From: Jakob Sack <kde@jakobsack.de>
Date: Wed, 20 Jul 2011 14:36:36 +0000 (+0200)
Subject: Use SabreDAV authentication Code!
X-Git-Tag: v3.0~267^2~383^2~6
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=86cd8063b49315246929f51774ac5314dab2c2cb;p=nextcloud-server.git

Use SabreDAV authentication Code!
---

diff --git a/files/webdav.php b/files/webdav.php
index ffcad303879..7d5855672ac 100644
--- a/files/webdav.php
+++ b/files/webdav.php
@@ -28,40 +28,24 @@ $RUNTIME_NOSETUPFS = true;
 
 require_once('../lib/base.php');
 require_once('Sabre/autoload.php');
+require_once('Sabre/DAV/Auth/Backend/Owncloud.php');
 require_once('Sabre/DAV/FS/OwncloudNode.php');
 require_once('Sabre/DAV/FS/OwncloudFile.php');
 require_once('Sabre/DAV/FS/OwncloudDirectory.php');
 
-ini_set('default_charset', 'UTF-8');
-#ini_set('error_reporting', '');
-@ob_clean();
+// Create ownCloud Dir
+$publicDir = new OC_Sabre_DAV_FS_OwncloudDirectory('');
+$server = new Sabre_DAV_Server($publicDir);
 
-if(empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['REDIRECT_REMOTE_USER'])) {
-	header('WWW-Authenticate: Basic realm="ownCloud"');
-	header('HTTP/1.0 401 Unauthorized');
-	die('401 Unauthorized');
-}
+// Path to our script
+$server->setBaseUri($WEBROOT.'/files/webdav.php');
 
-$user=$_SERVER['PHP_AUTH_USER'];
-$passwd=$_SERVER['PHP_AUTH_PW'];
+// Auth backend
+$authBackend = new OC_Sabre_DAV_Auth_Backend_Owncloud();
+$authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');
+$server->addPlugin($authPlugin);
 
-if(OC_USER::login($user,$passwd)){
-	OC_UTIL::setUpFS();
-	
-	// Make sure there is a directory in your current directory named 'public'. We will be exposing that directory to WebDAV
-	$publicDir = new OC_Sabre_DAV_FS_OwncloudDirectory('');
-	$server = new Sabre_DAV_Server($publicDir);
-
-	// We're required to set the base uri, it is recommended to put your webdav server on a root of a domain
-	$server->setBaseUri($WEBROOT.'/files/webdav.php');
-
-	// And off we go!
-	$server->exec();
-}
-else{
-	header('WWW-Authenticate: Basic realm="ownCloud"');
-	header('HTTP/1.0 401 Unauthorized');
-	die('401 Unauthorized');
-}
+// And off we go!
+$server->exec();
 
 ?>
diff --git a/lib/Sabre/DAV/Auth/Backend/Owncloud.php b/lib/Sabre/DAV/Auth/Backend/Owncloud.php
new file mode 100644
index 00000000000..8c8556f9f20
--- /dev/null
+++ b/lib/Sabre/DAV/Auth/Backend/Owncloud.php
@@ -0,0 +1,35 @@
+<?php
+require_once("lib/base.php");
+/**
+ * HTTP Basic authentication backend class
+ *
+ * This class can be used by authentication objects wishing to use HTTP Basic
+ * Most of the digest logic is handled, implementors just need to worry about
+ * the validateUserPass method.
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
+ * @author James David Low (http://jameslow.com/)
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class OC_Sabre_DAV_Auth_Backend_Owncloud extends Sabre_DAV_Auth_Backend_AbstractBasic {
+	/**
+	 * Validates a username and password
+	 *
+	 * This method should return true or false depending on if login
+	 * succeeded.
+	 *
+	 * @return bool
+	 */
+	protected function validateUserPass($username, $password){
+		if(OC_USER::login($username,$password)){
+			OC_UTIL::setUpFS();
+			return true;
+		}
+		else{
+			return false;
+		}
+	}
+}