--- /dev/null
+<?php
+OC_App::register( array(
+ 'order' => 10,
+ 'id' => 'remoteStorage',
+ 'name' => 'remoteStorage compatibility' ));
--- /dev/null
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<database>
+ <name>*dbname*</name>
+ <create>true</create>
+ <overwrite>false</overwrite>
+ <charset>latin1</charset>
+ <table>
+ <name>*dbprefix*authtoken</name>
+ <declaration>
+ <field>
+ <name>token</name>
+ <type>text</type>
+ <default></default>
+ <notnull>true</notnull>
+ <length>40</length>
+ </field>
+ <field>
+ <name>appUrl</name>
+ <type>text</type>
+ <default></default>
+ <notnull>true</notnull>
+ <length>128</length>
+ </field>
+ <field>
+ <name>user</name>
+ <type>text</type>
+ <default></default>
+ <notnull>true</notnull>
+ <length>64</length>
+ </field>
+ <field>
+ <name>dataScope</name>
+ <type>text</type>
+ <default></default>
+ <notnull>true</notnull>
+ <length>64</length>
+ </field>
+ <field>
+ <name>userAddress</name>
+ <type>text</type>
+ <default></default>
+ <notnull>true</notnull>
+ <length>64</length>
+ </field>
+ <index>
+ <name>a_app_remotestorage_user</name>
+ <unique>true</unique>
+ <field>
+ <name>user</name>
+ <sorting>ascending</sorting>
+ </field>
+ <field>
+ <name>token</name>
+ <sorting>ascending</sorting>
+ </field>
+ </index>
+ </declaration>
+ </table>
+</database>
--- /dev/null
+<?xml version="1.0"?>
+<info>
+ <id>remoteStorage</id>
+ <name>remoteStorage compatibility</name>
+ <description>Enables your users to use ownCloud as their remote storage for unhosted applications.</description>
+ <version>0.1</version>
+ <licence>AGPL</licence>
+ <author>Michiel de Jong</author>
+ <require>2</require>
+</info>
--- /dev/null
+<?php
+
+/**
+* ownCloud
+*
+* Original:
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+*
+* Adapted:
+* @author Michiel de Jong, 2011
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+// Do not load FS ...
+$RUNTIME_NOSETUPFS = true;
+
+require_once('../../lib/base.php');
+OC_Util::checkAppEnabled('remoteStorage');
+require_once('Sabre/autoload.php');
+require_once('lib_remoteStorage.php');
+require_once('oauth_ro_auth.php');
+
+ini_set('default_charset', 'UTF-8');
+#ini_set('error_reporting', '');
+@ob_clean();
+
+//allow use as remote storage for other websites
+if(isset($_SERVER['HTTP_ORIGIN'])) {
+ header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
+ header('Access-Control-Max-Age: 3600');
+ header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND');
+ header('Access-Control-Allow-Headers: Authorization');
+} else {
+ header('Access-Control-Allow-Origin: *');
+}
+
+$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]));
+$pathParts = explode('/', $path);
+// for webdav:
+// 0/ 1 / 2 / 3 / 4 / 5 / 6 / 7
+// /$ownCloudUser/remoteStorage/webdav/$userHost/$userName/$dataScope/$key
+// for oauth:
+// 0/ 1 / 2 / 3 / 4
+// /$ownCloudUser/remoteStorage/oauth/auth
+
+if(count($pathParts) >= 8 && $pathParts[0] == '' && $pathParts[2] == 'remoteStorage' && $pathParts[3] == 'webdav') {
+ list($dummy0, $ownCloudUser, $dummy2, $dummy3, $userHost, $userName, $dataScope) = $pathParts;
+
+ OC_Util::setupFS($ownCloudUser);
+
+ // Create ownCloud Dir
+ $publicDir = new OC_Connector_Sabre_Directory('');
+ $server = new Sabre_DAV_Server($publicDir);
+
+ // Path to our script
+ $server->setBaseUri(OC::$WEBROOT."/apps/remoteStorage/compat.php/$ownCloudUser");
+
+ // Auth backend
+ $authBackend = new OC_Connector_Sabre_Auth_ro_oauth(OC_remoteStorage::getValidTokens($ownCloudUser, $userName.'@'.$userHost, $dataScope));
+
+ $authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');//should use $validTokens here
+ $server->addPlugin($authPlugin);
+
+ // Also make sure there is a 'data' directory, writable by the server. This directory is used to store information about locks
+ $lockBackend = new OC_Connector_Sabre_Locks();
+ $lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend);
+ $server->addPlugin($lockPlugin);
+
+ // And off we go!
