1 files changed, 77 insertions, 20 deletions
diff --git a/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php b/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php
index 6d4129e8..a79e6ebe 100644
--- a/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php
+++ b/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php
@@ -5,39 +5,53 @@ namespace Wallabag\CoreBundle\GuzzleSiteAuthenticator;
 use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfig;
 use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfigBuilder;
 use Graby\SiteConfig\ConfigBuilder;
-use OutOfRangeException;
+use Psr\Log\LoggerInterface;
+use Wallabag\CoreBundle\Repository\SiteCredentialRepository;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
 class GrabySiteConfigBuilder implements SiteConfigBuilder
 {
    /**
-     * @var \Graby\SiteConfig\ConfigBuilder
+     * @var ConfigBuilder
     */
    private $grabyConfigBuilder;
+    /**
+     * @var SiteCredentialRepository
+     */
+    private $credentialRepository;
    /**
-     * @var array
+     * @var LoggerInterface
     */
-    private $credentials;
+    private $logger;
+    /**
+     * @var Wallabag\UserBundle\Entity\User|null
+     */
+    private $currentUser;
    /**
     * GrabySiteConfigBuilder constructor.
     *
-     * @param \Graby\SiteConfig\ConfigBuilder $grabyConfigBuilder
+     * @param ConfigBuilder            $grabyConfigBuilder
-     * @param array                           $credentials
+     * @param TokenStorage             $token
+     * @param SiteCredentialRepository $credentialRepository
+     * @param LoggerInterface          $logger
     */
-    public function __construct(ConfigBuilder $grabyConfigBuilder, array $credentials = [])
+    public function __construct(ConfigBuilder $grabyConfigBuilder, TokenStorage $token, SiteCredentialRepository $credentialRepository, LoggerInterface $logger)
    {
        $this->grabyConfigBuilder = $grabyConfigBuilder;
-        $this->credentials = $credentials;
+        $this->credentialRepository = $credentialRepository;
+        $this->logger = $logger;
+        if ($token->getToken()) {
+            $this->currentUser = $token->getToken()->getUser();
+        }
    }
    /**
-     * Builds the SiteConfig for a host.
+     * {@inheritdoc}
-     *
-     * @param string $host The "www." prefix is ignored
-     *
-     * @return SiteConfig
-     *
-     * @throws OutOfRangeException If there is no config for $host
     */
    public function buildForHost($host)
    {
@@ -47,6 +61,17 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder
            $host = substr($host, 4);
        }
+        $credentials = null;
+        if ($this->currentUser) {
+            $credentials = $this->credentialRepository->findOneByHostAndUser($host, $this->currentUser->getId());
+        }
+        if (null === $credentials) {
+            $this->logger->debug('Auth: no credentials available for host.', ['host' => $host]);
+            return false;
+        }
        $config = $this->grabyConfigBuilder->buildForHost($host);
        $parameters = [
            'host' => $host,
@@ -54,15 +79,47 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder
            'loginUri' => $config->login_uri ?: null,
            'usernameField' => $config->login_username_field ?: null,
            'passwordField' => $config->login_password_field ?: null,
-            'extraFields' => is_array($config->login_extra_fields) ? $config->login_extra_fields : [],
+            'extraFields' => $this->processExtraFields($config->login_extra_fields),
            'notLoggedInXpath' => $config->not_logged_in_xpath ?: null,
+            'username' => $credentials['username'],
+            'password' => $credentials['password'],
        ];
-        if (isset($this->credentials[$host])) {
+        $config = new SiteConfig($parameters);
-            $parameters['username'] = $this->credentials[$host]['username'];
-            $parameters['password'] = $this->credentials[$host]['password'];
+        // do not leak usernames and passwords in log
+        $parameters['username'] = '**masked**';
+        $parameters['password'] = '**masked**';
+        $this->logger->debug('Auth: add parameters.', ['host' => $host, 'parameters' => $parameters]);
+        return $config;
+    }
+    /**
+     * Processes login_extra_fields config, transforming an '=' separated array of strings
+     * into a key/value array.
+     *
+     * @param array|mixed $extraFieldsStrings
+     *
+     * @return array
+     */
+    protected function processExtraFields($extraFieldsStrings)
+    {
+        if (!is_array($extraFieldsStrings)) {
+            return [];
+        }
+        $extraFields = [];
+        foreach ($extraFieldsStrings as $extraField) {
+            if (strpos($extraField, '=') === false) {
+                continue;
+            }
+            list($fieldName, $fieldValue) = explode('=', $extraField, 2);
+            $extraFields[$fieldName] = $fieldValue;
        }
-        return new SiteConfig($parameters);
+        return $extraFields;
    }
 }

diff --git a/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php b/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php index 6d4129e8..a79e6ebe 100644 --- a/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php +++ b/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php
@@ -5,39 +5,53 @@ namespace Wallabag\CoreBundle\GuzzleSiteAuthenticator;
5	use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfig;	5	use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfig;
6	use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfigBuilder;	6	use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfigBuilder;
7	use Graby\SiteConfig\ConfigBuilder;	7	use Graby\SiteConfig\ConfigBuilder;
8	use OutOfRangeException;	8	use Psr\Log\LoggerInterface;
		9	use Wallabag\CoreBundle\Repository\SiteCredentialRepository;
		10	use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
9		11
10	class GrabySiteConfigBuilder implements SiteConfigBuilder	12	class GrabySiteConfigBuilder implements SiteConfigBuilder
11	{	13	{
12	/**	14	/**
13	* @var \Graby\SiteConfig\ConfigBuilder	15	* @var ConfigBuilder
14	*/	16	*/
15	private $grabyConfigBuilder;	17	private $grabyConfigBuilder;
		18
		19	/**
		20	* @var SiteCredentialRepository
		21	*/
		22	private $credentialRepository;
		23
16	/**	24	/**
17	* @var array	25	* @var LoggerInterface
18	*/	26	*/
19	private $credentials;	27	private $logger;
		28
		29	/**
		30	* @var Wallabag\UserBundle\Entity\User\|null
		31	*/
		32	private $currentUser;
20		33
21	/**	34	/**
22	* GrabySiteConfigBuilder constructor.	35	* GrabySiteConfigBuilder constructor.
