1 files changed, 67 insertions, 44 deletions
diff --git a/ocs/v1.php b/ocs/v1.php
index 32fcfdd46d1..e12cd6ddc11 100644
--- a/ocs/v1.php
+++ b/ocs/v1.php
@@ -1,62 +1,85 @@
 <?php
+
+declare(strict_types=1);
+
 /**
- * @author Bart Visscher <bartv@thisnet.nl>
- * @author Joas Schilling <nickvergessen@owncloud.com>
- * @author Lukas Reschke <lukas@owncloud.com>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Robin Appelman <icewind@owncloud.com>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- * @author Tom Needham <tom@owncloud.com>
- * @author Vincent Petry <pvince81@owncloud.com>
- *
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program.  If not, see <http://www.gnu.org/licenses/>
- *
+ * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-License-Identifier: AGPL-3.0-only
  */
 
-require_once '../lib/base.php';
+require_once __DIR__ . '/../lib/versioncheck.php';
+require_once __DIR__ . '/../lib/base.php';
+
+use OC\OCS\ApiHelper;
+use OC\Route\Router;
+use OC\SystemConfig;
+use OC\User\LoginException;
+use OCP\App\IAppManager;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\OCSController;
+use OCP\IConfig;
+use OCP\IRequest;
+use OCP\IUserSession;
+use OCP\Security\Bruteforce\MaxDelayReached;
+use OCP\Server;
+use OCP\Util;
+use Psr\Log\LoggerInterface;
+use Symfony\Component\Routing\Exception\MethodNotAllowedException;
+use Symfony\Component\Routing\Exception\ResourceNotFoundException;
 
-if (\OCP\Util::needUpgrade()
-	|| \OC::$server->getSystemConfig()->getValue('maintenance', false)
-	|| \OC::$server->getSystemConfig()->getValue('singleuser', false)) {
+if (Util::needUpgrade()
+	|| Server::get(IConfig::class)->getSystemValueBool('maintenance')) {
 	// since the behavior of apps or remotes are unpredictable during
 	// an upgrade, return a 503 directly
-	OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
-	$response = new OC_OCS_Result(null, OC_Response::STATUS_SERVICE_UNAVAILABLE, 'Service unavailable');
-	OC_API::respond($response, OC_API::requestedFormat());
+	ApiHelper::respond(503, 'Service unavailable', ['X-Nextcloud-Maintenance-Mode' => '1'], 503);
 	exit;
 }
 
-use Symfony\Component\Routing\Exception\ResourceNotFoundException;
-use Symfony\Component\Routing\Exception\MethodNotAllowedException;
 
+/*
+ * Try the appframework routes
+ */
 try {
+	$appManager = Server::get(IAppManager::class);
+	$appManager->loadApps(['session']);
+	$appManager->loadApps(['authentication']);
+	$appManager->loadApps(['extended_authentication']);
+
 	// load all apps to get all api routes properly setup
-	OC_App::loadApps();
+	// FIXME: this should ideally appear after handleLogin but will cause
+	// side effects in existing apps
+	$appManager->loadApps();
 
-	// force language as given in the http request
-	\OC::$server->getL10NFactory()->setLanguageFromRequest();
+	$request = Server::get(IRequest::class);
+	$request->throwDecodingExceptionIfAny();
 
-	OC::$server->getRouter()->match('/ocs'.\OC::$server->getRequest()->getRawPathInfo());
+	if (!Server::get(IUserSession::class)->isLoggedIn()) {
+		OC::handleLogin($request);
+	}
+
+	Server::get(Router::class)->match('/ocsapp' . $request->getRawPathInfo());
+} catch (MaxDelayReached $ex) {
+	ApiHelper::respond(Http::STATUS_TOO_MANY_REQUESTS, $ex->getMessage());
 } catch (ResourceNotFoundException $e) {
-	OC_API::setContentType();
-	OC_OCS::notFound();
+	$txt = 'Invalid query, please check the syntax. API specifications are here:'
+		. ' http://www.freedesktop.org/wiki/Specifications/open-collaboration-services.' . "\n";
+	ApiHelper::respond(OCSController::RESPOND_NOT_FOUND, $txt);
 } catch (MethodNotAllowedException $e) {
-	OC_API::setContentType();
-	OC_Response::setStatus(405);
-} catch (\OC\OCS\Exception $ex) {
-	OC_API::respond($ex->getResult(), OC_API::requestedFormat());
-}
+	ApiHelper::setContentType();
+	http_response_code(405);
+} catch (LoginException $e) {
+	ApiHelper::respond(OCSController::RESPOND_UNAUTHORISED, 'Unauthorised');
+} catch (\Exception $e) {
+	Server::get(LoggerInterface::class)->error($e->getMessage(), ['exception' => $e]);
 
+	$txt = 'Internal Server Error' . "\n";
+	try {
+		if (Server::get(SystemConfig::class)->getValue('debug', false)) {
+			$txt .= $e->getMessage();
+		}
+	} catch (\Throwable $e) {
+		// Just to be save
+	}
+	ApiHelper::respond(OCSController::RESPOND_SERVER_ERROR, $txt);
+}