+ $server->exec();
+} else if(count($pathParts) >= 4 && $pathParts[0] == '' && $pathParts[2] == 'remoteStorage' && $pathParts[3] == 'oauth2' && $pathParts[4] = 'auth') {
+ if(isset($_POST['allow'])) {
+ //TODO: input checking. these explodes may fail to produces the desired arrays:
+ $ownCloudUser = $pathParts[1];
+ foreach($_GET as $k => $v) {
+ if($k=='user_address'){
+ $userAddress=$v;
+ } else if($k=='redirect_uri'){
+ $appUrl=$v;
+ } else if($k=='scope'){
+ $dataScope=$v;
+ }
+ }
+ if(OC_User::getUser() == $ownCloudUser) {
+ //TODO: check if this can be faked by editing the cookie in firebug!
+ $token=OC_remoteStorage::createDataScope($appUrl, $userAddress, $dataScope);
+ header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=remoteStorage');
+ } else {
+ if($_SERVER['HTTPS']){
+ $url = "https://";
+ } else {
+ $url = "http://";
+ }
+ $url .= $_SERVER['SERVER_NAME'];
+ $url .= substr($_SERVER['SCRIPT_NAME'], 0, -strlen('apps/remoteStorage/compat.php'));
+ die('Please '
+ .'<input type="submit" onclick="'
+ ."window.open('$url','Close me!','height=600,width=300');"
+ .'" value="log in">'
+ .', close the pop-up, and '
+ .'<form method="POST"><input name="allow" type="submit" value="Try again"></form>');
+ }
+ } else {
+ echo '<form method="POST"><input name="allow" type="submit" value="Allow this web app to store stuff on your owncloud."></form>';
+ }
+} else {
+ die('not webdav and not oauth. dont know what to do '.var_export($pathParts, true));
+}
--- /dev/null
+<?php
+
+class OC_remoteStorage {
+ public static function getValidTokens($ownCloudUser, $userAddress, $dataScope) {
+ $query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND userAddress=? AND dataScope=? LIMIT 100");
+ $result=$query->execute(array($user,$userAddress,$dataScope));
+ if( PEAR::isError($result)) {
+ $entry = 'DB Error: "'.$result->getMessage().'"<br />';
+ $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+ if(defined("DEBUG") && DEBUG) {error_log( $entry );}
+ die( $entry );
+ }
+ $ret = array();
+ while($row=$result->fetchRow()){
+ $ret[$row['token']]=$userAddress;
+ }
+ return $ret;
+ }
+
+ public static function getAllTokens() {
+ $user=OC_User::getUser();
+ $query=OC_DB::prepare("SELECT token,appUrl,userAddress,dataScope FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
+ $result=$query->execute(array($user));
+ if( PEAR::isError($result)) {
+ $entry = 'DB Error: "'.$result->getMessage().'"<br />';
+ $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+ if(defined("DEBUG") && DEBUG) {error_log( $entry );}
+ die( $entry );
+ }
+ $ret = array();
+ while($row=$result->fetchRow()){
+ $ret[$row['token']] = array(
+ 'appUrl' => $row['appurl'],
+ 'userAddress' => $row['useraddress'],
+ 'dataScope' => $row['datascope'],
+ );
+ }
+ return $ret;
+ }
+
+ public static function deleteToken($token) {
+ $user=OC_User::getUser();
+ $query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?");
+ $result=$query->execute(array($token,$user));
+ if( PEAR::isError($result)) {
+ $entry = 'DB Error: "'.$result->getMessage().'"<br />';
+ $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+ if(defined("DEBUG") && DEBUG) {error_log( $entry );}
+ die( $entry );
+ }
+ }
+ private static function addToken($token, $appUrl, $userAddress, $dataScope){
+ $user=OC_User::getUser();
+ $query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`userAddress`,`dataScope`) VALUES(?,?,?,?,?)");
+ $result=$query->execute(array($token,$appUrl,$user,$userAddress,$dataScope));
+ if( PEAR::isError($result)) {
+ $entry = 'DB Error: "'.$result->getMessage().'"<br />';
+ $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+ if(defined("DEBUG") && DEBUG) {error_log( $entry );}
+ die( $entry );
+ }
+ }
+ public static function createDataScope($appUrl, $userAddress, $dataScope){
+ $token=uniqid();
+ self::addToken($token, $appUrl, $userAddress, $dataScope);
+ //TODO: input checking on $userAddress and $dataScope
+ list($userName, $userHost) = explode('@', $userAddress);
+ OC_Util::setupFS(OC_User::getUser());
+ $scopePathParts = array('remoteStorage', 'webdav', $userHost, $userName, $dataScope);
+ for($i=0;$i<=count($scopePathParts);$i++){
