7 files changed, 530 insertions, 0 deletions
diff --git a/3rdparty/Sabre/DAV/Auth/Backend/AbstractBasic.php b/3rdparty/Sabre/DAV/Auth/Backend/AbstractBasic.php
new file mode 100755
index 00000000000..1e89b84f9a1
--- /dev/null
+++ b/3rdparty/Sabre/DAV/Auth/Backend/AbstractBasic.php
@@ -0,0 +1,83 @@
+<?php
+/**
+ * HTTP Basic authentication backend class
+ *
+ * This class can be used by authentication objects wishing to use HTTP Basic
+ * Most of the digest logic is handled, implementors just need to worry about
+ * the validateUserPass method.
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author James David Low (http://jameslow.com/)
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+abstract class Sabre_DAV_Auth_Backend_AbstractBasic implements Sabre_DAV_Auth_IBackend {
+
+    /**
+     * This variable holds the currently logged in username.
+     *
+     * @var string|null
+     */
+    protected $currentUser;
+
+    /**
+     * Validates a username and password
+     *
+     * This method should return true or false depending on if login
+     * succeeded.
+     *
+     * @param string $username
+     * @param string $password
+     * @return bool
+     */
+    abstract protected function validateUserPass($username, $password);
+
+    /**
+     * Returns information about the currently logged in username.
+     *
+     * If nobody is currently logged in, this method should return null.
+     *
+     * @return string|null
+     */
+    public function getCurrentUser() {
+        return $this->currentUser;
+    }
+
+
+    /**
+     * Authenticates the user based on the current request.
+     *
+     * If authentication is successful, true must be returned.
+     * If authentication fails, an exception must be thrown.
+     *
+     * @param Sabre_DAV_Server $server
+     * @param string $realm
+     * @throws Sabre_DAV_Exception_NotAuthenticated
+     * @return bool
+     */
+    public function authenticate(Sabre_DAV_Server $server, $realm) {
+
+        $auth = new Sabre_HTTP_BasicAuth();
+        $auth->setHTTPRequest($server->httpRequest);
+        $auth->setHTTPResponse($server->httpResponse);
+        $auth->setRealm($realm);
+        $userpass = $auth->getUserPass();
+        if (!$userpass) {
+            $auth->requireLogin();
+            throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found');
+        }
+
+        // Authenticates the user
+        if (!$this->validateUserPass($userpass[0],$userpass[1])) {
+            $auth->requireLogin();
+            throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
+        }
+        $this->currentUser = $userpass[0];
+        return true;
+    }
+
+
+}
+
diff --git a/3rdparty/Sabre/DAV/Auth/Backend/AbstractDigest.php b/3rdparty/Sabre/DAV/Auth/Backend/AbstractDigest.php
new file mode 100755
index 00000000000..9833928b976
--- /dev/null
+++ b/3rdparty/Sabre/DAV/Auth/Backend/AbstractDigest.php
@@ -0,0 +1,98 @@
+<?php
+
+/**
+ * HTTP Digest authentication backend class
+ *
+ * This class can be used by authentication objects wishing to use HTTP Digest
+ * Most of the digest logic is handled, implementors just need to worry about
+ * the getDigestHash method
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+abstract class Sabre_DAV_Auth_Backend_AbstractDigest implements Sabre_DAV_Auth_IBackend {
+
+    /**
+     * This variable holds the currently logged in username.
+     *
+     * @var array|null
+     */
+    protected $currentUser;
+
+    /**
+     * Returns a users digest hash based on the username and realm.
+     *
+     * If the user was not known, null must be returned.
+     *
+     * @param string $realm
+     * @param string $username
+     * @return string|null
+     */
+    abstract public function getDigestHash($realm, $username);
+
+    /**
+     * Authenticates the user based on the current request.
+     *
+     * If authentication is successful, true must be returned.
+     * If authentication fails, an exception must be thrown.
+     *
+     * @param Sabre_DAV_Server $server
+     * @param string $realm
+     * @throws Sabre_DAV_Exception_NotAuthenticated
+     * @return bool
+     */
+    public function authenticate(Sabre_DAV_Server $server, $realm) {
+
+        $digest = new Sabre_HTTP_DigestAuth();
+
+        // Hooking up request and response objects
+        $digest->setHTTPRequest($server->httpRequest);
+        $digest->setHTTPResponse($server->httpResponse);
+
+        $digest->setRealm($realm);
+        $digest->init();
+
+        $username = $digest->getUsername();
+
+        // No username was given
+        if (!$username) {
+            $digest->requireLogin();
+            throw new Sabre_DAV_Exception_NotAuthenticated('No digest authentication headers were found');
+        }
+
+        $hash = $this->getDigestHash($realm, $username);
+        // If this was false, the user account didn't exist
+        if ($hash===false || is_null($hash)) {
+            $digest->requireLogin();
+            throw new Sabre_DAV_Exception_NotAuthenticated('The supplied username was not on file');
+        }
+        if (!is_string($hash)) {
+            throw new Sabre_DAV_Exception('The returned value from getDigestHash must be a string or null');
+        }
+
+        // If this was false, the password or part of the hash was incorrect.
