Browse Source
Make legacy DAV backend use the BearerAuth backend as well
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
pull/4704/head
Lukas Reschke
9 years ago
No known key found for this signature in database
GPG Key ID: B9F6980CF6E759B1
5 changed files with
22 additions and
7 deletions
-
apps/dav/appinfo/v1/publicwebdav.php
-
apps/dav/appinfo/v1/webdav.php
-
apps/dav/lib/Connector/Sabre/ServerFactory.php
-
apps/dav/tests/unit/Connector/Sabre/RequestTest/RequestTestCase.php
-
build/integration/features/auth.feature
|
|
|
@ -42,6 +42,7 @@ $authBackend = new OCA\DAV\Connector\PublicAuth( |
|
|
|
\OC::$server->getShareManager(), |
|
|
|
\OC::$server->getSession() |
|
|
|
); |
|
|
|
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend); |
|
|
|
|
|
|
|
$serverFactory = new OCA\DAV\Connector\Sabre\ServerFactory( |
|
|
|
\OC::$server->getConfig(), |
|
|
|
@ -59,7 +60,7 @@ $requestUri = \OC::$server->getRequest()->getRequestUri(); |
|
|
|
$linkCheckPlugin = new \OCA\DAV\Files\Sharing\PublicLinkCheckPlugin(); |
|
|
|
$filesDropPlugin = new \OCA\DAV\Files\Sharing\FilesDropPlugin(); |
|
|
|
|
|
|
|
$server = $serverFactory->createServer($baseuri, $requestUri, $authBackend, function (\Sabre\DAV\Server $server) use ($authBackend, $linkCheckPlugin, $filesDropPlugin) { |
|
|
|
$server = $serverFactory->createServer($baseuri, $requestUri, $authPlugin, function (\Sabre\DAV\Server $server) use ($authBackend, $linkCheckPlugin, $filesDropPlugin) { |
|
|
|
$isAjax = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest'); |
|
|
|
$federatedSharingApp = new \OCA\FederatedFileSharing\AppInfo\Application(); |
|
|
|
$federatedShareProvider = $federatedSharingApp->getFederatedShareProvider(); |
|
|
|
|
|
|
|
@ -52,9 +52,17 @@ $authBackend = new \OCA\DAV\Connector\Sabre\Auth( |
|
|
|
\OC::$server->getBruteForceThrottler(), |
|
|
|
'principals/' |
|
|
|
); |
|
|
|
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend); |
|
|
|
$bearerAuthPlugin = new \OCA\DAV\Connector\Sabre\BearerAuth( |
|
|
|
\OC::$server->getUserSession(), |
|
|
|
\OC::$server->getSession(), |
|
|
|
\OC::$server->getRequest() |
|
|
|
); |
|
|
|
$authPlugin->addBackend($bearerAuthPlugin); |
|
|
|
|
|
|
|
$requestUri = \OC::$server->getRequest()->getRequestUri(); |
|
|
|
|
|
|
|
$server = $serverFactory->createServer($baseuri, $requestUri, $authBackend, function() { |
|
|
|
$server = $serverFactory->createServer($baseuri, $requestUri, $authPlugin, function() { |
|
|
|
// use the view for the logged in user
|
|
|
|
return \OC\Files\Filesystem::getView(); |
|
|
|
}); |
|
|
|
|
|
|
|
@ -40,6 +40,7 @@ use OCP\IRequest; |
|
|
|
use OCP\ITagManager; |
|
|
|
use OCP\IUserSession; |
|
|
|
use Sabre\DAV\Auth\Backend\BackendInterface; |
|
|
|
use Sabre\DAV\Auth\Plugin; |
|
|
|
|
|
|
|
class ServerFactory { |
|
|
|
/** @var IConfig */ |
|
|
|
@ -92,13 +93,13 @@ class ServerFactory { |
|
|
|
/** |
|
|
|
* @param string $baseUri |
|
|
|
* @param string $requestUri |
|
|
|
* @param BackendInterface $authBackend |
|
|
|
* @param Plugin $authPlugin |
|
|
|
* @param callable $viewCallBack callback that should return the view for the dav endpoint |
|
|
|
* @return Server |
|
|
|
*/ |
|
|
|
public function createServer($baseUri, |
|
|
|
$requestUri, |
|
|
|
BackendInterface $authBackend, |
|
|
|
Plugin $authPlugin, |
|
|
|
callable $viewCallBack) { |
|
|
|
// Fire up server
|
|
|
|
$objectTree = new \OCA\DAV\Connector\Sabre\ObjectTree(); |
|
|
|
@ -110,7 +111,7 @@ class ServerFactory { |
|
|
|
// Load plugins
|
|
|
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin($this->config)); |
|
|
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin($this->config)); |
|
|
|
$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend)); |
|
|
|
$server->addPlugin($authPlugin); |
|
|
|
// FIXME: The following line is a workaround for legacy components relying on being able to send a GET to /
|
|
|
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\DummyGetResponsePlugin()); |
|
|
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $this->logger)); |
|
|
|
|
|
|
|
@ -138,8 +138,9 @@ abstract class RequestTestCase extends TestCase { |
|
|
|
*/ |
|
|
|
protected function getSabreServer(View $view, $user, $password, ExceptionPlugin $exceptionPlugin) { |
|
|
|
$authBackend = new Auth($user, $password); |
|
|
|
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend); |
|
|
|
|
|
|
|
$server = $this->serverFactory->createServer('/', 'dummy', $authBackend, function () use ($view) { |
|
|
|
$server = $this->serverFactory->createServer('/', 'dummy', $authPlugin, function () use ($view) { |
|
|
|
return $view; |
|
|
|
}); |
|
|
|
$server->addPlugin($exceptionPlugin); |
|
|
|
|
|
|
|
@ -53,10 +53,14 @@ Feature: auth |
|
|
|
When requesting "/remote.php/webdav" with "PROPFIND" using restricted basic token auth |
|
|
|
Then the HTTP status code should be "207" |
|
|
|
|
|
|
|
Scenario: using WebDAV with restricted basic token auth |
|
|
|
Scenario: using old WebDAV endpoint with unrestricted client token |
|
|
|
When requesting "/remote.php/webdav" with "PROPFIND" using an unrestricted client token |
|
|
|
Then the HTTP status code should be "207" |
|
|
|
|
|
|
|
Scenario: using new WebDAV endpoint with unrestricted client token |
|
|
|
When requesting "/remote.php/dav/" with "PROPFIND" using an unrestricted client token |
|
|
|
Then the HTTP status code should be "207" |
|
|
|
|
|
|
|
Scenario: using WebDAV with browser session |
|
|
|
Given a new browser session is started |
|
|
|
When requesting "/remote.php/webdav" with "PROPFIND" using browser session |
|
|
|
|
