mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 984 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
71135 Commits
373 Branches
Tree: aa5f037af7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'aa5f037af7'
${ noResults }
nextcloud/apps/dav/lib/Connector/Sabre/BearerAuth.php

BearerAuth.php 2.5KB
Raw Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>

  4.  *

  5.  * @author Christoph Wurst <christoph@winzerhof-wurst.at>

  6.  * @author Lukas Reschke <lukas@statuscode.ch>

  7.  *

  8.  * @license GNU AGPL version 3 or any later version

  9.  *

  10.  * This program is free software: you can redistribute it and/or modify

  11.  * it under the terms of the GNU Affero General Public License as

  12.  * published by the Free Software Foundation, either version 3 of the

  13.  * License, or (at your option) any later version.

  14.  *

  15.  * This program is distributed in the hope that it will be useful,

  16.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  17.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  18.  * GNU Affero General Public License for more details.

  19.  *

  20.  * You should have received a copy of the GNU Affero General Public License

  21.  * along with this program. If not, see <http://www.gnu.org/licenses/>.

  22.  *

  23.  */

  24. namespace OCA\DAV\Connector\Sabre;

  25. 

  26. use OCP\IRequest;

  27. use OCP\ISession;

  28. use OCP\IUserSession;

  29. use Sabre\DAV\Auth\Backend\AbstractBearer;

  30. use Sabre\HTTP\RequestInterface;

  31. use Sabre\HTTP\ResponseInterface;

  32. 

  33. class BearerAuth extends AbstractBearer {

  34. 	private IUserSession $userSession;

  35. 	private ISession $session;

  36. 	private IRequest $request;

  37. 	private string $principalPrefix;

  38. 

  39. 	public function __construct(IUserSession $userSession,

  40. 		ISession $session,

  41. 		IRequest $request,

  42. 		$principalPrefix = 'principals/users/') {

  43. 		$this->userSession = $userSession;

  44. 		$this->session = $session;

  45. 		$this->request = $request;

  46. 		$this->principalPrefix = $principalPrefix;

  47. 

  48. 		// setup realm

  49. 		$defaults = new \OCP\Defaults();

  50. 		$this->realm = $defaults->getName();

  51. 	}

  52. 

  53. 	private function setupUserFs($userId) {

  54. 		\OC_Util::setupFS($userId);

  55. 		$this->session->close();

  56. 		return $this->principalPrefix . $userId;

  57. 	}

  58. 

  59. 	/**

  60. 	 * {@inheritdoc}

  61. 	 */

  62. 	public function validateBearerToken($bearerToken) {

  63. 		\OC_Util::setupFS();

  64. 

  65. 		if (!$this->userSession->isLoggedIn()) {

  66. 			$this->userSession->tryTokenLogin($this->request);

  67. 		}

  68. 		if ($this->userSession->isLoggedIn()) {

  69. 			return $this->setupUserFs($this->userSession->getUser()->getUID());

  70. 		}

  71. 

  72. 		return false;

  73. 	}

  74. 

  75. 	/**

  76. 	 * \Sabre\DAV\Auth\Backend\AbstractBearer::challenge sets an WWW-Authenticate

  77. 	 * header which some DAV clients can't handle. Thus we override this function

  78. 	 * and make it simply return a 401.

  79. 	 *

  80. 	 * @param RequestInterface $request

  81. 	 * @param ResponseInterface $response

  82. 	 */

  83. 	public function challenge(RequestInterface $request, ResponseInterface $response): void {

  84. 		$response->setStatus(401);

  85. 	}

  86. }