--- /dev/null
+<?php
+
+/**
+* ownCloud
+*
+* Original:
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+*
+* Adapted:
+* @author Michiel de Jong, 2011
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+// Do not load FS ...
+$RUNTIME_NOSETUPFS = true;
+
+require_once('../../lib/base.php');
+OC_Util::checkAppEnabled('remoteStorage');
+require_once('Sabre/autoload.php');
+require_once('lib_remoteStorage.php');
+require_once('oauth_ro_auth.php');
+
+ini_set('default_charset', 'UTF-8');
+#ini_set('error_reporting', '');
+@ob_clean();
+
+//allow use as remote storage for other websites
+if(isset($_SERVER['HTTP_ORIGIN'])) {
+ header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
+ header('Access-Control-Max-Age: 3600');
+ header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND');
+ header('Access-Control-Allow-Headers: Authorization, Content-Type');
+} else {
+ header('Access-Control-Allow-Origin: *');
+}
+
+$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]));
+$pathParts = explode('/', $path);
+// for webdav:
+// 0/ 1 / 2 / 3...
+// /$ownCloudUser/remoteStorage/$category/
+
+if(count($pathParts) >= 3 && $pathParts[0] == '') {
+ list($dummy, $ownCloudUser, $dummy2, $category) = $pathParts;
+
+ OC_Util::setupFS($ownCloudUser);
+
+ // Create ownCloud Dir
+ $publicDir = new OC_Connector_Sabre_Directory('');
+ $server = new Sabre_DAV_Server($publicDir);
+
+ // Path to our script
+ $server->setBaseUri(OC::$WEBROOT."/apps/remoteStorage/WebDAV.php/$ownCloudUser");
+
+ // Auth backend
+ $authBackend = new OC_Connector_Sabre_Auth_ro_oauth(OC_remoteStorage::getValidTokens($ownCloudUser, $category));
+
+ $authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');//should use $validTokens here
+ $server->addPlugin($authPlugin);
+
+ // Also make sure there is a 'data' directory, writable by the server. This directory is used to store information about locks
+ $lockBackend = new OC_Connector_Sabre_Locks();
+ $lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend);
+ $server->addPlugin($lockPlugin);
+
+ // And off we go!
+ $server->exec();
+} else {
+ die('not the right address format '.var_export($pathParts, true));
+}
<length>64</length>
</field>
<field>
- <name>dataScope</name>
- <type>text</type>
- <default></default>
- <notnull>true</notnull>
- <length>64</length>
- </field>
- <field>
- <name>userAddress</name>
+ <name>category</name>
<type>text</type>
<default></default>
<notnull>true</notnull>
--- /dev/null
+<?php
+
+/**
+* ownCloud
+*
+* Original:
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+*
+* Adapted:
+* @author Michiel de Jong, 2011
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+// Do not load FS ...
+$RUNTIME_NOSETUPFS = true;
+
+require_once('../../lib/base.php');
+OC_Util::checkAppEnabled('remoteStorage');
+require_once('Sabre/autoload.php');
+require_once('lib_remoteStorage.php');
+require_once('oauth_ro_auth.php');
+
+ini_set('default_charset', 'UTF-8');
+#ini_set('error_reporting', '');
+@ob_clean();
+
+//allow use as remote storage for other websites
+if(isset($_SERVER['HTTP_ORIGIN'])) {
+ header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
+ header('Access-Control-Max-Age: 3600');
+ header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND');
+ header('Access-Control-Allow-Headers: Authorization, Content-Type');
+} else {
+ header('Access-Control-Allow-Origin: *');
+}
+
+$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]));
+$pathParts = explode('/', $path);
+// for webdav:
+// 0/ 1 / 2 / 3 / 4 / 5 / 6 / 7
+// /$ownCloudUser/remoteStorage/webdav/$userHost/$userName/$dataScope/$key
+// for oauth:
+// 0/ 1 / 2 / 3 / 4
+// /$ownCloudUser/remoteStorage/oauth/auth
+
+if(count($pathParts) == 2 && $pathParts[0] == '') {
+ //TODO: input checking. these explodes may fail to produces the desired arrays:
+ $subPathParts = explode('?', $pathParts[1]);
+ $ownCloudUser = $subPathParts[0];
+ foreach($_GET as $k => $v) {
+ if($k=='user_address'){
+ $userAddress=$v;
+ } else if($k=='redirect_uri'){
+ $appUrl=$v;
+ } else if($k=='scope'){
+ $category=$v;
+ }
+ }
+ $currUser = OC_User::getUser();
+ if($currUser == $ownCloudUser) {
+ if(isset($_POST['allow'])) {
+ //TODO: check if this can be faked by editing the cookie in firebug!
