From a033d1498d28a09123dcbd5790c7709318e1eff3 Mon Sep 17 00:00:00 2001
From: James Brooks <james@alt-three.com>
Date: Thu, 3 Jan 2019 19:45:43 +0000
Subject: [PATCH 1/3] Add support for authentication via REMOTE_USER

---
 .../Providers/RouteServiceProvider.php        |  4 +-
 app/Http/Kernel.php                           | 22 +++++-----
 .../Middleware/RemoteUserAuthenticate.php     | 44 +++++++++++++++++++
 3 files changed, 59 insertions(+), 11 deletions(-)
 create mode 100644 app/Http/Middleware/RemoteUserAuthenticate.php

diff --git a/app/Foundation/Providers/RouteServiceProvider.php b/app/Foundation/Providers/RouteServiceProvider.php
index 9a17c2a6ec44..26171a786661 100644
--- a/app/Foundation/Providers/RouteServiceProvider.php
+++ b/app/Foundation/Providers/RouteServiceProvider.php
@@ -28,6 +28,7 @@
 use Illuminate\Routing\Router;
 use Illuminate\Session\Middleware\StartSession;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
+use CachetHQ\Cachet\Http\Middleware\RemoteUserAuthenticate;
 
 /**
  * This is the route service provider.
@@ -149,9 +150,10 @@ protected function mapForBrowser(Router $router, $routes, $applyAlwaysAuthentica
             VerifyCsrfToken::class,
             SubstituteBindings::class,
         ];
-
+        
         if ($applyAlwaysAuthenticate && !$this->isWhiteListedAuthRoute($routes)) {
             $middleware[] = Authenticate::class;
+            $middleware[] = RemoteUserAuthenticate::class;
         }
 
         $router->group(['middleware' => $middleware], function (Router $router) use ($routes) {
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 775f4691803d..565e064ba48a 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -24,6 +24,7 @@
 use Illuminate\Auth\Middleware\Authorize;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
 use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
+use CachetHQ\Cachet\Http\Middleware\RemoteUserAuthenticate;
 
 class Kernel extends HttpKernel
 {
@@ -43,15 +44,16 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $routeMiddleware = [
-        'admin'       => Admin::class,
-        'can'         => Authorize::class,
-        'auth'        => Authenticate::class,
-        'auth.api'    => ApiAuthentication::class,
-        'guest'       => RedirectIfAuthenticated::class,
-        'localize'    => Localize::class,
-        'ready'       => ReadyForUse::class,
-        'setup'       => SetupAlreadyCompleted::class,
-        'subscribers' => SubscribersConfigured::class,
-        'throttle'    => ThrottlingMiddleware::class,
+        'admin'           => Admin::class,
+        'can'             => Authorize::class,
+        'auth'            => Authenticate::class,
+        'auth.api'        => ApiAuthentication::class,
+        'auth.remoteuser' => RemoteUserAuthenticate::class,
+        'guest'           => RedirectIfAuthenticated::class,
+        'localize'        => Localize::class,
+        'ready'           => ReadyForUse::class,
+        'setup'           => SetupAlreadyCompleted::class,
+        'subscribers'     => SubscribersConfigured::class,
+        'throttle'        => ThrottlingMiddleware::class,
     ];
 }
diff --git a/app/Http/Middleware/RemoteUserAuthenticate.php b/app/Http/Middleware/RemoteUserAuthenticate.php
new file mode 100644
index 000000000000..5bf6cf7f7035
--- /dev/null
+++ b/app/Http/Middleware/RemoteUserAuthenticate.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace CachetHQ\Cachet\Http\Middleware;
+
+use CachetHQ\Cachet\Models\User;
+use Closure;
+use Illuminate\Contracts\Auth\Guard;
+use Illuminate\Http\Request;
+
+class RemoteUserAuthenticate
+{
+    /**
+     * Create a new remote user authenticate instance.
+     *
+     * @param \Illuminate\Contracts\Auth\Guard $auth
+     * 
+     * @return void
+     */
+    public function __construct(Guard $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param \Illuminate\Http\Request $request
+     * @param \Closure                 $next
+     * 
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if ($remoteUser = $request->server('REMOTE_USER')) {
+            $user = User::where('email', '=', $remoteUser)->first();
+
+            if ($user instanceof User && $this->auth->guest()) {
+                $this->auth->login($user);
+            }
+        }
+
+        return $next($request);
+    }
+}

From 6ce087e5adce90774f58d6196c70f4c167b47c72 Mon Sep 17 00:00:00 2001
From: James Brooks <james@alt-three.com>
Date: Thu, 3 Jan 2019 19:45:59 +0000
Subject: [PATCH 2/3] Apply fixes from StyleCI

