Make legacy DAV backend use the BearerAuth backend as well
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
parent
ba7b6bd973
commit
f93db724d7
|
@ -42,6 +42,7 @@ $authBackend = new OCA\DAV\Connector\PublicAuth(
|
||||||
\OC::$server->getShareManager(),
|
\OC::$server->getShareManager(),
|
||||||
\OC::$server->getSession()
|
\OC::$server->getSession()
|
||||||
);
|
);
|
||||||
|
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
|
||||||
|
|
||||||
$serverFactory = new OCA\DAV\Connector\Sabre\ServerFactory(
|
$serverFactory = new OCA\DAV\Connector\Sabre\ServerFactory(
|
||||||
\OC::$server->getConfig(),
|
\OC::$server->getConfig(),
|
||||||
|
@ -59,7 +60,7 @@ $requestUri = \OC::$server->getRequest()->getRequestUri();
|
||||||
$linkCheckPlugin = new \OCA\DAV\Files\Sharing\PublicLinkCheckPlugin();
|
$linkCheckPlugin = new \OCA\DAV\Files\Sharing\PublicLinkCheckPlugin();
|
||||||
$filesDropPlugin = new \OCA\DAV\Files\Sharing\FilesDropPlugin();
|
$filesDropPlugin = new \OCA\DAV\Files\Sharing\FilesDropPlugin();
|
||||||
|
|
||||||
$server = $serverFactory->createServer($baseuri, $requestUri, $authBackend, function (\Sabre\DAV\Server $server) use ($authBackend, $linkCheckPlugin, $filesDropPlugin) {
|
$server = $serverFactory->createServer($baseuri, $requestUri, $authPlugin, function (\Sabre\DAV\Server $server) use ($authBackend, $linkCheckPlugin, $filesDropPlugin) {
|
||||||
$isAjax = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest');
|
$isAjax = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest');
|
||||||
$federatedSharingApp = new \OCA\FederatedFileSharing\AppInfo\Application();
|
$federatedSharingApp = new \OCA\FederatedFileSharing\AppInfo\Application();
|
||||||
$federatedShareProvider = $federatedSharingApp->getFederatedShareProvider();
|
$federatedShareProvider = $federatedSharingApp->getFederatedShareProvider();
|
||||||
|
|
|
@ -52,9 +52,17 @@ $authBackend = new \OCA\DAV\Connector\Sabre\Auth(
|
||||||
\OC::$server->getBruteForceThrottler(),
|
\OC::$server->getBruteForceThrottler(),
|
||||||
'principals/'
|
'principals/'
|
||||||
);
|
);
|
||||||
|
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
|
||||||
|
$bearerAuthPlugin = new \OCA\DAV\Connector\Sabre\BearerAuth(
|
||||||
|
\OC::$server->getUserSession(),
|
||||||
|
\OC::$server->getSession(),
|
||||||
|
\OC::$server->getRequest()
|
||||||
|
);
|
||||||
|
$authPlugin->addBackend($bearerAuthPlugin);
|
||||||
|
|
||||||
$requestUri = \OC::$server->getRequest()->getRequestUri();
|
$requestUri = \OC::$server->getRequest()->getRequestUri();
|
||||||
|
|
||||||
$server = $serverFactory->createServer($baseuri, $requestUri, $authBackend, function() {
|
$server = $serverFactory->createServer($baseuri, $requestUri, $authPlugin, function() {
|
||||||
// use the view for the logged in user
|
// use the view for the logged in user
|
||||||
return \OC\Files\Filesystem::getView();
|
return \OC\Files\Filesystem::getView();
|
||||||
});
|
});
|
||||||
|
|
|
@ -40,6 +40,7 @@ use OCP\IRequest;
|
||||||
use OCP\ITagManager;
|
use OCP\ITagManager;
|
||||||
use OCP\IUserSession;
|
use OCP\IUserSession;
|
||||||
use Sabre\DAV\Auth\Backend\BackendInterface;
|
use Sabre\DAV\Auth\Backend\BackendInterface;
|
||||||
|
use Sabre\DAV\Auth\Plugin;
|
||||||
|
|
||||||
class ServerFactory {
|
class ServerFactory {
|
||||||
/** @var IConfig */
|
/** @var IConfig */
|
||||||
|
@ -92,13 +93,13 @@ class ServerFactory {
|
||||||
/**
|
/**
|
||||||
* @param string $baseUri
|
* @param string $baseUri
|
||||||
* @param string $requestUri
|
* @param string $requestUri
|
||||||
* @param BackendInterface $authBackend
|
* @param Plugin $authPlugin
|
||||||
* @param callable $viewCallBack callback that should return the view for the dav endpoint
|
* @param callable $viewCallBack callback that should return the view for the dav endpoint
