[packages/dokuwiki.git] / dokuwiki-http_auth-option.patch

- https://github.com/dokuwiki/dokuwiki/pull/15

--- dokuwiki-2020-07-29a/conf/dokuwiki.php~	2022-09-03 19:58:24.000000000 +0300
+++ dokuwiki-2020-07-29a/conf/dokuwiki.php	2023-03-27 11:25:04.212540600 +0300
@@ -63,6 +63,7 @@
 $conf['rememberme'] = 1;                 //Enable/disable remember me on login
 $conf['disableactions'] = '';            //comma separated list of actions to disable
 $conf['auth_security_timeout'] = 900;    //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
+$conf['http_auth'] = 1;                  //allows HTTP authorization (SSO) from PHP_AUTH_USER/PHP_AUTH_PW variables
 $conf['securecookie'] = 1;               //never send HTTPS cookies via HTTP
 $conf['remote']      = 0;                //Enable/disable remote interfaces
 $conf['remoteuser']  = '!!not set!!';    //user/groups that have access to remote interface (comma separated). leave empty to allow all users
--- dokuwiki-2023-04-04/inc/auth.php~	2023-04-04 19:21:21.000000000 +0300
+++ dokuwiki-2023-04-04/inc/auth.php	2023-04-05 15:43:33.873377532 +0300
@@ -75,7 +75,7 @@
     }
 
     // if no credentials were given try to use HTTP auth (for SSO)
-    if (!$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($INPUT->server->str('PHP_AUTH_USER'))) {
+    if ($conf['http_auth'] && !$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($INPUT->server->str('PHP_AUTH_USER'))) {
         $INPUT->set('u', $INPUT->server->str('PHP_AUTH_USER'));
         $INPUT->set('p', $INPUT->server->str('PHP_AUTH_PW'));
         $INPUT->set('http_credentials', true);
Commit	Line	Data
f350088e ER	1	- https://github.com/dokuwiki/dokuwiki/pull/15
	2
	3	--- dokuwiki-2020-07-29a/conf/dokuwiki.php~ 2022-09-03 19:58:24.000000000 +0300
	4	+++ dokuwiki-2020-07-29a/conf/dokuwiki.php 2023-03-27 11:25:04.212540600 +0300
	5	@@ -63,6 +63,7 @@
4055b8de	6	$conf['rememberme'] = 1; //Enable/disable remember me on login
110e8aa6	7	$conf['disableactions'] = ''; //comma separated list of actions to disable
110e8aa6	8	$conf['auth_security_timeout'] = 900; //time (seconds) auth data is considered valid, set to 0 to recheck on every page view
c9dcec0a	9	+$conf['http_auth'] = 1; //allows HTTP authorization (SSO) from PHP_AUTH_USER/PHP_AUTH_PW variables
7df7f76f	10	$conf['securecookie'] = 1; //never send HTTPS cookies via HTTP
4055b8de	11	$conf['remote'] = 0; //Enable/disable remote interfaces
f350088e	12	$conf['remoteuser'] = '!!not set!!'; //user/groups that have access to remote interface (comma separated). leave empty to allow all users
137ac30f ER	13	--- dokuwiki-2023-04-04/inc/auth.php~ 2023-04-04 19:21:21.000000000 +0300
	14	+++ dokuwiki-2023-04-04/inc/auth.php 2023-04-05 15:43:33.873377532 +0300
	15	@@ -75,7 +75,7 @@
c4df8b0c	16	}
110e8aa6	17
c4df8b0c	18	// if no credentials were given try to use HTTP auth (for SSO)
137ac30f ER	19	- if (!$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($INPUT->server->str('PHP_AUTH_USER'))) {
	20	+ if ($conf['http_auth'] && !$INPUT->str('u') && empty($_COOKIE[DOKU_COOKIE]) && !empty($INPUT->server->str('PHP_AUTH_USER'))) {
	21	$INPUT->set('u', $INPUT->server->str('PHP_AUTH_USER'));
	22	$INPUT->set('p', $INPUT->server->str('PHP_AUTH_PW'));
82008d57	23	$INPUT->set('http_credentials', true);