Add basic implementation for OAuth 2.0 Authorization Code Flow

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

1 files changed, 13 insertions, 0 deletions

diff --git a/apps/dav/lib/Connector/Sabre/Auth.php b/apps/dav/lib/Connector/Sabre/Auth.php
index bdaf73d46e7..7ddbb70530a 100644
--- a/apps/dav/lib/Connector/Sabre/Auth.php
+++ b/apps/dav/lib/Connector/Sabre/Auth.php
@@ -210,6 +210,19 @@ class Auth extends AbstractBasic {
 	 */
 	private function auth(RequestInterface $request, ResponseInterface $response) {
 		$forcedLogout = false;
+
+		$authHeader = $request->getHeader('Authorization');
+		if (strpos($authHeader, 'Bearer ') !== false) {
+			if($this->userSession->tryTokenLogin($this->request)) {
+				$this->session->set(self::DAV_AUTHENTICATED, $this->userSession->getUser()->getUID());
+				$user = $this->userSession->getUser()->getUID();
+				\OC_Util::setupFS($user);
+				$this->currentUser = $user;
+				$this->session->close();
+				return [true, $this->principalPrefix . $user];
+			}
+		}
+
 		if(!$this->request->passesCSRFCheck() &&
 			$this->requiresCSRFCheck()) {
 			// In case of a fail with POST we need to recheck the credentials