---
 app/Foundation/Providers/RouteServiceProvider.php |  4 ++--
 app/Http/Kernel.php                               |  2 +-
 app/Http/Middleware/RemoteUserAuthenticate.php    | 13 +++++++++++--
 3 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/app/Foundation/Providers/RouteServiceProvider.php b/app/Foundation/Providers/RouteServiceProvider.php
index 26171a786661..907522dcf6c0 100644
--- a/app/Foundation/Providers/RouteServiceProvider.php
+++ b/app/Foundation/Providers/RouteServiceProvider.php
@@ -14,6 +14,7 @@
 use Barryvdh\Cors\HandleCors;
 use CachetHQ\Cachet\Http\Middleware\Acceptable;
 use CachetHQ\Cachet\Http\Middleware\Authenticate;
+use CachetHQ\Cachet\Http\Middleware\RemoteUserAuthenticate;
 use CachetHQ\Cachet\Http\Middleware\Timezone;
 use CachetHQ\Cachet\Http\Routes\ApiSystemRoutes;
 use CachetHQ\Cachet\Http\Routes\AuthRoutes;
@@ -28,7 +29,6 @@
 use Illuminate\Routing\Router;
 use Illuminate\Session\Middleware\StartSession;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
-use CachetHQ\Cachet\Http\Middleware\RemoteUserAuthenticate;
 
 /**
  * This is the route service provider.
@@ -150,7 +150,7 @@ protected function mapForBrowser(Router $router, $routes, $applyAlwaysAuthentica
             VerifyCsrfToken::class,
             SubstituteBindings::class,
         ];
-        
+
         if ($applyAlwaysAuthenticate && !$this->isWhiteListedAuthRoute($routes)) {
             $middleware[] = Authenticate::class;
             $middleware[] = RemoteUserAuthenticate::class;
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 565e064ba48a..22b3a679530f 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -18,13 +18,13 @@
 use CachetHQ\Cachet\Http\Middleware\Localize;
 use CachetHQ\Cachet\Http\Middleware\ReadyForUse;
 use CachetHQ\Cachet\Http\Middleware\RedirectIfAuthenticated;
+use CachetHQ\Cachet\Http\Middleware\RemoteUserAuthenticate;
 use CachetHQ\Cachet\Http\Middleware\SetupAlreadyCompleted;
 use CachetHQ\Cachet\Http\Middleware\SubscribersConfigured;
 use CachetHQ\Cachet\Http\Middleware\TrustProxies;
 use Illuminate\Auth\Middleware\Authorize;
 use Illuminate\Foundation\Http\Kernel as HttpKernel;
 use Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode;
-use CachetHQ\Cachet\Http\Middleware\RemoteUserAuthenticate;
 
 class Kernel extends HttpKernel
 {
diff --git a/app/Http/Middleware/RemoteUserAuthenticate.php b/app/Http/Middleware/RemoteUserAuthenticate.php
index 5bf6cf7f7035..075c0c4a13a7 100644
--- a/app/Http/Middleware/RemoteUserAuthenticate.php
+++ b/app/Http/Middleware/RemoteUserAuthenticate.php
@@ -1,5 +1,14 @@
 <?php
 
+/*
+ * This file is part of Cachet.
+ *
+ * (c) Alt Three Services Limited
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
 namespace CachetHQ\Cachet\Http\Middleware;
 
 use CachetHQ\Cachet\Models\User;
@@ -13,7 +22,7 @@ class RemoteUserAuthenticate
      * Create a new remote user authenticate instance.
      *
      * @param \Illuminate\Contracts\Auth\Guard $auth
-     * 
+     *
      * @return void
      */
     public function __construct(Guard $auth)
@@ -26,7 +35,7 @@ public function __construct(Guard $auth)
      *
      * @param \Illuminate\Http\Request $request
      * @param \Closure                 $next
-     * 
+     *
      * @return mixed
      */
     public function handle(Request $request, Closure $next)

From be26449a42bcb25363efbcb1acb5da8993112a0c Mon Sep 17 00:00:00 2001
From: James Brooks <james@alt-three.com>
Date: Sun, 23 Jun 2019 08:04:32 +0000
Subject: [PATCH 3/3] Apply fixes from StyleCI

---
 app/Http/Kernel.php | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index d63f80cb0af6..aafdf0c6e992 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -46,18 +46,18 @@ class Kernel extends HttpKernel
      * @var array
      */
     protected $routeMiddleware = [
-        'admin'       => Admin::class,
-        'auth.api'    => ApiAuthentication::class,
+        'admin'           => Admin::class,
+        'auth.api'        => ApiAuthentication::class,
         'auth.remoteuser' => RemoteUserAuthenticate::class,
-        'auth'        => Authenticate::class,
-        'cache'       => CacheControl::class,
-        'can'         => Authorize::class,
-        'cors'        => HandleCors::class,
-        'guest'       => RedirectIfAuthenticated::class,
-        'localize'    => Localize::class,
-        'ready'       => ReadyForUse::class,
-        'setup'       => SetupAlreadyCompleted::class,
-        'subscribers' => SubscribersConfigured::class,
-        'throttle'    => Throttler::class,
+        'auth'            => Authenticate::class,
+        'cache'           => CacheControl::class,
+        'can'             => Authorize::class,
+        'cors'            => HandleCors::class,
+        'guest'           => RedirectIfAuthenticated::class,
+        'localize'        => Localize::class,
+        'ready'           => ReadyForUse::class,
+        'setup'           => SetupAlreadyCompleted::class,
+        'subscribers'     => SubscribersConfigured::class,
+        'throttle'        => Throttler::class,
     ];
 }