Removed toggle ALLOW_APP_PASSWORDS_IN_EAS

data/web/autodiscover.php

@@ -68,8 +68,7 @@ if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
   exit(0);
 }
 
-$allow_app_passwords = $ALLOW_APP_PASSWORDS_IN_EAS === true || $autodiscover_config['autodiscoverType'] == 'imap';
+$login_role = check_login($login_user, $login_pass, true);
-$login_role = check_login($login_user, $login_pass, $allow_app_passwords);
 
 if ($login_role === "user") {
   header("Content-Type: application/xml");

data/web/inc/vars.inc.php

@@ -188,9 +188,6 @@ $MAILBOX_DEFAULT_ATTRIBUTES['mailbox_format'] = 'maildir:';
 // Show last IMAP and POP3 logins
 $SHOW_LAST_LOGIN = true;
 
-// Allow app passwords in CardDav, CalDav and ActiveSync
-$ALLOW_APP_PASSWORDS_IN_EAS = true;
-
 // UV flag handling in FIDO2/WebAuthn - defaults to false to allow iOS logins
 // true = required
 // false = preferred

data/web/sogo-auth.php

@@ -15,7 +15,7 @@ if (isset($_SERVER['PHP_AUTH_USER'])) {
   $username = $_SERVER['PHP_AUTH_USER'];
   $password = $_SERVER['PHP_AUTH_PW'];
   $is_eas = preg_match('/^(\/SOGo|)\/(dav|Microsoft-Server-ActiveSync).*/', $_SERVER['HTTP_X_ORIGINAL_URI']);
-  $login_check = check_login($username, $password, $is_eas && $ALLOW_APP_PASSWORDS_IN_EAS);
+  $login_check = check_login($username, $password, $is_eas);
   if ($login_check === 'user') {
     header("X-User: $username");
     header("X-Auth: Basic ".base64_encode("$username:$password"));