mirror of
https://github.com/nextcloud/server.git
synced 2024-08-06 15:06:39 +02:00
340939e688
SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
78 lines
1.9 KiB
PHP
78 lines
1.9 KiB
PHP
<?php
|
|
/**
|
|
* SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
|
|
* SPDX-License-Identifier: AGPL-3.0-or-later
|
|
*/
|
|
namespace OC\Core\Controller;
|
|
|
|
use bantu\IniGetWrapper\IniGetWrapper;
|
|
use OC\Authentication\Token\IProvider;
|
|
use OC\CapabilitiesManager;
|
|
use OC\Template\JSConfigHelper;
|
|
use OCP\App\IAppManager;
|
|
use OCP\AppFramework\Controller;
|
|
use OCP\AppFramework\Http;
|
|
use OCP\AppFramework\Http\Attribute\FrontpageRoute;
|
|
use OCP\AppFramework\Http\Attribute\OpenAPI;
|
|
use OCP\AppFramework\Http\DataDisplayResponse;
|
|
use OCP\Defaults;
|
|
use OCP\IConfig;
|
|
use OCP\IGroupManager;
|
|
use OCP\IInitialStateService;
|
|
use OCP\IRequest;
|
|
use OCP\ISession;
|
|
use OCP\IURLGenerator;
|
|
use OCP\IUserSession;
|
|
use OCP\L10N\IFactory;
|
|
|
|
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
|
|
class OCJSController extends Controller {
|
|
private JSConfigHelper $helper;
|
|
|
|
public function __construct(
|
|
string $appName,
|
|
IRequest $request,
|
|
IFactory $l10nFactory,
|
|
Defaults $defaults,
|
|
IAppManager $appManager,
|
|
ISession $session,
|
|
IUserSession $userSession,
|
|
IConfig $config,
|
|
IGroupManager $groupManager,
|
|
IniGetWrapper $iniWrapper,
|
|
IURLGenerator $urlGenerator,
|
|
CapabilitiesManager $capabilitiesManager,
|
|
IInitialStateService $initialStateService,
|
|
IProvider $tokenProvider,
|
|
) {
|
|
parent::__construct($appName, $request);
|
|
|
|
$this->helper = new JSConfigHelper(
|
|
$l10nFactory->get('lib'),
|
|
$defaults,
|
|
$appManager,
|
|
$session,
|
|
$userSession->getUser(),
|
|
$config,
|
|
$groupManager,
|
|
$iniWrapper,
|
|
$urlGenerator,
|
|
$capabilitiesManager,
|
|
$initialStateService,
|
|
$tokenProvider
|
|
);
|
|
}
|
|
|
|
/**
|
|
* @NoCSRFRequired
|
|
* @NoTwoFactorRequired
|
|
* @PublicPage
|
|
*/
|
|
#[FrontpageRoute(verb: 'GET', url: '/core/js/oc.js')]
|
|
public function getConfig(): DataDisplayResponse {
|
|
$data = $this->helper->getConfig();
|
|
|
|
return new DataDisplayResponse($data, Http::STATUS_OK, ['Content-type' => 'text/javascript']);
|
|
}
|
|
}
|