IMAP Authentication added to Baikal

[n-connect]

Moving this week from another calendar server to Sabre/dav -> Baikal needed the IMAP auth capability. After checking #52 #869 #656 plus some Google search here is a fully working IMAP auth extension for Baikal, including Webadmin UI and saving the IMAP connection data into baikal.yaml. I'm no PHP coder, used the existing coding style to add the functionality (the PHP-CS fixer throws errors for some reasons, not checked).

Highlights :

• Model/Config/Standard.php extended: to have "imap_connection" value saved into baikal.yaml config file plus the Webadmin UI got a new connected field to be able to see/read/modify the IMAP connection
• Core/Server.php extended: to be able to use imap_connection from baikal.yaml
• Including Sabre.io/dav v4.6.0 IMAP Auth Backend code, under /Core/Frameworks/Baikal/Core/
• web-admin UI settings Standard.php updated, the new IMAP connection text field shows only if IMAP selected as auth type. The connected Listbox now has the "refreshonchange" property as "true" . As a consequence, during install, manipulating the Auth type listbox throws an exception on Admin passwd fields (just type "1" twice in the PW field to be able to change Auth type multiple times during install)

Tested with:

• UNIX/Linux IMAP server on tcp/993 over SSL valid public certificate
• based on Sabre/dav, it should work with any other IMAP flavors, eg. port 143 with StartTLS

Usage:

• install as usual
• in Web-admin UI set for IMAP auth, and add/edit to your IMAP server details. Additional info in Sabre/dav Authenticaton or PHP's imap_open docs
• default string set to localhost:993, make sure you have your IMAP server details right, save it
• create 1 to N users in web-admin (I've set the usernames as full e-mail address), set arbitrary passwords for these accounts -> then add them in your(their) calendar via the e-mail account's password in the calendar app.
• For me the calendar URL setup worked like this: calendarserver.com/dav.php/principals/[email protected]/

If you want to disable web-admin UI after your configuration is done:

• set your NGINX/Lighthttpd's config index to another filename than index.php,
• or deny the index.php -> until the Baikal adds this functionality into the code/baikal.yaml

TODO:

• imap connection validation(?)

Working code can be downloaded/tested from my fork

[narcisgarcia]

Just installed Baikal 0.10.1 (nothing documented about IMAP authentication)
I don't see IMAP auth in in Web-admin UI

Sabre documentation talks about adding a plugin by writing some code, I don't know what file to.

[n-connect]

@narcisgarcia,

Yepp, it still an open PR and not in the upstream code yet, despite the fact the IMAP auth code is part of Sabre.io/dav, and Baikal is a frontend for Sabre.io/dav. I don't know the reasoning behind. You can go to my fork which is 0.9.6.1 at release level. But, I've updated the fork - so downloading the master will give you the latest Baikal v0.10.1 + this PR in once.

If you need I can cross-check it my install procedure still works with Baikal v0.10.1 without modification
(here the autochecks shows everything is fine), / make a "version mirror" release in my repo.

[narcisgarcia]

Does this auth implementation automatically create new accounts and their calendars & addressbooks?
Does the new user need to go to Baikal to configure something?

[n-connect]

As far as I recall:

• if Baikal is now able to do user-autocreate than the answer is yes, BUT a year ago it was not,
• for the second, I don't recall you need users's to do init config.

You have have the same questions, I've have had a year ago... I don't remember, sorry.
After I made this PR and made a working calendar server in a jail and documented it - it just worked and I do not really looked into it since then.
But, here User auto-creation fails with 3 different clients on new/fresh davis server from v4.4.4 #170 I did some extensive tests in another Symphony based implementation. For the record since that issue fixed I have not used Baikal, but Davis.

Edit: if it is not in Baikal yet, it seems (based on Davis) not too hard to add. The question is when such PR would be accepted into Baikal's mainline

[JorisHansMeijer]

I ran into a small issue with this code. The webadmin tool is not working for me. I had to add a include to:
Core/Frameworks/BaikalAdmin/Controller/Settings/Standard.php. Add:
use Symfony\Components\Yaml\Yaml;
Did not test imap authentication jet.

[n-connect]

@JorisHansMeijer, @narcisgarcia

Idk why use Symfony\Components\Yaml\Yaml; was removed from the master here, and from 0.10.x release.
it is still in the code in my fork. So it was there, and I've synced my fork middle summer. With a commit search it can be found I guess.

Created a new release, if you wanna try it out altogether.