (leave empty if you do not have to restrict SingleSignout to defined servers)": "Kommagetrennte Liste an Servern, die SingleSingout-Requests an ihren CAS-Server senden dürfen (Nicht ausfüllen, wenn Sie SingleSignouts nicht beschränken/erlauben müssen)", 23 | "Autocreate user after first CAS login?": "Benutzer nach erstem CAS Login automatisch erstellen?", 24 | "Keep CAS-ticket-ids in URL?": "CAS-Ticket-IDs nicht aus der URL entfernen", 25 | "Beware: Potential security risk! Only activate, if you know what you are doing.": "Achtung: Potentielles Sicherheitsrisiko! Nur aktivieren, wenn Sie wissen, was Sie tun.", 26 | "Overwrite Login Button Label": "Login Button Label überschreiben", 27 | "Protect \"public share\" links with CAS": "Öffentliche Teilen-Links mit CAS schützen", 28 | "Link CAS authentication with LDAP users and groups backend": "CAS Authentifizierung mit LDAP Backend verknüpfen", 29 | "Update user data after each CAS login?": "Benutzerdaten nach jedem CAS Login aktualisieren?", 30 | "Locked Groups": "Geschützte Gruppen", 31 | "Groups that will not be unlinked from the user when sync the CAS server and the owncloud": "Gruppen, die beim Synchronisieren mit dem CAS Server nicht vom ownCloud Benutzer entfernt werden", 32 | "Multivalued field, use comma to separate values": "Mehrzeiliges Feld, nutzen Sie komma separierte Werte", 33 | "Default Group": "Standardgruppe", 34 | "Default group when autocreating users and no group data was found for the user": "Standardgruppe, die beim automatischen Neuerstellen von ownCloud Benutzern vergeben wird", 35 | "Authorized CAS Groups": "Authorisierte CAS Gruppen", 36 | "Users in the following groups will be able to log into ownCloud, users not in one of the groups will be logged out immediately": "Benutzer in den folgenden Gruppen können sich in ownCloud anmelden, Benutzer, die nicht in einer der Gruppen sind, werden sofort ausgeloggt", 37 | "Group Quotas": "Gruppenquotas", 38 | "Use ECAS Attribute Parser?": "ECAS Attribute Parser verwenden?", 39 | "Request full user details?": "Vollständige Benutzerdetails anfordern?", 40 | "ECAS Strength": "ECAS Strength", 41 | "Not set": "Nicht gesetzt", 42 | "ECAS AssuranceLevel": "ECAS AssuranceLevel", 43 | "Query ECAS groups": "Gruppen in ECAS-Abfrage", 44 | "Note down all groups which you want to receive from your ECAS instance, * returns all groups": "Setzen Sie alle Gruppen, die Sie von Ihrer ECAS-Instanz zurück erhalten möchten, * gibt alle Gruppen zurück", 45 | "Don’t use Multi-Factor-Authentication on these client-IPs": "Multi-Faktor-Authentifizierung bei diesen Client-IPs deaktivieren", 46 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to use Multi-Factor-Authentication if \"ECAS AssuranceLevel\" is at least MEDIUM (e.g. 192.168.1.1-254,192.168.2.5)": "Kommagetrennte Liste an Client-IP-Adressen (oder Adressräumen), die nicht zur Multi-Faktor-Authentifizierung gezwungen werden, wenn der \"ECAS AssuranceLevel\" mindestens MEDIUM ist (z.B: 192.168.1.1-254,192.168.2.5)", 47 | "User-ID": "Benutzername", 48 | "Only map this attribute, if you want one specific CAS attribute as your user’s id. If left blank, the default CAS user-id is used.": "Verwenden Sie das Attribut nur, wenn Sie ein spezifisches CAS-Attribut als Benutzername verwenden wollen. Lassen Sie das Attribut leer, um den Standard CAS Benutzernamen zu verwenden.", 49 | "Email": "E-Mail", 50 | "Display Name": "Anzeigename", 51 | "Groups": "Gruppen", 52 | "Group Name: JSON Decode": "Gruppen Name: JSON-Decode aktivieren", 53 | "Overwrite phpCAS path (CAS.php file)": "phpCAS Pfad überschreiben (CAS.php Datei)", 54 | "Optional: Overwrite phpCAS path (CAS.php file) if you want to use your own version. Leave blank to use the shipped version.": "Optional: Überschreiben Sie den phpCAS Pfad (CAS.php Datei), wenn Sie eine eigene Version verwenden möchten. Nicht ausfüllen, wenn Sie die Standardversion verwenden möchten", 55 | "PHP CAS debug file": "PHP CAS debug Datei", 56 | "Save": "Speichern", 57 | "Your CAS settings have been updated.": "Ihre CAS Einstellungen wurden gespeichert.", 58 | "Your CAS settings could not be updated. Please try again.": "Ihre CAS Einstellungen konnten nicht gespeichert werden. Bitte versuchen Sie es erneut.", 59 | "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you.": "Verboten. Sie haben keinen Zugriff auf diese Anwendung. Bitte wenden Sie sich an Ihren Administrator, wenn Sie denken, dass etwas nicht stimmt.", 60 | "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you.": "Sie haben keinen Zugriff auf diese JRCbox Anwendung. Bitte wenden Sie sich an den JRCbox Administrator, wenn Sie denken, dass etwas nicht stimmt.", 61 | "Internal Server Error. The server encountered an error. Please try again.": "Interner Serverfehler. Die Serveranfrage war fehlerhaft, bitte versuchen Sie es erneut.", 62 | "Go back to the login page": "Zurück zur Startseite", 63 | "Import CLI": "Import CLI", 64 | "ActiveDirectory (LDAP)": "ActiveDirectory (LDAP)", 65 | "LDAP Host": "LDAP Host", 66 | "LDAP User and Domain": "LDAP Benutzer und Domain", 67 | "LDAP User Password": "LDAP Benutzerpasswort", 68 | "LDAP Base DN": "LDAP Basis DN", 69 | "LDAP Sync Filter": "LDAP Sync Filter", 70 | "LDAP Sync Pagesize (1–1500)": "LDAP Sync Seitengröße (1–1500)", 71 | "CLI Attribute Mapping": "CLI Attributzuordnung", 72 | "UID/Username": "UID/Benutzername", 73 | "Group Name Field": "Gruppen Namensfeld", 74 | "Group Name Filter": "Gruppen Namensfeld Filter", 75 | "Attention: You must use PHP (PCRE) Regex syntax for the filter.": "Achtung: Sie müssen die PHP (PCRE) Regex Syntax für diesen Filter einhalten.", 76 | "Group Name: Replace Umlauts": "Gruppen Name: Ersetze Umlaute", 77 | "Enable": "Aktivierung", 78 | "Calculate Enable Attribute Bitwise AND with": "Berechne die Nutzer-Aktivierung 'Bitwise AND' mit", 79 | "Merge Accounts": "Accounts zusammenführen", 80 | "Prefer Enabled over Disabled Accounts on Merge": "Aktivierte Accounts beim Zusammenführen bevorzugen", 81 | "Merge Two Active Accounts by": "Zwei aktivierte Accounts zusammenfügen mit Hilfe vom Attribut", 82 | "Merge Two Active Accounts by: Filterstring": "Filterstring für das Zusammenfügen zweier aktivierter Accounts" 83 | }, 84 | "pluralForm": "nplurals=2; plural=(n != 1);" 85 | } -------------------------------------------------------------------------------- /l10n/de/user_cas.po: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2017 Felix Rupp 2 | # This file is distributed under the same license as the user_cas package. 3 | # Felix Rupp , 2017. 4 | msgid "" 5 | msgstr "" 6 | "Project-Id-Version: ownCloud Core 8.0.0\n" 7 | "Report-Msgid-Bugs-To: translations@owncloud.org\n" 8 | "POT-Creation-Date: 2017-07-24 12:40+0000\n" 9 | "PO-Revision-Date: 2017-07-24 14:49+0200\n" 10 | "Last-Translator: Felix Rupp \n" 11 | "Language-Team: LANGUAGE \n" 12 | "Language: de\n" 13 | "MIME-Version: 1.0\n" 14 | "Content-Type: text/plain; charset=UTF-8\n" 15 | "Content-Transfer-Encoding: 8bit\n" 16 | "Plural-Forms: nplurals=2; plural=(n != 1);\n" 17 | "X-Generator: Virtaal 0.7.1\n" 18 | 19 | #: templates/admin.php:7 20 | msgid "CAS Authentication backend" 21 | msgstr "CAS Authentifizierungsbackend" 22 | 23 | #: templates/admin.php:11 24 | msgid "CAS Server" 25 | msgstr "CAS Server" 26 | 27 | #: templates/admin.php:12 28 | msgid "Basic" 29 | msgstr "Grundeinstellungen" 30 | 31 | #: templates/admin.php:13 32 | msgid "Mapping" 33 | msgstr "Zuordnungen" 34 | 35 | #: templates/admin.php:14 36 | msgid "phpCAS Library" 37 | msgstr "phpCAS Bibliothek" 38 | 39 | #: templates/admin.php:18 40 | msgid "CAS Server Version" 41 | msgstr "CAS Server Version" 42 | 43 | #: templates/admin.php:26 44 | msgid "CAS Server Hostname" 45 | msgstr "CAS Server Hostname" 46 | 47 | #: templates/admin.php:31 48 | msgid "CAS Server Port" 49 | msgstr "CAS Server Port" 50 | 51 | #: templates/admin.php:36 52 | msgid "CAS Server Path" 53 | msgstr "CAS Server Pfad" 54 | 55 | #: templates/admin.php:41 56 | msgid "Service URL" 57 | msgstr "Dienst URL" 58 | 59 | #: templates/admin.php:47 60 | msgid "Certification file path (.crt)." 61 | msgstr "Pfad zur Zertifikatsdatei (.crt)." 62 | 63 | #: templates/admin.php:47 64 | msgid "Leave empty if you don’t want to validate your CAS server instance" 65 | msgstr "Nicht ausfüllen, wenn Sie ihren CAS-Server nicht validieren möchten" 66 | 67 | #: templates/admin.php:52 68 | msgid "Use CAS proxy initialization" 69 | msgstr "CAS Proxy Initialisierung verwenden" 70 | 71 | #: templates/admin.php:54 72 | msgid "Force user login using CAS?" 73 | msgstr "CAS Login erzwingen?" 74 | 75 | #: templates/admin.php:58 76 | msgid "Don’t use force login on these client-IPs" 77 | msgstr "Login bei diesen Client-IPs nicht erzwingen" 78 | 79 | #: templates/admin.php:58 80 | msgid "Comma separated list of client IP addresses (or address ranges), which won’t be forced to login if \"Force user login\" is enabled (e.g. 192.168.1.1-254,192.168.2.5)" 81 | msgstr "Kommagetrennte Liste an Client-IP-Adressen (oder Adressräumen), die nicht zum Login gezwungen werden, wenn \"CAS Login erzwingen\" aktiviert ist (z.B: 192.168.1.1-254,192.168.2.5)" 82 | 83 | #: templates/admin.php:60 84 | msgid "Disable CAS logout (do not logout CAS-session, only instance-session)" 85 | msgstr "CAS Logout deaktivieren (nicht die CAS-Session, sondern nur die Instanz-Session ausloggen)" 86 | 87 | msgid "Disable CAS SingleSignout (do not logout instance-session if CAS-server sends SSO-Request)" 88 | msgstr "CAS SingleSignout deaktivieren (nicht die Instanz-Session ausloggen, wenn der CAS-Server einen SSO-Request sendet)" 89 | 90 | #: templates/admin.php63 91 | msgid "SingleSignout Servers" 92 | msgstr "Logout Server" 93 | 94 | #: templates/admin.php63 95 | msgid "Comma separated list of servers which can send SingleSignout requests (leave empty if you do not have to restrict SingleSignout to defined servers)" 96 | msgstr "Kommagetrennte Liste an Servern, die SingleSingout-Requests an ihren CAS-Server senden dürfen (Nicht ausfüllen, wenn Sie SingleSignouts nicht beschränken/erlauben müssen)" 97 | 98 | msgid "Keep CAS-ticket-ids in URL?" 99 | msgstr "CAS-Ticket-IDs nicht aus der URL entfernen" 100 | 101 | msgid "Beware: Potential security risk! Only activate, if you know what you are doing." 102 | msgstr "Achtung: Potentielles Sicherheitsrisiko! Nur aktivieren, wenn Sie wissen, was Sie tun." 103 | 104 | msgid "Overwrite Login Button Label" 105 | msgstr "Login Button Label überschreiben" 106 | 107 | msgid "Protect \"public share\" links with CAS" 108 | msgstr "Teilen-Links mit CAS schützen" 109 | 110 | #: templates/admin.php:65 111 | msgid "Autocreate user after first CAS login?" 112 | msgstr "Benutzer nach erstem CAS Login automatisch erstellen?" 113 | 114 | #: templates/admin.php:70 115 | msgid "Link CAS authentication with LDAP users and groups backend" 116 | msgstr "CAS Authentifizierung mit LDAP Backend verknüpfen" 117 | 118 | #: templates/admin.php:75 119 | msgid "Update user data after each CAS login?" 120 | msgstr "Benutzerdaten nach jedem CAS Login aktualisieren?" 121 | 122 | #: templates/admin.php:78 123 | msgid "Locked Groups" 124 | msgstr "Geschützte Gruppen" 125 | 126 | #: templates/admin.php:78 127 | msgid "" 128 | "Groups that will not be unlinked from the user when sync the CAS server and " 129 | "the owncloud" 130 | msgstr "" 131 | "Gruppen, die beim Synchronisieren mit dem CAS Server nicht vom ownCloud Benutzer entfernt werden" 132 | 133 | #: templates/admin.php:81 134 | msgid "Multivalued field, use comma to separate values" 135 | msgstr "Mehrzeiliges Feld, nutzen Sie komma separierte Werte" 136 | 137 | #: templates/admin.php:83 138 | msgid "Default Group" 139 | msgstr "Standardgruppe" 140 | 141 | #: templates/admin.php:83 142 | msgid "" 143 | "Default group when autocreating users and no group data was found for the " 144 | "user" 145 | msgstr "" 146 | "Standardgruppe, die beim automatischen Neuerstellen von ownCloud Benutzern vergeben " 147 | "wird" 148 | 149 | #: templates/admin.php:84 150 | msgid "Authorized CAS Groups" 151 | msgstr "Authorisierte CAS Gruppen" 152 | 153 | #: templates/admin.php:85 154 | msgid "Users in the following groups will be able to log into ownCloud, users not in one of the groups will be logged out immediately" 155 | msgstr "Benutzer in den folgenden Gruppen können sich in ownCloud anmelden, Benutzer, die nicht in einer der Gruppen sind, werden sofort ausgeloggt" 156 | 157 | #: templates/admin.php:85 158 | msgid "Group Quotas" 159 | msgstr "Gruppenquotas" 160 | 161 | #: templates/admin.php:85 162 | msgid "Use ECAS Attribute Parser?" 163 | msgstr "ECAS Attribute Parser verwenden?" 164 | 165 | #: templates/admin.php:85 166 | msgid "Request full user details?" 167 | msgstr "Vollständige Benutzerdetails anfordern?" 168 | 169 | #: templates/admin.php:86 170 | msgid "ECAS Strength" 171 | msgstr "ECAS Strength" 172 | 173 | #: templates/admin.php:86 174 | msgid "Not set" 175 | msgstr "Nicht gesetzt" 176 | 177 | #: templates/admin.php:86 178 | msgid "ECAS AssuranceLevel" 179 | msgstr "ECAS AssuranceLevel" 180 | 181 | #: templates/admin.php:87 182 | msgid "Query ECAS groups" 183 | msgstr "Gruppen in ECAS-Abfrage" 184 | 185 | #: templates/admin.php:87 186 | msgid "Note down all groups which you want to receive from your ECAS instance, * returns all groups" 187 | msgstr "Setzen Sie alle Gruppen, die Sie von Ihrer ECAS-Instanz zurück erhalten möchten, * gibt alle Gruppen zurück" 188 | 189 | #: templates/admin.php:87 190 | msgid "Don’t use Multi-Factor-Authentication on these client-IPs" 191 | msgstr "Multi-Faktor-Authentifizierung bei diesen Client-IPs deaktivieren" 192 | 193 | #: templates/admin.php:87 194 | msgid "Comma separated list of client IP addresses (or address ranges), which won’t be forced to use Multi-Factor-Authentication if \"ECAS AssuranceLevel\" is at least MEDIUM (e.g. 192.168.1.1-254,192.168.2.5)" 195 | msgstr "Kommagetrennte Liste an Client-IP-Adressen (oder Adressräumen), die nicht zur Multi-Faktor-Authentifizierung gezwungen werden, wenn der \"ECAS AssuranceLevel\" mindestens MEDIUM ist (z.B: 192.168.1.1-254,192.168.2.5)" 196 | 197 | #: templates/admin.php:89 198 | msgid "User-ID" 199 | msgstr "Benutzername" 200 | 201 | msgid "Only map this attribute, if you want one specific CAS attribute as your user’s id. If left blank, the default CAS user-id is used." 202 | msgstr "Verwenden Sie das Attribut nur, wenn Sie ein spezifisches CAS-Attribut als Benutzername verwenden wollen. Lassen Sie das Attribut leer, um den Standard CAS Benutzernamen zu verwenden." 203 | 204 | #: templates/admin.php:89 205 | msgid "Email" 206 | msgstr "E-Mail" 207 | 208 | #: templates/admin.php:94 209 | msgid "Display Name" 210 | msgstr "Anzeigename" 211 | 212 | #: templates/admin.php:99 213 | msgid "Groups" 214 | msgstr "Gruppen" 215 | 216 | #: templates/admin.php:99 217 | msgid "Group Name: JSON Decode" 218 | msgstr "Gruppen Name: JSON-Decode aktivieren" 219 | 220 | #: templates/admin.php:107 221 | msgid "Overwrite phpCAS path (CAS.php file)" 222 | msgstr "phpCAS Pfad überschreiben (CAS.php Datei)" 223 | 224 | #: templates/admin.php:107 225 | msgid "" 226 | "Optional: Overwrite phpCAS path (CAS.php file) if you want to use your own " 227 | "version. Leave blank to use the shipped version." 228 | msgstr "" 229 | "Optional: Überschreiben Sie den phpCAS Pfad (CAS.php Datei), wenn Sie eine " 230 | "eigene Version verwenden möchten. Nicht ausfüllen, wenn Sie die " 231 | "Standardversion verwenden möchten" 232 | 233 | #: templates/admin.php:112 234 | msgid "PHP CAS debug file" 235 | msgstr "PHP CAS debug Datei" 236 | 237 | #: templates/admin.php:118 238 | msgid "Save" 239 | msgstr "Speichern" 240 | 241 | #: lib/Controller/SettingsController.php:140 242 | msgid "Your CAS settings have been updated." 243 | msgstr "Ihre CAS Einstellungen wurden gespeichert." 244 | 245 | #: lib/Controller/SettingsController.php:146 246 | msgid "Your CAS settings could not be updated. Please try again." 247 | msgstr "Ihre CAS Einstellungen konnten nicht gespeichert werden. Bitte versuchen Sie es erneut." 248 | 249 | #: templates/cas-error.php:24 250 | msgid "403" 251 | msgstr "" 252 | 253 | #: templates/cas-error.php:24 254 | msgid "500" 255 | msgstr "" 256 | 257 | #: templates/cas-error.php:24 258 | msgid "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you." 259 | msgstr "Verboten. Sie haben keinen Zugriff auf diese Anwendung. Bitte wenden Sie sich an Ihren Administrator, wenn Sie denken, dass etwas nicht stimmt." 260 | 261 | #: templates/cas-error.php:24 262 | msgid "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you." 263 | msgstr "Sie haben keinen Zugriff auf diese JRCbox Anwendung. Bitte wenden Sie sich an den JRCbox Administrator, wenn Sie denken, dass etwas nicht stimmt." 264 | 265 | #: templates/cas-error.php:24 266 | msgid "Internal Server Error. The server encountered an error. Please try again." 267 | msgstr "Interner Serverfehler. Die Serveranfrage war fehlerhaft, bitte versuchen Sie es erneut." 268 | 269 | #: templates/cas-error.php:28 270 | msgid "Go back to the login page" 271 | msgstr "Zurück zur Startseite" 272 | 273 | 274 | # Import CLI 275 | msgid "Import CLI" 276 | msgstr "Import CLI" 277 | 278 | 279 | msgid "ActiveDirectory (LDAP)" 280 | msgstr "ActiveDirectory (LDAP)" 281 | 282 | msgid "LDAP Host" 283 | msgstr "LDAP Host" 284 | 285 | msgid "LDAP User and Domain" 286 | msgstr "LDAP Benutzer und Domain" 287 | 288 | msgid "LDAP User Password" 289 | msgstr "LDAP Benutzerpasswort" 290 | 291 | msgid "LDAP Base DN" 292 | msgstr "LDAP Basis DN" 293 | 294 | msgid "LDAP Sync Filter" 295 | msgstr "LDAP Sync Filter" 296 | 297 | msgid "LDAP Sync Pagesize (1–1500)" 298 | msgstr "LDAP Sync Seitengröße (1–1500)" 299 | 300 | 301 | msgid "CLI Attribute Mapping" 302 | msgstr "CLI Attributzuordnung" 303 | 304 | msgid "UID/Username" 305 | msgstr "UID/Benutzername" 306 | 307 | msgid "Group Name Field" 308 | msgstr "Gruppen Namensfeld" 309 | 310 | msgid "Group Name Filter" 311 | msgstr "Gruppen Namensfeld Filter" 312 | 313 | msgid "Attention: You must use PHP (PCRE) Regex syntax for the filter." 314 | msgstr "Achtung: Sie müssen die PHP (PCRE) Regex Syntax für diesen Filter einhalten." 