clean up auth dialog
This commit is contained in:
Michiel de Jong
parent
2e309aae97
commit
61d535984d
|
|
@ -3,6 +3,6 @@
|
||||||
rel="remoteStorage"
|
rel="remoteStorage"
|
||||||
template="<?php echo WF_BASEURL; ?>/apps/remoteStorage/WebDAV.php/<?php echo WF_USER; ?>/remoteStorage/{category}/"
|
template="<?php echo WF_BASEURL; ?>/apps/remoteStorage/WebDAV.php/<?php echo WF_USER; ?>/remoteStorage/{category}/"
|
||||||
api="WebDAV"
|
api="WebDAV"
|
||||||
auth="<?php echo WF_BASEURL; ?>/?app=remoteStorage&getfile=auth.php/<?php echo WF_USER; ?>">
|
auth="<?php echo WF_BASEURL; ?>/?app=remoteStorage&getfile=auth.php&userid=<?php echo WF_USER; ?>">
|
||||||
</Link>
|
</Link>
|
||||||
<?php } ?>
|
<?php } ?>
|
||||||
|
|
|
||||||
|
|
@ -29,19 +29,8 @@
|
||||||
// Do not load FS ...
|
// Do not load FS ...
|
||||||
$RUNTIME_NOSETUPFS = true;
|
$RUNTIME_NOSETUPFS = true;
|
||||||
|
|
||||||
require_once('../../lib/base.php');
|
|
||||||
|
|
||||||
require_once('../../lib/user.php');
|
|
||||||
require_once('../../lib/public/user.php');
|
|
||||||
|
|
||||||
require_once('../../lib/app.php');
|
|
||||||
require_once('../../lib/public/app.php');
|
|
||||||
|
|
||||||
require_once('../../3rdparty/Sabre/DAV/Auth/IBackend.php');
|
|
||||||
require_once('../../3rdparty/Sabre/DAV/Auth/Backend/AbstractBasic.php');
|
|
||||||
require_once('../../lib/connector/sabre/auth.php');
|
|
||||||
|
|
||||||
OCP\App::checkAppEnabled('remoteStorage');
|
OCP\App::checkAppEnabled('remoteStorage');
|
||||||
|
require_once('Sabre/autoload.php');
|
||||||
require_once('lib_remoteStorage.php');
|
require_once('lib_remoteStorage.php');
|
||||||
require_once('oauth_ro_auth.php');
|
require_once('oauth_ro_auth.php');
|
||||||
|
|
||||||
|
|
@ -49,16 +38,9 @@ ini_set('default_charset', 'UTF-8');
|
||||||
#ini_set('error_reporting', '');
|
#ini_set('error_reporting', '');
|
||||||
@ob_clean();
|
@ob_clean();
|
||||||
|
|
||||||
$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]));
|
|
||||||
$pathParts = explode('/', $path);
|
|
||||||
|
|
||||||
if(count($pathParts) == 2 && $pathParts[0] == '') {
|
|
||||||
//TODO: input checking. these explodes may fail to produces the desired arrays:
|
|
||||||
$subPathParts = explode('?', $pathParts[1]);
|
|
||||||
$ownCloudUser = $subPathParts[0];
|
|
||||||
foreach($_GET as $k => $v) {
|
foreach($_GET as $k => $v) {
|
||||||
if($k=='user_address'){
|
if($k=='userid'){
|
||||||
$userAddress=$v;
|
$userId=$v;
|
||||||
} else if($k=='redirect_uri'){
|
} else if($k=='redirect_uri'){
|
||||||
$appUrlParts=explode('/', $v);
|
$appUrlParts=explode('/', $v);
|
||||||
$appUrl = $appUrlParts[2];//bit dodgy i guess
|
$appUrl = $appUrlParts[2];//bit dodgy i guess
|
||||||
|
|
@ -67,7 +49,8 @@ if(count($pathParts) == 2 && $pathParts[0] == '') {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$currUser = OCP\USER::getUser();
|
$currUser = OCP\USER::getUser();
|
||||||
if($currUser == $ownCloudUser) {
|
if($userId && $appUrl && $categories) {
|
||||||
|
if($currUser == $userId) {
|
||||||
if(isset($_POST['allow'])) {
|
if(isset($_POST['allow'])) {
|
||||||
//TODO: check if this can be faked by editing the cookie in firebug!
|
//TODO: check if this can be faked by editing the cookie in firebug!
|
||||||
$token=OC_remoteStorage::createCategories($appUrl, $categories);
|
$token=OC_remoteStorage::createCategories($appUrl, $categories);
|
||||||
|
|
@ -75,6 +58,7 @@ if(count($pathParts) == 2 && $pathParts[0] == '') {
|
||||||
} else if($existingToken = OC_remoteStorage::getTokenFor($appUrl, $categories)) {
|
} else if($existingToken = OC_remoteStorage::getTokenFor($appUrl, $categories)) {
|
||||||
header('Location: '.$_GET['redirect_uri'].'#access_token='.$existingToken.'&token_type=bearer');
|
header('Location: '.$_GET['redirect_uri'].'#access_token='.$existingToken.'&token_type=bearer');
|
||||||
} else {
|
} else {
|
||||||
|
//params ok, logged in ok, but need to click Allow still:
|
||||||
?>
|
?>
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html>
|
<html>
|
||||||
|
|
@ -125,22 +109,14 @@ if(count($pathParts) == 2 && $pathParts[0] == '') {
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
<?php
|
<?php
|
||||||
}
|
}//end 'need to click Allow still'
|
||||||
} else {
|
} else {//login not ok
|
||||||
if((isset($_SERVER['HTTPS'])) && ($_SERVER['HTTPS'])) {
|
|
||||||
$url = "https://";
|
|
||||||
} else {
|
|
||||||
$url = "http://";
|
|
||||||
}
|
|
||||||
$url .= $_SERVER['SERVER_NAME'];
|
|
||||||
$url .= substr($_SERVER['SCRIPT_NAME'], 0, -strlen('apps/remoteStorage/compat.php'));
|
|
||||||
if($currUser) {
|
if($currUser) {
|
||||||
die('You are logged in as '.$currUser.' instead of '.$ownCloudUser);
|
die('You are logged in as '.$currUser.' instead of '.$userId);
|
||||||
} else {
|
} else {
|
||||||
header('Location: /?redirect_url='.urlencode('/apps/remoteStorage/auth.php'.$_SERVER['PATH_INFO'].'?'.$_SERVER['QUERY_STRING']));
|
header('Location: /?redirect_url='.urlencode('/apps/remoteStorage/auth.php'.$_SERVER['PATH_INFO'].'?'.$_SERVER['QUERY_STRING']));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {//params not ok
|
||||||
//die('please use auth.php/username?params. '.var_export($pathParts, true));
|
die('please use e.g. /?app=remoteStorage&getfile=auth.php&userid=admin');
|
||||||
die('please use auth.php/username?params.');
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue