Move Lib\Auth to PSR-4

12 files changed, 694 insertions, 0 deletions

diff --git a/apps/files_external/lib/Lib/Auth/AmazonS3/AccessKey.php b/apps/files_external/lib/Lib/Auth/AmazonS3/AccessKey.php
new file mode 100644
index 00000000000..296ed59a77a
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/AmazonS3/AccessKey.php
@@ -0,0 +1,47 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\AmazonS3;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+
+/**
+ * Amazon S3 access key authentication
+ */
+class AccessKey extends AuthMechanism {
+
+	const SCHEME_AMAZONS3_ACCESSKEY = 'amazons3_accesskey';
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('amazons3::accesskey')
+			->setScheme(self::SCHEME_AMAZONS3_ACCESSKEY)
+			->setText($l->t('Access key'))
+			->addParameters([
+				(new DefinitionParameter('key', $l->t('Access key'))),
+				(new DefinitionParameter('secret', $l->t('Secret key')))
+					->setType(DefinitionParameter::VALUE_PASSWORD),
+			]);
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/AuthMechanism.php b/apps/files_external/lib/Lib/Auth/AuthMechanism.php
new file mode 100644
index 00000000000..68d6f023487
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/AuthMechanism.php
@@ -0,0 +1,120 @@
+<?php
+/**
+ * @author Robin Appelman <icewind@owncloud.com>
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth;
+
+use \OCA\Files_External\Lib\StorageConfig;
+use \OCA\Files_External\Lib\VisibilityTrait;
+use \OCA\Files_External\Lib\IdentifierTrait;
+use \OCA\Files_External\Lib\FrontendDefinitionTrait;
+use \OCA\Files_External\Lib\StorageModifierTrait;
+
+/**
+ * Authentication mechanism
+ *
+ * An authentication mechanism can have services injected during construction,
+ * such as \OCP\IDB for database operations. This allows an authentication
+ * mechanism to perform advanced operations based on provided information.
+ *
+ * An authenication scheme defines the parameter interface, common to the
+ * storage implementation, the backend and the authentication mechanism.
+ * A storage implementation expects parameters according to the authentication
+ * scheme, which are provided from the authentication mechanism.
+ *
+ * This class uses the following traits:
+ *  - VisibilityTrait
+ *      Restrict usage to admin-only/none
+ *  - FrontendDefinitionTrait
+ *      Specify configuration parameters and other definitions
+ *  - StorageModifierTrait
+ *      Object can affect storage mounting
+ */
+class AuthMechanism implements \JsonSerializable {
+
+	/** Standard authentication schemes */
+	const SCHEME_NULL = 'null';
+	const SCHEME_BUILTIN = 'builtin';
+	const SCHEME_PASSWORD = 'password';
+	const SCHEME_OAUTH1 = 'oauth1';
+	const SCHEME_OAUTH2 = 'oauth2';
+	const SCHEME_PUBLICKEY = 'publickey';
+	const SCHEME_OPENSTACK = 'openstack';
+
+	use VisibilityTrait;
+	use FrontendDefinitionTrait;
+	use StorageModifierTrait;
+	use IdentifierTrait;
+
+	/** @var string */
+	protected $scheme;
+
+	/**
+	 * Get the authentication scheme implemented
+	 * See self::SCHEME_* constants
+	 *
+	 * @return string
+	 */
+	public function getScheme() {
+		return $this->scheme;
+	}
+
+	/**
+	 * @param string $scheme
+	 * @return self
+	 */
+	public function setScheme($scheme) {
+		$this->scheme = $scheme;
+		return $this;
+	}
+
+	/**
+	 * Serialize into JSON for client-side JS
+	 *
+	 * @return array
+	 */
+	public function jsonSerialize() {
+		$data = $this->jsonSerializeDefinition();
+		$data += $this->jsonSerializeIdentifier();
+
+		$data['scheme'] = $this->getScheme();
+		$data['visibility'] = $this->getVisibility();
+
+		return $data;
+	}
+
+	/**
+	 * Check if parameters are satisfied in a StorageConfig
+	 *
+	 * @param StorageConfig $storage
+	 * @return bool
+	 */
+	public function validateStorage(StorageConfig $storage) {
+		// does the backend actually support this scheme
+		$supportedSchemes = $storage->getBackend()->getAuthSchemes();
+		if (!isset($supportedSchemes[$this->getScheme()])) {
+			return false;
+		}
+
+		return $this->validateStorageDefinition($storage);
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/Builtin.php b/apps/files_external/lib/Lib/Auth/Builtin.php
new file mode 100644
index 00000000000..8b43cb459cc
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/Builtin.php
@@ -0,0 +1,41 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+use \OCA\Files_external\Lib\StorageConfig;
+
+/**
+ * Builtin authentication mechanism, for legacy backends
+ */
+class Builtin extends AuthMechanism {
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('builtin::builtin')
+			->setScheme(self::SCHEME_BUILTIN)
+			->setText($l->t('Builtin'))
+		;
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/IUserProvided.php b/apps/files_external/lib/Lib/Auth/IUserProvided.php
new file mode 100644
index 00000000000..6852c804be5
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/IUserProvided.php
@@ -0,0 +1,36 @@
+<?php
+/**
+ * @author Robin Appelman <icewind@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth;
