fix: csrf check failed on public share with password

Signed-off-by: Luka Trovic <luka@nextcloud.com>

2 files changed, 18 insertions, 0 deletions

diff --git a/core/src/OC/index.js b/core/src/OC/index.js
index 33dd45a17ee..34af0b25522 100644
--- a/core/src/OC/index.js
+++ b/core/src/OC/index.js
@@ -70,6 +70,7 @@ import {
 } from './host.js'
 import {
 	getToken as getRequestToken,
+	fetchToken as fetchRequestToken,
 } from './requesttoken.js'
 import {
 	hideMenus,
@@ -274,6 +275,7 @@ export default {
 	redirect,
 	reload,
 	requestToken: getRequestToken(),
+	fetchRequestToken,
 	/**
 	 * @deprecated 19.0.0 use `linkTo` from https://www.npmjs.com/package/@nextcloud/router
 	 */
diff --git a/core/src/OC/requesttoken.js b/core/src/OC/requesttoken.js
index eba15e88e08..229f8ff0370 100644
--- a/core/src/OC/requesttoken.js
+++ b/core/src/OC/requesttoken.js
@@ -22,6 +22,8 @@
  */
 
 import { emit } from '@nextcloud/event-bus'
+import { generateUrl } from '@nextcloud/router'
+import $ from 'jquery'
 
 /**
  * @private
@@ -41,6 +43,15 @@ export const manageToken = (global, emit) => {
 				token,
 			})
 		},
+		fetchToken: async () => {
+			const url = generateUrl('/csrftoken')
+			const resp = await $.get(url)
+			token = resp.token
+			emit('csrf-token-update', {
+				token,
+			})
+			return token
+		},
 	}
 }
 
@@ -55,3 +66,8 @@ export const getToken = manageFromDocument.getToken
  * @param {string} newToken new token
  */
 export const setToken = manageFromDocument.setToken
+
+/**
+ * @return {Promise<string>}
+ */
+export const fetchToken = manageFromDocument.fetchToken