315 | 316 | msgid "Group Name: Replace Umlauts" 317 | msgstr "Gruppen Name: Ersetze Umlaute" 318 | 319 | msgid "Enable" 320 | msgstr "Aktivierung" 321 | 322 | msgid "Calculate Enable Attribute Bitwise AND with" 323 | msgstr "Berechne die Nutzer-Aktivierung 'Bitwise AND' mit" 324 | 325 | msgid "Merge Accounts" 326 | msgstr "Accounts zusammenführen" 327 | 328 | msgid "Prefer Enabled over Disabled Accounts on Merge" 329 | msgstr "Aktivierte Accounts beim Zusammenführen bevorzugen" 330 | 331 | msgid "Merge Two Active Accounts by" 332 | msgstr "Zwei aktivierte Accounts zusammenfügen mit Hilfe vom Attribut" 333 | 334 | msgid "Merge Two Active Accounts by: Filterstring" 335 | msgstr "Filterstring für das Zusammenfügen zweier aktivierter Accounts" -------------------------------------------------------------------------------- /l10n/fr.js: -------------------------------------------------------------------------------- 1 | OC.L10N.register( 2 | "user_cas", 3 | { 4 | "CAS Authentication backend": "Authentification CAS", 5 | "CAS Server": "Serveur CAS", 6 | "Basic": "Basic", 7 | "Mapping": "Mapping", 8 | "phpCAS Library": "Librairie phpCAS", 9 | "CAS Server Version": "Version du serveur CAS", 10 | "CAS Server Hostname": "Nom d’hôte du serveur CAS", 11 | "CAS Server Port": "Port du serveur CAS", 12 | "CAS Server Path": "Chemin du serveur CAS", 13 | "Service URL": "URL du service", 14 | "Certification file path (.crt).": "Chemin du fichier de certification (.crt).", 15 | "Leave empty if you don’t want to validate your CAS server instance": "Laissez vide si vous ne voulez pas valider votre instance de serveur CAS", 16 | "Use CAS proxy initialization": "Utiliser l'initialisation du proxy CAS", 17 | "Force user login using CAS?": "Forcer la connexion de l'utilisateur en utilisant CAS?", 18 | "Don’t use force login on these client-IPs": "N'utilisez pas la connexion forcée sur ces adresses IP client", 19 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to login if \"Force user login\" is enabled (e.g. 192.168.1.1-254,192.168.2.5)": "Liste des adresses IP (ou plages d'adresses) séparées par des virgules, qui ne sera pas obligée de se connecter si \"Forcer la connexion utilisateur\" est activé (par exemple 192.168.1.1-254, 192.168.2.5)", 20 | "Disable CAS logout (do not logout CAS-session, only instance-session)": "Désactiver la déconnexion CAS (ne pas déconnecter la session CAS, déconnecter la session d'instance)", 21 | "Disable CAS SingleSignout (do not logout instance-session if CAS-server sends SSO-Request)": "Désactiver la déconnexion unique CAS (ne déconnecte pas la session d'instance si le serveur CAS envoie une demande SSO)", 22 | "SingleSignout Servers": "Serveurs de déconnexion", 23 | "Comma separated list of servers which can send SingleSignout requests (leave empty if you do not have to restrict SingleSignout to defined servers)": "Liste de serveurs séparés par des virgules pouvant envoyer des demandes SingleSignout (laissez vide si vous n'avez pas à limiter SingleSignout à des serveurs définis)", 24 | "Autocreate user after first CAS login?": "Créer l'utilisateur automatiquement après la connexion CAS?", 25 | "Keep CAS-ticket-ids in URL?": "Gardez CAS-ticket-ids dans l'URL?", 26 | "Beware: Potential security risk! Only activate, if you know what you are doing.": "Attention: risque potentiel de sécurité! Activez uniquement si vous savez ce que vous faites.", 27 | "Overwrite Login Button Label": "Écraser l'étiquette du bouton de connexion", 28 | "Protect \"public share\" links with CAS": "Protéger les liens de «partage public» avec CAS ", 29 | "Link CAS authentication with LDAP users and groups backend": "Lier l'authentification CAS avec les utilisateurs et groupe de l'authentification LDAP?", 30 | "Update user data after each CAS login?": "Mettre à jour les données utilisateurs après la connexion?", 31 | "Locked Groups": "Groupes protégés", 32 | "Groups that will not be unlinked from the user when sync the CAS server and the owncloud": "Groupes de l'utilisateur qui seront pas supprimés lors de la synchronisation entre le serveur CAS et Owncloud", 33 | "Multivalued field, use comma to separate values": "Champ multivalué, utilisez des virgules pour séparer les valeurs", 34 | "Default Group": "Groupe par défaut", 35 | "Default group when autocreating users and no group data was found for the user": "Groupe par défaut lors de la création automatique des utilisateurs ownCloud quand aucun groupe n'est trouvé pour l'utilisateur", 36 | "Authorized CAS Groups": "Groupes autorisés CAS", 37 | "Users in the following groups will be able to log into ownCloud, users not in one of the groups will be logged out immediately": "Les utilisateurs des groupes suivants pourront se connecter à ownCloud, les utilisateurs ne faisant pas partie d'un groupe seront déconnectés immédiatement", 38 | "Group Quotas": "Quotas de groupe", 39 | "Use ECAS Attribute Parser?": "Utiliser ECAS Attribute Parser?", 40 | "Request full user details?": "Demander des informations complètes sur l'utilisateur?", 41 | "ECAS Strength": "ECAS Strength", 42 | "Not set": "Pas encore défini", 43 | "ECAS AssuranceLevel": "ECAS AssuranceLevel", 44 | "Query ECAS groups": "ECAS groupes de requêtes", 45 | "Note down all groups which you want to receive from your ECAS instance, * returns all groups": "Notez tous les groupes que vous souhaitez recevoir de votre instance ECAS, * renvoie tous les groupes", 46 | "Don’t use Multi-Factor-Authentication on these client-IPs": "N'utilisez pas l'authentification multi-facteurs sur ces IP client", 47 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to use Multi-Factor-Authentication if \"ECAS AssuranceLevel\" is at least MEDIUM (e.g. 192.168.1.1-254,192.168.2.5)": "Liste d'adresses IP client (ou plages d'adresses), séparées par des virgules, qui ne seront pas obligées d'utiliser l'authentification à plusieurs facteurs si \"ECAS AssuranceLevel\" est au moins de MEDIUM (par exemple 192.168.1.1-254, 192.168.2.5)", 48 | "User-ID": "Nom d'utilisateur", 49 | "Only map this attribute, if you want one specific CAS attribute as your user’s id. If left blank, the default CAS user-id is used.": "Mappez cet attribut uniquement si vous voulez un attribut CAS spécifique comme identifiant de votre utilisateur. S'il est laissé vide, le nom d'utilisateur CAS par défaut est utilisé.", 50 | "Email": "Email", 51 | "Display Name": "Nom affiché", 52 | "Groups": "Groupes", 53 | "Group Name: JSON Decode": "Nom du groupe: activer le décodage JSON", 54 | "Overwrite phpCAS path (CAS.php file)": "Chemin PHP CAS (fichier CAS.php)", 55 | "Optional: Overwrite phpCAS path (CAS.php file) if you want to use your own version. Leave blank to use the shipped version.": "Optionnel: Chemin PHP CAS (fichier CAS.php). Laissez vide pour utiliser la version expédiée.", 56 | "PHP CAS debug file": "Chemin du fichier de debug de PHP CAS", 57 | "Save": "Enregistrer", 58 | "Your CAS settings have been updated.": "Vos paramètres CAS ont été mis à jour.", 59 | "Your CAS settings could not be updated. Please try again.": "Vos paramètres CAS n'ont pas pu être mis à jour. Veuillez réessayer.", 60 | "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you.": "Interdit. Vous n'avez pas accès à cette application. Veuillez vous adresser à votre administrateur si quelque chose vous semble incorrect.", 61 | "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you.": "Vous n'avez pas accès à cette application JRCbox. Veuillez vous adresser à votre administrateur JRCbox si quelque chose vous semble incorrect.", 62 | "Internal Server Error. The server encountered an error. Please try again.": "Erreur Interne du Serveur. Le serveur a rencontré une erreur. Veuillez réessayer.", 63 | "Go back to the login page": "Retourner à la page d'accueil", 64 | "Import CLI": "Import CLI", 65 | "ActiveDirectory (LDAP)": "ActiveDirectory (LDAP)", 66 | "LDAP Host": "Hôte LDAP", 67 | "LDAP User and Domain": "Utilisateur et domaine LDAP", 68 | "LDAP User Password": "Mot de passe utilisateur LDAP", 69 | "LDAP Base DN": "LDAP Base DN", 70 | "LDAP Sync Filter": "Filtre de synchronisation LDAP", 71 | "LDAP Sync Pagesize (1–1500)": "LDAP Sync Pagesize (1–1500)", 72 | "CLI Attribute Mapping": "Mappage d'attributs CLI", 73 | "UID/Username": "UID/Nom d'utilisateur", 74 | "Group Name Field": "Nom du groupe", 75 | "Group Name Filter": "Filtre de nom de groupe", 76 | "Attention: You must use PHP (PCRE) Regex syntax for the filter.": "Attention: Vous devez utiliser la syntaxe PHP (PCRE) Regex pour le filtre.", 77 | "Group Name: Replace Umlauts": "Nom du groupe - Remplacer les trémas", 78 | "Enable": "Activer", 79 | "Calculate Enable Attribute Bitwise AND with": "Calculer Activer Attribut Bitwise AND avec", 80 | "Merge Accounts": "Fusionner des comptes", 81 | "Prefer Enabled over Disabled Accounts on Merge": "Préférer activé sur les comptes désactivés lors de la fusion", 82 | "Merge Two Active Accounts by": "Fusionner deux comptes actifs par", 83 | "Merge Two Active Accounts by: Filterstring": "Fusionner deux comptes actifs par: Filtres" 84 | }, 85 | "nplurals=2; plural=(n != 1);"); 86 | -------------------------------------------------------------------------------- /l10n/fr.json: -------------------------------------------------------------------------------- 1 | { 2 | "translations": { 3 | "CAS Authentication backend": "Authentification CAS", 4 | "CAS Server": "Serveur CAS", 5 | "Basic": "Basic", 6 | "Mapping": "Mapping", 7 | "phpCAS Library": "Librairie phpCAS", 8 | "CAS Server Version": "Version du serveur CAS", 9 | "CAS Server Hostname": "Nom d’hôte du serveur CAS", 10 | "CAS Server Port": "Port du serveur CAS", 11 | "CAS Server Path": "Chemin du serveur CAS", 12 | "Service URL": "URL du service", 13 | "Certification file path (.crt).": "Chemin du fichier de certification (.crt).", 14 | "Leave empty if you don’t want to validate your CAS server instance": "Laissez vide si vous ne voulez pas valider votre instance de serveur CAS", 15 | "Use CAS proxy initialization": "Utiliser l'initialisation du proxy CAS", 16 | "Force user login using CAS?": "Forcer la connexion de l'utilisateur en utilisant CAS?", 17 | "Don’t use force login on these client-IPs": "N'utilisez pas la connexion forcée sur ces adresses IP client", 18 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to login if \"Force user login\" is enabled (e.g. 192.168.1.1-254,192.168.2.5)": "Liste des adresses IP (ou plages d'adresses) séparées par des virgules, qui ne sera pas obligée de se connecter si \"Forcer la connexion utilisateur\" est activé (par exemple 192.168.1.1-254, 192.168.2.5)", 19 | "Disable CAS logout (do not logout CAS-session, only instance-session)": "Désactiver la déconnexion CAS (ne pas déconnecter la session CAS, déconnecter la session d'instance)", 20 | "Disable CAS SingleSignout (do not logout instance-session if CAS-server sends SSO-Request)": "Désactiver la déconnexion unique CAS (ne déconnecte pas la session d'instance si le serveur CAS envoie une demande SSO)", 21 | "SingleSignout Servers": "Serveurs de déconnexion", 22 | "Comma separated list of servers which can send SingleSignout requests (leave empty if you do not have to restrict SingleSignout to defined servers)": "Liste de serveurs séparés par des virgules pouvant envoyer des demandes SingleSignout (laissez vide si vous n'avez pas à limiter SingleSignout à des serveurs définis)", 23 | "Autocreate user after first CAS login?": "Créer l'utilisateur automatiquement après la connexion CAS?", 24 | "Keep CAS-ticket-ids in URL?": "Gardez CAS-ticket-ids dans l'URL?", 25 | "Beware: Potential security risk! Only activate, if you know what you are doing.": "Attention: risque potentiel de sécurité! Activez uniquement si vous savez ce que vous faites.", 26 | "Overwrite Login Button Label": "Écraser l'étiquette du bouton de connexion", 27 | "Protect \"public share\" links with CAS": "Protéger les liens de «partage public» avec CAS ", 28 | "Link CAS authentication with LDAP users and groups backend": "Lier l'authentification CAS avec les utilisateurs et groupe de l'authentification LDAP?", 29 | "Update user data after each CAS login?": "Mettre à jour les données utilisateurs après la connexion?", 30 | "Locked Groups": "Groupes protégés", 31 | "Groups that will not be unlinked from the user when sync the CAS server and the owncloud": "Groupes de l'utilisateur qui seront pas supprimés lors de la synchronisation entre le serveur CAS et Owncloud", 32 | "Multivalued field, use comma to separate values": "Champ multivalué, utilisez des virgules pour séparer les valeurs", 33 | "Default Group": "Groupe par défaut", 34 | "Default group when autocreating users and no group data was found for the user": "Groupe par défaut lors de la création automatique des utilisateurs ownCloud quand aucun groupe n'est trouvé pour l'utilisateur", 35 | "Authorized CAS Groups": "Groupes autorisés CAS", 36 | "Users in the following groups will be able to log into ownCloud, users not in one of the groups will be logged out immediately": "Les utilisateurs des groupes suivants pourront se connecter à ownCloud, les utilisateurs ne faisant pas partie d'un groupe seront déconnectés immédiatement", 37 | "Group Quotas": "Quotas de groupe", 38 | "Use ECAS Attribute Parser?": "Utiliser ECAS Attribute Parser?", 39 | "Request full user details?": "Demander des informations complètes sur l'utilisateur?", 40 | "ECAS Strength": "ECAS Strength", 41 | "Not set": "Pas encore défini", 42 | "ECAS AssuranceLevel": "ECAS AssuranceLevel", 43 | "Query ECAS groups": "ECAS groupes de requêtes", 44 | "Note down all groups which you want to receive from your ECAS instance, * returns all groups": "Notez tous les groupes que vous souhaitez recevoir de votre instance ECAS, * renvoie tous les groupes", 45 | "Don’t use Multi-Factor-Authentication on these client-IPs": "N'utilisez pas l'authentification multi-facteurs sur ces IP client", 46 | "Comma separated list of client IP addresses (or address ranges), which won’t be forced to use Multi-Factor-Authentication if \"ECAS AssuranceLevel\" is at least MEDIUM (e.g. 192.168.1.1-254,192.168.2.5)": "Liste d'adresses IP client (ou plages d'adresses), séparées par des virgules, qui ne seront pas obligées d'utiliser l'authentification à plusieurs facteurs si \"ECAS AssuranceLevel\" est au moins de MEDIUM (par exemple 192.168.1.1-254, 192.168.2.5)", 47 | "User-ID": "Nom d'utilisateur", 48 | "Only map this attribute, if you want one specific CAS attribute as your user’s id. If left blank, the default CAS user-id is used.": "Mappez cet attribut uniquement si vous voulez un attribut CAS spécifique comme identifiant de votre utilisateur. S'il est laissé vide, le nom d'utilisateur CAS par défaut est utilisé.", 49 | "Email": "Email", 50 | "Display Name": "Nom affiché", 51 | "Groups": "Groupes", 52 | "Group Name: JSON Decode": "Nom du groupe: activer le décodage JSON", 53 | "Overwrite phpCAS path (CAS.php file)": "Chemin PHP CAS (fichier CAS.php)", 54 | "Optional: Overwrite phpCAS path (CAS.php file) if you want to use your own version. Leave blank to use the shipped version.": "Optionnel: Chemin PHP CAS (fichier CAS.php). Laissez vide pour utiliser la version expédiée.", 55 | "PHP CAS debug file": "Chemin du fichier de debug de PHP CAS", 56 | "Save": "Enregistrer", 57 | "Your CAS settings have been updated.": "Vos paramètres CAS ont été mis à jour.", 58 | "Your CAS settings could not be updated. Please try again.": "Vos paramètres CAS n'ont pas pu être mis à jour. Veuillez réessayer.", 59 | "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you.": "Interdit. Vous n'avez pas accès à cette application. Veuillez vous adresser à votre administrateur si quelque chose vous semble incorrect.", 60 | "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you.": "Vous n'avez pas accès à cette application JRCbox. Veuillez vous adresser à votre administrateur JRCbox si quelque chose vous semble incorrect.", 61 | "Internal Server Error. The server encountered an error. Please try again.": "Erreur Interne du Serveur. Le serveur a rencontré une erreur. Veuillez réessayer.", 62 | "Go back to the login page": "Retourner à la page d'accueil", 63 | "Import CLI": "Import CLI", 64 | "ActiveDirectory (LDAP)": "ActiveDirectory (LDAP)", 65 | "LDAP Host": "Hôte LDAP", 66 | "LDAP User and Domain": "Utilisateur et domaine LDAP", 67 | "LDAP User Password": "Mot de passe utilisateur LDAP", 68 | "LDAP Base DN": "LDAP Base DN", 69 | "LDAP Sync Filter": "Filtre de synchronisation LDAP", 70 | "LDAP Sync Pagesize (1–1500)": "LDAP Sync Pagesize (1–1500)", 71 | "CLI Attribute Mapping": "Mappage d'attributs CLI", 72 | "UID/Username": "UID/Nom d'utilisateur", 73 | "Group Name Field": "Nom du groupe", 74 | "Group Name Filter": "Filtre de nom de groupe", 75 | "Attention: You must use PHP (PCRE) Regex syntax for the filter.": "Attention: Vous devez utiliser la syntaxe PHP (PCRE) Regex pour le filtre.", 76 | "Group Name: Replace Umlauts": "Nom du groupe - Remplacer les trémas", 77 | "Enable": "Activer", 78 | "Calculate Enable Attribute Bitwise AND with": "Calculer Activer Attribut Bitwise AND avec", 79 | "Merge Accounts": "Fusionner des comptes", 80 | "Prefer Enabled over Disabled Accounts on Merge": "Préférer activé sur les comptes désactivés lors de la fusion", 81 | "Merge Two Active Accounts by": "Fusionner deux comptes actifs par", 82 | "Merge Two Active Accounts by: Filterstring": "Fusionner deux comptes actifs par: Filtres" 83 | }, 84 | "pluralForm": "nplurals=2; plural=(n != 1);" 85 | } 86 | -------------------------------------------------------------------------------- /l10n/fr/user_cas.po: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2017 Felix Rupp 2 | # This file is distributed under the same license as the user_cas package. 3 | # Felix Rupp , 2017. 