From 6642efa7f4e707dcbe74dc67f7403a7c82a7a2f4 Mon Sep 17 00:00:00 2001
From: Maxence Lange <maxence@artificial-owl.com>
Date: Wed, 26 Sep 2018 16:24:37 +0200
Subject: [PATCH 1/4] adding .well-known/webfinger

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
---
 .htaccess                          | 1 +
 tests/data/setUploadLimit/htaccess | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.htaccess b/.htaccess
index 190b414558..56893dcae7 100644
--- a/.htaccess
+++ b/.htaccess
@@ -59,6 +59,7 @@
   RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
   RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
   RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
+  RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]
   RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
   RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
   RewriteRule ^remote/(.*) remote.php [QSA,L]
diff --git a/tests/data/setUploadLimit/htaccess b/tests/data/setUploadLimit/htaccess
index 65957a2983..f7bfcdbc80 100644
--- a/tests/data/setUploadLimit/htaccess
+++ b/tests/data/setUploadLimit/htaccess
@@ -38,6 +38,7 @@ RewriteEngine on
 RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
 RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
 RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
+RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]
 RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R=301,L]
 RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R=301,L]
 RewriteRule ^apps/calendar/caldav\.php remote.php/caldav/ [QSA,L]

From f64bd62f8e438fe36a6c070ac445a07ad22439e4 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Thu, 27 Sep 2018 16:28:47 +0200
Subject: [PATCH 2/4] Return 404 when the service is not available

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 public.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public.php b/public.php
index d50f49e253..f033e1897c 100644
--- a/public.php
+++ b/public.php
@@ -54,7 +54,7 @@ try {
 		list($service) = explode('/', $pathInfo);
 	}
 	$file = \OC::$server->getConfig()->getAppValue('core', 'public_' . strip_tags($service));
-	if ($file === null) {
+	if ($file === '') {
 		http_response_code(404);
 		exit;
 	}

From d143b43a0454528905c751579b4ab482abe39f36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= <danxuliu@gmail.com>
Date: Wed, 10 Oct 2018 13:33:57 +0200
Subject: [PATCH 3/4] Make possible to set the expected status of the well
 known URL check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The check is based on the HTTP status returned by the URL, and different
URLs may return different status (for example, DAV returns 207, while
a service like WebFinger would return 200), so the expected status needs
to be set depending on the URL.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
---
 core/js/setupchecks.js                 |  9 +++++++--
 core/js/tests/specs/setupchecksSpec.js | 17 ++++++++++++++---
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js
index 62f0fb10c1..1fe9e77077 100644
--- a/core/js/setupchecks.js
+++ b/core/js/setupchecks.js
@@ -52,9 +52,14 @@
 		 * @param url the URL to test
 		 * @param placeholderUrl the placeholder URL - can be found at oc_defaults.docPlaceholderUrl
 		 * @param {boolean} runCheck if this is set to false the check is skipped and no error is returned
+		 * @param {int} expectedStatus the expected HTTP status to be returned by the URL, 207 by default
 		 * @return $.Deferred object resolved with an array of error messages
 		 */
-		checkWellKnownUrl: function(url, placeholderUrl, runCheck) {
+		checkWellKnownUrl: function(url, placeholderUrl, runCheck, expectedStatus) {
+			if (expectedStatus === undefined) {
+				expectedStatus = 207;
+			}
+
 			var deferred = $.Deferred();
 
 			if(runCheck === false) {
@@ -63,7 +68,7 @@
 			}
 			var afterCall = function(xhr) {
 				var messages = [];
-				if (xhr.status !== 207) {
+				if (xhr.status !== expectedStatus) {
 					var docUrl = placeholderUrl.replace('PLACEHOLDER', 'admin-setup-well-known-URL');
 					messages.push({
 						msg: t('core', 'Your web server is not properly set up to resolve "{url}". Further information can be found in the <a target="_blank" rel="noreferrer noopener" href="{docLink}">documentation</a>.', { docLink: docUrl, url: url }),
diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js
index 38a39cdd74..a058a689ed 100644
--- a/core/js/tests/specs/setupchecksSpec.js
+++ b/core/js/tests/specs/setupchecksSpec.js
@@ -61,8 +61,8 @@ describe('OC.SetupChecks tests', function() {
 	});
 
 	describe('checkWellKnownUrl', function() {
-		it('should fail with another response status code than 207', function(done) {
-			var async = OC.SetupChecks.checkWellKnownUrl('/.well-known/caldav', 'http://example.org/PLACEHOLDER', true);
+		it('should fail with another response status code than the expected one', function(done) {
+			var async = OC.SetupChecks.checkWellKnownUrl('/.well-known/caldav', 'http://example.org/PLACEHOLDER', true, 207);
 
 			suite.server.requests[0].respond(200);
 
