feat: add email/smtp plain auth method (codeigniter4#9462)

* -revert: auto corrected (composer cs-fix) comments and auto added function return types
-comment: add depreceation comment for failedSMTPLogin email error message
-refactor: improve authorization validation flow and email error response messages
-added $SMTPAuthMethod in Config\Email file with default value of login

* Update system/Email/Email.php

apply suggestion for declaring string type of $SMTPAuthMethod

Co-authored-by: John Paul E. Balandan, CPA <[email protected]>

* Update user_guide_src/source/libraries/email.rst

Apply Suggestion for description of SMTPAuthMethod

Co-authored-by: Michal Sniatala <[email protected]>

* docs: update changelog

* fix: php-cs violations

* Update user_guide_src/source/changelogs/v4.7.0.rst

Apply suggestions for changelog

Co-authored-by: Michal Sniatala <[email protected]>

---------

Co-authored-by: John Paul E. Balandan, CPA <[email protected]>
Co-authored-by: Michal Sniatala <[email protected]>

Author: 3 people

app/Config/Email.php

@@ -30,6 +30,11 @@ class Email extends BaseConfig
      */
     public string $SMTPHost = '';
 
+    /**
+     * Which SMTP authentication method to use: login, plain
+     */
+    public string $SMTPAuthMethod = 'login';
+
     /**
      * SMTP Username
      */

system/Email/Email.php

@@ -279,6 +279,11 @@ class Email
      */
     protected $SMTPAuth = false;
 
+    /**
+     * Which SMTP authentication method to use: login, plain
+     */
+    protected string $SMTPAuthMethod = 'login';
+
     /**
      * Whether to send a Reply-To header
      *
@@ -2019,45 +2024,72 @@ protected function SMTPAuthenticate()
             return true;
         }
 
-        if ($this->SMTPUser === '' && $this->SMTPPass === '') {
+        // If no username or password is set
+        if ($this->SMTPUser === '' || $this->SMTPPass === '') {
             $this->setErrorMessage(lang('Email.noSMTPAuth'));
 
             return false;
         }
 
-        $this->sendData('AUTH LOGIN');
+        // normalize in case user entered capital words LOGIN/PLAIN
+        $this->SMTPAuthMethod = strtolower($this->SMTPAuthMethod);
+
+        // Validate supported authentication methods
+        $validMethods = ['login', 'plain'];
+        if (! in_array($this->SMTPAuthMethod, $validMethods, true)) {
+            $this->setErrorMessage(lang('Email.invalidSMTPAuthMethod', [$this->SMTPAuthMethod]));
+
+            return false;
+        }
+
+        // send initial 'AUTH' command
+        $this->sendData('AUTH ' . strtoupper($this->SMTPAuthMethod));
         $reply = $this->getSMTPData();
 
         if (str_starts_with($reply, '503')) {    // Already authenticated
             return true;
         }
 
+        // if 'AUTH' command is unsuported by the server
         if (! str_starts_with($reply, '334')) {
-            $this->setErrorMessage(lang('Email.failedSMTPLogin', [$reply]));
+            $this->setErrorMessage(lang('Email.failureSMTPAuthMethod', [strtoupper($this->SMTPAuthMethod)]));
 
             return false;
         }
 
-        $this->sendData(base64_encode($this->SMTPUser));
-        $reply = $this->getSMTPData();
+        switch ($this->SMTPAuthMethod) {
+            case 'login':
+                $this->sendData(base64_encode($this->SMTPUser));
+                $reply = $this->getSMTPData();
 
-        if (! str_starts_with($reply, '334')) {
-            $this->setErrorMessage(lang('Email.SMTPAuthUsername', [$reply]));
+                if (! str_starts_with($reply, '334')) {
+                    $this->setErrorMessage(lang('Email.SMTPAuthUsername', [$reply]));
 
-            return false;
+                    return false;
+                }
+
+                $this->sendData(base64_encode($this->SMTPPass));
+                break;
+
+            case 'plain':
+                // send credentials as the single second command
+                $authString = "\0" . $this->SMTPUser . "\0" . $this->SMTPPass;
+
+                $this->sendData(base64_encode($authString));
+                break;
         }
 
-        $this->sendData(base64_encode($this->SMTPPass));
         $reply = $this->getSMTPData();
+        if (! str_starts_with($reply, '235')) {  // Authentication failed
+            $errorMessage = $this->SMTPAuthMethod === 'plain' ? 'Email.SMTPAuthCredentials' : 'Email.SMTPAuthPassword';
 