4 | msgid "" 5 | msgstr "" 6 | "Project-Id-Version: ownCloud Core 8.0.0\n" 7 | "Report-Msgid-Bugs-To: translations@owncloud.org\n" 8 | "POT-Creation-Date: 2017-07-24 12:40+0000\n" 9 | "PO-Revision-Date: 2017-07-24 14:57+0200\n" 10 | "Last-Translator: Felix Rupp \n" 11 | "Language-Team: LANGUAGE \n" 12 | "Language: de\n" 13 | "MIME-Version: 1.0\n" 14 | "Content-Type: text/plain; charset=UTF-8\n" 15 | "Content-Transfer-Encoding: 8bit\n" 16 | "Plural-Forms: nplurals=2; plural=(n != 1);\n" 17 | "X-Generator: Virtaal 0.7.1\n" 18 | 19 | #: templates/admin.php:7 20 | msgid "CAS Authentication backend" 21 | msgstr "Authentification CAS" 22 | 23 | #: templates/admin.php:11 24 | msgid "CAS Server" 25 | msgstr "Serveur CAS" 26 | 27 | #: templates/admin.php:12 28 | msgid "Basic" 29 | msgstr "Basic" 30 | 31 | #: templates/admin.php:13 32 | msgid "Mapping" 33 | msgstr "Mapping" 34 | 35 | #: templates/admin.php:14 36 | msgid "phpCAS Library" 37 | msgstr "Librairie phpCAS" 38 | 39 | #: templates/admin.php:18 40 | msgid "CAS Server Version" 41 | msgstr "Version du serveur CAS" 42 | 43 | #: templates/admin.php:26 44 | msgid "CAS Server Hostname" 45 | msgstr "Nom d’hôte du serveur CAS" 46 | 47 | #: templates/admin.php:31 48 | msgid "CAS Server Port" 49 | msgstr "Port du serveur CAS" 50 | 51 | #: templates/admin.php:36 52 | msgid "CAS Server Path" 53 | msgstr "Chemin du serveur CAS" 54 | 55 | #: templates/admin.php:41 56 | msgid "Service URL" 57 | msgstr "URL du service" 58 | 59 | #: templates/admin.php:47 60 | msgid "Certification file path (.crt)." 61 | msgstr "Chemin du fichier de certification (.crt)." 62 | 63 | #: templates/admin.php:47 64 | msgid "Leave empty if you don’t want to validate your CAS server instance" 65 | msgstr "Laissez vide si vous ne voulez pas valider votre instance de serveur CAS" 66 | 67 | #: templates/admin.php:52 68 | msgid "Use CAS proxy initialization" 69 | msgstr "Utiliser l'initialisation du proxy CAS" 70 | 71 | #: templates/admin.php:54 72 | msgid "Force user login using CAS?" 73 | msgstr "Forcer la connexion de l'utilisateur en utilisant CAS?" 74 | 75 | #: templates/admin.php:58 76 | msgid "Don’t use force login on these client-IPs" 77 | msgstr "N'utilisez pas la connexion forcée sur ces adresses IP client" 78 | 79 | #: templates/admin.php:58 80 | msgid "Comma separated list of client IP addresses (or address ranges), which won’t be forced to login if \"Force user login\" is enabled (e.g. 192.168.1.1-254,192.168.2.5)" 81 | msgstr "Liste des adresses IP (ou plages d'adresses) séparées par des virgules, qui ne sera pas obligée de se connecter si \"Forcer la connexion utilisateur\" est activé (par exemple 192.168.1.1-254, 192.168.2.5)" 82 | 83 | #: templates/admin.php:60 84 | msgid "Disable CAS logout (do not logout CAS-session, only instance-session)" 85 | msgstr "Désactiver la déconnexion CAS (ne pas déconnecter la session CAS, déconnecter la session d'instance)" 86 | 87 | msgid "Disable CAS SingleSignout (do not logout instance-session if CAS-server sends SSO-Request)" 88 | msgstr "Désactiver la déconnexion unique CAS (ne déconnecte pas la session d'instance si le serveur CAS envoie une demande SSO)" 89 | 90 | #: templates/admin.php63 91 | msgid "SingleSignout Servers" 92 | msgstr "Serveurs de déconnexion" 93 | 94 | #: templates/admin.php63 95 | msgid "Comma separated list of servers which can send SingleSignout requests (leave empty if you do not have to restrict SingleSignout to defined servers)" 96 | msgstr "Liste de serveurs séparés par des virgules pouvant envoyer des demandes SingleSignout (laissez vide si vous n'avez pas à limiter SingleSignout à des serveurs définis)" 97 | 98 | #: templates/admin.php:65 99 | msgid "Autocreate user after first CAS login?" 100 | msgstr "Créer l'utilisateur automatiquement après la connexion CAS?" 101 | 102 | msgid "Keep CAS-ticket-ids in URL?" 103 | msgstr "Gardez CAS-ticket-ids dans l'URL?" 104 | 105 | msgid "Beware: Potential security risk! Only activate, if you know what you are doing." 106 | msgstr "Attention: risque potentiel de sécurité! Activez uniquement si vous savez ce que vous faites." 107 | 108 | msgid "Overwrite Login Button Label" 109 | msgstr "Écraser l'étiquette du bouton de connexion" 110 | 111 | msgid "Protect \"public share\" links with CAS" 112 | msgstr "Protéger les liens de partage avec CAS" 113 | 114 | #: templates/admin.php:70 115 | msgid "Link CAS authentication with LDAP users and groups backend" 116 | msgstr "" 117 | "Lier l'authentification CAS avec les utilisateurs et groupe de " 118 | "l'authentification LDAP?" 119 | 120 | #: templates/admin.php:75 121 | msgid "Update user data after each CAS login?" 122 | msgstr "Mettre à jour les données utilisateurs après la connexion?" 123 | 124 | #: templates/admin.php:78 125 | msgid "Locked Groups" 126 | msgstr "Groupes protégés" 127 | 128 | #: templates/admin.php:78 129 | msgid "" 130 | "Groups that will not be unlinked from the user when sync the CAS server and " 131 | "the owncloud" 132 | msgstr "" 133 | "Groupes de l'utilisateur qui seront pas supprimés lors de la synchronisation " 134 | "entre le serveur CAS et Owncloud" 135 | 136 | #: templates/admin.php:81 137 | msgid "Multivalued field, use comma to separate values" 138 | msgstr "Champ multivalué, utilisez des virgules pour séparer les valeurs" 139 | 140 | #: templates/admin.php:83 141 | msgid "Default Group" 142 | msgstr "Groupe par défaut" 143 | 144 | #: templates/admin.php:83 145 | msgid "" 146 | "Default group when autocreating users and no group data was found for the " 147 | "user" 148 | msgstr "" 149 | "Groupe par défaut lors de la création automatique des utilisateurs quand " 150 | "aucun groupe n'est trouvé pour l'utilisateur" 151 | 152 | #: templates/admin.php:84 153 | msgid "Authorized CAS Groups" 154 | msgstr "Groupes autorisés CAS" 155 | 156 | #: templates/admin.php:85 157 | msgid "Users in the following groups will be able to log into ownCloud, users not in one of the groups will be logged out immediately" 158 | msgstr "Les utilisateurs des groupes suivants pourront se connecter à ownCloud, les utilisateurs ne faisant pas partie d'un groupe seront déconnectés immédiatement" 159 | 160 | #: templates/admin.php:85 161 | msgid "Group Quotas" 162 | msgstr "Quotas de groupe" 163 | 164 | #: templates/admin.php:85 165 | msgid "Use ECAS Attribute Parser?" 166 | msgstr "Utiliser ECAS Attribute Parser?" 167 | 168 | #: templates/admin.php:85 169 | msgid "Request full user details?" 170 | msgstr "Demander des informations complètes sur l'utilisateur?" 171 | 172 | #: templates/admin.php:86 173 | msgid "ECAS Strength" 174 | msgstr "ECAS Strength" 175 | 176 | #: templates/admin.php:86 177 | msgid "Not set" 178 | msgstr "Pas encore défini" 179 | 180 | #: templates/admin.php:86 181 | msgid "ECAS AssuranceLevel" 182 | msgstr "ECAS AssuranceLevel" 183 | 184 | #: templates/admin.php:87 185 | msgid "Query ECAS groups" 186 | msgstr "ECAS groupes de requêtes" 187 | 188 | #: templates/admin.php:87 189 | msgid "Note down all groups which you want to receive from your ECAS instance, * returns all groups" 190 | msgstr "Notez tous les groupes que vous souhaitez recevoir de votre instance ECAS, * renvoie tous les groupes" 191 | 192 | #: templates/admin.php:87 193 | msgid "Don’t use Multi-Factor-Authentication on these client-IPs" 194 | msgstr "N'utilisez pas l'authentification multi-facteurs sur ces IP client" 195 | 196 | #: templates/admin.php:87 197 | msgid "Comma separated list of client IP addresses (or address ranges), which won’t be forced to use Multi-Factor-Authentication if \"ECAS AssuranceLevel\" is at least MEDIUM (e.g. 192.168.1.1-254,192.168.2.5)" 198 | msgstr "Liste d'adresses IP client (ou plages d'adresses), séparées par des virgules, qui ne seront pas obligées d'utiliser l'authentification à plusieurs facteurs si \"ECAS AssuranceLevel\" est au moins de MEDIUM (par exemple 192.168.1.1-254, 192.168.2.5)" 199 | 200 | #: templates/admin.php:89 201 | msgid "User-ID" 202 | msgstr "Nom d'utilisateur" 203 | 204 | msgid "Only map this attribute, if you want one specific CAS attribute as your user’s id. If left blank, the default CAS user-id is used." 205 | msgstr "Mappez cet attribut uniquement si vous voulez un attribut CAS spécifique comme identifiant de votre utilisateur. S'il est laissé vide, le nom d'utilisateur CAS par défaut est utilisé." 206 | 207 | #: templates/admin.php:89 208 | msgid "Email" 209 | msgstr "Email" 210 | 211 | #: templates/admin.php:94 212 | msgid "Display Name" 213 | msgstr "Nom affiché" 214 | 215 | #: templates/admin.php:99 216 | msgid "Groups" 217 | msgstr "Groupes" 218 | 219 | #: templates/admin.php:99 220 | msgid "Group Name: JSON Decode" 221 | msgstr "Nom du groupe: activer le décodage JSON" 222 | 223 | #: templates/admin.php:107 224 | msgid "Overwrite phpCAS path (CAS.php file)" 225 | msgstr "Chemin PHP CAS (fichier CAS.php)" 226 | 227 | #: templates/admin.php:107 228 | msgid "" 229 | "Optional: Overwrite phpCAS path (CAS.php file) if you want to use your own " 230 | "version. Leave blank to use the shipped version." 231 | msgstr "" 232 | "Optionnel: Chemin PHP CAS (fichier CAS.php). Laissez vide pour utiliser la " 233 | "version expédiée." 234 | 235 | #: templates/admin.php:112 236 | msgid "PHP CAS debug file" 237 | msgstr "Chemin du fichier de debug de PHP CAS" 238 | 239 | #: templates/admin.php:118 240 | msgid "Save" 241 | msgstr "Enregistrer" 242 | 243 | #: lib/Controller/SettingsController.php:140 244 | msgid "Your CAS settings have been updated." 245 | msgstr "Vos paramètres CAS ont été mis à jour." 246 | 247 | #: lib/Controller/SettingsController.php:146 248 | msgid "Your CAS settings could not be updated. Please try again." 249 | msgstr "Vos paramètres CAS n'ont pas pu être mis à jour. Veuillez réessayer." 250 | 251 | #: templates/cas-error.php:24 252 | msgid "403" 253 | msgstr "" 254 | 255 | #: templates/cas-error.php:24 256 | msgid "500" 257 | msgstr "" 258 | 259 | #: templates/cas-error.php:24 260 | msgid "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you." 261 | msgstr "Interdit. Vous n'avez pas accès à cette application. Veuillez vous adresser à votre administrateur si quelque chose vous semble incorrect." 262 | 263 | #: templates/cas-error.php:24 264 | msgid "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you." 265 | msgstr "Vous n'avez pas accès à cette application JRCbox. Veuillez vous adresser à votre administrateur JRCbox si quelque chose vous semble incorrect." 266 | 267 | #: templates/cas-error.php:24 268 | msgid "Internal Server Error. The server encountered an error. Please try again." 269 | msgstr "Erreur Interne du Serveur. Le serveur a rencontré une erreur. Veuillez réessayer." 270 | 271 | #: templates/cas-error.php:28 272 | msgid "Go back to the login page" 273 | msgstr "Retourner à la page d'accueil" 274 | 275 | 276 | # Import CLI 277 | msgid "Import CLI" 278 | msgstr "Import CLI" 279 | 280 | 281 | msgid "ActiveDirectory (LDAP)" 282 | msgstr "ActiveDirectory (LDAP)" 283 | 284 | msgid "LDAP Host" 285 | msgstr "Hôte LDAP" 286 | 287 | msgid "LDAP User and Domain" 288 | msgstr "Utilisateur et domaine LDAP" 289 | 290 | msgid "LDAP User Password" 291 | msgstr "Mot de passe utilisateur LDAP" 292 | 293 | msgid "LDAP Base DN" 294 | msgstr "LDAP Base DN" 295 | 296 | msgid "LDAP Sync Filter" 297 | msgstr "Filtre de synchronisation LDAP" 298 | 299 | msgid "LDAP Sync Pagesize (1–1500)" 300 | msgstr "LDAP Sync Pagesize (1–1500)" 301 | 302 | 303 | msgid "CLI Attribute Mapping" 304 | msgstr "Mappage d'attributs CLI" 305 | 306 | msgid "UID/Username" 307 | msgstr "UID/Nom d'utilisateur" 308 | 309 | msgid "Group Name Field" 310 | msgstr "Nom du groupe" 311 | 312 | msgid "Group Name Filter" 313 | msgstr "Filtre de nom de groupe" 314 | 315 | msgid "Attention: You must use PHP (PCRE) Regex syntax for the filter." 316 | msgstr "Attention: Vous devez utiliser la syntaxe PHP (PCRE) Regex pour le filtre." 317 | 318 | msgid "Group Name: Replace Umlauts" 319 | msgstr "Nom du groupe - Remplacer les trémas" 320 | 321 | msgid "Enable" 322 | msgstr "Activer" 323 | 324 | msgid "Calculate Enable Attribute Bitwise AND with" 325 | msgstr "Calculer Activer Attribut Bitwise AND avec" 326 | 327 | msgid "Merge Accounts" 328 | msgstr "Fusionner des comptes" 329 | 330 | msgid "Prefer Enabled over Disabled Accounts on Merge" 331 | msgstr "Préférer activé sur les comptes désactivés lors de la fusion" 332 | 333 | msgid "Merge Two Active Accounts by" 334 | msgstr "Fusionner deux comptes actifs par" 335 | 336 | msgid "Merge Two Active Accounts by: Filterstring" 337 | msgstr "Fusionner deux comptes actifs par: Filtres" -------------------------------------------------------------------------------- /l10n/templates/user_cas.pot: -------------------------------------------------------------------------------- 1 | # SOME DESCRIPTIVE TITLE. 2 | # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER 3 | # This file is distributed under the same license as the PACKAGE package. 4 | # FIRST AUTHOR , YEAR. 5 | # 6 | #, fuzzy 7 | msgid "" 8 | msgstr "" 9 | "Project-Id-Version: ownCloud Core 8.0.0\n" 10 | "Report-Msgid-Bugs-To: translations@owncloud.org\n" 11 | "POT-Creation-Date: 2017-07-24 12:40+0000\n" 12 | "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" 13 | "Last-Translator: FULL NAME \n" 14 | "Language-Team: LANGUAGE \n" 15 | "Language: \n" 16 | "MIME-Version: 1.0\n" 17 | "Content-Type: text/plain; charset=CHARSET\n" 18 | "Content-Transfer-Encoding: 8bit\n" 19 | 20 | #: templates/admin.php:7 21 | msgid "CAS Authentication backend" 22 | msgstr "" 23 | 24 | #: templates/admin.php:11 25 | msgid "CAS Server" 26 | msgstr "" 27 | 28 | #: templates/admin.php:12 29 | msgid "Basic" 30 | msgstr "" 31 | 32 | #: templates/admin.php:13 33 | msgid "Mapping" 34 | msgstr "" 35 | 36 | #: templates/admin.php:14 37 | msgid "phpCAS Library" 38 | msgstr "" 39 | 40 | #: templates/admin.php:18 41 | msgid "CAS Server Version" 42 | msgstr "" 43 | 44 | #: templates/admin.php:26 45 | msgid "CAS Server Hostname" 46 | msgstr "" 47 | 48 | #: templates/admin.php:31 49 | msgid "CAS Server Port" 50 | msgstr "" 51 | 52 | #: templates/admin.php:36 53 | msgid "CAS Server Path" 54 | msgstr "" 55 | 56 | #: templates/admin.php:41 57 | msgid "Service URL" 58 | msgstr "" 59 | 60 | #: templates/admin.php:47 61 | msgid "Certification file path (.crt)." 62 | msgstr "" 63 | 64 | #: templates/admin.php:47 65 | msgid "Leave empty if you don’t want to validate your CAS server instance" 66 | msgstr "" 67 | 68 | #: templates/admin.php:52 69 | msgid "Use CAS proxy initialization" 70 | msgstr "" 71 | 72 | #: templates/admin.php:54 73 | msgid "Force user login using CAS?" 74 | msgstr "" 75 | 76 | #: templates/admin.php:58 77 | msgid "Don’t use force login on these client-IPs" 78 | msgstr "" 79 | 80 | #: templates/admin.php:58 81 | msgid "Comma separated list of client IP addresses (or address ranges), which won’t be forced to login if \"Force user login\" is enabled (e.g. 192.168.1.1-254,192.168.2.5)" 82 | msgstr "" 83 | 84 | #: templates/admin.php:60 85 | msgid "Disable CAS logout (do not logout CAS-session, only instance-session)" 86 | msgstr "" 87 | 88 | msgid "Disable CAS SingleSignout (do not logout instance-session if CAS-server sends SSO-Request)" 89 | msgstr "" 90 | 91 | #: templates/admin.php63 92 | msgid "SingleSignout Servers" 93 | msgstr "" 94 | 95 | #: templates/admin.php63 96 | msgid "Comma separated list of servers which can send SingleSignout requests (leave empty if you do not have to restrict SingleSignout to defined servers)" 97 | msgstr "" 98 | 99 | #: templates/admin.php:65 100 | msgid "Autocreate user after first CAS login?" 101 | msgstr "" 102 | 103 | msgid "Keep CAS-ticket-ids in URL?" 104 | msgstr "" 105 | 106 | msgid "Beware: Potential security risk! Only activate, if you know what you are doing." 107 | msgstr "" 108 | 109 | msgid "Overwrite Login Button Label" 110 | msgstr "" 111 | 112 | msgid "Protect \"public share\" links with CAS" 113 | msgstr "" 114 | 115 | #: templates/admin.php:70 116 | msgid "Link CAS authentication with LDAP users and groups backend" 117 | msgstr "" 118 | 119 | #: templates/admin.php:75 120 | msgid "Update user data after each CAS login?" 121 | msgstr "" 122 | 123 | #: templates/admin.php:78 124 | msgid "Locked Groups" 125 | msgstr "" 126 | 127 | #: templates/admin.php:78 128 | msgid "" 129 | "Groups that will not be unlinked from the user when sync the CAS server and " 130 | "the owncloud" 131 | msgstr "" 132 | 133 | #: templates/admin.php:81 134 | msgid "Multivalued field, use comma to separate values" 135 | msgstr "" 136 | 137 | #: templates/admin.php:83 138 | msgid "Default Group" 139 | msgstr "" 140 | 141 | #: templates/admin.php:83 142 | msgid "" 143 | "Default group when autocreating users and no group data was found for the " 144 | "user" 145 | msgstr "" 146 | 147 | #: templates/admin.php:84 148 | msgid "Authorized CAS Groups" 149 | msgstr "" 150 | 151 | #: templates/admin.php:85 152 | msgid "Users in the following groups will be able to log into ownCloud, users not in one of the groups will be logged out immediately" 153 | msgstr "" 154 | 155 | #: templates/admin.php:85 156 | msgid "Group Quotas" 157 | msgstr "" 158 | 159 | #: templates/admin.php:85 160 | msgid "Use ECAS Attribute Parser?" 161 | msgstr "" 162 | 163 | #: templates/admin.php:85 164 | msgid "Request full user details?" 165 | msgstr "" 166 | 167 | #: templates/admin.php:86 168 | msgid "ECAS Strength" 169 | msgstr "" 170 | 171 | #: templates/admin.php:86 172 | msgid "Not set" 173 | msgstr "" 174 | 175 | #: templates/admin.php:86 176 | msgid "ECAS AssuranceLevel" 177 | msgstr "" 178 | 179 | #: templates/admin.php:87 180 | msgid "Query ECAS groups" 181 | msgstr "" 182 | 183 | #: templates/admin.php:87 184 | msgid "Note down all groups which you want to receive from your ECAS instance, * returns all groups" 185 | msgstr "" 186 | 187 | #: templates/admin.php:87 188 | msgid "Don’t use Multi-Factor-Authentication on these client-IPs" 189 | msgstr "" 190 | 191 | #: templates/admin.php:87 192 | msgid "Comma separated list of client IP addresses (or address ranges), which won’t be forced to use Multi-Factor-Authentication if \"ECAS AssuranceLevel\" is at least MEDIUM (e.g. 192.168.1.1-254,192.168.2.5)" 193 | msgstr "" 194 | 195 | #: templates/admin.php:89 196 | msgid "User-ID" 197 | msgstr "" 198 | 199 | #: templates/admin.php:89 200 | msgid "Only map this attribute, if you want one specific CAS attribute as your user’s id. If left blank, the default CAS user-id is used." 201 | msgstr "" 202 | 203 | #: templates/admin.php:89 204 | msgid "Email" 205 | msgstr "" 206 | 207 | #: templates/admin.php:94 208 | msgid "Display Name" 209 | msgstr "" 210 | 211 | #: templates/admin.php:99 212 | msgid "Groups" 213 | msgstr "" 214 | 215 | #: templates/admin.php:99 216 | msgid "Group Name: JSON Decode" 217 | msgstr "" 218 | 219 | #: templates/admin.php:107 220 | msgid "Overwrite phpCAS path (CAS.php file)" 221 | msgstr "" 222 | 223 | #: templates/admin.php:107 224 | msgid "" 225 | "Optional: Overwrite phpCAS path (CAS.php file) if you want to use your own " 226 | "version. Leave blank to use the shipped version." 