+ $token=OC_remoteStorage::createCategory($appUrl, $category);
+ header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=bearer');
+ } else {
+ echo '<form method="POST"><input name="allow" type="submit" value="Allow this web app to store stuff on your owncloud."></form>';
+ }
+ } else {
+ if((isset($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'])) {
+ $url = "https://";
+ } else {
+ $url = "http://";
+ }
+ $url .= $_SERVER['SERVER_NAME'];
+ $url .= substr($_SERVER['SCRIPT_NAME'], 0, -strlen('apps/remoteStorage/compat.php'));
+ die('You are '.($currUser?'logged in as '.$currUser.' instead of '.$ownCloudUser:'not logged in').'. Please '
+ .'<input type="submit" onclick="'
+ ."window.open('$url','Close me!','height=600,width=300');"
+ .'" value="log in">'
+ .', close the pop-up, and '
+ .'<form method="POST"><input name="allow" type="submit" value="Click here"></form>');
+ }
+} else {
+ die('please use auth.php/username?params. '.var_export($pathParts, true));
+}
+++ /dev/null
-<?php
-
-/**
-* ownCloud
-*
-* Original:
-* @author Frank Karlitschek
-* @copyright 2010 Frank Karlitschek karlitschek@kde.org
-*
-* Adapted:
-* @author Michiel de Jong, 2011
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library. If not, see <http://www.gnu.org/licenses/>.
-*
-*/
-
-
-// Do not load FS ...
-$RUNTIME_NOSETUPFS = true;
-
-require_once('../../lib/base.php');
-OC_Util::checkAppEnabled('remoteStorage');
-require_once('Sabre/autoload.php');
-require_once('lib_remoteStorage.php');
-require_once('oauth_ro_auth.php');
-
-ini_set('default_charset', 'UTF-8');
-#ini_set('error_reporting', '');
-@ob_clean();
-
-//allow use as remote storage for other websites
-if(isset($_SERVER['HTTP_ORIGIN'])) {
- header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
- header('Access-Control-Max-Age: 3600');
- header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND');
- header('Access-Control-Allow-Headers: Authorization, Content-Type');
-} else {
- header('Access-Control-Allow-Origin: *');
-}
-
-$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]));
-$pathParts = explode('/', $path);
-// for webdav:
-// 0/ 1 / 2 / 3 / 4 / 5 / 6 / 7
-// /$ownCloudUser/remoteStorage/webdav/$userHost/$userName/$dataScope/$key
-// for oauth:
-// 0/ 1 / 2 / 3 / 4
-// /$ownCloudUser/remoteStorage/oauth/auth
-
-if(count($pathParts) >= 8 && $pathParts[0] == '' && $pathParts[2] == 'remoteStorage' && $pathParts[3] == 'webdav') {
- list($dummy0, $ownCloudUser, $dummy2, $dummy3, $userHost, $userName, $dataScope) = $pathParts;
-
- OC_Util::setupFS($ownCloudUser);
-
- // Create ownCloud Dir
- $publicDir = new OC_Connector_Sabre_Directory('');
- $server = new Sabre_DAV_Server($publicDir);
-
- // Path to our script
- $server->setBaseUri(OC::$WEBROOT."/apps/remoteStorage/compat.php/$ownCloudUser");
-
- // Auth backend
- $authBackend = new OC_Connector_Sabre_Auth_ro_oauth(OC_remoteStorage::getValidTokens($ownCloudUser, $userName.'@'.$userHost, $dataScope));
-
- $authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');//should use $validTokens here
- $server->addPlugin($authPlugin);
-
- // Also make sure there is a 'data' directory, writable by the server. This directory is used to store information about locks
- $lockBackend = new OC_Connector_Sabre_Locks();
- $lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend);
- $server->addPlugin($lockPlugin);
-
- // And off we go!
- $server->exec();
-} else if(count($pathParts) >= 4 && $pathParts[0] == '' && $pathParts[2] == 'remoteStorage' && $pathParts[3] == 'oauth2' && $pathParts[4] = 'auth') {
- if(isset($_POST['allow'])) {
- //TODO: input checking. these explodes may fail to produces the desired arrays:
- $ownCloudUser = $pathParts[1];
- foreach($_GET as $k => $v) {
- if($k=='user_address'){
- $userAddress=$v;
- } else if($k=='redirect_uri'){
- $appUrl=$v;
- } else if($k=='scope'){
- $dataScope=$v;
- }
- }
- if(OC_User::getUser() == $ownCloudUser) {
- //TODO: check if this can be faked by editing the cookie in firebug!