+ $thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i));
+ if(!OC_Filesystem::file_exists($thisPath)) {
+ OC_Filesystem::mkdir($thisPath);
+ }
+ }
+ return $token;
+ }
+}
--- /dev/null
+<?php
+/**
+ * HTTP Basic authentication backend class
+ *
+ * This class can be used by authentication objects wishing to use HTTP Basic
+ * Most of the digest logic is handled, implementors just need to worry about
+ * the validateUserPass method.
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
+ * @author James David Low (http://jameslow.com/)
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class OC_Connector_Sabre_Auth_ro_oauth extends Sabre_DAV_Auth_Backend_AbstractBasic {
+ private $validTokens;
+
+ public function __construct($validTokensArg) {
+ $this->validTokens = $validTokensArg;
+ }
+
+ /**
+ * Validates a username and password
+ *
+ * This method should return true or false depending on if login
+ * succeeded.
+ *
+ * @return bool
+ */
+ protected function validateUserPass($username, $password){
+ //always give read-only:
+ if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
+ OC_Util::setUpFS();
+ return true;
+ } else if(isset($this->validTokens[$password]) && $this->validTokens[$password] == $username) {
+ OC_Util::setUpFS();
+ return true;
+ } else {
+var_export($_SERVER);
+var_export($this->validTokens);
+die('not getting in with "'.$username.'"/"'.$password.'"!');
+ return false;
+ }
+ }
+
+ //overwriting this to make it not automatically fail if no auth header is found:
+ public function authenticate(Sabre_DAV_Server $server,$realm) {
+ $auth = new Sabre_HTTP_BasicAuth();
+ $auth->setHTTPRequest($server->httpRequest);
+ $auth->setHTTPResponse($server->httpResponse);
+ $auth->setRealm($realm);
+ $userpass = $auth->getUserPass();
+ if (!$userpass) {
+ if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
+ $userpass = array('', '');
+ } else {
+ $auth->requireLogin();
+ throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found');
+ }
+ }
+
+ // Authenticates the user
+ if (!$this->validateUserPass($userpass[0],$userpass[1])) {
+ $auth->requireLogin();
+ throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
+ }
+ $this->currentUser = $userpass[0];
+ return true;
+ }
+
+}
+
+++ /dev/null
-<?php
-OC_App::register( array(
- 'order' => 10,
- 'id' => 'unhosted',
- 'name' => 'Unhosted Web' ));
+++ /dev/null
-<?xml version="1.0" encoding="ISO-8859-1" ?>
-<database>
- <name>*dbname*</name>
- <create>true</create>
- <overwrite>false</overwrite>
- <charset>latin1</charset>
- <table>
- <name>*dbprefix*authtoken</name>
- <declaration>
- <field>
- <name>token</name>
- <type>text</type>
- <default></default>
- <notnull>true</notnull>
- <length>40</length>
- </field>
- <field>
- <name>appUrl</name>
- <type>text</type>
- <default></default>
- <notnull>true</notnull>
- <length>128</length>
- </field>
- <field>
- <name>user</name>
- <type>text</type>
- <default></default>
- <notnull>true</notnull>
- <length>64</length>
- </field>
- <field>
- <name>dataScope</name>
- <type>text</type>
- <default></default>
- <notnull>true</notnull>
- <length>64</length>
- </field>
- <field>
- <name>userAddress</name>
- <type>text</type>
- <default></default>
- <notnull>true</notnull>
- <length>64</length>
- </field>
- <index>
- <name>a_app_unhostedweb_user</name>
- <unique>true</unique>
- <field>
- <name>user</name>
- <sorting>ascending</sorting>
- </field>
- <field>
- <name>token</name>
- <sorting>ascending</sorting>
- </field>
- </index>
- </declaration>
- </table>
-</database>
+++ /dev/null
-<?xml version="1.0"?>
-<info>
- <id>unhosted</id>
- <name>Unhosted Web</name>
- <description>On websites that allow unhosted accounts, use your owncloud as the storage for your user data</description>
- <version>0.1</version>
- <licence>AGPL</licence>
- <author>Michiel de Jong</author>
- <require>2</require>
-</info>
+++ /dev/null
-<?php
-
-/**
-* ownCloud
-*
-* Original:
-* @author Frank Karlitschek
-* @copyright 2010 Frank Karlitschek karlitschek@kde.org
-*
-* Adapted:
-* @author Michiel de Jong, 2011
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library. If not, see <http://www.gnu.org/licenses/>.
