From 239e17d73514846a249bc8b94e68e4a19312c98f Mon Sep 17 00:00:00 2001 From: IM Date: Wed, 17 Apr 2024 18:31:51 +0300 Subject: [PATCH 1/2] added compatibility with a case-insensitive authentication provider --- config | 3 +++ radicale/auth/__init__.py | 8 +++++++- radicale/auth/htpasswd.py | 2 +- radicale/auth/none.py | 2 +- radicale/config.py | 6 +++++- 5 files changed, 17 insertions(+), 4 deletions(-) diff --git a/config b/config index 58afc5e4a..4cab70c6b 100644 --- a/config +++ b/config @@ -70,6 +70,9 @@ # Message displayed in the client when a password is needed #realm = Radicale - Password Required +# Сonvert username to lowercase, must be true for case-insensitive auth providers +#lc_username = False + [rights] diff --git a/radicale/auth/__init__.py b/radicale/auth/__init__.py index 9c4dd1c04..e03a69b3a 100644 --- a/radicale/auth/__init__.py +++ b/radicale/auth/__init__.py @@ -44,6 +44,8 @@ def load(configuration: "config.Configuration") -> "BaseAuth": class BaseAuth: + _lc_username: bool + def __init__(self, configuration: "config.Configuration") -> None: """Initialize BaseAuth. @@ -53,6 +55,7 @@ def __init__(self, configuration: "config.Configuration") -> None: """ self.configuration = configuration + self._lc_username = configuration.get("auth", "lc_username") def get_external_login(self, environ: types.WSGIEnviron) -> Union[ Tuple[()], Tuple[str, str]]: @@ -67,7 +70,7 @@ def get_external_login(self, environ: types.WSGIEnviron) -> Union[ """ return () - def login(self, login: str, password: str) -> str: + def _login(self, login: str, password: str) -> str: """Check credentials and map login to internal user ``login`` the login name @@ -79,3 +82,6 @@ def login(self, login: str, password: str) -> str: """ raise NotImplementedError + + def login(self, login: str, password: str) -> str: + return self._login(login, password).lower() if self._lc_username else self._login(login, password) diff --git a/radicale/auth/htpasswd.py b/radicale/auth/htpasswd.py index 0476acf76..689bb0fba 100644 --- a/radicale/auth/htpasswd.py +++ b/radicale/auth/htpasswd.py @@ -127,7 +127,7 @@ def _autodetect(self, hash_value: str, password: str) -> bool: # assumed plaintext return self._plain(hash_value, password) - def login(self, login: str, password: str) -> str: + def _login(self, login: str, password: str) -> str: """Validate credentials. Iterate through htpasswd credential file until login matches, extract diff --git a/radicale/auth/none.py b/radicale/auth/none.py index ce2b1c869..be451feba 100644 --- a/radicale/auth/none.py +++ b/radicale/auth/none.py @@ -27,5 +27,5 @@ class Auth(auth.BaseAuth): - def login(self, login: str, password: str) -> str: + def _login(self, login: str, password: str) -> str: return login diff --git a/radicale/config.py b/radicale/config.py index 19c0624d0..b1aa9bf64 100644 --- a/radicale/config.py +++ b/radicale/config.py @@ -177,7 +177,11 @@ def _convert_to_bool(value: Any) -> bool: ("delay", { "value": "1", "help": "incorrect authentication delay", - "type": positive_float})])), + "type": positive_float}), + ("lc_username", { + "value": "False", + "help": "convert username to lowercase, must be true for case-insensitive auth providers", + "type": bool})])), ("rights", OrderedDict([ ("type", { "value": "owner_only", From a7882b98bdeb55d137ef370942751c3cfda37ff4 Mon Sep 17 00:00:00 2001 From: IM Date: Thu, 18 Apr 2024 22:06:16 +0300 Subject: [PATCH 2/2] added description lc_username to documentation --- DOCUMENTATION.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/DOCUMENTATION.md b/DOCUMENTATION.md index ccd301ef0..2b30ed72c 100644 --- a/DOCUMENTATION.md +++ b/DOCUMENTATION.md @@ -786,6 +786,13 @@ Message displayed in the client when a password is needed. Default: `Radicale - Password Required` +##### lc_username + +Сonvert username to lowercase, must be true for case-insensitive auth +providers like ldap, kerberos + +Default: `False` + #### rights ##### type