--- /dev/null
+<?php
+
+/**
+ * HTTP Bearer Authentication handler
+ *
+ * Use this class for easy http authentication setup
+ *
+ * @package Sabre
+ * @subpackage HTTP
+ * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class Sabre_HTTP_BearerAuth extends Sabre_HTTP_AbstractAuth {
+
+ /**
+ * Returns the supplied username and password.
+ *
+ * The returned array has two values:
+ * * 0 - username
+ * * 1 - password
+ *
+ * If nothing was supplied, 'false' will be returned
+ *
+ * @return mixed
+ */
+ public function getUserPass() {
+
+ // Apache and mod_php
+ if (($user = $this->httpRequest->getRawServerValue('PHP_AUTH_USER')) && ($pass = $this->httpRequest->getRawServerValue('PHP_AUTH_PW'))) {
+
+ return array($user,$pass);
+
+ }
+
+ // Most other webservers
+ $auth = $this->httpRequest->getHeader('Authorization');
+
+ if (!$auth) return false;
+
+ if (strpos(strtolower($auth),'bearer')!==0) return false;
+
+ return explode(':', base64_decode(substr($auth, 7)));
+
+ }
+
+ /**
+ * Returns an HTTP 401 header, forcing login
+ *
+ * This should be called when username and password are incorrect, or not supplied at all
+ *
+ * @return void
+ */
+ public function requireLogin() {
+
+ $this->httpResponse->setHeader('WWW-Authenticate','Basic realm="' . $this->realm . '"');
+ $this->httpResponse->sendStatus(401);
+
+ }
+
+}
class OC_remoteStorage {
public static function getValidTokens($ownCloudUser, $category) {
- $query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND category=? LIMIT 100");
- $result=$query->execute(array($ownCloudUser,$category));
+ $query=OC_DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
+ $result=$query->execute(array($ownCloudUser));
$ret = array();
while($row=$result->fetchRow()){
- $ret[$row['token']]=true;
+ if(in_array($category, explode(',', $row['category']))) {
+ $ret[$row['token']]=true;
+ }
}
return $ret;
}
while($row=$result->fetchRow()){
$ret[$row['token']] = array(
'appUrl' => $row['appurl'],
- 'category' => $row['category'],
+ 'categories' => $row['category'],
);
}
return $ret;
$query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?");
$result=$query->execute(array($token,$user));
}
- private static function addToken($token, $appUrl, $category){
+ private static function addToken($token, $appUrl, $categories){
$user=OC_User::getUser();
$query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`category`) VALUES(?,?,?,?)");
- $result=$query->execute(array($token,$appUrl,$user,$category));
+ $result=$query->execute(array($token,$appUrl,$user,$categories));
}
- public static function createCategory($appUrl, $category) {
+ public static function createCategories($appUrl, $categories) {
$token=uniqid();
- self::addToken($token, $appUrl, $category);
- //TODO: input checking on $category
OC_Util::setupFS(OC_User::getUser());
- $scopePathParts = array('remoteStorage', $category);
- for($i=0;$i<=count($scopePathParts);$i++){
- $thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i));
- if(!OC_Filesystem::file_exists($thisPath)) {
- OC_Filesystem::mkdir($thisPath);
+ self::addToken($token, $appUrl, $categories);
+ foreach($categories as $category) {
+ //TODO: input checking on $category
+ $scopePathParts = array('remoteStorage', $category);
+ for($i=0;$i<=count($scopePathParts);$i++){
+ $thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i));
+ if(!OC_Filesystem::file_exists($thisPath)) {
+ OC_Filesystem::mkdir($thisPath);
+ }
}
}
return base64_encode('remoteStorage:'.$token);
if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
OC_Util::setUpFS();
return true;
- } else if(isset($this->validTokens[$password]) && $this->validTokens[$password] == $username) {
+ } else if(isset($this->validTokens[$password])) {
OC_Util::setUpFS();
return true;
} else {
//overwriting this to make it not automatically fail if no auth header is found:
public function authenticate(Sabre_DAV_Server $server,$realm) {
- $auth = new Sabre_HTTP_BasicAuth();
+ $auth = new Sabre_HTTP_BearerAuth();
$auth->setHTTPRequest($server->httpRequest);
$auth->setHTTPResponse($server->httpResponse);
$auth->setRealm($realm);