@@ -75,7 +75,18 @@ describe('OC.SetupChecks tests', function() {
 			});
 		});
 
-		it('should return no error with a response status code of 207', function(done) {
+		it('should return no error with the expected response status code', function(done) {
+			var async = OC.SetupChecks.checkWellKnownUrl('/.well-known/caldav', 'http://example.org/PLACEHOLDER', true, 207);
+
+			suite.server.requests[0].respond(207);
+
+			async.done(function( data, s, x ){
+				expect(data).toEqual([]);
+				done();
+			});
+		});
+
+		it('should return no error with the default expected response status code', function(done) {
 			var async = OC.SetupChecks.checkWellKnownUrl('/.well-known/caldav', 'http://example.org/PLACEHOLDER', true);
 
 			suite.server.requests[0].respond(207);

From 20a5ce217a47c9e3d5dd4016e96e0cc557c51417 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= <danxuliu@gmail.com>
Date: Wed, 10 Oct 2018 14:12:10 +0200
Subject: [PATCH 4/4] Add check for well known URL of WebFinger in the settings
 overview
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

If the WebFinger service is not set in Nextcloud configuration no check
is performed.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
---
 settings/Application.php | 16 ++++++++++++++++
 settings/js/admin.js     |  5 +++--
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/settings/Application.php b/settings/Application.php
index 5b2b606353..4dee85f263 100644
--- a/settings/Application.php
+++ b/settings/Application.php
@@ -121,6 +121,8 @@ class Application extends App {
 
 		Util::connectHook('OC_User', 'post_setPassword', $this, 'onChangePassword');
 		Util::connectHook('OC_User', 'changeUser', $this, 'onChangeInfo');
+
+		Util::connectHook('\OCP\Config', 'js', $this, 'extendJsConfig');
 	}
 
 	/**
@@ -152,4 +154,18 @@ class Application extends App {
 		$hooks = $this->getContainer()->query(Hooks::class);
 		$hooks->onChangeEmail($parameters['user'], $parameters['old_value']);
 	}
+
+	/**
+	 * @param array $settings
+	 */
+	public function extendJsConfig(array $settings) {
+		$appConfig = json_decode($settings['array']['oc_appconfig'], true);
+
+		$publicWebFinger = \OC::$server->getConfig()->getAppValue('core', 'public_webfinger', '');
+		if (!empty($publicWebFinger)) {
+			$appConfig['core']['public_webfinger'] = $publicWebFinger;
+		}
+
+		$settings['array']['oc_appconfig'] = json_encode($appConfig);
+	}
 }
diff --git a/settings/js/admin.js b/settings/js/admin.js
index de5bc2b953..35f3d949ab 100644
--- a/settings/js/admin.js
+++ b/settings/js/admin.js
@@ -248,13 +248,14 @@ $(document).ready(function(){
 	// run setup checks then gather error messages
 	$.when(
 		OC.SetupChecks.checkWebDAV(),
+		OC.SetupChecks.checkWellKnownUrl('/.well-known/webfinger', oc_defaults.docPlaceholderUrl, $('#postsetupchecks').data('check-wellknown') === true && !!oc_appconfig.core.public_webfinger, 200),
 		OC.SetupChecks.checkWellKnownUrl('/.well-known/caldav', oc_defaults.docPlaceholderUrl, $('#postsetupchecks').data('check-wellknown') === true),
 		OC.SetupChecks.checkWellKnownUrl('/.well-known/carddav', oc_defaults.docPlaceholderUrl, $('#postsetupchecks').data('check-wellknown') === true),
 		OC.SetupChecks.checkSetup(),
 		OC.SetupChecks.checkGeneric(),
 		OC.SetupChecks.checkDataProtected()
-	).then(function(check1, check2, check3, check4, check5, check6) {
-		var messages = [].concat(check1, check2, check3, check4, check5, check6);
+	).then(function(check1, check2, check3, check4, check5, check6, check7) {
+		var messages = [].concat(check1, check2, check3, check4, check5, check6, check7);
 		var $el = $('#postsetupchecks');
 		$('#security-warning-state-loading').addClass('hidden');