- $token=OC_remoteStorage::createDataScope($appUrl, $userAddress, $dataScope);
- header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=remoteStorage');
- } else {
- if((isset($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'])) {
- $url = "https://";
- } else {
- $url = "http://";
- }
- $url .= $_SERVER['SERVER_NAME'];
- $url .= substr($_SERVER['SCRIPT_NAME'], 0, -strlen('apps/remoteStorage/compat.php'));
- die('Please '
- .'<input type="submit" onclick="'
- ."window.open('$url','Close me!','height=600,width=300');"
- .'" value="log in">'
- .', close the pop-up, and '
- .'<form method="POST"><input name="allow" type="submit" value="Try again"></form>');
- }
- } else {
- echo '<form method="POST"><input name="allow" type="submit" value="Allow this web app to store stuff on your owncloud."></form>';
- }
-} else {
- die('not webdav and not oauth. dont know what to do '.var_export($pathParts, true));
-}
<?php
class OC_remoteStorage {
- public static function getValidTokens($ownCloudUser, $userAddress, $dataScope) {
- $query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND userAddress=? AND dataScope=? LIMIT 100");
- $result=$query->execute(array($ownCloudUser,$userAddress,$dataScope));
+ public static function getValidTokens($ownCloudUser, $category) {
+ $query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND category=? LIMIT 100");
+ $result=$query->execute(array($ownCloudUser,$category));
$ret = array();
while($row=$result->fetchRow()){
- $ret[$row['token']]=$userAddress;
+ $ret[$row['token']]=true;
}
return $ret;
}
public static function getAllTokens() {
$user=OC_User::getUser();
- $query=OC_DB::prepare("SELECT token,appUrl,userAddress,dataScope FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
+ $query=OC_DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
$result=$query->execute(array($user));
$ret = array();
while($row=$result->fetchRow()){
$ret[$row['token']] = array(
'appUrl' => $row['appurl'],
- 'userAddress' => $row['useraddress'],
- 'dataScope' => $row['datascope'],
+ 'category' => $row['category'],
);
}
return $ret;
$query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?");
$result=$query->execute(array($token,$user));
}
- private static function addToken($token, $appUrl, $userAddress, $dataScope){
+ private static function addToken($token, $appUrl, $category){
$user=OC_User::getUser();
- $query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`userAddress`,`dataScope`) VALUES(?,?,?,?,?)");
- $result=$query->execute(array($token,$appUrl,$user,$userAddress,$dataScope));
+ $query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`category`) VALUES(?,?,?,?)");
+ $result=$query->execute(array($token,$appUrl,$user,$category));
}
- public static function createDataScope($appUrl, $userAddress, $dataScope){
+ public static function createCategory($appUrl, $category) {
$token=uniqid();
- self::addToken($token, $appUrl, $userAddress, $dataScope);
- //TODO: input checking on $userAddress and $dataScope
- list($userName, $userHost) = explode('@', $userAddress);
+ self::addToken($token, $appUrl, $category);
+ //TODO: input checking on $category
OC_Util::setupFS(OC_User::getUser());
- $scopePathParts = array('remoteStorage', 'webdav', $userHost, $userName, $dataScope);
+ $scopePathParts = array('remoteStorage', $category);
for($i=0;$i<=count($scopePathParts);$i++){
$thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i));
if(!OC_Filesystem::file_exists($thisPath)) {
OC_Filesystem::mkdir($thisPath);
}
}
- return $token;
+ return base64_encode('remoteStorage:'.$token);
}
}
* @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
+
class OC_Connector_Sabre_Auth_ro_oauth extends Sabre_DAV_Auth_Backend_AbstractBasic {
private $validTokens;
$auth->setRealm($realm);
$userpass = $auth->getUserPass();
if (!$userpass) {
- if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
+ if(in_array($_SERVER['REQUEST_METHOD'], array('OPTIONS'))) {
$userpass = array('', '');
} else {
$auth->requireLogin();
if(substr($userName, 0, 5) == 'acct:') {
$userName = substr($userName, 5);
}
+if($_SERVER['HTTPS']) {
+ $baseAddress = 'https://'.$_SERVER['SERVER_NAME'].'/apps/remoteStorage/';
+} else {
+ $baseAddress = 'http://'.$_SERVER['SERVER_NAME'].'/apps/remoteStorage/';
+}
echo "<";
?>
?xml version="1.0" encoding="UTF-8"?>
<XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0" xmlns:hm="http://host-meta.net/xrd/1.0">
<hm:Host xmlns="http://host-meta.net/xrd/1.0"><?php echo $_SERVER['SERVER_NAME'] ?></hm:Host>
- <Link rel="http://unhosted.org/spec/dav/0.1" href="http<?php echo ($_SERVER['HTTPS']?'s':''); ?>://<?php echo $_SERVER['SERVER_NAME'].$WEBROOT ?>/apps/remoteStorage/compat.php/<?php echo $userName ?>/remoteStorage/" />
+ <Link
+ rel="remoteStorage"
+ template="<?php echo $baseAddress ?>WebDAV.php/<?php echo $userName ?>/remoteStorage/{category}/"
+ api="WebDAV"
+ auth="<?php echo $baseAddress; ?>auth.php/<?php echo $userName ?>"
+ ></Link>
</XRD>