From 173d0324eaee8312dcaaef710dfa880238380a79 Mon Sep 17 00:00:00 2001
From: Thomas Hackl <hackl@data-quest.de>
Date: Fri, 13 May 2022 11:38:16 +0200
Subject: [PATCH] using access token, thus skipping login in
 requireSystemAccount()

---
 .../04_rename_matrix_login_token_entry.php    | 72 +++++++++++++++++++
 models/MatrixAccount.php                      | 14 ++--
 plugin.manifest                               |  2 +-
 3 files changed, 79 insertions(+), 9 deletions(-)
 create mode 100644 migrations/04_rename_matrix_login_token_entry.php

diff --git a/migrations/04_rename_matrix_login_token_entry.php b/migrations/04_rename_matrix_login_token_entry.php
new file mode 100644
index 0000000..cbd042a
--- /dev/null
+++ b/migrations/04_rename_matrix_login_token_entry.php
@@ -0,0 +1,72 @@
+<?php
+
+/**
+ * Class RenameMatrixLoginTokenEntry
+ * Service account has an access token instead of a login token.
+ * Reflect this in the config entry name.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * @author      Thomas Hackl <hackl@data-quest.de>
+ * @license     http://www.gnu.org/licenses/gpl-2.0.html GPL version 2
+ * @category    Matrix
+ */
+
+class RenameMatrixLoginTokenEntry extends Migration
+{
+
+    public function description()
+    {
+        return 'Service account has an access token instead of a login token. Reflect this in the config entry name.';
+    }
+
+    public function up()
+    {
+        DBManager::get()->execute(
+            "UPDATE `config` SET `field` = :newname, `description`= :newdesc WHERE `field` = :oldname",
+            [
+                'oldname' => 'MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN',
+                'newname' => 'MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN',
+                'newdesc' => 'WebSSO-Token zur Authentifizierung des Serviceaccounts. Ist dieser Wert gesetzt, ' .
+                    'wird ein eventuell ebenfalls eingetragenes Passwort nicht verwendet.'
+            ]
+        );
+        DBManager::get()->execute(
+            "UPDATE `config_values` SET `field` = :newname WHERE `field` = :oldname",
+            [
+                'oldname' => 'MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN',
+                'newname' => 'MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN'
+            ]
+        );
+    }
+
+    public function down()
+    {
+        $update = [
+            'oldname' => 'MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN',
+            'newname' => 'MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN',
+            'newdesc' => 'WebSSO-Token zum Login des Serviceaccounts. Ist dieser Wert gesetzt, ' .
+                'wird er statt eines möglicherweise ebenfalls angegebenen Passworts verwendet.'
+        ];
+        DBManager::get()->execute(
+            "UPDATE `config` SET `field` = :newname, `description`= :newdesc WHERE `field` = :oldname",
+            [
+                'oldname' => 'MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN',
+                'newname' => 'MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN',
+                'newdesc' => 'WebSSO-Token zum Login des Serviceaccounts. Ist dieser Wert gesetzt, ' .
+                    'wird er statt eines möglicherweise ebenfalls angegebenen Passworts verwendet.'
+            ]
+        );
+        DBManager::get()->execute(
+            "UPDATE `config_values` SET `field` = :newname WHERE `field` = :oldname",
+            [
+                'oldname' => 'MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN',
+                'newname' => 'MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN'
+            ]
+        );
+    }
+
+}
\ No newline at end of file
diff --git a/models/MatrixAccount.php b/models/MatrixAccount.php
index 452399b..276f186 100644
--- a/models/MatrixAccount.php
+++ b/models/MatrixAccount.php
@@ -58,20 +58,18 @@ class MatrixAccount extends SimpleORMap
     {
         if (trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_USERNAME) != '' &&
                 (trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_PASSWORD) != '' ||
-                    trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN) != '')) {
+                    trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN) != '')) {
 
-            // Login token specified, use this.
-            if (trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN) != '') {
-                $account = new Patrix\Account(trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_USERNAME), '',
-                    trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_LOGIN_TOKEN));
-                $viaToken = true;
+            // Access token specified, use this (and skip login because the token can be used directly).
+            if (trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN) != '') {
+                $account = new Patrix\Account(trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_USERNAME), '');
+                $account->setAccessData(trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_ACCESS_TOKEN), 'Stud.IP');
             // No token, login by username and password.
             } else {
                 $account = new Patrix\Account(trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_USERNAME),
                     trim(Config::get()->MATRIX_SYSTEM_ACCOUNT_PASSWORD));
-                $viaToken = false;
+                MatrixClient::get()->login($account);
             }
-            MatrixClient::get()->login($account, $viaToken);
             return $account;
 
         } else {
diff --git a/plugin.manifest b/plugin.manifest
index 10153f9..72e2930 100644
--- a/plugin.manifest
+++ b/plugin.manifest
@@ -1,7 +1,7 @@
 pluginname=Matrix-Chat
 pluginclassname=MatrixPlugin
 origin=data-quest
-version=1.1.2
+version=1.2
 screenshot=assets/images/matrix_logo.png
 description=Matrix chat for Stud.IP courses
 studipMinVersion=4.5
-- 
GitLab