-*
-*/
-
-
-// Do not load FS ...
-$RUNTIME_NOSETUPFS = true;
-
-require_once('../../lib/base.php');
-OC_Util::checkAppEnabled('unhosted');
-require_once('Sabre/autoload.php');
-require_once('lib_unhosted.php');
-require_once('oauth_ro_auth.php');
-
-ini_set('default_charset', 'UTF-8');
-#ini_set('error_reporting', '');
-@ob_clean();
-
-//allow use as unhosted storage for other websites
-if(isset($_SERVER['HTTP_ORIGIN'])) {
- header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
- header('Access-Control-Max-Age: 3600');
- header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND');
- header('Access-Control-Allow-Headers: Authorization');
-} else {
- header('Access-Control-Allow-Origin: *');
-}
-
-$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]));
-$pathParts = explode('/', $path);
-// for webdav:
-// 0/ 1 / 2 / 3 / 4 / 5 / 6 / 7
-// /$ownCloudUser/unhosted/webdav/$userHost/$userName/$dataScope/$key
-// for oauth:
-// 0/ 1 / 2 / 3 / 4
-// /$ownCloudUser/unhosted/oauth/auth
-
-if(count($pathParts) >= 8 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'webdav') {
- list($dummy0, $ownCloudUser, $dummy2, $dummy3, $userHost, $userName, $dataScope) = $pathParts;
-
- OC_Util::setupFS($ownCloudUser);
-
- // Create ownCloud Dir
- $publicDir = new OC_Connector_Sabre_Directory('');
- $server = new Sabre_DAV_Server($publicDir);
-
- // Path to our script
- $server->setBaseUri(OC::$WEBROOT."/apps/unhosted/compat.php/$ownCloudUser");
-
- // Auth backend
- $authBackend = new OC_Connector_Sabre_Auth_ro_oauth(OC_UnhostedWeb::getValidTokens($ownCloudUser, $userName.'@'.$userHost, $dataScope));
-
- $authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');//should use $validTokens here
- $server->addPlugin($authPlugin);
-
- // Also make sure there is a 'data' directory, writable by the server. This directory is used to store information about locks
- $lockBackend = new OC_Connector_Sabre_Locks();
- $lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend);
- $server->addPlugin($lockPlugin);
-
- // And off we go!
- $server->exec();
-} else if(count($pathParts) >= 4 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'oauth2' && $pathParts[4] = 'auth') {
- if(isset($_POST['allow'])) {
- //TODO: input checking. these explodes may fail to produces the desired arrays:
- $ownCloudUser = $pathParts[1];
- foreach($_GET as $k => $v) {
- if($k=='user_address'){
- $userAddress=$v;
- } else if($k=='redirect_uri'){
- $appUrl=$v;
- } else if($k=='scope'){
- $dataScope=$v;
- }
- }
- if(OC_User::getUser() == $ownCloudUser) {
- //TODO: check if this can be faked by editing the cookie in firebug!
