1<?php
2/**
3 * Copyright 2004-2007 Stuart Binge <s.binge@codefusion.co.za>
4 * Copyright 2008-2017 Horde LLC (http://www.horde.org/)
5 *
6 * See the enclosed file COPYING for license information (LGPL). If you did
7 * not receive this file, see http://www.horde.org/licenses/lgpl21.
8 *
9 * @author   Stuart Binge <s.binge@codefusion.co.za>
10 * @author   Gunnar Wrobel <wrobel@pardus.de>
11 * @category Horde
12 * @license  http://www.horde.org/licenses/lgpl21 LGPL-2.1
13 * @package  Auth
14 */
15
16/**
17 * The Horde_Auth_Kolab implementation of the Horde authentication system.
18 *
19 * Derives from the Horde_Auth_Imap authentication object, and provides
20 * parameters to it based on the global Kolab configuration.
21 *
22 * @author    Stuart Binge <s.binge@codefusion.co.za>
23 * @author    Gunnar Wrobel <wrobel@pardus.de>
24 * @category  Horde
25 * @copyright 2004-2007 Stuart Binge <s.binge@codefusion.co.za>
26 * @copyright 2008-2017 Horde LLC
27 * @license   http://www.horde.org/licenses/lgpl21 LGPL-2.1
28 * @package   Auth
29 */
30class Horde_Auth_Kolab extends Horde_Auth_Base
31{
32    /**
33     * An array of capabilities, so that the driver can report which
34     * operations it supports and which it doesn't.
35     *
36     * @var array
37     */
38    protected $_capabilities = array(
39        'authenticate'  => true
40    );
41
42    /**
43     * Constructor.
44     *
45     * @param array $params  Parameters:
46     * <pre>
47     * 'kolab' - (Horde_Kolab_Session) [REQUIRED] TODO
48     * </pre>
49     *
50     * @throws InvalidArgumentException
51     */
52    public function __construct(array $params = array())
53    {
54        if (!isset($params['kolab'])) {
55            throw new InvalidArgumentException('Missing kolab parameter.');
56        }
57
58        parent::__construct($params);
59    }
60
61    /**
62     * Find out if a set of login credentials are valid.
63     *
64     * For Kolab this requires to identify the IMAP server the user should
65     * be authenticated against before the credentials can be checked using
66     * this server. The Kolab_Server module handles identification of the
67     * correct IMAP server.
68     *
69     * @param string $userId      The userId to check.
70     * @param array $credentials  An array of login credentials. For Kolab,
71     *                            this must contain a "password" entry.
72     *
73     * @throws Horde_Auth_Exception
74     */
75    protected function _authenticate($userId, $credentials)
76    {
77        try {
78            $this->_params['kolab']->connect($userId, $credentials);
79        } catch (Horde_Kolab_Session_Exception_Badlogin $e) {
80            throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN);
81        } catch (Horde_Kolab_Session_Exception $e) {
82            if ($this->_logger) {
83                $this->_logger->log($e, 'ERR');
84            }
85            throw new Horde_Auth_Exception('', Horde_Auth::REASON_FAILED);
86        }
87
88        $this->_credentials['userId'] = $this->_params['kolab']->getMail();
89
90        return true;
91    }
92
93}
94