try apache auth too

author: Christoph Wurst <christoph@owncloud.com> 2016-04-29 09:40:33 +0200
committer: Thomas Müller <thomas.mueller@tmit.eu> 2016-05-11 13:36:46 +0200
commit: 168ccf90a6ae515b1e4c2c10f32b08f284ac50b3 (patch)
tree: 15c296265922f3d22be37733e6330619271d6fcb /lib
parent: aa85edd2242c696954c64799e7880f7a3d39ca83 (diff)
download: nextcloud-server-168ccf90a6ae515b1e4c2c10f32b08f284ac50b3.tar.gz
nextcloud-server-168ccf90a6ae515b1e4c2c10f32b08f284ac50b3.zip
2 files changed, 24 insertions, 8 deletions
diff --git a/lib/base.php b/lib/base.php
index fd8f39e0b8d..16ce0973a95 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -856,10 +856,7 @@ class OC {
 			} else {
 				// For guests: Load only filesystem and logging
 				OC_App::loadApps(array('filesystem', 'logging'));
-				$userSession = self::$server->getUserSession();
-				if (!$userSession->tryTokenLogin()) {
-					$userSession->tryBasicAuthLogin();
-				}
+				self::handleLogin($request);
 			}
 		}
 
@@ -905,6 +902,26 @@ class OC {
 		}
 	}
 
+	/**
+	 * Check login: apache auth, auth token, basic auth
+	 *
+	 * @param OCP\IRequest $request
+	 * @return boolean
+	 */
+	private static function handleLogin(OCP\IRequest $request) {
+		$userSession = self::$server->getUserSession();
+		if (OC_User::handleApacheAuth()) {
+			return true;
+		}
+		if ($userSession->tryTokenLogin($request)) {
+			return true;
+		}
+		if ($userSession->tryBasicAuthLogin($request)) {
+			return true;
+		}
+		return false;
+	}
+
 	protected static function handleAuthHeaders() {
 		//copy http auth headers for apache+php-fcgid work around
 		if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 972f59fc001..b72e4e1a1ed 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -332,7 +332,8 @@ class Session implements IUserSession, Emitter {
 	 * Tries to login the user with HTTP Basic Authentication
 	 * @return boolean if the login was successful
 	 */
-	public function tryBasicAuthLogin() {
+	public function tryBasicAuthLogin(IRequest $request) {
+		// TODO: use $request->server instead of super globals
 		if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
 			$result = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
 			if ($result === true) {
@@ -431,9 +432,7 @@ class Session implements IUserSession, Emitter {
 	 *
 	 * @todo check remember me cookie
 	 */
-	public function tryTokenLogin() {
-		// TODO: resolve cyclic dependency and inject IRequest somehow
-		$request = \OC::$server->getRequest();
+	public function tryTokenLogin(IRequest $request) {
 		$authHeader = $request->getHeader('Authorization');
 		if (strpos($authHeader, 'token ') === false) {
 			// No auth header, let's try session id
author	Christoph Wurst <christoph@owncloud.com>	2016-04-29 09:40:33 +0200
committer	Thomas Müller <thomas.mueller@tmit.eu>	2016-05-11 13:36:46 +0200
commit	168ccf90a6ae515b1e4c2c10f32b08f284ac50b3 (patch)
tree	15c296265922f3d22be37733e6330619271d6fcb /lib
parent	aa85edd2242c696954c64799e7880f7a3d39ca83 (diff)
download	nextcloud-server-168ccf90a6ae515b1e4c2c10f32b08f284ac50b3.tar.gz nextcloud-server-168ccf90a6ae515b1e4c2c10f32b08f284ac50b3.zip