From 94b232bbb8de4699911a6446a1a96f75370cab50 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Tue, 9 May 2017 22:25:18 +0200 Subject: Skip auth when no credentials are found MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If we can’t find a credential for the current host, even if it required login, we won’t add them and website will be fetched without any login. --- .../GrabySiteConfigBuilder.php | 36 ++++++++++++++++------ 1 file changed, 27 insertions(+), 9 deletions(-) (limited to 'src/Wallabag/CoreBundle/GuzzleSiteAuthenticator') diff --git a/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php b/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php index 1c866f17..a16ed49d 100644 --- a/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php +++ b/src/Wallabag/CoreBundle/GuzzleSiteAuthenticator/GrabySiteConfigBuilder.php @@ -6,28 +6,35 @@ use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfig; use BD\GuzzleSiteAuthenticator\SiteConfig\SiteConfigBuilder; use Graby\SiteConfig\ConfigBuilder; use OutOfRangeException; +use Psr\Log\LoggerInterface; class GrabySiteConfigBuilder implements SiteConfigBuilder { /** - * @var \Graby\SiteConfig\ConfigBuilder + * @var ConfigBuilder */ private $grabyConfigBuilder; /** * @var array */ private $credentials; + /** + * @var LoggerInterface + */ + private $logger; /** * GrabySiteConfigBuilder constructor. * - * @param \Graby\SiteConfig\ConfigBuilder $grabyConfigBuilder - * @param array $credentials + * @param ConfigBuilder $grabyConfigBuilder + * @param array $credentials + * @param LoggerInterface $logger */ - public function __construct(ConfigBuilder $grabyConfigBuilder, array $credentials = []) + public function __construct(ConfigBuilder $grabyConfigBuilder, array $credentials, LoggerInterface $logger) { $this->grabyConfigBuilder = $grabyConfigBuilder; $this->credentials = $credentials; + $this->logger = $logger; } /** @@ -47,6 +54,12 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder $host = substr($host, 4); } + if (!isset($this->credentials[$host])) { + $this->logger->debug('Auth: no credentials available for host.', ['host' => $host]); + + return false; + } + $config = $this->grabyConfigBuilder->buildForHost($host); $parameters = [ 'host' => $host, @@ -56,14 +69,18 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder 'passwordField' => $config->login_password_field ?: null, 'extraFields' => $this->processExtraFields($config->login_extra_fields), 'notLoggedInXpath' => $config->not_logged_in_xpath ?: null, + 'username' => $this->credentials[$host]['username'], + 'password' => $this->credentials[$host]['password'], ]; - if (isset($this->credentials[$host])) { - $parameters['username'] = $this->credentials[$host]['username']; - $parameters['password'] = $this->credentials[$host]['password']; - } + $config = new SiteConfig($parameters); + + // do not leak password in log + $parameters['password'] = '**masked**'; - return new SiteConfig($parameters); + $this->logger->debug('Auth: add parameters.', ['host' => $host, 'parameters' => $parameters]); + + return $config; } /** @@ -85,6 +102,7 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder if (strpos($extraField, '=') === false) { continue; } + list($fieldName, $fieldValue) = explode('=', $extraField, 2); $extraFields[$fieldName] = $fieldValue; } -- cgit v1.2.3