227 | msgstr "" 228 | 229 | #: templates/admin.php:112 230 | msgid "PHP CAS debug file" 231 | msgstr "" 232 | 233 | #: templates/admin.php:118 234 | msgid "Save" 235 | msgstr "" 236 | 237 | #: lib/Controller/SettingsController.php:140 238 | msgid "Your CAS settings have been updated." 239 | msgstr "" 240 | 241 | #: lib/Controller/SettingsController.php:146 242 | msgid "Your CAS settings could not be updated. Please try again." 243 | msgstr "" 244 | 245 | 246 | #: templates/cas-error.php:24 247 | msgid "403" 248 | msgstr "" 249 | 250 | #: templates/cas-error.php:24 251 | msgid "500" 252 | msgstr "" 253 | 254 | #: templates/cas-error.php:24 255 | msgid "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you." 256 | msgstr "" 257 | 258 | #: templates/cas-error.php:24 259 | msgid "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you." 260 | msgstr "" 261 | 262 | #: templates/cas-error.php:24 263 | msgid "Internal Server Error. The server encountered an error. Please try again." 264 | msgstr "" 265 | 266 | #: templates/cas-error.php:28 267 | msgid "Go back to the login page" 268 | msgstr "" 269 | 270 | 271 | # Import CLI 272 | msgid "Import CLI" 273 | msgstr "" 274 | 275 | 276 | msgid "ActiveDirectory (LDAP)" 277 | msgstr "" 278 | 279 | msgid "LDAP Host" 280 | msgstr "" 281 | 282 | msgid "LDAP User and Domain" 283 | msgstr "" 284 | 285 | msgid "LDAP User Password" 286 | msgstr "" 287 | 288 | msgid "LDAP Base DN" 289 | msgstr "" 290 | 291 | msgid "LDAP Sync Filter" 292 | msgstr "" 293 | 294 | msgid "LDAP Sync Pagesize (1–1500)" 295 | msgstr "" 296 | 297 | 298 | msgid "CLI Attribute Mapping" 299 | msgstr "" 300 | 301 | msgid "UID/Username" 302 | msgstr "" 303 | 304 | msgid "Group Name Field" 305 | msgstr "" 306 | 307 | msgid "Group Name Filter" 308 | msgstr "" 309 | 310 | msgid "Attention: You must use PHP (PCRE) Regex syntax for the filter." 311 | msgstr "" 312 | 313 | msgid "Group Name: Replace Umlauts" 314 | msgstr "" 315 | 316 | msgid "Enable" 317 | msgstr "" 318 | 319 | msgid "Calculate Enable Attribute Bitwise AND with" 320 | msgstr "" 321 | 322 | msgid "Merge Accounts" 323 | msgstr "" 324 | 325 | msgid "Prefer Enabled over Disabled Accounts on Merge" 326 | msgstr "" 327 | 328 | msgid "Merge Two Active Accounts by" 329 | msgstr "" 330 | 331 | msgid "Merge Two Active Accounts by: Filterstring" 332 | msgstr "" -------------------------------------------------------------------------------- /lib/AppInfo/Application.php: -------------------------------------------------------------------------------- 1 | 7 | * @copyright Felix Rupp 8 | * 9 | * This library is free software; you can redistribute it and/or 10 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 11 | * License as published by the Free Software Foundation; either 12 | * version 3 of the License, or any later version. 13 | * 14 | * This library is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public 20 | * License along with this library. If not, see . 21 | * 22 | */ 23 | 24 | namespace OCA\UserCAS\AppInfo; 25 | 26 | use \OCP\AppFramework\App; 27 | use \OCP\IContainer; 28 | 29 | use OCA\UserCAS\Service\UserService; 30 | use OCA\UserCAS\Service\AppService; 31 | use OCA\UserCAS\Hooks\UserHooks; 32 | use OCA\UserCAS\Controller\SettingsController; 33 | use OCA\UserCAS\Controller\AuthenticationController; 34 | use OCA\UserCAS\User\Backend; 35 | use OCA\UserCAS\User\NextBackend; 36 | use OCA\UserCAS\Service\LoggingService; 37 | 38 | /** 39 | * Class Application 40 | * 41 | * @package OCA\UserCAS\AppInfo 42 | * 43 | * @author Felix Rupp 44 | * @copyright Felix Rupp 45 | * 46 | * @since 1.4.0 47 | */ 48 | class Application extends App 49 | { 50 | 51 | /** 52 | * Application constructor. 53 | * 54 | * @param array $urlParams 55 | */ 56 | public function __construct(array $urlParams = array()) 57 | { 58 | 59 | parent::__construct('user_cas', $urlParams); 60 | 61 | $container = $this->getContainer(); 62 | 63 | $container->registerService('User', function (IContainer $c) { 64 | return $c->query('UserSession')->getUser(); 65 | }); 66 | 67 | $container->registerService('Config', function (IContainer $c) { 68 | return $c->query('ServerContainer')->getConfig(); 69 | }); 70 | 71 | $container->registerService('L10N', function (IContainer $c) { 72 | return $c->query('ServerContainer')->getL10N($c->query('AppName')); 73 | }); 74 | 75 | $container->registerService('Logger', function (IContainer $c) { 76 | return $c->query('ServerContainer')->getLogger(); 77 | }); 78 | 79 | /** 80 | * Register LoggingService 81 | */ 82 | $container->registerService('LoggingService', function (IContainer $c) { 83 | return new LoggingService( 84 | $c->query('AppName'), 85 | $c->query('Config'), 86 | $c->query('Logger') 87 | ); 88 | }); 89 | 90 | /** 91 | * Register AppService with config 92 | */ 93 | $container->registerService('AppService', function (IContainer $c) { 94 | return new AppService( 95 | $c->query('AppName'), 96 | $c->query('Config'), 97 | $c->query('LoggingService'), 98 | $c->query('ServerContainer')->getUserManager(), 99 | $c->query('ServerContainer')->getUserSession(), 100 | $c->query('ServerContainer')->getURLGenerator(), 101 | $c->query('ServerContainer')->getAppManager() 102 | ); 103 | }); 104 | 105 | 106 | // Workaround for Nextcloud >= 14.0.0 107 | if ($container->query('AppService')->isNotNextcloud()) { 108 | 109 | /** 110 | * Register regular Backend 111 | */ 112 | $container->registerService('Backend', function (IContainer $c) { 113 | return new Backend( 114 | $c->query('AppName'), 115 | $c->query('Config'), 116 | $c->query('LoggingService'), 117 | $c->query('AppService'), 118 | $c->query('ServerContainer')->getUserManager(), 119 | $c->query('UserService') 120 | ); 121 | }); 122 | } else { 123 | 124 | /** 125 | * Register Nextcloud Backend 126 | */ 127 | $container->registerService('Backend', function (IContainer $c) { 128 | return new NextBackend( 129 | $c->query('AppName'), 130 | $c->query('Config'), 131 | $c->query('LoggingService'), 132 | $c->query('AppService'), 133 | $c->query('ServerContainer')->getUserManager(), 134 | $c->query('UserService') 135 | ); 136 | }); 137 | } 138 | 139 | /** 140 | * Register UserService with UserSession for login/logout and UserManager for create 141 | */ 142 | $container->registerService('UserService', function (IContainer $c) { 143 | return new UserService( 144 | $c->query('AppName'), 145 | $c->query('Config'), 146 | $c->query('ServerContainer')->getUserManager(), 147 | $c->query('ServerContainer')->getUserSession(), 148 | $c->query('ServerContainer')->getGroupManager(), 149 | $c->query('AppService'), 150 | $c->query('LoggingService') 151 | ); 152 | }); 153 | 154 | /** 155 | * Register SettingsController 156 | */ 157 | $container->registerService('SettingsController', function (IContainer $c) { 158 | return new SettingsController( 159 | $c->query('AppName'), 160 | $c->query('Request'), 161 | $c->query('Config'), 162 | $c->query('L10N') 163 | ); 164 | }); 165 | 166 | /** 167 | * Register AuthenticationController 168 | */ 169 | $container->registerService('AuthenticationController', function (IContainer $c) { 170 | return new AuthenticationController( 171 | $c->query('AppName'), 172 | $c->query('Request'), 173 | $c->query('Config'), 174 | $c->query('UserService'), 175 | $c->query('AppService'), 176 | $c->query('ServerContainer')->getUserSession(), 177 | $c->query('LoggingService') 178 | ); 179 | }); 180 | 181 | /** 182 | * Register UserHooks 183 | */ 184 | $container->registerService('UserHooks', function (IContainer $c) { 185 | return new UserHooks( 186 | $c->query('AppName'), 187 | $c->query('ServerContainer')->getUserManager(), 188 | $c->query('ServerContainer')->getUserSession(), 189 | $c->query('Config'), 190 | $c->query('UserService'), 191 | $c->query('AppService'), 192 | $c->query('LoggingService'), 193 | $c->query('Backend') 194 | ); 195 | }); 196 | } 197 | } -------------------------------------------------------------------------------- /lib/Command/CreateUser.php: -------------------------------------------------------------------------------- 1 | 30 | * @copyright Felix Rupp 31 | * 32 | * @since 1.7.0 33 | */ 34 | class CreateUser extends Command 35 | { 36 | 37 | /** 38 | * @var UserService 39 | */ 40 | protected $userService; 41 | 42 | /** 43 | * @var AppService 44 | */ 45 | protected $appService; 46 | 47 | /** 48 | * @var IUserManager 49 | */ 50 | protected $userManager; 51 | 52 | /** 53 | * @var IGroupManager 54 | */ 55 | protected $groupManager; 56 | 57 | /** 58 | * @var IMailer 59 | */ 60 | protected $mailer; 61 | 62 | /** 63 | * @var LoggingService 64 | */ 65 | protected $loggingService; 66 | 67 | /** 68 | * @var IConfig 69 | */ 70 | protected $config; 71 | 72 | /** 73 | * @var Backend|UserCasBackendInterface 74 | */ 75 | protected $backend; 76 | 77 | 78 | /** 79 | * 80 | */ 81 | public function __construct() 82 | { 83 | parent::__construct(); 84 | 85 | $userManager = \OC::$server->getUserManager(); 86 | $groupManager = \OC::$server->getGroupManager(); 87 | $mailer = \OC::$server->getMailer(); 88 | $config = \OC::$server->getConfig(); 89 | $userSession = \OC::$server->getUserSession(); 90 | $logger = \OC::$server->getLogger(); 91 | $urlGenerator = \OC::$server->getURLGenerator(); 92 | $appManager = \OC::$server->getAppManager(); 93 | 94 | $loggingService = new LoggingService('user_cas', $config, $logger); 95 | $this->appService = new AppService('user_cas', $config, $loggingService, $userManager, $userSession, $urlGenerator, $appManager); 96 | 97 | $userService = new UserService( 98 | 'user_cas', 99 | $config, 100 | $userManager, 101 | $userSession, 102 | $groupManager, 103 | $this->appService, 104 | $loggingService 105 | ); 106 | 107 | if ($this->appService->isNotNextcloud()) { 108 | 109 | $backend = new Backend( 110 | 'user_cas', 111 | $config, 112 | $loggingService, 113 | $this->appService, 114 | $userManager, 115 | $userService 116 | ); 117 | } else { 118 | 119 | $backend = new NextBackend( 120 | 'user_cas', 121 | $config, 122 | $loggingService, 123 | $this->appService, 124 | $userManager, 125 | $userService 126 | ); 127 | } 128 | 129 | $this->userService = $userService; 130 | $this->userManager = $userManager; 131 | $this->groupManager = $groupManager; 132 | $this->mailer = $mailer; 133 | $this->loggingService = $loggingService; 134 | $this->config = $config; 135 | $this->backend = $backend; 136 | } 137 | 138 | 139 | /** 140 | * 141 | */ 142 | protected function configure() 143 | { 144 | $this 145 | ->setName('cas:create-user') 146 | ->setDescription('Adds a user_cas user to the database.') 147 | ->addArgument( 148 | 'uid', 149 | InputArgument::REQUIRED, 150 | 'User ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @).' 151 | ) 152 | ->addOption( 153 | 'display-name', 154 | null, 155 | InputOption::VALUE_OPTIONAL, 156 | 'User name used in the web UI (can contain any characters).' 157 | ) 158 | ->addOption( 159 | 'email', 160 | null, 161 | InputOption::VALUE_OPTIONAL, 162 | 'Email address for the user.' 163 | ) 164 | ->addOption( 165 | 'group', 166 | 'g', 167 | InputOption::VALUE_OPTIONAL | InputOption::VALUE_IS_ARRAY, 168 | 'The groups the user should be added to (The group will be created if it does not exist).' 169 | ) 170 | ->addOption( 171 | 'quota', 172 | 'o', 173 | InputOption::VALUE_OPTIONAL, 174 | 'The quota the user should get either as numeric value in bytes or as a human readable string (e.g. 1GB for 1 Gigabyte)' 175 | ) 176 | ->addOption( 177 | 'enabled', 178 | 'e', 179 | InputOption::VALUE_OPTIONAL, 180 | 'Set user enabled' 181 | ); 182 | } 183 | 184 | 185 | /** 186 | * @param InputInterface $input 187 | * @param OutputInterface $output 188 | * @return int|null 189 | * @throws \Exception 190 | */ 191 | protected function execute(InputInterface $input, OutputInterface $output) 192 | { 193 | 194 | $uid = $input->getArgument('uid'); 195 | if ($this->userManager->userExists($uid)) { 196 | $output->writeln('The user "' . $uid . '" already exists.'); 197 | return 1; 198 | } 199 | 200 | // Validate email before we create the user 201 | if ($input->getOption('email')) { 202 | // Validate first 203 | if (!$this->mailer->validateMailAddress($input->getOption('email'))) { 204 | // Invalid! Error 205 | $output->writeln('Invalid email address supplied'); 206 | return 1; 207 | } else { 208 | $email = $input->getOption('email'); 209 | } 210 | } else { 211 | $email = null; 212 | } 213 | 214 | # Register Backend 215 | $this->userService->registerBackend($this->backend); 216 | 217 | /** 218 | * @var IUser 219 | */ 220 | $user = $this->userService->create($uid, $this->backend); 221 | 222 | if ($user instanceof IUser) { 223 | 224 | $output->writeln('The user "' . $user->getUID() . '" was created successfully'); 225 | } else { 226 | 227 | $output->writeln('An error occurred while creating the user'); 228 | return 1; 229 | } 230 | 231 | # Set displayName 232 | if ($input->getOption('display-name')) { 233 | 234 | $user->setDisplayName($input->getOption('display-name')); 235 | $output->writeln('Display name set to "' . $user->getDisplayName() . '"'); 236 | } 237 | 238 | # Set email if supplied & valid 239 | if ($email !== null) { 240 | 241 | $user->setEMailAddress($email); 242 | $output->writeln('Email address set to "' . $user->getEMailAddress() . '"'); 243 | } 244 | 245 | # Set Groups 246 | $groups = (array)$input->getOption('group'); 247 | 248 | if (count($groups) > 0) { 249 | 250 | $this->userService->updateGroups($user, $groups, $this->config->getAppValue('user_cas', 'cas_protected_groups'), TRUE); 251 | $output->writeln('Groups have been set.'); 252 | } 253 | 254 | # Set Quota 255 | $quota = $input->getOption('quota'); 256 | 257 | if (!empty($quota)) { 258 | 259 | if (is_numeric($quota)) { 260 | 261 | $newQuota = $quota; 262 | } elseif ($quota === 'default') { 263 | 264 | $newQuota = 'default'; 265 | } elseif ($quota === 'none') { 266 | 267 | $newQuota = 'none'; 268 | } else { 269 | 270 | $newQuota = \OCP\Util::computerFileSize($quota); 271 | } 272 | 273 | $user->setQuota($newQuota); 274 | $output->writeln('Quota set to "' . $user->getQuota() . '"'); 275 | } 276 | 277 | # Set enabled 278 | $enabled = $input->getOption('enabled'); 279 | 280 | if (is_numeric($enabled) || is_bool($enabled)) { 281 | 282 | $user->setEnabled(boolval($enabled)); 283 | 284 | $enabledString = ($user->isEnabled()) ? 'enabled' : 'not enabled'; 285 | $output->writeln('Enabled set to "' . $enabledString . '"'); 286 | } 287 | 288 | # Set Backend 289 | if ($this->appService->isNotNextcloud()) { 290 | 291 | if (!is_null($user) && ($user->getBackendClassName() === 'OC\User\Database' || $user->getBackendClassName() === "Database")) { 292 | 293 | $query = \OC_DB::prepare('UPDATE `*PREFIX*accounts` SET `backend` = ? WHERE LOWER(`user_id`) = LOWER(?)'); 294 | $result = $query->execute([get_class($this->backend), $uid]); 295 | 296 | $output->writeln('New user added to CAS backend.'); 297 | } 298 | 299 | } else { 300 | 301 | $output->writeln('This is a Nextcloud instance, no backend update needed.'); 302 | } 303 | } 304 | } -------------------------------------------------------------------------------- /lib/Command/ImportUsersAd.php: -------------------------------------------------------------------------------- 1 | 26 | * @copyright Felix Rupp 27 | * 28 | * @since 1.0.0 29 | */ 30 | class ImportUsersAd extends Command 31 | { 32 | 33 | /** 34 | * @var Manager $userManager 35 | */ 36 | private $userManager; 37 | 38 | /** 39 | * @var IConfig 40 | */ 41 | private $config; 42 | 43 | 44 | /** 45 | * ImportUsersAd constructor. 46 | */ 47 | public function __construct() 48 | { 49 | parent::__construct(); 50 | 51 | $this->userManager = \OC::$server->getUserManager(); 52 | $this->config = \OC::$server->getConfig(); 53 | } 54 | 55 | /** 56 | * Configure method 57 | */ 58 | protected function configure() 59 | { 60 | $this 61 | ->setName('cas:import-users-ad') 62 | ->setDescription('Imports users from an ActiveDirectory LDAP.') 63 | ->addOption( 64 | 'delta-update', 65 | 'd', 66 | InputOption::VALUE_OPTIONAL, 67 | 'Activate updates on existing accounts' 68 | ) 69 | ->addOption( 70 | 'convert-backend', 71 | 'c', 72 | InputOption::VALUE_OPTIONAL, 73 | 'Convert the backend to CAS (on update only)' 74 | ); 75 | } 76 | 77 | /** 78 | * Execute method 79 | * 80 | * @param InputInterface $input 81 | * @param OutputInterface $output 82 | */ 83 | protected function execute(InputInterface $input, OutputInterface $output) 84 | { 85 | 86 | 87 | try { 88 | /** 89 | * @var LoggerInterface $logger 90 | */ 91 | $logger = new ConsoleLogger($output); 92 | 93 | # Check for ldap extension 94 | if (extension_loaded("ldap")) { 95 | 96 | $output->writeln('Start account import from ActiveDirectory.'); 97 | 98 | /** 99 | * @var ImporterInterface $importer 100 | */ 101 | $importer = new AdImporter($this->config); 102 | 103 | $importer->init($logger); 104 | 105 | $allUsers = $importer->getUsers(); 106 | 107 | $importer->close(); 108 | 109 | $output->writeln('Account import from ActiveDirectory finished.'); 110 | 111 | #$importer->exportAsCsv($allUsers); 112 | #$importer->exportAsText($allUsers); 113 | #exit; 114 | 115 | $output->writeln('Start account import to database.'); 116 | 117 | $progressBar = new ProgressBar($output, count($allUsers)); 118 | 119 | # Convert backend 120 | $convertBackend = $input->getOption('convert-backend'); 121 | 122 | if ($convertBackend) { 123 | 124 | $logger->info("Backend conversion: Backends will be converted to CAS-Backend."); 125 | } 126 | 127 | # Delta Update 128 | $deltaUpdate = $input->getOption('delta-update'); 129 | 130 | if ($deltaUpdate) { 131 | 132 | $logger->info("Delta updates: Existing users will be updated."); 133 | } 134 | 135 | $createCommand = $this->getApplication()->find('cas:create-user'); 136 | $updateCommand = $this->getApplication()->find('cas:update-user'); 137 | 138 | foreach ($allUsers as $user) { 139 | 140 | $arguments = [ 141 | 'command' => 'cas:create-user', 142 | 'uid' => $user["uid"], 143 | '--display-name' => $user["displayName"], 144 | '--email' => $user["email"], 145 | '--quota' => $user["quota"], 146 | '--enabled' => $user["enable"], 147 | '--group' => $user["groups"] 148 | ]; 149 | 150 | # Create user if he does not exist 151 | if (!