diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2017-06-13 12:36:31 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-06-13 12:36:31 -0500 |
| commit | e7b5c5c268da7006a025767cc07b83582ea034b0 (patch) | |
| tree | a142a334694e7dab9156bf3b1014ab8b4ed71dab /apps | |
| parent | eafaa2f2386287195932e3c9555b2d4dd542e9d2 (diff) | |
| parent | 633396001f89023b9dd39b3dc20f9e5430239600 (diff) | |
| download | nextcloud-server-e7b5c5c268da7006a025767cc07b83582ea034b0.tar.gz nextcloud-server-e7b5c5c268da7006a025767cc07b83582ea034b0.zip | |
Merge pull request #5372 from nextcloud/we-shall-monkey-patch-auth-headers-for-clients-that-dont-follow-specs
Prevent sending second WWW-Authenticate header
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/BearerAuth.php | 14 | ||||
| -rw-r--r-- | apps/dav/tests/unit/Connector/Sabre/BearerAuthTest.php | 12 |
2 files changed, 23 insertions, 3 deletions
diff --git a/apps/dav/lib/Connector/Sabre/BearerAuth.php b/apps/dav/lib/Connector/Sabre/BearerAuth.php index f0e0f389c33..b7fd9116f21 100644 --- a/apps/dav/lib/Connector/Sabre/BearerAuth.php +++ b/apps/dav/lib/Connector/Sabre/BearerAuth.php @@ -25,6 +25,8 @@ use OCP\IRequest; use OCP\ISession; use OCP\IUserSession; use Sabre\DAV\Auth\Backend\AbstractBearer; +use Sabre\HTTP\RequestInterface; +use Sabre\HTTP\ResponseInterface; class BearerAuth extends AbstractBearer { /** @var IUserSession */ @@ -77,4 +79,16 @@ class BearerAuth extends AbstractBearer { return false; } + + /** + * \Sabre\DAV\Auth\Backend\AbstractBearer::challenge sets an WWW-Authenticate + * header which some DAV clients can't handle. Thus we override this function + * and make it simply return a 401. + * + * @param RequestInterface $request + * @param ResponseInterface $response + */ + public function challenge(RequestInterface $request, ResponseInterface $response) { + $response->setStatus(401); + } } diff --git a/apps/dav/tests/unit/Connector/Sabre/BearerAuthTest.php b/apps/dav/tests/unit/Connector/Sabre/BearerAuthTest.php index 5eae75eb8e9..04bb035a635 100644 --- a/apps/dav/tests/unit/Connector/Sabre/BearerAuthTest.php +++ b/apps/dav/tests/unit/Connector/Sabre/BearerAuthTest.php @@ -21,9 +21,6 @@ namespace OCA\DAV\Tests\unit\Connector\Sabre; -use OC\Authentication\TwoFactorAuth\Manager; -use OC\Security\Bruteforce\Throttler; -use OC\User\Session; use OCA\DAV\Connector\Sabre\BearerAuth; use OCP\IRequest; use OCP\ISession; @@ -85,4 +82,13 @@ class BearerAuthTest extends TestCase { $this->assertSame('principals/users/admin', $this->bearerAuth->validateBearerToken('Token')); } + + public function testChallenge() { + /** @var \PHPUnit_Framework_MockObject_MockObject|RequestInterface $request */ + $request = $this->createMock(RequestInterface::class); + /** @var \PHPUnit_Framework_MockObject_MockObject|ResponseInterface $response */ + $response = $this->createMock(ResponseInterface::class); + $result = $this->bearerAuth->challenge($request, $response); + $this->assertEmpty($result); + } } |