|
||||||
* @return Server
|
* @return Server
|
||||||
*/
|
*/
|
||||||
public function createServer($baseUri,
|
public function createServer($baseUri,
|
||||||
$requestUri,
|
$requestUri,
|
||||||
BackendInterface $authBackend,
|
Plugin $authPlugin,
|
||||||
callable $viewCallBack) {
|
callable $viewCallBack) {
|
||||||
// Fire up server
|
// Fire up server
|
||||||
$objectTree = new \OCA\DAV\Connector\Sabre\ObjectTree();
|
$objectTree = new \OCA\DAV\Connector\Sabre\ObjectTree();
|
||||||
|
@ -110,7 +111,7 @@ class ServerFactory {
|
||||||
// Load plugins
|
// Load plugins
|
||||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin($this->config));
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin($this->config));
|
||||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin($this->config));
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin($this->config));
|
||||||
$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend));
|
$server->addPlugin($authPlugin);
|
||||||
// FIXME: The following line is a workaround for legacy components relying on being able to send a GET to /
|
// FIXME: The following line is a workaround for legacy components relying on being able to send a GET to /
|
||||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\DummyGetResponsePlugin());
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\DummyGetResponsePlugin());
|
||||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $this->logger));
|
$server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $this->logger));
|
||||||
|
|
|
@ -138,8 +138,9 @@ abstract class RequestTestCase extends TestCase {
|
||||||
*/
|
*/
|
||||||
protected function getSabreServer(View $view, $user, $password, ExceptionPlugin $exceptionPlugin) {
|
protected function getSabreServer(View $view, $user, $password, ExceptionPlugin $exceptionPlugin) {
|
||||||
$authBackend = new Auth($user, $password);
|
$authBackend = new Auth($user, $password);
|
||||||
|
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
|
||||||
|
|
||||||
$server = $this->serverFactory->createServer('/', 'dummy', $authBackend, function () use ($view) {
|
$server = $this->serverFactory->createServer('/', 'dummy', $authPlugin, function () use ($view) {
|
||||||
return $view;
|
return $view;
|
||||||
});
|
});
|
||||||
$server->addPlugin($exceptionPlugin);
|
$server->addPlugin($exceptionPlugin);
|
||||||
|
|
|
@ -53,10 +53,14 @@ Feature: auth
|
||||||
When requesting "/remote.php/webdav" with "PROPFIND" using restricted basic token auth
|
When requesting "/remote.php/webdav" with "PROPFIND" using restricted basic token auth
|
||||||
Then the HTTP status code should be "207"
|
Then the HTTP status code should be "207"
|
||||||
|
|
||||||
Scenario: using WebDAV with restricted basic token auth
|
Scenario: using old WebDAV endpoint with unrestricted client token
|
||||||
When requesting "/remote.php/webdav" with "PROPFIND" using an unrestricted client token
|
When requesting "/remote.php/webdav" with "PROPFIND" using an unrestricted client token
|
||||||
Then the HTTP status code should be "207"
|
Then the HTTP status code should be "207"
|
||||||
|
|
||||||
|
Scenario: using new WebDAV endpoint with unrestricted client token
|
||||||
|
When requesting "/remote.php/dav/" with "PROPFIND" using an unrestricted client token
|
||||||
|
Then the HTTP status code should be "207"
|
||||||
|
|
||||||
Scenario: using WebDAV with browser session
|
Scenario: using WebDAV with browser session
|
||||||
Given a new browser session is started
|
Given a new browser session is started
|
||||||
When requesting "/remote.php/webdav" with "PROPFIND" using browser session
|
When requesting "/remote.php/webdav" with "PROPFIND" using browser session
|
||||||
|
|
Loading…
Reference in New Issue