$this->userManager->userExists($user["uid"])) { 152 | 153 | $input = new ArrayInput($arguments); 154 | 155 | $createCommand->run($input, new NullOutput()); 156 | } # Update user if he already exists and delta update is true 157 | else if ($this->userManager->userExists($user["uid"]) && $deltaUpdate) { 158 | 159 | $arguments['command'] = 'cas:update-user'; 160 | 161 | if ($convertBackend) { 162 | 163 | $arguments["--convert-backend"] = 1; 164 | } 165 | $input = new ArrayInput($arguments); 166 | 167 | $updateCommand->run($input, new NullOutput()); 168 | } 169 | 170 | $progressBar->advance(); 171 | } 172 | 173 | $progressBar->finish(); 174 | $progressBar->clear(); 175 | 176 | $output->writeln('Account import to database finished.'); 177 | 178 | } else { 179 | 180 | throw new \Exception("User import failed. PHP extension 'ldap' is not loaded."); 181 | } 182 | } catch (\Exception $e) { 183 | 184 | $logger->critical("Fatal Error: " . $e->getMessage()); 185 | } 186 | } 187 | } -------------------------------------------------------------------------------- /lib/Command/UpdateUser.php: -------------------------------------------------------------------------------- 1 | 29 | * @copyright Felix Rupp 30 | * 31 | * @since 1.7.0 32 | */ 33 | class UpdateUser extends Command 34 | { 35 | 36 | /** 37 | * @var UserService 38 | */ 39 | protected $userService; 40 | 41 | /** 42 | * @var AppService 43 | */ 44 | protected $appService; 45 | 46 | /** 47 | * @var IUserManager 48 | */ 49 | protected $userManager; 50 | 51 | /** 52 | * @var IGroupManager 53 | */ 54 | protected $groupManager; 55 | 56 | /** 57 | * @var IMailer 58 | */ 59 | protected $mailer; 60 | 61 | /** 62 | * @var LoggingService 63 | */ 64 | protected $loggingService; 65 | 66 | /** 67 | * @var \OCP\IConfig 68 | */ 69 | protected $config; 70 | 71 | /** 72 | * @var Backend|UserCasBackendInterface 73 | */ 74 | protected $backend; 75 | 76 | 77 | /** 78 | * 79 | */ 80 | public function __construct() 81 | { 82 | parent::__construct(); 83 | 84 | $userManager = \OC::$server->getUserManager(); 85 | $groupManager = \OC::$server->getGroupManager(); 86 | $mailer = \OC::$server->getMailer(); 87 | $config = \OC::$server->getConfig(); 88 | $userSession = \OC::$server->getUserSession(); 89 | $logger = \OC::$server->getLogger(); 90 | $urlGenerator = \OC::$server->getURLGenerator(); 91 | $appManager = \OC::$server->getAppManager(); 92 | 93 | $loggingService = new LoggingService('user_cas', $config, $logger); 94 | $this->appService = new AppService('user_cas', $config, $loggingService, $userManager, $userSession, $urlGenerator, $appManager); 95 | 96 | $userService = new UserService( 97 | 'user_cas', 98 | $config, 99 | $userManager, 100 | $userSession, 101 | $groupManager, 102 | $this->appService, 103 | $loggingService 104 | ); 105 | 106 | if ($this->appService->isNotNextcloud()) { 107 | 108 | $backend = new Backend( 109 | 'user_cas', 110 | $config, 111 | $loggingService, 112 | $this->appService, 113 | $userManager, 114 | $userService 115 | ); 116 | } else { 117 | 118 | $backend = new NextBackend( 119 | 'user_cas', 120 | $config, 121 | $loggingService, 122 | $this->appService, 123 | $userManager, 124 | $userService 125 | ); 126 | } 127 | 128 | $this->userService = $userService; 129 | $this->userManager = $userManager; 130 | $this->groupManager = $groupManager; 131 | $this->mailer = $mailer; 132 | $this->loggingService = $loggingService; 133 | $this->config = $config; 134 | $this->backend = $backend; 135 | } 136 | 137 | 138 | /** 139 | * 140 | */ 141 | protected function configure() 142 | { 143 | $this 144 | ->setName('cas:update-user') 145 | ->setDescription('Updates an existing user and, if not yet a CAS user, converts the record to CAS backend.') 146 | ->addArgument( 147 | 'uid', 148 | InputArgument::REQUIRED, 149 | 'User ID used to login (must only contain a-z, A-Z, 0-9, -, _ and @).' 150 | ) 151 | ->addOption( 152 | 'display-name', 153 | null, 154 | InputOption::VALUE_OPTIONAL, 155 | 'User name used in the web UI (can contain any characters).' 156 | ) 157 | ->addOption( 158 | 'email', 159 | null, 160 | InputOption::VALUE_OPTIONAL, 161 | 'Email address for the user.' 162 | ) 163 | ->addOption( 164 | 'group', 165 | 'g', 166 | InputOption::VALUE_OPTIONAL | InputOption::VALUE_IS_ARRAY, 167 | 'The groups the user should be added to (The group will be created if it does not exist).' 168 | ) 169 | ->addOption( 170 | 'quota', 171 | 'o', 172 | InputOption::VALUE_OPTIONAL, 173 | 'The quota the user should get, either as numeric value in bytes or as a human readable string (e.g. 1GB for 1 Gigabyte)' 174 | ) 175 | ->addOption( 176 | 'enabled', 177 | 'e', 178 | InputOption::VALUE_OPTIONAL, 179 | 'Set user enabled' 180 | ) 181 | ->addOption( 182 | 'convert-backend', 183 | 'c', 184 | InputOption::VALUE_OPTIONAL, 185 | 'Convert the backend to CAS' 186 | ); 187 | } 188 | 189 | 190 | /** 191 | * @param InputInterface $input 192 | * @param OutputInterface $output 193 | * @return int|null 194 | * @throws \Exception 195 | */ 196 | protected function execute(InputInterface $input, OutputInterface $output) 197 | { 198 | 199 | $uid = $input->getArgument('uid'); 200 | if (!$this->userManager->userExists($uid)) { 201 | $output->writeln('The user "' . $uid . '" does not exist.'); 202 | return 1; 203 | } 204 | 205 | // Validate email before we create the user 206 | if ($input->getOption('email')) { 207 | // Validate first 208 | if (!$this->mailer->validateMailAddress($input->getOption('email'))) { 209 | // Invalid! Error 210 | $output->writeln('Invalid email address supplied'); 211 | return 1; 212 | } else { 213 | $email = $input->getOption('email'); 214 | } 215 | } else { 216 | $email = null; 217 | } 218 | 219 | # Register Backend 220 | $this->userService->registerBackend($this->backend); 221 | 222 | /** 223 | * @var IUser 224 | */ 225 | $user = $this->userManager->get($uid); 226 | 227 | if ($user instanceof IUser) { 228 | 229 | $output->writeln('The user "' . $user->getUID() . '" has been found'); 230 | } else { 231 | 232 | $output->writeln('An error occurred while finding the user'); 233 | return 1; 234 | } 235 | 236 | # Set displayName 237 | if ($input->getOption('display-name')) { 238 | 239 | $user->setDisplayName($input->getOption('display-name')); 240 | $output->writeln('Display name set to "' . $user->getDisplayName() . '"'); 241 | } 242 | 243 | # Set email if supplied & valid 244 | if ($email !== null) { 245 | 246 | $user->setEMailAddress($email); 247 | $output->writeln('Email address set to "' . $user->getEMailAddress() . '"'); 248 | } 249 | 250 | # Set Groups 251 | $groups = (array)$input->getOption('group'); 252 | 253 | if (count($groups) > 0) { 254 | 255 | $this->userService->updateGroups($user, $groups, $this->config->getAppValue('user_cas', 'cas_protected_groups')); 256 | $output->writeln('Groups have been updated.'); 257 | } 258 | 259 | # Set Quota 260 | $quota = $input->getOption('quota'); 261 | 262 | if (!empty($quota)) { 263 | 264 | if (is_numeric($quota)) { 265 | 266 | $newQuota = $quota; 267 | } elseif ($quota === 'default') { 268 | 269 | $newQuota = 'default'; 270 | } elseif ($quota === 'none') { 271 | 272 | $newQuota = 'none'; 273 | } else { 274 | 275 | $newQuota = \OCP\Util::computerFileSize($quota); 276 | } 277 | 278 | $user->setQuota($newQuota); 279 | $output->writeln('Quota set to "' . $user->getQuota() . '"'); 280 | } 281 | 282 | # Set enabled 283 | $enabled = $input->getOption('enabled'); 284 | 285 | if (is_numeric($enabled) || is_bool($enabled)) { 286 | 287 | $user->setEnabled(boolval($enabled)); 288 | 289 | $enabledString = ($user->isEnabled()) ? 'enabled' : 'not enabled'; 290 | $output->writeln('Enabled set to "' . $enabledString . '"'); 291 | } 292 | 293 | # Convert backend 294 | $convertBackend = $input->getOption('convert-backend'); 295 | 296 | if ($convertBackend) { 297 | 298 | # Set Backend 299 | if ($this->appService->isNotNextcloud()) { 300 | 301 | $query = \OC_DB::prepare('UPDATE `*PREFIX*accounts` SET `backend` = ? WHERE LOWER(`user_id`) = LOWER(?)'); 302 | $result = $query->execute([get_class($this->backend), $uid]); 303 | 304 | $output->writeln('New user added to CAS backend.'); 305 | 306 | } else { 307 | 308 | $output->writeln('This is a Nextcloud instance, no backend update needed.'); 309 | 310 | } 311 | } 312 | } 313 | } -------------------------------------------------------------------------------- /lib/Controller/AuthenticationController.php: -------------------------------------------------------------------------------- 1 | 6 | * @copyright Felix Rupp 7 | * 8 | * This library is free software; you can redistribute it and/or 9 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 10 | * License as published by the Free Software Foundation; either 11 | * version 3 of the License, or any later version. 12 | * 13 | * This library is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public 19 | * License along with this library. If not, see . 20 | * 21 | */ 22 | 23 | namespace OCA\UserCAS\Controller; 24 | 25 | 26 | use OCP\AppFramework\Http\TemplateResponse; 27 | use \OCP\IRequest; 28 | use \OCP\AppFramework\Http\RedirectResponse; 29 | use \OCP\AppFramework\Controller; 30 | use \OCP\IConfig; 31 | use \OCP\IUserSession; 32 | 33 | use OCA\UserCAS\Service\AppService; 34 | use OCA\UserCAS\Service\UserService; 35 | use OCA\UserCAS\Service\LoggingService; 36 | use OCA\UserCAS\Exception\PhpCas\PhpUserCasLibraryNotFoundException; 37 | 38 | 39 | /** 40 | * Class AuthenticationController 41 | * 42 | * @package OCA\UserCAS\Controller 43 | * 44 | * @author Felix Rupp 45 | * @copyright Felix Rupp 46 | * 47 | * @since 1.4.0 48 | */ 49 | class AuthenticationController extends Controller 50 | { 51 | 52 | /** 53 | * @var string $appName 54 | */ 55 | protected $appName; 56 | 57 | /** 58 | * @var \OCP\IConfig $config 59 | */ 60 | private $config; 61 | 62 | /** 63 | * @var \OCA\UserCAS\Service\UserService $userService 64 | */ 65 | private $userService; 66 | 67 | /** 68 | * @var \OCA\UserCAS\Service\AppService $appService 69 | */ 70 | private $appService; 71 | 72 | /** 73 | * @var IUserSession $userSession 74 | */ 75 | private $userSession; 76 | 77 | /** 78 | * @var \OCA\UserCAS\Service\LoggingService $loggingService 79 | */ 80 | private $loggingService; 81 | 82 | /** 83 | * AuthenticationController constructor. 84 | * @param $appName 85 | * @param IRequest $request 86 | * @param IConfig $config 87 | * @param UserService $userService 88 | * @param AppService $appService 89 | * @param IUserSession $userSession 90 | * @param LoggingService $loggingService 91 | */ 92 | public function __construct($appName, IRequest $request, IConfig $config, UserService $userService, AppService $appService, IUserSession $userSession, LoggingService $loggingService) 93 | { 94 | $this->appName = $appName; 95 | $this->config = $config; 96 | $this->userService = $userService; 97 | $this->appService = $appService; 98 | $this->userSession = $userSession; 99 | $this->loggingService = $loggingService; 100 | parent::__construct($appName, $request); 101 | } 102 | 103 | /** 104 | * Login method. 105 | * 106 | * @NoAdminRequired 107 | * @NoCSRFRequired 108 | * @PublicPage 109 | * @UseSession 110 | * @OnlyUnauthenticatedUsers 111 | * 112 | * @return RedirectResponse|TemplateResponse 113 | */ 114 | public function casLogin() 115 | { 116 | 117 | if (!$this->appService->isCasInitialized()) { 118 | 119 | try { 120 | 121 | $this->appService->init(); 122 | } catch (PhpUserCasLibraryNotFoundException $e) { 123 | 124 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::FATAL, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 125 | 126 | header("Location: " . $this->appService->getAbsoluteURL('/')); 127 | die(); 128 | } 129 | } 130 | 131 | # Handle redirect based on cookie value 132 | if (isset($_COOKIE['user_cas_redirect_url'])) { 133 | 134 | $url = urldecode($_COOKIE['user_cas_redirect_url']); 135 | 136 | if (strpos($url, 'http') !== FALSE || strpos($url, 'https') !== FALSE) { 137 | 138 | $location = $url; 139 | } else { 140 | 141 | $location = $this->appService->getAbsoluteURL($url); 142 | } 143 | } else { 144 | 145 | $location = $this->appService->getAbsoluteURL("/"); 146 | } 147 | 148 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'The Redirect URL Parameter in Login Action was: ' . $location); 149 | 150 | if (!$this->userService->isLoggedIn()) { 151 | 152 | try { 153 | 154 | if (\phpCAS::isAuthenticated()) { 155 | 156 | #$userName = \phpCAS::getUser(); 157 | $userName = $this->userService->getUserId(); 158 | 159 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, "phpCAS user " . $userName . " has been authenticated."); 160 | 161 | $isLoggedIn = $this->userService->login($this->request, $userName); 162 | 163 | if ($isLoggedIn) { 164 | 165 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, "phpCAS user has been authenticated against owncloud."); 166 | 167 | # Reset cookie 168 | setcookie("user_cas_redirect_url", '/', null, '/'); 169 | 170 | return new RedirectResponse($location); 171 | } else { # Not authenticated against owncloud 172 | 173 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, "phpCAS user has not been authenticated against owncloud."); 174 | 175 | return $this->casError(null, \OCP\AppFramework\Http::STATUS_FORBIDDEN); 176 | } 177 | } else { # Not authenticated against CAS 178 | 179 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, "phpCAS user is not authenticated, redirect to CAS server."); 180 | 181 | \phpCAS::forceAuthentication(); 182 | } 183 | } catch (\CAS_Exception $e) { 184 | 185 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, "phpCAS has thrown an exception with code: " . $e->getCode() . " and message: " . $e->getMessage() . "."); 186 | 187 | return $this->casError(null, \OCP\AppFramework\Http::STATUS_INTERNAL_SERVER_ERROR); 188 | } 189 | } else { 190 | 191 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, "phpCAS user is already authenticated against owncloud."); 192 | 193 | # Reset cookie 194 | setcookie("user_cas_redirect_url", '/', null, '/'); 195 | 196 | return new RedirectResponse($location); 197 | } 198 | } 199 | 200 | 201 | /** 202 | * Logout method for CAS Single-Logout-Feature. 203 | * 204 | * @NoAdminRequired 205 | * @NoCSRFRequired 206 | * @PublicPage 207 | * @UseSession 208 | */ 209 | public function casLogout() 210 | { 211 | if (!$this->appService->isCasInitialized()) { 212 | 213 | try { 214 | 215 | $this->appService->init(); 216 | } catch (PhpUserCasLibraryNotFoundException $e) { 217 | 218 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::FATAL, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 219 | 220 | header("Location: " . $this->appService->getAbsoluteURL('/')); 221 | die(); 222 | } 223 | } 224 | 225 | // Logout oC/NC user 226 | if ($this->userService->isLoggedIn()) { 227 | 228 | $this->userService->logout(); 229 | } 230 | } 231 | 232 | 233 | /** 234 | * Render error view 235 | * 236 | * @NoAdminRequired 237 | * @NoCSRFRequired 238 | * @PublicPage 239 | * @UseSession 240 | * @OnlyUnauthenticatedUsers 241 | * 242 | * @param \Exception|null $exception 243 | * @param int $additionalErrorCode 244 | * 245 | * @return TemplateResponse 246 | */ 247 | private function casError(\Exception $exception = NULL, $additionalErrorCode = 0) 248 | { 249 | $params = []; 250 | 251 | if ($additionalErrorCode !== 0) { 252 | 253 | if ($additionalErrorCode === \OCP\AppFramework\Http::STATUS_FORBIDDEN) { 254 | 255 | if (boolval($this->config->getAppValue('user_cas', 'cas_ecas_attributeparserenabled', false))) { 256 | 257 | $params['errorCode'] = ''; 258 | $params['errorMessage'] = "You do not have access to the JRCbox application. Please contact the JRCbox administrator if something feels wrong to you."; 259 | } else { 260 | 261 | $params['errorCode'] = $additionalErrorCode; 262 | $params['errorMessage'] = "Forbidden. You do not have access to this application. Please refer to your administrator if something feels wrong to you."; 263 | } 264 | } 265 | 266 | if ($additionalErrorCode === \OCP\AppFramework\Http::STATUS_INTERNAL_SERVER_ERROR) { 267 | 268 | $params['errorCode'] = $additionalErrorCode; 269 | $params['errorMessage'] = "Internal Server Error. The server encountered an error. Please try again."; 270 | } 271 | } else if ($exception instanceof \Exception) { 272 | 273 | $params['errorCode'] = $exception->getCode(); 274 | $params['errorMessage'] = $exception->getMessage(); 275 | } 276 | 277 | /*if ($this->config->getAppValue($this->appName, 'cas_force_login') === '1') { 278 | 279 | $newProtocol = 'http://'; 280 | 281 | if (intval($this->config->getAppValue($this->appName, 'cas_server_port')) === 443) { 282 | 283 | $newProtocol = 'https://'; 284 | } 285 | 286 | $params['backUrl'] = $newProtocol . $this->config->getAppValue($this->appName, 'cas_server_hostname') . $this->config->getAppValue($this->appName, 'cas_server_path'); 287 | } else {*/ 288 | 289 | $params['backUrl'] = $this->appService->getAbsoluteURL('/'); 290 | //} 291 | 292 | $response = new TemplateResponse($this->appName, 'cas-error', $params, 'guest'); 293 | 294 | return $response; 295 | } 296 | } 297 | -------------------------------------------------------------------------------- /lib/Controller/SettingsController.php: -------------------------------------------------------------------------------- 1 | 6 | * @copyright Felix Rupp 7 | * 8 | * This library is free software; you can redistribute it and/or 9 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 10 | * License as published by the Free Software Foundation; either 11 | * version 3 of the License, or any later version. 12 | * 13 | * This library is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public 19 | * License along with this library. If not, see . 20 | * 21 | */ 22 | 23 | namespace OCA\UserCAS\Controller; 24 | 25 | use OCP\IRequest; 26 | use OCP\AppFramework\Controller; 27 | use OCP\IL10N; 28 | use OCP\IConfig; 29 | 30 | 31 | /** 32 | * Class SettingsController 33 | * 34 | * @package OCA\UserCAS\Controller 35 | * 36 | * @author Felix Rupp 37 | * @copyright Felix Rupp 38 | * 39 | * @since 1.4 40 | */ 41 | class SettingsController extends Controller 42 | { 43 | /** 44 | * @var IL10N 45 | */ 46 | private $l10n; 47 | 48 | /** 49 | * @var IConfig 50 | */ 51 | private $config; 52 | 53 | 54 | /** 55 | * @var string 56 | */ 57 | protected $appName; 58 | 59 | /** 60 | * SettingsController constructor. 