- $token=OC_UnhostedWeb::createDataScope($appUrl, $userAddress, $dataScope);
- header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=unhosted');
- } else {
- if($_SERVER['HTTPS']){
- $url = "https://";
- } else {
- $url = "http://";
- }
- $url .= $_SERVER['SERVER_NAME'];
- $url .= substr($_SERVER['SCRIPT_NAME'], 0, -strlen('apps/unhosted/compat.php'));
- die('Please '
- .'<input type="submit" onclick="'
- ."window.open('$url','Close me!','height=600,width=300');"
- .'" value="log in">'
- .', close the pop-up, and '
- .'<form method="POST"><input name="allow" type="submit" value="Try again"></form>');
- }
- } else {
- echo '<form method="POST"><input name="allow" type="submit" value="Allow this web app to store stuff on your owncloud."></form>';
- }
-} else {
- die('not webdav and not oauth. dont know what to do '.var_export($pathParts, true));
-}
+++ /dev/null
-<?php
-
-class OC_UnhostedWeb {
- public static function getValidTokens($ownCloudUser, $userAddress, $dataScope) {
- $query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND userAddress=? AND dataScope=? LIMIT 100");
- $result=$query->execute(array($user,$userAddress,$dataScope));
- if( PEAR::isError($result)) {
- $entry = 'DB Error: "'.$result->getMessage().'"<br />';
- $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
- if(defined("DEBUG") && DEBUG) {error_log( $entry );}
- die( $entry );
- }
- $ret = array();
- while($row=$result->fetchRow()){
- $ret[$row['token']]=$userAddress;
- }
- return $ret;
- }
-
- public static function getAllTokens() {
- $user=OC_User::getUser();
- $query=OC_DB::prepare("SELECT token,appUrl,userAddress,dataScope FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
- $result=$query->execute(array($user));
- if( PEAR::isError($result)) {
- $entry = 'DB Error: "'.$result->getMessage().'"<br />';
- $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
- if(defined("DEBUG") && DEBUG) {error_log( $entry );}
- die( $entry );
- }
- $ret = array();
- while($row=$result->fetchRow()){
- $ret[$row['token']] = array(
- 'appUrl' => $row['appurl'],
- 'userAddress' => $row['useraddress'],
- 'dataScope' => $row['datascope'],
- );
- }
- return $ret;
- }
-
- public static function deleteToken($token) {
- $user=OC_User::getUser();
- $query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?");
- $result=$query->execute(array($token,$user));
- if( PEAR::isError($result)) {
- $entry = 'DB Error: "'.$result->getMessage().'"<br />';
- $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
- if(defined("DEBUG") && DEBUG) {error_log( $entry );}
- die( $entry );
- }
- }
- private static function addToken($token, $appUrl, $userAddress, $dataScope){
- $user=OC_User::getUser();
- $query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`userAddress`,`dataScope`) VALUES(?,?,?,?,?)");
- $result=$query->execute(array($token,$appUrl,$user,$userAddress,$dataScope));
- if( PEAR::isError($result)) {
- $entry = 'DB Error: "'.$result->getMessage().'"<br />';
- $entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
- if(defined("DEBUG") && DEBUG) {error_log( $entry );}
- die( $entry );
- }
- }
- public static function createDataScope($appUrl, $userAddress, $dataScope){
- $token=uniqid();
- self::addToken($token, $appUrl, $userAddress, $dataScope);
- //TODO: input checking on $userAddress and $dataScope
- list($userName, $userHost) = explode('@', $userAddress);
- OC_Util::setupFS(OC_User::getUser());
- $scopePathParts = array('unhosted', 'webdav', $userHost, $userName, $dataScope);
- for($i=0;$i<=count($scopePathParts);$i++){
- $thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i));
- if(!OC_Filesystem::file_exists($thisPath)) {
- OC_Filesystem::mkdir($thisPath);
- }
- }
- return $token;
- }
-}
+++ /dev/null
-<?php
-/**
- * HTTP Basic authentication backend class
- *
- * This class can be used by authentication objects wishing to use HTTP Basic
- * Most of the digest logic is handled, implementors just need to worry about
- * the validateUserPass method.