23	*	36	*
24	* @param \Graby\SiteConfig\ConfigBuilder $grabyConfigBuilder	37	* @param ConfigBuilder $grabyConfigBuilder
25	* @param array $credentials	38	* @param TokenStorage $token
		39	* @param SiteCredentialRepository $credentialRepository
		40	* @param LoggerInterface $logger
26	*/	41	*/
27	public function __construct(ConfigBuilder $grabyConfigBuilder, array $credentials = [])	42	public function __construct(ConfigBuilder $grabyConfigBuilder, TokenStorage $token, SiteCredentialRepository $credentialRepository, LoggerInterface $logger)
28	{	43	{
29	$this->grabyConfigBuilder = $grabyConfigBuilder;	44	$this->grabyConfigBuilder = $grabyConfigBuilder;
30	$this->credentials = $credentials;	45	$this->credentialRepository = $credentialRepository;
		46	$this->logger = $logger;
		47
		48	if ($token->getToken()) {
		49	$this->currentUser = $token->getToken()->getUser();
		50	}
31	}	51	}
32		52
33	/**	53	/**
34	* Builds the SiteConfig for a host.	54	* {@inheritdoc}
35	*
36	* @param string $host The "www." prefix is ignored
37	*
38	* @return SiteConfig
39	*
40	* @throws OutOfRangeException If there is no config for $host
41	*/	55	*/
42	public function buildForHost($host)	56	public function buildForHost($host)
43	{	57	{
@@ -47,6 +61,17 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder
47	$host = substr($host, 4);	61	$host = substr($host, 4);
48	}	62	}
49		63
		64	$credentials = null;
		65	if ($this->currentUser) {
		66	$credentials = $this->credentialRepository->findOneByHostAndUser($host, $this->currentUser->getId());
		67	}
		68
		69	if (null === $credentials) {
		70	$this->logger->debug('Auth: no credentials available for host.', ['host' => $host]);
		71
		72	return false;
		73	}
		74
50	$config = $this->grabyConfigBuilder->buildForHost($host);	75	$config = $this->grabyConfigBuilder->buildForHost($host);
51	$parameters = [	76	$parameters = [
52	'host' => $host,	77	'host' => $host,
@@ -54,15 +79,47 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder
54	'loginUri' => $config->login_uri ?: null,	79	'loginUri' => $config->login_uri ?: null,
55	'usernameField' => $config->login_username_field ?: null,	80	'usernameField' => $config->login_username_field ?: null,
56	'passwordField' => $config->login_password_field ?: null,	81	'passwordField' => $config->login_password_field ?: null,
57	'extraFields' => is_array($config->login_extra_fields) ? $config->login_extra_fields : [],	82	'extraFields' => $this->processExtraFields($config->login_extra_fields),
58	'notLoggedInXpath' => $config->not_logged_in_xpath ?: null,	83	'notLoggedInXpath' => $config->not_logged_in_xpath ?: null,
		84	'username' => $credentials['username'],
		85	'password' => $credentials['password'],
59	];	86	];
60		87
61	if (isset($this->credentials[$host])) {	88	$config = new SiteConfig($parameters);
62	$parameters['username'] = $this->credentials[$host]['username'];	89
63	$parameters['password'] = $this->credentials[$host]['password'];	90	// do not leak usernames and passwords in log
		91	$parameters['username'] = 'masked';
		92	$parameters['password'] = 'masked';
		93
		94	$this->logger->debug('Auth: add parameters.', ['host' => $host, 'parameters' => $parameters]);
		95
		96	return $config;
		97	}
		98
		99	/**
		100	* Processes login_extra_fields config, transforming an '=' separated array of strings
		101	* into a key/value array.
		102	*
		103	* @param array\|mixed $extraFieldsStrings
		104	*
		105	* @return array
		106	*/
		107	protected function processExtraFields($extraFieldsStrings)
		108	{
		109	if (!is_array($extraFieldsStrings)) {
		110	return [];
		111	}
		112
		113	$extraFields = [];
		114	foreach ($extraFieldsStrings as $extraField) {
		115	if (strpos($extraField, '=') === false) {
		116	continue;
		117	}
		118
		119	list($fieldName, $fieldValue) = explode('=', $extraField, 2);
		120	$extraFields[$fieldName] = $fieldValue;
64	}	121	}
65		122
66	return new SiteConfig($parameters);	123	return $extraFields;
67	}	124	}
68	}	125	}