61 | * @param $appName 62 | * @param IRequest $request 63 | * @param IConfig $config 64 | * @param IL10N $l10n 65 | */ 66 | public function __construct($appName, IRequest $request, IConfig $config, IL10N $l10n) 67 | { 68 | $this->config = $config; 69 | $this->appName = $appName; 70 | $this->l10n = $l10n; 71 | parent::__construct($appName, $request); 72 | } 73 | 74 | /** 75 | * @AdminRequired 76 | * 77 | * @param string $cas_server_version 78 | * @param string $cas_server_hostname 79 | * @param string $cas_server_port 80 | * @param string $cas_server_path 81 | * @param string $cas_protected_groups 82 | * @param string $cas_default_group 83 | * @param string $cas_groups_letter_filter 84 | * @param string $cas_groups_create_default_for_user_prefix 85 | * @param string $cas_userid_mapping 86 | * @param string $cas_email_mapping 87 | * @param string $cas_displayName_mapping 88 | * @param string $cas_group_mapping 89 | * @param string $cas_quota_mapping 90 | * @param string $cas_cert_path 91 | * @param string $cas_debug_file 92 | * @param string $cas_php_cas_path 93 | * @param string $cas_service_url 94 | * @param string $cas_handlelogout_servers 95 | * @param string $cas_login_button_label 96 | * @param string $cas_access_allow_groups 97 | * @param string $cas_ecas_accepted_strengths 98 | * @param string $cas_ecas_retrieve_groups 99 | * @param string $cas_ecas_assurance_level 100 | * @param string $cas_access_group_quotas 101 | * @param string $cas_force_login_exceptions 102 | * @param string $cas_ecas_internal_ip_range 103 | * @param string $cas_import_ad_protocol 104 | * @param string $cas_import_ad_host 105 | * @param string $cas_import_ad_port 106 | * @param string $cas_import_ad_user 107 | * @param string $cas_import_ad_domain 108 | * @param string $cas_import_ad_password 109 | * @param string $cas_import_ad_base_dn 110 | * @param string $cas_import_ad_sync_filter 111 | * @param string $cas_import_ad_sync_pagesize 112 | * @param string $cas_import_map_uid 113 | * @param string $cas_import_map_displayname 114 | * @param string $cas_import_map_email 115 | * @param string $cas_import_map_groups 116 | * @param string $cas_import_map_groups_description 117 | * @param string $cas_import_map_quota 118 | * @param string $cas_import_map_enabled 119 | * @param string $cas_import_map_enabled_and_bitwise 120 | * @param string $cas_import_map_dn 121 | * @param string $cas_import_map_dn_filter 122 | * @param string|null $cas_ecas_attributeparserenabled 123 | * @param string|null $cas_ecas_request_full_userdetails 124 | * @param string|null $cas_force_login 125 | * @param string|null $cas_autocreate 126 | * @param string|null $cas_update_user_data 127 | * @param string|null $cas_link_to_ldap_backend 128 | * @param string|null $cas_disable_logout 129 | * @param string|null $cas_disable_singlesignout 130 | * @param string|null $cas_use_proxy 131 | * @param string|null $cas_import_merge 132 | * @param string|null $cas_import_merge_enabled 133 | * @param string|null $cas_groups_letter_umlauts 134 | * @param string|null $cas_keep_ticket_ids 135 | * @param string|null $cas_groups_json_decode 136 | * @param string|null $cas_groups_create_default_for_user 137 | * @param string|null $cas_shares_protected 138 | * @return mixed 139 | */ 140 | public function saveSettings($cas_server_version, $cas_server_hostname, $cas_server_port, $cas_server_path, $cas_protected_groups, $cas_default_group, $cas_groups_letter_filter, $cas_groups_create_default_for_user_prefix, 141 | $cas_userid_mapping, $cas_email_mapping, $cas_displayName_mapping, $cas_group_mapping, $cas_quota_mapping, $cas_cert_path, $cas_debug_file, $cas_php_cas_path, $cas_service_url, $cas_handlelogout_servers, $cas_login_button_label, 142 | $cas_access_allow_groups, $cas_ecas_accepted_strengths, $cas_ecas_retrieve_groups, $cas_ecas_assurance_level, $cas_access_group_quotas, $cas_force_login_exceptions, $cas_ecas_internal_ip_range, 143 | $cas_import_ad_protocol, $cas_import_ad_host, $cas_import_ad_port, $cas_import_ad_user, $cas_import_ad_domain, $cas_import_ad_password, $cas_import_ad_base_dn, $cas_import_ad_sync_filter, $cas_import_ad_sync_pagesize, 144 | $cas_import_map_uid, $cas_import_map_displayname, $cas_import_map_email, $cas_import_map_groups, $cas_import_map_groups_description, $cas_import_map_quota, $cas_import_map_enabled, $cas_import_map_enabled_and_bitwise, $cas_import_map_dn, $cas_import_map_dn_filter, 145 | $cas_ecas_attributeparserenabled = NULL, $cas_ecas_request_full_userdetails = NULL, $cas_force_login = NULL, $cas_autocreate = NULL, $cas_update_user_data = NULL, $cas_link_to_ldap_backend = NULL, 146 | $cas_disable_logout = NULL, $cas_disable_singlesignout = NULL, $cas_use_proxy = NULL, $cas_import_merge = NULL, $cas_import_merge_enabled = NULL, $cas_groups_letter_umlauts = NULL, $cas_keep_ticket_ids = NULL, $cas_groups_json_decode = NULL, 147 | $cas_groups_create_default_for_user = NULL, $cas_shares_protected = NULL) 148 | { 149 | 150 | try { 151 | 152 | # CAS Server 153 | $this->config->setAppValue($this->appName, 'cas_server_version', $cas_server_version); 154 | $this->config->setAppValue($this->appName, 'cas_server_hostname', $cas_server_hostname); 155 | $this->config->setAppValue($this->appName, 'cas_server_port', $cas_server_port); 156 | $this->config->setAppValue($this->appName, 'cas_server_path', $cas_server_path); 157 | 158 | # Basic 159 | $this->config->setAppValue($this->appName, 'cas_force_login_exceptions', $cas_force_login_exceptions); 160 | $this->config->setAppValue($this->appName, 'cas_protected_groups', $cas_protected_groups); 161 | $this->config->setAppValue($this->appName, 'cas_default_group', $cas_default_group); 162 | $this->config->setAppValue($this->appName, 'cas_access_allow_groups', $cas_access_allow_groups); 163 | $this->config->setAppValue($this->appName, 'cas_access_group_quotas', $cas_access_group_quotas); 164 | $this->config->setAppValue($this->appName, 'cas_cert_path', $cas_cert_path); 165 | $this->config->setAppValue($this->appName, 'cas_service_url', $cas_service_url); 166 | $this->config->setAppValue($this->appName, 'cas_handlelogout_servers', $cas_handlelogout_servers); 167 | $this->config->setAppValue($this->appName, 'cas_login_button_label', $cas_login_button_label); 168 | 169 | # Mapping 170 | $this->config->setAppValue($this->appName, 'cas_userid_mapping', $cas_userid_mapping); 171 | $this->config->setAppValue($this->appName, 'cas_email_mapping', $cas_email_mapping); 172 | $this->config->setAppValue($this->appName, 'cas_displayName_mapping', $cas_displayName_mapping); 173 | $this->config->setAppValue($this->appName, 'cas_group_mapping', $cas_group_mapping); 174 | $this->config->setAppValue($this->appName, 'cas_quota_mapping', $cas_quota_mapping); 175 | $this->config->setAppValue($this->appName, 'cas_groups_letter_filter', $cas_groups_letter_filter); 176 | $this->config->setAppValue($this->appName, 'cas_groups_create_default_for_user_prefix', $cas_groups_create_default_for_user_prefix); 177 | 178 | # phpCas 179 | $this->config->setAppValue($this->appName, 'cas_debug_file', $cas_debug_file); 180 | $this->config->setAppValue($this->appName, 'cas_php_cas_path', $cas_php_cas_path); 181 | 182 | # ECAS settings 183 | $this->config->setAppValue($this->appName, 'cas_ecas_accepted_strengths', $cas_ecas_accepted_strengths); 184 | $this->config->setAppValue($this->appName, 'cas_ecas_retrieve_groups', $cas_ecas_retrieve_groups); 185 | $this->config->setAppValue($this->appName, 'cas_ecas_assurance_level', $cas_ecas_assurance_level); 186 | $this->config->setAppValue($this->appName, 'cas_ecas_internal_ip_range', $cas_ecas_internal_ip_range); 187 | 188 | # Import module AD 189 | $this->config->setAppValue($this->appName, 'cas_import_ad_protocol', $cas_import_ad_protocol); 190 | $this->config->setAppValue($this->appName, 'cas_import_ad_host', $cas_import_ad_host); 191 | $this->config->setAppValue($this->appName, 'cas_import_ad_port', intval($cas_import_ad_port)); 192 | $this->config->setAppValue($this->appName, 'cas_import_ad_user', $cas_import_ad_user); 193 | $this->config->setAppValue($this->appName, 'cas_import_ad_domain', $cas_import_ad_domain); 194 | 195 | if(strlen($cas_import_ad_password) > 0) { # Only save if a new password is given 196 | $this->config->setAppValue($this->appName, 'cas_import_ad_password', $cas_import_ad_password); 197 | } 198 | 199 | $this->config->setAppValue($this->appName, 'cas_import_ad_base_dn', $cas_import_ad_base_dn); 200 | $this->config->setAppValue($this->appName, 'cas_import_ad_sync_filter', htmlspecialchars_decode($cas_import_ad_sync_filter)); 201 | $this->config->setAppValue($this->appName, 'cas_import_ad_sync_pagesize', intval($cas_import_ad_sync_pagesize)); 202 | 203 | # Import module cli mapping 204 | $this->config->setAppValue($this->appName, 'cas_import_map_uid', $cas_import_map_uid); 205 | $this->config->setAppValue($this->appName, 'cas_import_map_displayname', $cas_import_map_displayname); 206 | $this->config->setAppValue($this->appName, 'cas_import_map_email', $cas_import_map_email); 207 | $this->config->setAppValue($this->appName, 'cas_import_map_groups', $cas_import_map_groups); 208 | $this->config->setAppValue($this->appName, 'cas_import_map_groups_description', $cas_import_map_groups_description); 209 | $this->config->setAppValue($this->appName, 'cas_import_map_quota', $cas_import_map_quota); 210 | $this->config->setAppValue($this->appName, 'cas_import_map_enabled', $cas_import_map_enabled); 211 | $this->config->setAppValue($this->appName, 'cas_import_map_enabled_and_bitwise', $cas_import_map_enabled_and_bitwise); 212 | $this->config->setAppValue($this->appName, 'cas_import_map_dn', $cas_import_map_dn); 213 | $this->config->setAppValue($this->appName, 'cas_import_map_dn_filter', $cas_import_map_dn_filter); 214 | 215 | # Checkbox settings 216 | $this->config->setAppValue($this->appName, 'cas_force_login', ($cas_force_login !== NULL) ? '1' : '0'); 217 | $this->config->setAppValue($this->appName, 'cas_autocreate', ($cas_autocreate !== NULL) ? '1' : '0'); 218 | $this->config->setAppValue($this->appName, 'cas_update_user_data', ($cas_update_user_data !== NULL) ? '1' : '0'); 219 | $this->config->setAppValue($this->appName, 'cas_link_to_ldap_backend', ($cas_link_to_ldap_backend !== NULL) ? '1' : '0'); 220 | $this->config->setAppValue($this->appName, 'cas_disable_logout', ($cas_disable_logout !== NULL) ? '1' : '0'); 221 | $this->config->setAppValue($this->appName, 'cas_disable_singlesignout', ($cas_disable_singlesignout !== NULL) ? '1' : '0'); 222 | $this->config->setAppValue($this->appName, 'cas_ecas_attributeparserenabled', ($cas_ecas_attributeparserenabled !== NULL) ? '1' : '0'); 223 | $this->config->setAppValue($this->appName, 'cas_ecas_request_full_userdetails', ($cas_ecas_request_full_userdetails !== NULL) ? '1' : '0'); 224 | $this->config->setAppValue($this->appName, 'cas_use_proxy', ($cas_use_proxy !== NULL) ? '1' : '0'); 225 | $this->config->setAppValue($this->appName, 'cas_import_merge', ($cas_import_merge !== NULL) ? '1' : '0'); 226 | $this->config->setAppValue($this->appName, 'cas_import_merge_enabled', ($cas_import_merge_enabled !== NULL) ? '1' : '0'); 227 | $this->config->setAppValue($this->appName, 'cas_groups_letter_umlauts', ($cas_groups_letter_umlauts !== NULL) ? '1' : '0'); 228 | $this->config->setAppValue($this->appName, 'cas_keep_ticket_ids', ($cas_keep_ticket_ids !== NULL) ? '1' : '0'); 229 | $this->config->setAppValue($this->appName, 'cas_groups_json_decode', ($cas_groups_json_decode !== NULL) ? '1' : '0'); 230 | $this->config->setAppValue($this->appName, 'cas_groups_create_default_for_user', ($cas_groups_create_default_for_user !== NULL) ? '1' : '0'); 231 | $this->config->setAppValue($this->appName, 'cas_shares_protected', ($cas_shares_protected !== NULL) ? '1' : '0'); 232 | 233 | 234 | return array( 235 | 'code' => 200, 236 | 'message' => $this->l10n->t('Your CAS settings have been updated.') 237 | ); 238 | } catch (\Exception $e) { 239 | 240 | return array( 241 | 'code' => 500, 242 | 'message' => $this->l10n->t('Your CAS settings could not be updated. Please try again.') 243 | ); 244 | } 245 | } 246 | } -------------------------------------------------------------------------------- /lib/Exception/PhpCas/PhpUserCasLibraryNotFoundException.php: -------------------------------------------------------------------------------- 1 | 6 | * @copyright Felix Rupp 7 | * 8 | * This library is free software; you can redistribute it and/or 9 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 10 | * License as published by the Free Software Foundation; either 11 | * version 3 of the License, or any later version. 12 | * 13 | * This library is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public 19 | * License along with this library. If not, see . 20 | * 21 | */ 22 | 23 | namespace OCA\UserCAS\Exception\PhpCas; 24 | 25 | 26 | use OCA\UserCAS\Exception\UserCasException; 27 | 28 | /** 29 | * Class PhpUserCasLibraryNotFoundException 30 | * 31 | * @package OCA\UserCAS\Exception\PhpCas 32 | * 33 | * @author Felix Rupp 34 | * @copyright Felix Rupp 35 | * 36 | * @since 1.5.0 37 | */ 38 | class PhpUserCasLibraryNotFoundException extends UserCasException 39 | { 40 | } -------------------------------------------------------------------------------- /lib/Exception/UserCasException.php: -------------------------------------------------------------------------------- 1 | 6 | * @copyright Felix Rupp 7 | * 8 | * This library is free software; you can redistribute it and/or 9 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 10 | * License as published by the Free Software Foundation; either 11 | * version 3 of the License, or any later version. 12 | * 13 | * This library is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public 19 | * License along with this library. If not, see . 20 | * 21 | */ 22 | 23 | namespace OCA\UserCAS\Exception; 24 | 25 | 26 | /** 27 | * Class UserCasException 28 | * 29 | * @package OCA\UserCAS\Exception 30 | * 31 | * @author Felix Rupp 32 | * @copyright Felix Rupp 33 | * 34 | * @since 1.5.0 35 | */ 36 | class UserCasException extends \Exception 37 | { 38 | } -------------------------------------------------------------------------------- /lib/Hooks/UserHooks.php: -------------------------------------------------------------------------------- 1 | 7 | * @copyright Felix Rupp 8 | * 9 | * This library is free software; you can redistribute it and/or 10 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 11 | * License as published by the Free Software Foundation; either 12 | * version 3 of the License, or any later version. 13 | * 14 | * This library is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public 20 | * License along with this library. If not, see . 21 | * 22 | */ 23 | 24 | namespace OCA\UserCAS\Hooks; 25 | 26 | use OCA\UserCAS\Exception\PhpCas\PhpUserCasLibraryNotFoundException; 27 | use OCA\UserCAS\User\UserCasBackendInterface; 28 | use \OCP\IUserManager; 29 | use \OCP\IUserSession; 30 | use \OCP\IConfig; 31 | 32 | use OCA\UserCAS\Service\LoggingService; 33 | use OCA\UserCAS\Service\UserService; 34 | use OCA\UserCAS\Service\AppService; 35 | 36 | /** 37 | * Class UserCAS_Hooks 38 | * 39 | * @package OCA\UserCAS\Hooks 40 | * 41 | * @author Felix Rupp 42 | * @copyright Felix Rupp 43 | * 44 | * @since 1.4.0 45 | */ 46 | class UserHooks 47 | { 48 | 49 | /** 50 | * @var string 51 | */ 52 | private $appName; 53 | 54 | /** 55 | * @var \OCP\IUserManager $userManager 56 | */ 57 | private $userManager; 58 | 59 | /** 60 | * @var \OCP\IUserSession $userSession 61 | */ 62 | private $userSession; 63 | 64 | /** 65 | * @var \OCP\IConfig 66 | */ 67 | private $config; 68 | 69 | /** 70 | * @var \OCA\UserCAS\Service\UserService $userService 71 | */ 72 | private $userService; 73 | 74 | /** 75 | * @var \OCA\UserCAS\Service\AppService $appService 76 | */ 77 | private $appService; 78 | 79 | /** 80 | * @var \OCA\UserCAS\Service\LoggingService 81 | */ 82 | private $loggingService; 83 | 84 | /** 85 | * @var UserCasBackendInterface 86 | */ 87 | private $backend; 88 | 89 | 90 | /** 91 | * UserHooks constructor. 92 | * 93 | * @param string $appName 94 | * @param \OCP\IUserManager $userManager 95 | * @param \OCP\IUserSession $userSession 96 | * @param \OCP\IConfig $config 97 | * @param \OCA\UserCAS\Service\UserService $userService 98 | * @param \OCA\UserCAS\Service\AppService $appService 99 | * @param \OCA\UserCAS\Service\LoggingService $loggingService 100 | * @param UserCasBackendInterface $backend 101 | */ 102 | public function __construct($appName, IUserManager $userManager, IUserSession $userSession, IConfig $config, UserService $userService, AppService $appService, LoggingService $loggingService, UserCasBackendInterface $backend) 103 | { 104 | $this->appName = $appName; 105 | $this->userManager = $userManager; 106 | $this->userSession = $userSession; 107 | $this->config = $config; 108 | $this->userService = $userService; 109 | $this->appService = $appService; 110 | $this->loggingService = $loggingService; 111 | $this->backend = $backend; 112 | } 113 | 114 | /** 115 | * Register method. 116 | */ 117 | public function register() 118 | { 119 | #$this->userSession->listen('\OC\User', 'preLogin', array($this, 'preLogin')); 120 | $this->userSession->listen('\OC\User', 'postLogin', array($this, 'postLogin')); 121 | $this->userSession->listen('\OC\User', 'postLogout', array($this, 'postLogout')); 122 | } 123 | 124 | 125 | /** 126 | * postLogin method to update user data. 127 | * 128 | * @param mixed $uid 129 | * @param string $password 130 | * @return bool 131 | * @throws \Exception 132 | * 133 | * @deprecated 134 | * @since 1.8.0 135 | */ 136 | public function preLogin($uid, $password) 137 | { 138 | 139 | if (!