Fix authentication problems (fixes #217)

sources/patches/main-00-ldap-auth.patch

@@ -0,0 +1,46 @@
+diff --git a/app/config/security.yml b/app/config/security.yml
+index 02afc9ea..5a3f7a34 100644
+--- a/app/config/security.yml
++++ b/app/config/security.yml
+@@ -13,6 +13,14 @@ security:
+                 property: username
+         fos_userbundle:
+             id: fos_user.user_provider.username_email
++        yunohost_users:
++            ldap:
++                service: yunohost.ldap
++                base_dn: ou=users,dc=yunohost,dc=org
++                search_dn:
++                search_password:
++                filter: (&(uid={username})(objectClass=posixAccount))
++                default_roles: ROLE_USER
+
+     # the main part of the security, where you can set up firewalls
+     # for specific sections of your app
+@@ -38,6 +46,9 @@ security:
+
+         secured_area:
+             pattern: ^/
++            http_basic_ldap:
++                service: yunohost.ldap
++                dn_string: "uid={username},ou=users,dc=yunohost,dc=org"
+             form_login:
+                 provider: fos_userbundle
+                 csrf_token_generator: security.csrf.token_manager
+diff --git a/app/config/services.yml b/app/config/services.yml
+index 7b85d846..f23961c5 100644
+--- a/app/config/services.yml
++++ b/app/config/services.yml
+@@ -43,6 +43,10 @@ services:
+         tags:
+             - { name: kernel.event_listener, event: security.interactive_login, method: onInteractiveLogin }
+
++    yunohost.ldap:
++        class: Symfony\Component\Ldap\LdapClient
++        arguments: ["localhost"]
++
+     craue_config_cache_provider:
+         class: Symfony\Component\Cache\Adapter\FilesystemAdapter
+         public: false
+--
+2.17.1

sources/patches/main-01-logout-success-handler.patch

@@ -0,0 +1,63 @@
+diff --git a/app/config/security.yml b/app/config/security.yml
+index 5a3f7a34..1720e741 100644
+--- a/app/config/security.yml
++++ b/app/config/security.yml
+@@ -62,7 +62,7 @@ security:
+
+             logout:
+                 path:   /logout
+-                target: /
++                success_handler: yunohost.logout_success_handler
+
+     access_control:
+         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+diff --git a/app/config/services.yml b/app/config/services.yml
+index f23961c5..f266e6d1 100644
+--- a/app/config/services.yml
++++ b/app/config/services.yml
+@@ -43,6 +43,10 @@ services:
+         tags:
+             - { name: kernel.event_listener, event: security.interactive_login, method: onInteractiveLogin }
+
++    yunohost.logout_success_handler:
++        class: Wallabag\YunoHostBundle\Security\LogoutSuccessHandler
++
++
+     yunohost.ldap:
+         class: Symfony\Component\Ldap\LdapClient
+         arguments: ["localhost"]
+diff --git a/src/Wallabag/YunoHostBundle/Security/LogoutSuccessHandler.php b/src/Wallabag/YunoHostBundle/Security/LogoutSuccessHandler.php
+new file mode 100644
+index 00000000..b3268243
+--- /dev/null
++++ b/src/Wallabag/YunoHostBundle/Security/LogoutSuccessHandler.php
+@@ -0,0 +1,27 @@
++<?php
++
++namespace Wallabag\YunoHostBundle\Security;
++
++use Symfony\Component\HttpFoundation\Request;
++use Symfony\Component\HttpFoundation\RedirectResponse;
++use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
++
++/**
++ * Redirects to the SSO logout URL in case of a successful logout.
++ *
++ * @see http://api.symfony.com/3.1/Symfony/Component/Security/Http/Logout/LogoutSuccessHandlerInterface.html
++ */
++class LogoutSuccessHandler implements LogoutSuccessHandlerInterface
++{
++    /**
++     * {@inheritdoc}
++     */
++    public function onLogoutSuccess(Request $request)
++    {
++        // Retrieve the current SSO logout URL
++        $main_domain = exec('cat /etc/yunohost/current_host');
++        $url = 'https://' . $main_domain . '/yunohost/sso/?action=logout';
++
++        return new RedirectResponse($url);
++    }
++}
+--
+2.17.1

sources/patches/main-02-oauth-workaround.patch

@@ -0,0 +1,11 @@
+--- a/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php      2016-02-22 13:57:55.000000000 +0000
++++ b/vendor/friendsofsymfony/oauth-server-bundle/Storage/OAuthStorage.php      2017-04-13 17:16:06.298501506 +0000
+@@ -170,7 +170,7 @@
+         if (null !== $user) {
+             $encoder = $this->encoderFactory->getEncoder($user);
+
+-            if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
++            if (true) {
+                 return array(
+                     'data' => $user,
+                 );