+
+use OCP\IUser;
+
+/**
+ * For auth mechanisms where the user needs to provide credentials
+ */
+interface IUserProvided {
+	/**
+	 * @param IUser $user the user for which to save the user provided options
+	 * @param int $mountId the mount id to save the options for
+	 * @param array $options the user provided options
+	 */
+	public function saveBackendOptions(IUser $user, $mountId, array $options);
+}
diff --git a/apps/files_external/lib/Lib/Auth/NullMechanism.php b/apps/files_external/lib/Lib/Auth/NullMechanism.php
new file mode 100644
index 00000000000..c0a8f4f119b
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/NullMechanism.php
@@ -0,0 +1,40 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth;
+
+use \OCP\IL10N;
+use \OCA\Files_external\Lib\StorageConfig;
+
+/**
+ * Null authentication mechanism
+ */
+class NullMechanism extends AuthMechanism {
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('null::null')
+			->setScheme(self::SCHEME_NULL)
+			->setText($l->t('None'))
+		;
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/OAuth1/OAuth1.php b/apps/files_external/lib/Lib/Auth/OAuth1/OAuth1.php
new file mode 100644
index 00000000000..808681530ea
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/OAuth1/OAuth1.php
@@ -0,0 +1,53 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\OAuth1;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+
+/**
+ * OAuth1 authentication
+ */
+class OAuth1 extends AuthMechanism {
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('oauth1::oauth1')
+			->setScheme(self::SCHEME_OAUTH1)
+			->setText($l->t('OAuth1'))
+			->addParameters([
+				(new DefinitionParameter('configured', 'configured'))
+					->setType(DefinitionParameter::VALUE_HIDDEN),
+				(new DefinitionParameter('app_key', $l->t('App key'))),
+				(new DefinitionParameter('app_secret', $l->t('App secret')))
+					->setType(DefinitionParameter::VALUE_PASSWORD),
+				(new DefinitionParameter('token', 'token'))
+					->setType(DefinitionParameter::VALUE_HIDDEN),
+				(new DefinitionParameter('token_secret', 'token_secret'))
+					->setType(DefinitionParameter::VALUE_HIDDEN),
+			])
+			->addCustomJs('oauth1')
+		;
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/OAuth2/OAuth2.php b/apps/files_external/lib/Lib/Auth/OAuth2/OAuth2.php
new file mode 100644
index 00000000000..d4bba8ef0eb
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/OAuth2/OAuth2.php
@@ -0,0 +1,51 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\OAuth2;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+
+/**
+ * OAuth2 authentication
+ */
+class OAuth2 extends AuthMechanism {
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('oauth2::oauth2')
+			->setScheme(self::SCHEME_OAUTH2)
+			->setText($l->t('OAuth2'))
+			->addParameters([
+				(new DefinitionParameter('configured', 'configured'))
+					->setType(DefinitionParameter::VALUE_HIDDEN),
+				(new DefinitionParameter('client_id', $l->t('Client ID'))),
+				(new DefinitionParameter('client_secret', $l->t('Client secret')))
+					->setType(DefinitionParameter::VALUE_PASSWORD),
+				(new DefinitionParameter('token', 'token'))
+					->setType(DefinitionParameter::VALUE_HIDDEN),
+			])
+			->addCustomJs('oauth2')
+		;
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/OpenStack/OpenStack.php b/apps/files_external/lib/Lib/Auth/OpenStack/OpenStack.php
new file mode 100644
index 00000000000..80bbb1299f7
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/OpenStack/OpenStack.php
@@ -0,0 +1,48 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\OpenStack;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+
+/**
+ * OpenStack Keystone authentication
+ */
+class OpenStack extends AuthMechanism {
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('openstack::openstack')
+			->setScheme(self::SCHEME_OPENSTACK)
+			->setText($l->t('OpenStack'))
+			->addParameters([
+				(new DefinitionParameter('user', $l->t('Username'))),
+				(new DefinitionParameter('password', $l->t('Password')))
+					->setType(DefinitionParameter::VALUE_PASSWORD),
+				(new DefinitionParameter('tenant', $l->t('Tenant name'))),
+				(new DefinitionParameter('url', $l->t('Identity endpoint URL'))),
+			])
+		;
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/OpenStack/Rackspace.php b/apps/files_external/lib/Lib/Auth/OpenStack/Rackspace.php
new file mode 100644
index 00000000000..c968321ca6c
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/OpenStack/Rackspace.php
@@ -0,0 +1,46 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\OpenStack;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+
+/**
+ * Rackspace authentication
+ */
+class Rackspace extends AuthMechanism {
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('openstack::rackspace')
+			->setScheme(self::SCHEME_OPENSTACK)
+			->setText($l->t('Rackspace'))
+			->addParameters([
+				(new DefinitionParameter('user', $l->t('Username'))),
+				(new DefinitionParameter('key', $l->t('API key')))