$this->appService->isCasInitialized()) { 140 | 141 | try { 142 | 143 | $this->appService->init(); 144 | } catch (PhpUserCasLibraryNotFoundException $e) { 145 | 146 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::FATAL, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 147 | 148 | return FALSE; 149 | } 150 | }; 151 | 152 | if ($uid instanceof \OCP\IUser) { 153 | 154 | $user = $uid; 155 | $uid = $user->getUID(); 156 | } 157 | else { 158 | 159 | $user = $this->userManager->get($uid); 160 | } 161 | 162 | if (\phpCAS::isAuthenticated() && !$this->userSession->isLoggedIn()) { 163 | 164 | #$casUid = \phpCAS::getUser(); 165 | $casUid = $this->userService->getUserId(); 166 | 167 | if ($casUid === $uid) { 168 | 169 | if (boolval($this->config->getAppValue($this->appName, 'cas_autocreate'))) { 170 | 171 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCas pre login hook triggered. User: ' . $uid); 172 | 173 | // Autocreate user if needed or create a new account in CAS Backend 174 | if (is_null($user)) { 175 | 176 | // create users if they do not exist 177 | if (preg_match('/[^a-zA-Z0-9 _\.@\-]/', $uid)) { 178 | 179 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'Invalid username "' . $uid . '", allowed chars "a-zA-Z0-9" and "_.@-" '); 180 | 181 | return FALSE; 182 | } else { 183 | 184 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS creating a new user with UID: ' . $uid); 185 | 186 | /** @var bool|\OCP\IUser the created user or false $uid */ 187 | $user = $this->userService->create($uid, $this->backend); 188 | 189 | if ($user instanceof \OCP\IUser) { 190 | 191 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS created new user with UID: ' . $uid); 192 | } 193 | } 194 | } else { 195 | 196 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS no new user has been created.'); 197 | } 198 | } 199 | 200 | # Update the Backend of the user if necessary 201 | #$this->userService->updateBackend($user); 202 | } 203 | } else { 204 | 205 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCas pre login hook NOT triggered. User: ' . $uid); 206 | } 207 | 208 | return TRUE; 209 | } 210 | 211 | 212 | /** 213 | * postLogin method to update user data. 214 | * 215 | * @param mixed $uid 216 | * @param string $password 217 | * @return bool 218 | */ 219 | public function postLogin($uid, $password) 220 | { 221 | 222 | if (!$this->appService->isCasInitialized()) { 223 | 224 | try { 225 | 226 | $this->appService->init(); 227 | } catch (PhpUserCasLibraryNotFoundException $e) { 228 | 229 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::FATAL, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 230 | 231 | return FALSE; 232 | } 233 | }; 234 | 235 | if ($uid instanceof \OCP\IUser) { 236 | 237 | $user = $uid; 238 | $uid = $user->getUID(); 239 | } else { 240 | 241 | $user = $this->userManager->get($uid); 242 | } 243 | 244 | if (\phpCAS::isAuthenticated() && $this->userSession->isLoggedIn()) { 245 | 246 | if (boolval($this->config->getAppValue($this->appName, 'cas_update_user_data'))) { 247 | 248 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCas post login hook triggered. User: ' . $uid); 249 | 250 | // $cas_attributes may vary in name, therefore attributes are fetched to $attributes 251 | 252 | #$casUid = \phpCAS::getUser(); 253 | $casUid = $this->userService->getUserId(); 254 | 255 | if ($casUid === $uid) { 256 | 257 | # Update the Backend of the user if necessary 258 | #$this->userService->updateBackend($user); 259 | 260 | $casAttributes = \phpCAS::getAttributes(); 261 | 262 | # Test if an attribute parser added a new dimension to our attributes array 263 | if (array_key_exists('attributes', $casAttributes)) { 264 | 265 | $newAttributes = $casAttributes['attributes']; 266 | 267 | unset($casAttributes['attributes']); 268 | 269 | $casAttributes = array_merge($casAttributes, $newAttributes); 270 | } 271 | 272 | $casAttributesString = ''; 273 | foreach ($casAttributes as $key => $attribute) { 274 | 275 | $attributeString = $this->convertArrayAttributeValuesForDebug($attribute); 276 | 277 | $casAttributesString .= $key . ': ' . $attributeString . '; '; 278 | } 279 | 280 | // parameters 281 | $attributes = array(); 282 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'Attributes for the user: ' . $uid . ' => ' . $casAttributesString); 283 | 284 | 285 | // DisplayName 286 | $displayNameMapping = $this->config->getAppValue($this->appName, 'cas_displayName_mapping'); 287 | 288 | $displayNameMappingArray = explode("+", $displayNameMapping); 289 | 290 | $attributes['cas_name'] = ''; 291 | 292 | foreach ($displayNameMappingArray as $displayNameMapping) { 293 | 294 | if (array_key_exists($displayNameMapping, $casAttributes)) { 295 | 296 | $attributes['cas_name'] .= $casAttributes[$displayNameMapping] . " "; 297 | } 298 | } 299 | 300 | $attributes['cas_name'] = trim($attributes['cas_name']); 301 | 302 | if ($attributes['cas_name'] === '' && array_key_exists('displayName', $casAttributes)) { 303 | 304 | $attributes['cas_name'] = $casAttributes['displayName']; 305 | } 306 | 307 | 308 | // E-Mail 309 | $mailMapping = $this->config->getAppValue($this->appName, 'cas_email_mapping'); 310 | if (array_key_exists($mailMapping, $casAttributes)) { 311 | 312 | $attributes['cas_email'] = $casAttributes[$mailMapping]; 313 | } else if (array_key_exists('mail', $casAttributes)) { 314 | 315 | $attributes['cas_email'] = $casAttributes['mail']; 316 | } 317 | 318 | 319 | // Group handling 320 | $groupMapping = $this->config->getAppValue($this->appName, 'cas_group_mapping'); 321 | $defaultGroup = $this->config->getAppValue($this->appName, 'cas_default_group'); 322 | # Test for mapped attribute from settings 323 | if (array_key_exists($groupMapping, $casAttributes)) { 324 | 325 | $attributes['cas_groups'] = $casAttributes[$groupMapping]; 326 | } # Test for standard 'groups' attribute 327 | else if (array_key_exists('groups', $casAttributes)) { 328 | 329 | $attributes['cas_groups'] = $casAttributes['groups']; 330 | } else if (is_string($defaultGroup) && strlen($defaultGroup) > 0) { 331 | 332 | $attributes['cas_groups'] = array($defaultGroup); 333 | 334 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'Using default group "' . $defaultGroup . '" for the user: ' . $uid); 335 | } 336 | 337 | // Group Quota handling 338 | $groupQuotas = $this->config->getAppValue($this->appName, 'cas_access_group_quotas'); 339 | $groupQuotas = explode(",", $groupQuotas); 340 | 341 | foreach ($groupQuotas as $groupQuota) { 342 | 343 | $groupQuota = explode(":", $groupQuota); 344 | 345 | if (is_array($groupQuota) && count($groupQuota) === 2) { 346 | 347 | $attributes['cas_group_quota'][$groupQuota[0]] = $groupQuota[1]; 348 | } 349 | } 350 | 351 | // User Quota handling 352 | // Overwrites group quota 353 | $userQuotaMapping = $this->config->getAppValue($this->appName, 'cas_quota_mapping'); 354 | 355 | #$this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCas quota-mapping-contents: '.$userQuotaMapping); 356 | 357 | if (array_key_exists($userQuotaMapping, $casAttributes)) { 358 | 359 | $attributes['cas_quota'] = $casAttributes[$userQuotaMapping]; 360 | } else if (array_key_exists('quota', $casAttributes)) { 361 | 362 | $attributes['cas_quota'] = $casAttributes['quota']; 363 | } 364 | 365 | // Try to update user attributes 366 | $this->userService->updateUser($user, $attributes); 367 | } 368 | 369 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCas post login hook finished.'); 370 | } 371 | } else { 372 | 373 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCas post login hook NOT triggered. User: ' . $uid); 374 | } 375 | 376 | return TRUE; 377 | } 378 | 379 | /** 380 | * Logout hook method. 381 | * 382 | * @return boolean 383 | */ 384 | public function postLogout() 385 | { 386 | 387 | if (!$this->appService->isCasInitialized()) { 388 | 389 | try { 390 | 391 | $this->appService->init(); 392 | } catch (PhpUserCasLibraryNotFoundException $e) { 393 | 394 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::FATAL, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 395 | 396 | return FALSE; 397 | } 398 | }; 399 | 400 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'Logout hook triggered.'); 401 | 402 | if (!boolval($this->config->getAppValue($this->appName, 'cas_disable_logout'))) { 403 | 404 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS logging out.'); 405 | 406 | # Reset cookie 407 | setcookie("user_cas_redirect_url", '/', null, '/'); 408 | 409 | \phpCAS::logout(array("service" => $this->appService->getAbsoluteURL('/'))); 410 | 411 | } else { 412 | 413 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS not logging out, because CAS logout was disabled.'); 414 | } 415 | 416 | return TRUE; 417 | } 418 | 419 | 420 | /** 421 | * Convert CAS Attribute values for debug reasons 422 | * 423 | * @param $attributes 424 | * @return string 425 | */ 426 | private function convertArrayAttributeValuesForDebug($attributes) 427 | { 428 | 429 | if (is_array($attributes)) { 430 | $stringValue = ''; 431 | 432 | foreach ($attributes as $attribute) { 433 | 434 | if (is_array($attribute)) { 435 | 436 | $stringValue .= $this->convertArrayAttributeValuesForDebug($attribute); 437 | } else { 438 | 439 | $stringValue .= $attribute . ", "; 440 | } 441 | } 442 | 443 | return $stringValue; 444 | } 445 | 446 | return $attributes; 447 | } 448 | } -------------------------------------------------------------------------------- /lib/Panels/Admin.php: -------------------------------------------------------------------------------- 1 | 6 | * @copyright Felix Rupp 7 | * 8 | * This library is free software; you can redistribute it and/or 9 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 10 | * License as published by the Free Software Foundation; either 11 | * version 3 of the License, or any later version. 12 | * 13 | * This library is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public 19 | * License along with this library. If not, see . 20 | * 21 | */ 22 | 23 | namespace OCA\UserCAS\Panels; 24 | 25 | use OCP\Settings\ISettings; 26 | use OCP\Template; 27 | use OCP\AppFramework\Http\TemplateResponse; 28 | use OCP\IConfig; 29 | 30 | /** 31 | * Class Admin 32 | * 33 | * @package OCA\UserCAS\Panels 34 | * 35 | * @author Felix Rupp 36 | * @copyright Felix Rupp 37 | * 38 | * @since 1.5 39 | */ 40 | class Admin implements ISettings 41 | { 42 | 43 | /** 44 | * @var array 45 | */ 46 | private $params = array('cas_server_version', 'cas_server_hostname', 'cas_server_port', 'cas_server_path', 'cas_force_login', 'cas_force_login_exceptions','cas_autocreate', 47 | 'cas_update_user_data', 'cas_keep_ticket_ids', 'cas_login_button_label', 'cas_protected_groups', 'cas_default_group', 'cas_ecas_attributeparserenabled', 'cas_userid_mapping', 'cas_email_mapping', 'cas_displayName_mapping', 'cas_group_mapping', 'cas_quota_mapping', 48 | 'cas_cert_path', 'cas_debug_file', 'cas_php_cas_path', 'cas_link_to_ldap_backend', 'cas_disable_logout', 'cas_disable_singlesignout', 'cas_handlelogout_servers', 'cas_service_url', 'cas_access_allow_groups', 49 | 'cas_access_group_quotas', 'cas_groups_letter_filter', 'cas_groups_letter_umlauts', 'cas_groups_json_decode', 'cas_groups_create_default_for_user', 'cas_groups_create_default_for_user_prefix', 50 | 'cas_import_ad_protocol', 'cas_import_ad_host', 'cas_import_ad_port', 'cas_import_ad_user', 'cas_import_ad_domain', 'cas_import_ad_password', 'cas_import_ad_base_dn', 'cas_import_ad_sync_filter', 'cas_import_ad_sync_pagesize', 51 | 'cas_import_map_uid', 'cas_import_map_displayname', 'cas_import_map_email', 'cas_import_map_groups', 'cas_import_map_groups_description', 'cas_import_map_quota', 'cas_import_map_enabled', 'cas_import_map_enabled_and_bitwise', 'cas_import_map_dn_filter', 'cas_import_map_dn', 'cas_import_merge', 'cas_import_merge_enabled', 52 | 'cas_ecas_accepted_strengths', 'cas_ecas_retrieve_groups','cas_ecas_request_full_userdetails', 'cas_ecas_assurance_level','cas_use_proxy', 'cas_ecas_internal_ip_range', 'cas_shares_protected'); 53 | 54 | /** 55 | * @var IConfig 56 | */ 57 | private $config; 58 | 59 | /** 60 | * Admin constructor. 61 | * 62 | * @param IConfig $config 63 | */ 64 | public function __construct(IConfig $config) 65 | { 66 | $this->config = $config; 67 | } 68 | 69 | /** 70 | * @return string 71 | */ 72 | public function getSectionID() 73 | { 74 | return 'authentication'; 75 | } 76 | 77 | /** 78 | * @see Nextcloud 13 support 79 | * 80 | * @return string 81 | * 82 | * @since 1.5.0 83 | */ 84 | public function getSection() 85 | { 86 | return 'security'; 87 | } 88 | 89 | /** 90 | * @return int 91 | */ 92 | public function getPriority() 93 | { 94 | return 50; 95 | } 96 | 97 | /** 98 | * Get Panel 99 | * 100 | * @return Template 101 | */ 102 | public function getPanel() 103 | { 104 | 105 | $tmpl = new Template('user_cas', 'admin'); 106 | 107 | foreach ($this->params as $param) { 108 | 109 | $value = htmlentities($this->config->getAppValue('user_cas', $param)); 110 | 111 | $tmpl->assign($param, $value); 112 | } 113 | 114 | return $tmpl; 115 | } 116 | 117 | /** 118 | * @see Nextcloud 13 support 119 | * 120 | * @return TemplateResponse 121 | * 122 | * @since 1.5.0 123 | */ 124 | public function getForm() 125 | { 126 | 127 | $parameters = array(); 128 | 129 | foreach ($this->params as $param) { 130 | 131 | $parameters[$param] = htmlentities($this->config->getAppValue('user_cas', $param)); 132 | } 133 | 134 | return new TemplateResponse('user_cas', 'admin', $parameters); 135 | } 136 | } -------------------------------------------------------------------------------- /lib/Service/Import/ImporterInterface.php: -------------------------------------------------------------------------------- 1 | 14 | * @copyright Felix Rupp 15 | * 16 | * @since 1.0.0 17 | */ 18 | interface ImporterInterface 19 | { 20 | 21 | /** 22 | * @param LoggerInterface $logger 23 | */ 24 | public function init(LoggerInterface $logger); 25 | 26 | public function close(); 27 | 28 | public function getUsers(); 29 | 30 | /** 31 | * @param array $userData 32 | */ 33 | public function exportAsCsv(array $userData); 34 | } -------------------------------------------------------------------------------- /lib/Service/LoggingService.php: -------------------------------------------------------------------------------- 1 | 7 | * @copyright Felix Rupp 8 | * 9 | * This library is free software; you can redistribute it and/or 10 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 11 | * License as published by the Free Software Foundation; either 12 | * version 3 of the License, or any later version. 13 | * 14 | * This library is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public 20 | * License along with this library. If not, see . 21 | * 22 | */ 23 | 24 | namespace OCA\UserCAS\Service; 25 | 26 | use \OCP\IConfig; 27 | use \OCP\ILogger; 28 | 29 | /** 30 | * Class LoggingService 31 | * 32 | * @package OCA\UserCAS\Service 33 | * 34 | * @author Felix Rupp 35 | * @copyright Felix Rupp 36 | * 37 | * @since 1.5.0 38 | */ 39 | class LoggingService 40 | { 41 | 42 | /** 43 | * @since 1.6.1 44 | */ 45 | const DEBUG = 0; 46 | /** 47 | * @since 1.6.1 48 | */ 49 | const INFO = 1; 50 | /** 51 | * @since 1.6.1 52 | */ 53 | const WARN = 2; 54 | /** 55 | * @since 1.6.1 56 | */ 57 | const ERROR = 3; 58 | /** 59 | * @since 1.6.1 60 | */ 61 | const FATAL = 4; 62 | 63 | /** 64 | * @var string $appName 65 | */ 66 | private $appName; 67 | 68 | /** 69 | * @var \OCP\IConfig $appConfig 70 | */ 71 | private $config; 72 | 73 | /** 74 | * @var \OCP\ILogger $logger 75 | */ 76 | private $logger; 77 | 78 | /** 79 | * LoggingService constructor. 80 | * @param string $appName 81 | * @param \OCP\IConfig $config 82 | * @param \OCP\ILogger $logger 83 | */ 84 | public function __construct($appName, IConfig $config, ILogger $logger) 85 | { 86 | 87 | $this->appName = $appName; 88 | $this->config = $config; 89 | $this->logger = $logger; 90 | } 91 | 92 | /** 93 | * @param mixed $level 94 | * @param string $message 95 | */ 96 | public function write($level, $message) 97 | { 98 | 99 | $this->logger->log($level, $message, ['app' => $this->appName]); 100 | } 101 | } -------------------------------------------------------------------------------- /lib/Service/Merge/AdUserMerger.php: -------------------------------------------------------------------------------- 1 | 14 | * @copyright Felix Rupp 15 | * 16 | * @since 1.0.0 17 | */ 18 | class AdUserMerger implements MergerInterface 19 | { 20 | 21 | 22 | /** 23 | * @var LoggerInterface 24 | */ 25 | protected $logger; 26 | 27 | 28 | /** 29 | * AdUserMerger constructor. 30 | * @param LoggerInterface $logger 31 | */ 32 | public function __construct(LoggerInterface $logger) 33 | { 34 | $this->logger = $logger; 35 | } 36 | 37 | /** 38 | * Merge users method 39 | * 40 | * @param array $userStack 41 | * @param array $userToMerge 42 | * @param bool $merge 43 | * @param bool $preferEnabledAccountsOverDisabled 44 | * @param string $primaryAccountDnStartswWith 45 | */ 46 | public function mergeUsers(array &$userStack, array $userToMerge, $merge, $preferEnabledAccountsOverDisabled, $primaryAccountDnStartswWith) 47 | { 48 | # User already in stack 49 | if ($merge && isset($userStack[$userToMerge["uid"]])) { 50 | 51 | $this->logger->debug("User " . $userToMerge["uid"] . " has to be merged …"); 52 | 53 | // Check if accounts are enabled or disabled 54 | // if both disabled, first account stays 55 | // if one is enabled, use this account 56 | // if both enabled, use information of $primaryAccountDnStartswWith 57 | 58 | if ($preferEnabledAccountsOverDisabled && $userStack[$userToMerge["uid"]]['enable'] == 0 && $userToMerge['enable'] == 1) { # First disabled, second enabled and $preferEnabledAccountsOverDisabled is true 59 | 60 | $this->logger->info("User " . $userToMerge["uid"] . " is merged because first account was disabled."); 61 | 62 | $userStack[$userToMerge["uid"]] = $userToMerge; 63 | } 64 | elseif(!$preferEnabledAccountsOverDisabled && $userStack[$userToMerge["uid"]]['enable'] == 0 && $userToMerge['enable'] == 1) { # First disabled, second enabled and $preferEnabledAccountsOverDisabled is false 65 | 66 | $this->logger->info("User " . $userToMerge["uid"] . " has not been merged, second enabled account was not preferred, because of preferEnabledAccountsOverDisabled option."); 67 | } 68 | elseif ($userStack[$userToMerge["uid"]]['enable'] == 1 && $userToMerge['enable'] == 1) { # Both enabled 69 | 70 | if (strpos(strtolower($userToMerge['dn']), strtolower($primaryAccountDnStartswWith) !