- *
- * @package Sabre
- * @subpackage DAV
- * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
- * @author James David Low (http://jameslow.com/)
- * @author Evert Pot (http://www.rooftopsolutions.nl/)
- * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
- */
-class OC_Connector_Sabre_Auth_ro_oauth extends Sabre_DAV_Auth_Backend_AbstractBasic {
- private $validTokens;
-
- public function __construct($validTokensArg) {
- $this->validTokens = $validTokensArg;
- }
-
- /**
- * Validates a username and password
- *
- * This method should return true or false depending on if login
- * succeeded.
- *
- * @return bool
- */
- protected function validateUserPass($username, $password){
- //always give read-only:
- if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
- OC_Util::setUpFS();
- return true;
- } else if(isset($this->validTokens[$password]) && $this->validTokens[$password] == $username) {
- OC_Util::setUpFS();
- return true;
- } else {
-var_export($_SERVER);
-var_export($this->validTokens);
-die('not getting in with "'.$username.'"/"'.$password.'"!');
- return false;
- }
- }
-
- //overwriting this to make it not automatically fail if no auth header is found:
- public function authenticate(Sabre_DAV_Server $server,$realm) {
- $auth = new Sabre_HTTP_BasicAuth();
- $auth->setHTTPRequest($server->httpRequest);
- $auth->setHTTPResponse($server->httpResponse);
- $auth->setRealm($realm);
- $userpass = $auth->getUserPass();
- if (!$userpass) {
- if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
- $userpass = array('', '');
- } else {
- $auth->requireLogin();
- throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found');
- }
- }
-
- // Authenticates the user
- if (!$this->validateUserPass($userpass[0],$userpass[1])) {
- $auth->requireLogin();
- throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
- }
- $this->currentUser = $userpass[0];
- return true;
- }
-
-}
-
<?php
-
-// comment out this line:
- die("This feature is still experimental. Please comment out this line in the code, then try again\n");
-//
-
-
-
$ownCloudBaseUri = substr($_SERVER['REQUEST_URI'],0, -(strlen('/apps/user_webfinger/activate.php')));
$thisAppDir = __DIR__;
$appsDir = dirname($thisAppDir);
<info>
<id>user_webfinger</id>
<name>Webfinger</name>
- <description>Provide webfinger for all users, so that they can use their ownCloud account as their remote storage on the web. If you don't run owncloud in the root of your domain, for instance if you run it on http://example.com/owncloud/, then makes sure you link http://example.com/.well-known/ to http://example.com/owncloud/apps/user_webfinger/ - for instance by running something like "ln -s /var/www/owncloud/apps/user_webfinger /var/www/.well-known". Only enable this app if you run this owncloud installation on a public web address, not if you run it on an intranet or on localhost.</description>
+ <description>Provide WebFinger for all users so they get a user address like user@owncloudinstance which can be used for unhosted applications. If you don't run ownCloud in the root of your domain, for instance if you run it on example.com/owncloud/, then make sure you link example.com/.well-known/ to example.com/owncloud/apps/user_webfinger/ - by running something like "ln -s /var/www/owncloud/apps/user_webfinger /var/www/.well-known". Only enable this app if you run this ownCloud installation on a public web address, not if you run it on an intranet or on localhost.</description>
<version>0.1</version>
<licence>AGPL</licence>
<author>Michiel de Jong</author>
?xml version="1.0" encoding="UTF-8"?>
<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0" xmlns:hm="http://host-meta.net/xrd/1.0">
<hm:Host xmlns="http://host-meta.net/xrd/1.0"><?php echo $_SERVER['SERVER_NAME'] ?></hm:Host>
- <Link rel="http://unhosted.org/spec/dav/0.1" href="http<?php echo ($_SERVER['HTTPS']?'s':''); ?>://<?php echo $_SERVER['SERVER_NAME'] ?>/apps/unhosted/compat.php/<?php echo $userName ?>/unhosted/" />
+ <Link rel="http://unhosted.org/spec/dav/0.1" href="http<?php echo ($_SERVER['HTTPS']?'s':''); ?>://<?php echo $_SERVER['SERVER_NAME'] ?>/apps/remoteStorage/compat.php/<?php echo $userName ?>/remoteStorage/" />
</XRD>
projects / nextcloud-server.git / commitdiff