From cdc536c42367a1c7667a63c598f50b95956da759 Mon Sep 17 00:00:00 2001
From: Thomas Müller <thomas.mueller@tmit.eu>
Date: Thu, 3 Dec 2015 16:22:18 +0100
Subject: Allow trusted servers to authenticate

---
 apps/federation/appinfo/database.xml |  9 ++++++++-
 apps/federation/lib/dbhandler.php    | 19 ++++++++++++++++++-
 2 files changed, 26 insertions(+), 2 deletions(-)

(limited to 'apps/federation')

diff --git a/apps/federation/appinfo/database.xml b/apps/federation/appinfo/database.xml
index e0bb241918e..e6728df1408 100644
--- a/apps/federation/appinfo/database.xml
+++ b/apps/federation/appinfo/database.xml
@@ -34,7 +34,7 @@
 				<name>token</name>
 				<type>text</type>
 				<length>128</length>
-				<comments>toke used to exchange the shared secret</comments>
+				<comments>token used to exchange the shared secret</comments>
 			</field>
 			<field>
 				<name>shared_secret</name>
@@ -50,6 +50,13 @@
 				<default>2</default>
 				<comments>current status of the connection</comments>
 			</field>
+			<field>
+				<name>sync_token</name>
+				<type>integer</type>
+				<notnull>true</notnull>
+				<default>0</default>
+				<comments>cardDav sync token</comments>
+			</field>
 			<index>
 				<name>url_hash</name>
 				<unique>true</unique>
diff --git a/apps/federation/lib/dbhandler.php b/apps/federation/lib/dbhandler.php
index 7606593f780..f86a8e15d80 100644
--- a/apps/federation/lib/dbhandler.php
+++ b/apps/federation/lib/dbhandler.php
@@ -111,7 +111,7 @@ class DbHandler {
 	 */
 	public function getAllServer() {
 		$query = $this->connection->getQueryBuilder();
-		$query->select(['url', 'id', 'status'])->from($this->dbTable);
+		$query->select(['url', 'id', 'status', 'shared_secret', 'sync_token'])->from($this->dbTable);
 		$result = $query->execute()->fetchAll();
 		return $result;
 	}
@@ -267,4 +267,21 @@ class DbHandler {
 		return $normalized;
 	}
 
+	/**
+	 * @param $username
+	 * @param $password
+	 * @return bool
+	 */
+	public function auth($username, $password) {
+		if ($username !== 'system') {
+			return false;
+		}
+		$query = $this->connection->getQueryBuilder();
+		$query->select('url')->from($this->dbTable)
+				->where($query->expr()->eq('shared_secret', $query->createNamedParameter($password)));
+
+		$result = $query->execute()->fetch();
+		return !empty($result);
+	}
+
 }
-- 
cgit v1.2.3