-        if (! str_starts_with($reply, '235')) {
-            $this->setErrorMessage(lang('Email.SMTPAuthPassword', [$reply]));
+            $this->setErrorMessage(lang($errorMessage, [$reply]));
 
             return false;
         }
 
         if ($this->SMTPKeepAlive) {
-            $this->SMTPAuth = false;
+            $this->SMTPAuth = false; // Prevent re-authentication for keep-alive sessions
         }
 
         return true;

system/Language/en/Email.php

@@ -13,23 +13,27 @@
 
 // Email language settings
 return [
-    'mustBeArray'          => 'The email validation method must be passed an array.',
-    'invalidAddress'       => 'Invalid email address: "{0}"',
-    'attachmentMissing'    => 'Unable to locate the following email attachment: "{0}"',
-    'attachmentUnreadable' => 'Unable to open this attachment: "{0}"',
-    'noFrom'               => 'Cannot send mail with no "From" header.',
-    'noRecipients'         => 'You must include recipients: To, Cc, or Bcc',
-    'sendFailurePHPMail'   => 'Unable to send email using PHP mail(). Your server might not be configured to send mail using this method.',
-    'sendFailureSendmail'  => 'Unable to send email using Sendmail. Your server might not be configured to send mail using this method.',
-    'sendFailureSmtp'      => 'Unable to send email using SMTP. Your server might not be configured to send mail using this method.',
-    'sent'                 => 'Your message has been successfully sent using the following protocol: {0}',
-    'noSocket'             => 'Unable to open a socket to Sendmail. Please check settings.',
-    'noHostname'           => 'You did not specify a SMTP hostname.',
-    'SMTPError'            => 'The following SMTP error was encountered: {0}',
-    'noSMTPAuth'           => 'Error: You must assign an SMTP username and password.',
-    'failedSMTPLogin'      => 'Failed to send AUTH LOGIN command. Error: {0}',
-    'SMTPAuthUsername'     => 'Failed to authenticate username. Error: {0}',
-    'SMTPAuthPassword'     => 'Failed to authenticate password. Error: {0}',
-    'SMTPDataFailure'      => 'Unable to send data: {0}',
-    'exitStatus'           => 'Exit status code: {0}',
+    'mustBeArray'           => 'The email validation method must be passed an array.',
+    'invalidAddress'        => 'Invalid email address: "{0}"',
+    'attachmentMissing'     => 'Unable to locate the following email attachment: "{0}"',
+    'attachmentUnreadable'  => 'Unable to open this attachment: "{0}"',
+    'noFrom'                => 'Cannot send mail with no "From" header.',
+    'noRecipients'          => 'You must include recipients: To, Cc, or Bcc',
+    'sendFailurePHPMail'    => 'Unable to send email using PHP mail(). Your server might not be configured to send mail using this method.',
+    'sendFailureSendmail'   => 'Unable to send email using Sendmail. Your server might not be configured to send mail using this method.',
+    'sendFailureSmtp'       => 'Unable to send email using SMTP. Your server might not be configured to send mail using this method.',
+    'sent'                  => 'Your message has been successfully sent using the following protocol: {0}',
+    'noSocket'              => 'Unable to open a socket to Sendmail. Please check settings.',
+    'noHostname'            => 'You did not specify a SMTP hostname.',
+    'SMTPError'             => 'The following SMTP error was encountered: {0}',
+    'noSMTPAuth'            => 'Error: You must assign an SMTP username and password.',
+    'invalidSMTPAuthMethod' => 'Error: SMTP authorization method "{0}" is not supported in codeigniter, set either "login" or "plain" authorization method',
+    'failureSMTPAuthMethod' => 'Unable to initiate AUTH command. Your server might not be configured to use AUTH {0} authentication method.',
+    'SMTPAuthCredentials'   => 'Failed to authenticate user credentials. Error: {0}',
+    'SMTPAuthUsername'      => 'Failed to authenticate username. Error: {0}',
+    'SMTPAuthPassword'      => 'Failed to authenticate password. Error: {0}',
+    'SMTPDataFailure'       => 'Unable to send data: {0}',
+    'exitStatus'            => 'Exit status code: {0}',
+    // @deprecated
+    'failedSMTPLogin' => 'Failed to send AUTH LOGIN command. Error: {0}',
 ];

user_guide_src/source/changelogs/v4.7.0.rst

@@ -57,6 +57,8 @@ Model
 Libraries
 =========
 
+**Email:** Added support for choosing the SMTP authorization method. You can change it via ``Config\Email::$SMTPAuthMethod`` option
+
 Helpers and Functions
 =====================
 
@@ -67,6 +69,9 @@ Others
 Message Changes
 ***************
 
+- Added ``Email.invalidSMTPAuthMethod`` and ``Email.failureSMTPAuthMethod``
+- Deprecated ``Email.failedSMTPLogin``
+
 *******
 Changes
 *******

user_guide_src/source/libraries/email.rst

@@ -39,7 +39,7 @@ Here is a basic example demonstrating how you might send email:
 Setting Email Preferences
 =========================
 
-There are 21 different preferences available to tailor how your email
+There are 22 different preferences available to tailor how your email
 messages are sent. You can either set them manually as described here,
 or automatically via preferences stored in your config file, described
 in `Email Preferences`_.
@@ -120,6 +120,7 @@ Preference          Default Value       Options                      Description
                                         or ``smtp``
 **mailPath**        /usr/sbin/sendmail                               The server path to Sendmail.
 **SMTPHost**                                                         SMTP Server Hostname.
+**SMTPAuthMethod**  login               ``login``, ``plain``         SMTP Authentication Method. (Available since 4.7.0)
 **SMTPUser**                                                         SMTP Username.
 **SMTPPass**                                                         SMTP Password.
 **SMTPPort**        25                                               SMTP Port. (If set to ``465``, TLS will be used for the connection