mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 997 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
41188 Commits
365 Branches
Tree: 0eebff152a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0eebff152a'
${ noResults }
nextcloud/apps/dav/lib/Connector/Sabre/BearerAuth.php

BearerAuth.php 2.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>

  4.  *

  5.  * @author Lukas Reschke <lukas@statuscode.ch>

  6.  *

  7.  * @license GNU AGPL version 3 or any later version

  8.  *

  9.  * This program is free software: you can redistribute it and/or modify

  10.  * it under the terms of the GNU Affero General Public License as

  11.  * published by the Free Software Foundation, either version 3 of the

  12.  * License, or (at your option) any later version.

  13.  *

  14.  * This program is distributed in the hope that it will be useful,

  15.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  16.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  17.  * GNU Affero General Public License for more details.

  18.  *

  19.  * You should have received a copy of the GNU Affero General Public License

  20.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.

  21.  *

  22.  */

  23. 

  24. namespace OCA\DAV\Connector\Sabre;

  25. 

  26. use OCP\IRequest;

  27. use OCP\ISession;

  28. use OCP\IUserSession;

  29. use Sabre\DAV\Auth\Backend\AbstractBearer;

  30. use Sabre\HTTP\RequestInterface;

  31. use Sabre\HTTP\ResponseInterface;

  32. 

  33. class BearerAuth extends AbstractBearer {

  34. 	/** @var IUserSession */

  35. 	private $userSession;

  36. 	/** @var ISession */

  37. 	private $session;

  38. 	/** @var IRequest */

  39. 	private $request;

  40. 	/** @var string */

  41. 	private $principalPrefix;

  42. 

  43. 	/**

  44. 	 * @param IUserSession $userSession

  45. 	 * @param ISession $session

  46. 	 * @param string $principalPrefix

  47. 	 * @param IRequest $request

  48. 	 */

  49. 	public function __construct(IUserSession $userSession,

  50. 								ISession $session,

  51. 								IRequest $request,

  52. 								$principalPrefix = 'principals/users/') {

  53. 		$this->userSession = $userSession;

  54. 		$this->session = $session;

  55. 		$this->request = $request;

  56. 		$this->principalPrefix = $principalPrefix;

  57. 

  58. 		// setup realm

  59. 		$defaults = new \OCP\Defaults();

  60. 		$this->realm = $defaults->getName();

  61. 	}

  62. 

  63. 	private function setupUserFs($userId) {

  64. 		\OC_Util::setupFS($userId);

  65. 		$this->session->close();

  66. 		return $this->principalPrefix . $userId;

  67. 	}

  68. 

  69. 	/**

  70. 	 * {@inheritdoc}

  71. 	 */

  72. 	public function validateBearerToken($bearerToken) {

  73. 		\OC_Util::setupFS();

  74. 

  75. 		if(!$this->userSession->isLoggedIn()) {

  76. 			$this->userSession->tryTokenLogin($this->request);

  77. 		}

  78. 		if($this->userSession->isLoggedIn()) {

  79. 			return $this->setupUserFs($this->userSession->getUser()->getUID());

  80. 		}

  81. 

  82. 		return false;

  83. 	}

  84. 

  85. 	/**

  86. 	 * \Sabre\DAV\Auth\Backend\AbstractBearer::challenge sets an WWW-Authenticate

  87. 	 * header which some DAV clients can't handle. Thus we override this function

  88. 	 * and make it simply return a 401.

  89. 	 *

  90. 	 * @param RequestInterface $request

  91. 	 * @param ResponseInterface $response

  92. 	 */

  93. 	public function challenge(RequestInterface $request, ResponseInterface $response) {

  94. 		$response->setStatus(401);

  95. 	}

  96. }