== FALSE)) { 71 | 72 | $this->logger->info("User " . $userToMerge["uid"] . " is merged because second account is primary, based on merge filter."); 73 | 74 | $userStack[$userToMerge["uid"]] = $userToMerge; 75 | } 76 | else { 77 | 78 | $this->logger->info("User " . $userToMerge["uid"] . " has not been merged, second account was not primary, based on merge filter."); 79 | } 80 | } else { 81 | 82 | $this->logger->info("User " . $userToMerge["uid"] . " has not been merged, second account was disabled, first account was enabled."); 83 | } 84 | } else { # User not in stack 85 | 86 | $userStack[$userToMerge["uid"]] = $userToMerge; 87 | } 88 | } 89 | } -------------------------------------------------------------------------------- /lib/Service/Merge/MergerInterface.php: -------------------------------------------------------------------------------- 1 | 12 | * @copyright Felix Rupp 13 | * 14 | * @since 1.0.0 15 | */ 16 | interface MergerInterface 17 | { 18 | 19 | public function mergeUsers(array &$userStack, array $userToMerge, $merge, $preferEnabledAccountsOverDisabled, $primaryAccountDnStartswWith); 20 | } -------------------------------------------------------------------------------- /lib/User/Backend.php: -------------------------------------------------------------------------------- 1 | 7 | * @copyright Felix Rupp 8 | * 9 | * This library is free software; you can redistribute it and/or 10 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 11 | * License as published by the Free Software Foundation; either 12 | * version 3 of the License, or any later version. 13 | * 14 | * This library is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public 20 | * License along with this library. If not, see . 21 | * 22 | */ 23 | 24 | namespace OCA\UserCAS\User; 25 | 26 | use OC\User\Database; 27 | use OCA\UserCAS\Exception\PhpCas\PhpUserCasLibraryNotFoundException; 28 | use OCA\UserCAS\Service\AppService; 29 | use OCA\UserCAS\Service\LoggingService; 30 | use OCA\UserCAS\Service\UserService; 31 | use OCP\IConfig; 32 | use OCP\IUserBackend; 33 | use OCP\IUserManager; 34 | use OCP\User\IProvidesDisplayNameBackend; 35 | use OCP\User\IProvidesHomeBackend; 36 | use OCP\UserInterface; 37 | 38 | 39 | /** 40 | * Class Backend 41 | * 42 | * @package OCA\UserCAS\User 43 | * 44 | * @author Felix Rupp 45 | * @copyright Felix Rupp 46 | * 47 | * @since 1.4.0 48 | */ 49 | class Backend extends Database implements UserInterface, IUserBackend, IProvidesHomeBackend, IProvidesDisplayNameBackend, UserCasBackendInterface 50 | { 51 | 52 | /** 53 | * @var string 54 | */ 55 | protected $appName; 56 | 57 | /** 58 | * @var IConfig 59 | */ 60 | protected $config; 61 | 62 | /** 63 | * @var \OCA\UserCAS\Service\LoggingService $loggingService 64 | */ 65 | protected $loggingService; 66 | 67 | /** 68 | * @var \OCA\UserCAS\Service\AppService $appService 69 | */ 70 | protected $appService; 71 | 72 | /** 73 | * @var \OCA\UserCAS\Service\UserService $userService 74 | */ 75 | protected $userService; 76 | 77 | 78 | /** 79 | * @var \OCP\IUserManager $userManager 80 | */ 81 | protected $userManager; 82 | 83 | 84 | /** 85 | * Backend constructor. 86 | * @param string $appName 87 | * @param IConfig $config 88 | * @param LoggingService $loggingService 89 | * @param AppService $appService 90 | * @param IUserManager $userManager 91 | * @param UserService $userService 92 | */ 93 | public function __construct($appName, IConfig $config, LoggingService $loggingService, AppService $appService, IUserManager $userManager, UserService $userService) 94 | { 95 | 96 | parent::__construct(); 97 | $this->appName = $appName; 98 | $this->loggingService = $loggingService; 99 | $this->appService = $appService; 100 | $this->userService = $userService; 101 | $this->config = $config; 102 | $this->userManager = $userManager; 103 | } 104 | 105 | 106 | /** 107 | * Backend name to be shown in user management 108 | * @return string the name of the backend to be shown 109 | */ 110 | public function getBackendName() 111 | { 112 | 113 | return "CAS"; 114 | } 115 | 116 | 117 | /** 118 | * @param string $uid 119 | * @param string $password 120 | * @return string|bool The users UID or false 121 | */ 122 | public function checkPassword($uid, $password) 123 | { 124 | 125 | if (!$this->appService->isCasInitialized()) { 126 | 127 | try { 128 | 129 | $this->appService->init(); 130 | } catch (PhpUserCasLibraryNotFoundException $e) { 131 | 132 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 133 | 134 | return FALSE; 135 | } 136 | } 137 | 138 | if (\phpCAS::isInitialized()) { 139 | 140 | if ($uid === FALSE) { 141 | 142 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'phpCAS returned no user.'); 143 | } 144 | 145 | if (\phpCAS::isAuthenticated()) { 146 | 147 | #$casUid = \phpCAS::getUser(); 148 | $casUid = $this->userService->getUserId(); 149 | 150 | $isAuthorized = TRUE; 151 | $createUser = TRUE; 152 | 153 | 154 | # Check if user may be authorized based on groups or not 155 | $cas_access_allow_groups = $this->config->getAppValue($this->appName, 'cas_access_allow_groups'); 156 | if (is_string($cas_access_allow_groups) && strlen($cas_access_allow_groups) > 0) { 157 | 158 | $cas_access_allow_groups = explode(',', $cas_access_allow_groups); 159 | $casAttributes = \phpCAS::getAttributes(); 160 | $casGroups = array(); 161 | $groupMapping = $this->config->getAppValue($this->appName, 'cas_group_mapping'); 162 | 163 | # Test if an attribute parser added a new dimension to our attributes array 164 | if (array_key_exists('attributes', $casAttributes)) { 165 | 166 | $newAttributes = $casAttributes['attributes']; 167 | 168 | unset($casAttributes['attributes']); 169 | 170 | $casAttributes = array_merge($casAttributes, $newAttributes); 171 | } 172 | 173 | # Test for mapped attribute from settings 174 | if (array_key_exists($groupMapping, $casAttributes)) { 175 | 176 | $casGroups = (array)$casAttributes[$groupMapping]; 177 | } # Test for standard 'groups' attribute 178 | else if (array_key_exists('groups', $casAttributes)) { 179 | 180 | if ($this->config->getAppValue($this->appName, 'cas_groups_json_decode')) { 181 | 182 | $casGroups = json_decode($casAttributes['groups']); 183 | } else { 184 | 185 | $casGroups = (array)$casAttributes['groups']; 186 | } 187 | } 188 | 189 | $isAuthorized = FALSE; 190 | 191 | foreach ($casGroups as $casGroup) { 192 | 193 | if (in_array($casGroup, $cas_access_allow_groups)) { 194 | 195 | $this->loggingService->write(LoggingService::DEBUG, 'phpCas CAS users login has been authorized with group: ' . $casGroup); 196 | 197 | $isAuthorized = TRUE; 198 | } else { 199 | 200 | $this->loggingService->write(LoggingService::DEBUG, 'phpCas CAS users login has not been authorized with group: ' . $casGroup . ', because the group was not in allowedGroups: ' . implode(", ", $cas_access_allow_groups)); 201 | } 202 | } 203 | } 204 | 205 | 206 | // Autocreate user if needed or create a new account in CAS Backend 207 | if (!$this->userManager->userExists($uid) && boolval($this->config->getAppValue($this->appName, 'cas_autocreate'))) { 208 | 209 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS creating a new user with UID: ' . $uid); 210 | } elseif (!$this->userManager->userExists($uid) && !boolval($this->config->getAppValue($this->appName, 'cas_autocreate'))) { 211 | 212 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS no new user has been created.'); 213 | 214 | $createUser = FALSE; 215 | } 216 | 217 | // Finalize check 218 | if ($casUid === $uid && $isAuthorized && $createUser) { 219 | 220 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS user password has been checked.'); 221 | 222 | return $uid; 223 | } 224 | } 225 | 226 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS user password has been checked, user not logged in.'); 227 | 228 | return FALSE; 229 | } else { 230 | 231 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'phpCAS has not been initialized.'); 232 | return FALSE; 233 | } 234 | } 235 | 236 | 237 | /** 238 | * @param string $uid 239 | * @return bool|string 240 | */ 241 | public function getDisplayName($uid) 242 | { 243 | 244 | $displayName = $uid; 245 | 246 | if (!$this->appService->isCasInitialized()) { 247 | 248 | try { 249 | 250 | $this->appService->init(); 251 | } catch (PhpUserCasLibraryNotFoundException $e) { 252 | 253 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 254 | 255 | return $displayName; 256 | } 257 | } 258 | 259 | if (\phpCAS::isInitialized()) { 260 | 261 | if (\phpCAS::isAuthenticated()) { 262 | 263 | $casAttributes = \phpCAS::getAttributes(); 264 | 265 | # Test if an attribute parser added a new dimension to our attributes array 266 | if (array_key_exists('attributes', $casAttributes)) { 267 | 268 | $newAttributes = $casAttributes['attributes']; 269 | 270 | unset($casAttributes['attributes']); 271 | 272 | $casAttributes = array_merge($casAttributes, $newAttributes); 273 | } 274 | 275 | // DisplayName 276 | $displayNameMapping = $this->config->getAppValue($this->appName, 'cas_displayName_mapping'); 277 | 278 | $displayNameMappingArray = explode("+", $displayNameMapping); 279 | 280 | $displayName = ''; 281 | 282 | foreach ($displayNameMappingArray as $displayNameMapping) { 283 | 284 | if (array_key_exists($displayNameMapping, $casAttributes)) { 285 | 286 | $displayName .= $casAttributes[$displayNameMapping] . " "; 287 | } 288 | } 289 | 290 | $displayName = trim($displayName); 291 | 292 | if ($displayName === '' && array_key_exists('displayName', $casAttributes)) { 293 | 294 | $displayName = $casAttributes['displayName']; 295 | } 296 | } 297 | } 298 | 299 | return $displayName; 300 | } 301 | } 302 | -------------------------------------------------------------------------------- /lib/User/NextBackend.php: -------------------------------------------------------------------------------- 1 | 7 | * @copyright Felix Rupp 8 | * 9 | * This library is free software; you can redistribute it and/or 10 | * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE 11 | * License as published by the Free Software Foundation; either 12 | * version 3 of the License, or any later version. 13 | * 14 | * This library is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU AFFERO GENERAL PUBLIC LICENSE for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public 20 | * License along with this library. If not, see . 21 | * 22 | */ 23 | 24 | namespace OCA\UserCAS\User; 25 | 26 | use OC\User\Database; 27 | use OCA\UserCAS\Exception\PhpCas\PhpUserCasLibraryNotFoundException; 28 | use OCA\UserCAS\Service\AppService; 29 | use OCA\UserCAS\Service\LoggingService; 30 | use OCA\UserCAS\Service\UserService; 31 | use OCP\IConfig; 32 | use OCP\IUser; 33 | use OCP\IUserBackend; 34 | use OCP\IUserManager; 35 | use \OCP\User\Backend\ICheckPasswordBackend; 36 | use OCP\UserInterface; 37 | 38 | 39 | /** 40 | * Class Backend 41 | * 42 | * @package OCA\UserCAS\User 43 | * 44 | * @author Felix Rupp 45 | * @copyright Felix Rupp 46 | * 47 | * @since 1.4.0 48 | */ 49 | class NextBackend extends Database implements UserInterface, IUserBackend, ICheckPasswordBackend, UserCasBackendInterface 50 | { 51 | 52 | /** 53 | * @var string 54 | */ 55 | protected $appName; 56 | 57 | /** 58 | * @var IConfig 59 | */ 60 | protected $config; 61 | 62 | /** 63 | * @var \OCA\UserCAS\Service\LoggingService $loggingService 64 | */ 65 | protected $loggingService; 66 | 67 | /** 68 | * @var \OCA\UserCAS\Service\AppService $appService 69 | */ 70 | protected $appService; 71 | 72 | /** 73 | * @var \OCP\IUserManager; 74 | */ 75 | protected $userManager; 76 | 77 | /** 78 | * @var \OCA\UserCAS\Service\UserService $userService 79 | */ 80 | protected $userService; 81 | 82 | 83 | /** 84 | * Backend constructor. 85 | * 86 | * @param string $appName 87 | * @param IConfig $config 88 | * @param LoggingService $loggingService 89 | * @param AppService $appService 90 | * @param IUserManager $userManager 91 | * @param UserService $userService 92 | */ 93 | public function __construct($appName, IConfig $config, LoggingService $loggingService, AppService $appService, IUserManager $userManager, UserService $userService) 94 | { 95 | 96 | parent::__construct(); 97 | $this->appName = $appName; 98 | $this->loggingService = $loggingService; 99 | $this->appService = $appService; 100 | $this->config = $config; 101 | $this->userManager = $userManager; 102 | $this->userService = $userService; 103 | } 104 | 105 | 106 | /** 107 | * Backend name to be shown in user management 108 | * 109 | * @return string the name of the backend to be shown 110 | */ 111 | public function getBackendName() 112 | { 113 | 114 | return "CAS"; 115 | } 116 | 117 | 118 | /** 119 | * Check the password 120 | * 121 | * @param string $loginName 122 | * @param string $password 123 | * @return string|bool The users UID or false 124 | */ 125 | public function checkPassword(string $loginName, string $password) 126 | { 127 | 128 | if (!$this->appService->isCasInitialized()) { 129 | 130 | try { 131 | 132 | $this->appService->init(); 133 | } catch (PhpUserCasLibraryNotFoundException $e) { 134 | 135 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage()); 136 | 137 | return FALSE; 138 | } 139 | } 140 | 141 | if (\phpCAS::isInitialized()) { 142 | 143 | if ($loginName === FALSE) { 144 | 145 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'phpCAS returned no user.'); 146 | } 147 | 148 | if (\phpCAS::isAuthenticated()) { 149 | 150 | #$casUid = \phpCAS::getUser(); 151 | $casUid = $this->userService->getUserId(); 152 | 153 | $isAuthorized = TRUE; 154 | $createUser = TRUE; 155 | 156 | 157 | # Check if user may be authorized based on groups or not 158 | $cas_access_allow_groups = $this->config->getAppValue($this->appName, 'cas_access_allow_groups'); 159 | if (is_string($cas_access_allow_groups) && strlen($cas_access_allow_groups) > 0) { 160 | 161 | $cas_access_allow_groups = explode(',', $cas_access_allow_groups); 162 | $casAttributes = \phpCAS::getAttributes(); 163 | $casGroups = array(); 164 | $groupMapping = $this->config->getAppValue($this->appName, 'cas_group_mapping'); 165 | 166 | # Test if an attribute parser added a new dimension to our attributes array 167 | if (array_key_exists('attributes', $casAttributes)) { 168 | 169 | $newAttributes = $casAttributes['attributes']; 170 | 171 | unset($casAttributes['attributes']); 172 | 173 | $casAttributes = array_merge($casAttributes, $newAttributes); 174 | } 175 | 176 | # Test for mapped attribute from settings 177 | if (array_key_exists($groupMapping, $casAttributes)) { 178 | 179 | $casGroups = (array)$casAttributes[$groupMapping]; 180 | } # Test for standard 'groups' attribute 181 | else if (array_key_exists('groups', $casAttributes)) { 182 | 183 | if ($this->config->getAppValue($this->appName, 'cas_groups_json_decode')) { 184 | 185 | $casGroups = json_decode($casAttributes['groups']); 186 | } else { 187 | 188 | $casGroups = (array)$casAttributes['groups']; 189 | } 190 | } 191 | 192 | $isAuthorized = FALSE; 193 | 194 | foreach ($casGroups as $casGroup) { 195 | 196 | if (in_array($casGroup, $cas_access_allow_groups)) { 197 | 198 | $this->loggingService->write(LoggingService::DEBUG, 'phpCas CAS users login has been authorized with group: ' . $casGroup); 199 | 200 | $isAuthorized = TRUE; 201 | } else { 202 | 203 | $this->loggingService->write(LoggingService::DEBUG, 'phpCas CAS users login has not been authorized with group: ' . $casGroup . ', because the group was not in allowedGroups: ' . implode(", ", $cas_access_allow_groups)); 204 | } 205 | } 206 | } 207 | 208 | 209 | // Autocreate user if needed or create a new account in CAS Backend 210 | if (!$this->userManager->userExists($loginName) && boolval($this->config->getAppValue($this->appName, 'cas_autocreate'))) { 211 | 212 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS creating a new user with UID: ' . $loginName); 213 | 214 | try { 215 | 216 | $createUser = $this->userService->create($loginName, $this); 217 | 218 | if (!$createUser instanceof IUser) { 219 | 220 | $createUser = FALSE; 221 | } 222 | } catch (\Exception $e) { 223 | 224 | $createUser = FALSE; 225 | } 226 | } elseif (!$this->userManager->userExists($loginName) && !boolval($this->config->getAppValue($this->appName, 'cas_autocreate'))) { 227 | 228 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS no new user has been created.'); 229 | 230 | $createUser = FALSE; 231 | } 232 | 233 | // Finalize check 234 | if ($casUid === $loginName && $isAuthorized && $createUser) { 235 | 236 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::DEBUG, 'phpCAS user password has been checked.'); 237 | 238 | return $loginName; 239 | } 240 | } 241 | 242 | return FALSE; 243 | } else { 244 | 245 | $this->loggingService->write(\OCA\UserCas\Service\LoggingService::ERROR, 'phpCAS has not been initialized.'); 246 | return FALSE; 247 | } 248 | } 249 | 250 | /** 251 | * Get the real UID 252 | * 253 | * @param string $uid 254 | * @return string 255 | * 256 | * @since 1.8.0 257 | */ 258 | public function getRealUID(string $uid): string 259 | { 260 | 261 | return $uid; 262 | } 263 | } 264 | -------------------------------------------------------------------------------- /lib/User/UserCasBackendInterface.php: -------------------------------------------------------------------------------- 1 | 19 | * @copyright Felix Rupp 20 | */ 21 | interface UserCasBackendInterface extends UserInterface 22 | { 23 | } -------------------------------------------------------------------------------- /templates/cas-error.php: -------------------------------------------------------------------------------- 1 | 4 | * @copyright Felix Rupp 5 | * 6 | * @license AGPL-3.0 7 | * 8 | * This code is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License, version 3, 10 | * as published by the Free Software Foundation. 11 | * 12 | * This program is distributed in the hope that it will be useful, 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | * GNU Affero General Public License for more details. 16 | * 17 | * You should have received a copy of the GNU Affero General Public License, version 3, 18 | * along with this program. If not, see 19 | */ 20 | style('user_cas', 'casError'); 21 | ?> 22 | 23 | 24 |

25 | t($_['errorCode']));?>: t($_['errorMessage'])); ?> 26 |

27 |

28 | 29 | 30 | 31 |

32 | 33 | --------------------------------------------------------------------------------