Add event to load additional scripts in the auth page for public shares

Before the public share authentication page is rendered now an event to
load additional scripts is dispatched. Thanks to this any app can load
its own scripts that, when run on the browser, adjust as needed the page
generated by the server.

Note, however, that during the handling of the event apps are only able
to add scripts or styles to be loaded; they can not render arbitrary
content on the page, or change how the content is rendered by the
original template; all those changes have to be done by the scripts at
run-time.

This implies that the scripts of the apps can use only those parameters,
like the token of the share, added to the page when it is generated by
the "publicshareauth" template. Due to this, and given that the event is
being introduced to be used by Talk to inject the UI needed to request
the password for a share, the token of the share is now provided in the
generated page, just like done in the public share page.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

2 files changed, 30 insertions, 0 deletions

diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php
index bd1331a0908..6ebffed2b58 100644
--- a/apps/files_sharing/lib/Controller/ShareController.php
+++ b/apps/files_sharing/lib/Controller/ShareController.php
@@ -61,6 +61,7 @@ use OCP\Files\NotFoundException;
 use OCP\Files\IRootFolder;
 use OCP\Share\Exceptions\ShareNotFound;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
+use Symfony\Component\EventDispatcher\GenericEvent;
 use OCP\Share\IManager as ShareManager;
 
 /**
@@ -143,6 +144,34 @@ class ShareController extends AuthPublicShareController {
 		$this->shareManager = $shareManager;
 	}
 
+	/**
+	 * @PublicPage
+	 * @NoCSRFRequired
+	 *
+	 * Show the authentication page
+	 * The form has to submit to the authenticate method route
+	 */
+	public function showAuthenticate(): TemplateResponse {
+		$templateParameters = ['share' => $this->share];
+
+		$event = new GenericEvent(null, $templateParameters);
+		$this->eventDispatcher->dispatch('OCA\Files_Sharing::loadAdditionalScripts::publicShareAuth', $event);
+
+		return new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
+	}
+
+	/**
+	 * The template to show when authentication failed
+	 */
+	protected function showAuthFailed(): TemplateResponse {
+		$templateParameters = ['share' => $this->share, 'wrongpw' => true];
+
+		$event = new GenericEvent(null, $templateParameters);
+		$this->eventDispatcher->dispatch('OCA\Files_Sharing::loadAdditionalScripts::publicShareAuth', $event);
+
+		return new TemplateResponse('core', 'publicshareauth', $templateParameters, 'guest');
+	}
+
 	protected function verifyPassword(string $password): bool {
 		return $this->shareManager->checkPassword($this->share, $password);
 	}
diff --git a/core/templates/publicshareauth.php b/core/templates/publicshareauth.php
index adcc2853f87..22e22622291 100644
--- a/core/templates/publicshareauth.php
+++ b/core/templates/publicshareauth.php
@@ -20,6 +20,7 @@
 				placeholder="<?php p($l->t('Password')); ?>" value=""
 				autocomplete="new-password" autocapitalize="off" autocorrect="off"
 				autofocus />
+			<input type="hidden" name="sharingToken" value="<?php p($_['share']->getToken()) ?>" id="sharingToken">
 			<input type="submit" id="password-submit" 
 				class="svg icon-confirm input-button-inline" value="" disabled="disabled" />
 		</p>