+        if (!$digest->validateA1($hash)) {
+            $digest->requireLogin();
+            throw new Sabre_DAV_Exception_NotAuthenticated('Incorrect username');
+        }
+
+        $this->currentUser = $username;
+        return true;
+
+    }
+
+    /**
+     * Returns the currently logged in username.
+     *
+     * @return string|null
+     */
+    public function getCurrentUser() {
+
+        return $this->currentUser;
+
+    }
+
+}
diff --git a/3rdparty/Sabre/DAV/Auth/Backend/Apache.php b/3rdparty/Sabre/DAV/Auth/Backend/Apache.php
new file mode 100755
index 00000000000..d4294ea4d86
--- /dev/null
+++ b/3rdparty/Sabre/DAV/Auth/Backend/Apache.php
@@ -0,0 +1,62 @@
+<?php
+
+/**
+ * Apache authenticator
+ *
+ * This authentication backend assumes that authentication has been
+ * configured in apache, rather than within SabreDAV.
+ *
+ * Make sure apache is properly configured for this to work.
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class Sabre_DAV_Auth_Backend_Apache implements Sabre_DAV_Auth_IBackend {
+
+    /**
+     * Current apache user
+     *
+     * @var string
+     */
+    protected $remoteUser;
+
+    /**
+     * Authenticates the user based on the current request.
+     *
+     * If authentication is successful, true must be returned.
+     * If authentication fails, an exception must be thrown.
+     *
+     * @param Sabre_DAV_Server $server
+     * @param string $realm
+     * @return bool
+     */
+    public function authenticate(Sabre_DAV_Server $server, $realm) {
+
+        $remoteUser = $server->httpRequest->getRawServerValue('REMOTE_USER');
+        if (is_null($remoteUser)) {
+            throw new Sabre_DAV_Exception('We did not receive the $_SERVER[REMOTE_USER] property. This means that apache might have been misconfigured');
+        }
+
+        $this->remoteUser = $remoteUser;
+        return true;
+
+    }
+
+    /**
+     * Returns information about the currently logged in user.
+     *
+     * If nobody is currently logged in, this method should return null.
+     *
+     * @return array|null
+     */
+    public function getCurrentUser() {
+
+        return $this->remoteUser;
+
+    }
+
+}
+
diff --git a/3rdparty/Sabre/DAV/Auth/Backend/File.php b/3rdparty/Sabre/DAV/Auth/Backend/File.php
new file mode 100755
index 00000000000..de308d64a67
--- /dev/null
+++ b/3rdparty/Sabre/DAV/Auth/Backend/File.php
@@ -0,0 +1,75 @@
+<?php
+
+/**
+ * This is an authentication backend that uses a file to manage passwords.
+ *
+ * The backend file must conform to Apache's htdigest format
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class Sabre_DAV_Auth_Backend_File extends Sabre_DAV_Auth_Backend_AbstractDigest {
+
+    /**
+     * List of users
+     *
+     * @var array
+     */
+    protected $users = array();
+
+    /**
+     * Creates the backend object.
+     *
+     * If the filename argument is passed in, it will parse out the specified file fist.
+     *
+     * @param string|null $filename
+     */
+    public function __construct($filename=null) {
+
+        if (!is_null($filename))
+            $this->loadFile($filename);
+
+    }
+
+    /**
+     * Loads an htdigest-formatted file. This method can be called multiple times if
+     * more than 1 file is used.
+     *
+     * @param string $filename
+     * @return void
+     */
+    public function loadFile($filename) {
+
+        foreach(file($filename,FILE_IGNORE_NEW_LINES) as $line) {
+
+            if (substr_count($line, ":") !== 2)
+                throw new Sabre_DAV_Exception('Malformed htdigest file. Every line should contain 2 colons');
+
+            list($username,$realm,$A1) = explode(':',$line);
+
+            if (!preg_match('/^[a-zA-Z0-9]{32}$/', $A1))
+                throw new Sabre_DAV_Exception('Malformed htdigest file. Invalid md5 hash');
+
+            $this->users[$realm . ':' . $username] = $A1;
+
+        }
+
+    }
+
+    /**
+     * Returns a users' information
+     *
+     * @param string $realm
+     * @param string $username
+     * @return string
+     */
+    public function getDigestHash($realm, $username) {
+
+        return isset($this->users[$realm . ':' . $username])?$this->users[$realm . ':' . $username]:false;
+
+    }
+
+}
diff --git a/3rdparty/Sabre/DAV/Auth/Backend/PDO.php b/3rdparty/Sabre/DAV/Auth/Backend/PDO.php
new file mode 100755
index 00000000000..eac18a23fbb
--- /dev/null
+++ b/3rdparty/Sabre/DAV/Auth/Backend/PDO.php
@@ -0,0 +1,65 @@
+<?php
+
+/**
+ * This is an authentication backend that uses a file to manage passwords.