+					->setType(DefinitionParameter::VALUE_PASSWORD),
+			])
+		;
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/Password/Password.php b/apps/files_external/lib/Lib/Auth/Password/Password.php
new file mode 100644
index 00000000000..3b1942cc4a8
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/Password/Password.php
@@ -0,0 +1,45 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\Password;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+
+/**
+ * Basic password authentication mechanism
+ */
+class Password extends AuthMechanism {
+
+	public function __construct(IL10N $l) {
+		$this
+			->setIdentifier('password::password')
+			->setScheme(self::SCHEME_PASSWORD)
+			->setText($l->t('Username and password'))
+			->addParameters([
+				(new DefinitionParameter('user', $l->t('Username'))),
+				(new DefinitionParameter('password', $l->t('Password')))
+					->setType(DefinitionParameter::VALUE_PASSWORD),
+			]);
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php b/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php
new file mode 100644
index 00000000000..429c549d80a
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php
@@ -0,0 +1,86 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ * @author Vincent Petry <pvince81@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\Password;
+
+use \OCP\IUser;
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+use \OCA\Files_External\Lib\StorageConfig;
+use \OCP\ISession;
+use \OCP\Security\ICrypto;
+use \OCP\Files\Storage;
+use \OCA\Files_External\Lib\SessionStorageWrapper;
+use \OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
+
+/**
+ * Username and password from login credentials, saved in session
+ */
+class SessionCredentials extends AuthMechanism {
+
+	/** @var ISession */
+	protected $session;
+
+	/** @var ICrypto */
+	protected $crypto;
+
+	public function __construct(IL10N $l, ISession $session, ICrypto $crypto) {
+		$this->session = $session;
+		$this->crypto = $crypto;
+
+		$this
+			->setIdentifier('password::sessioncredentials')
+			->setScheme(self::SCHEME_PASSWORD)
+			->setText($l->t('Log-in credentials, save in session'))
+			->addParameters([
+			])
+		;
+
+		\OCP\Util::connectHook('OC_User', 'post_login', $this, 'authenticate');
+	}
+
+	/**
+	 * Hook listener on post login
+	 *
+	 * @param array $params
+	 */
+	public function authenticate(array $params) {
+		$this->session->set('password::sessioncredentials/credentials', $this->crypto->encrypt(json_encode($params)));
+	}
+
+	public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
+		$encrypted = $this->session->get('password::sessioncredentials/credentials');
+		if (!isset($encrypted)) {
+			throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved');
+		}
+
+		$credentials = json_decode($this->crypto->decrypt($encrypted), true);
+		$storage->setBackendOption('user', $this->session->get('loginname'));
+		$storage->setBackendOption('password', $credentials['password']);
+	}
+
+	public function wrapStorage(Storage $storage) {
+		return new SessionStorageWrapper(['storage' => $storage]);
+	}
+
+}
diff --git a/apps/files_external/lib/Lib/Auth/PublicKey/RSA.php b/apps/files_external/lib/Lib/Auth/PublicKey/RSA.php
new file mode 100644
index 00000000000..7732beeddf8
--- /dev/null
+++ b/apps/files_external/lib/Lib/Auth/PublicKey/RSA.php
@@ -0,0 +1,81 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\PublicKey;
+
+use \OCP\IL10N;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+use \OCA\Files_External\Lib\StorageConfig;
+use \OCP\IConfig;
+use OCP\IUser;
+use \phpseclib\Crypt\RSA as RSACrypt;
+
+/**
+ * RSA public key authentication
+ */
+class RSA extends AuthMechanism {
+
+	const CREATE_KEY_BITS = 1024;
+
+	/** @var IConfig */
+	private $config;
+
+	public function __construct(IL10N $l, IConfig $config) {
+		$this->config = $config;
+
+		$this
+			->setIdentifier('publickey::rsa')
+			->setScheme(self::SCHEME_PUBLICKEY)
+			->setText($l->t('RSA public key'))
+			->addParameters([
+				(new DefinitionParameter('user', $l->t('Username'))),
+				(new DefinitionParameter('public_key', $l->t('Public key'))),
+				(new DefinitionParameter('private_key', 'private_key'))
+					->setType(DefinitionParameter::VALUE_HIDDEN),
+			])
+			->addCustomJs('public_key')
+		;
+	}
+
+	public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
+		$auth = new RSACrypt();
+		$auth->setPassword($this->config->getSystemValue('secret', ''));
+		if (!$auth->loadKey($storage->getBackendOption('private_key'))) {
+			throw new \RuntimeException('unable to load private key');
+		}
+		$storage->setBackendOption('public_key_auth', $auth);
+	}
+
+	/**
+	 * Generate a keypair
+	 *
+	 * @return array ['privatekey' => $privateKey, 'publickey' => $publicKey]
+	 */
+	public function createKey() {
+		$rsa = new RSACrypt();
+		$rsa->setPublicKeyFormat(RSACrypt::PUBLIC_FORMAT_OPENSSH);
+		$rsa->setPassword($this->config->getSystemValue('secret', ''));
+
+		return $rsa->createKey(self::CREATE_KEY_BITS);
+	}
+
+}