+ *
+ * The backend file must conform to Apache's htdigest format
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class Sabre_DAV_Auth_Backend_PDO extends Sabre_DAV_Auth_Backend_AbstractDigest {
+
+    /**
+     * Reference to PDO connection
+     *
+     * @var PDO
+     */
+    protected $pdo;
+
+    /**
+     * PDO table name we'll be using
+     *
+     * @var string
+     */
+    protected $tableName;
+
+
+    /**
+     * Creates the backend object.
+     *
+     * If the filename argument is passed in, it will parse out the specified file fist.
+     *
+     * @param PDO $pdo
+     * @param string $tableName The PDO table name to use
+     */
+    public function __construct(PDO $pdo, $tableName = 'users') {
+
+        $this->pdo = $pdo;
+        $this->tableName = $tableName;
+
+    }
+
+    /**
+     * Returns the digest hash for a user.
+     *
+     * @param string $realm
+     * @param string $username
+     * @return string|null
+     */
+    public function getDigestHash($realm,$username) {
+
+        $stmt = $this->pdo->prepare('SELECT username, digesta1 FROM '.$this->tableName.' WHERE username = ?');
+        $stmt->execute(array($username));
+        $result = $stmt->fetchAll();
+
+        if (!count($result)) return;
+
+        return $result[0]['digesta1'];
+
+    }
+
+}
diff --git a/3rdparty/Sabre/DAV/Auth/IBackend.php b/3rdparty/Sabre/DAV/Auth/IBackend.php
new file mode 100755
index 00000000000..5be5d1bc93d
--- /dev/null
+++ b/3rdparty/Sabre/DAV/Auth/IBackend.php
@@ -0,0 +1,36 @@
+<?php
+
+/**
+ * This is the base class for any authentication object.
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+interface Sabre_DAV_Auth_IBackend {
+
+    /**
+     * Authenticates the user based on the current request.
+     *
+     * If authentication is successful, true must be returned.
+     * If authentication fails, an exception must be thrown.
+     *
+     * @param Sabre_DAV_Server $server
+     * @param string $realm
+     * @return bool
+     */
+    function authenticate(Sabre_DAV_Server $server,$realm);
+
+    /**
+     * Returns information about the currently logged in username.
+     *
+     * If nobody is currently logged in, this method should return null.
+     *
+     * @return string|null
+     */
+    function getCurrentUser();
+
+}
+
diff --git a/3rdparty/Sabre/DAV/Auth/Plugin.php b/3rdparty/Sabre/DAV/Auth/Plugin.php
new file mode 100755
index 00000000000..55a4e391674
--- /dev/null
+++ b/3rdparty/Sabre/DAV/Auth/Plugin.php
@@ -0,0 +1,111 @@
+<?php
+
+/**
+ * This plugin provides Authentication for a WebDAV server.
+ *
+ * It relies on a Backend object, which provides user information.
+ *
+ * Additionally, it provides support for:
+ *  * {DAV:}current-user-principal property from RFC5397
+ *  * {DAV:}principal-collection-set property from RFC3744
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2012 Rooftop Solutions. All rights reserved.
+ * @author Evert Pot (http://www.rooftopsolutions.nl/)
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class Sabre_DAV_Auth_Plugin extends Sabre_DAV_ServerPlugin {
+
+    /**
+     * Reference to main server object
+     *
+     * @var Sabre_DAV_Server
+     */
+    private $server;
+
+    /**
+     * Authentication backend
+     *
+     * @var Sabre_DAV_Auth_IBackend
+     */
+    private $authBackend;
+
+    /**
+     * The authentication realm.
+     *
+     * @var string
+     */
+    private $realm;
+
+    /**
+     * __construct
+     *
+     * @param Sabre_DAV_Auth_IBackend $authBackend
+     * @param string $realm
+     */
+    public function __construct(Sabre_DAV_Auth_IBackend $authBackend, $realm) {
+
+        $this->authBackend = $authBackend;
+        $this->realm = $realm;
+
+    }
+
+    /**
+     * Initializes the plugin. This function is automatically called by the server
+     *
+     * @param Sabre_DAV_Server $server
+     * @return void
+     */
+    public function initialize(Sabre_DAV_Server $server) {
+
+        $this->server = $server;
+        $this->server->subscribeEvent('beforeMethod',array($this,'beforeMethod'),10);
+
+    }
+
+    /**
+     * Returns a plugin name.
+     *
+     * Using this name other plugins will be able to access other plugins
+     * using Sabre_DAV_Server::getPlugin
+     *
+     * @return string
+     */
+    public function getPluginName() {
+
+        return 'auth';
+
+    }
+
+    /**
+     * Returns the current users' principal uri.
+     *
+     * If nobody is logged in, this will return null.
+     *
+     * @return string|null
+     */
+    public function getCurrentUser() {
+
+        $userInfo = $this->authBackend->getCurrentUser();
+        if (!$userInfo) return null;
+
+        return $userInfo;
+
+    }
+
+    /**
+     * This method is called before any HTTP method and forces users to be authenticated
+     *
+     * @param string $method
+     * @param string $uri
+     * @throws Sabre_DAV_Exception_NotAuthenticated
+     * @return bool
+     */
+    public function beforeMethod($method, $uri) {
+
+        $this->authBackend->authenticate($this->server,$this->realm);
+
+    }
+
+}