Allow only cookie auth to webdav
This commit is contained in:
Roeland Jago Douma
parent
336fe868b2
commit
4a38793d11
2 changed files with 19 additions and 4 deletions
|
|
@ -151,7 +151,10 @@ class Auth extends AbstractBasic {
|
|||
*/
|
||||
private function auth(RequestInterface $request, ResponseInterface $response) {
|
||||
if (\OC_User::handleApacheAuth() ||
|
||||
($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED)))
|
||||
//Fix for broken webdav clients
|
||||
($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
|
||||
//Well behaved clients that only send the cookie are allowed
|
||||
($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
|
||||
) {
|
||||
$user = $this->userSession->getUser()->getUID();
|
||||
\OC_Util::setupFS($user);
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@
|
|||
|
||||
namespace OCA\DAV\Tests\Unit\Connector\Sabre;
|
||||
|
||||
use OCP\IUser;
|
||||
use Test\TestCase;
|
||||
use OCP\ISession;
|
||||
use OCP\IUserSession;
|
||||
|
|
@ -29,6 +30,7 @@ use OCP\IUserSession;
|
|||
* Class Auth
|
||||
*
|
||||
* @package OCA\DAV\Connector\Sabre
|
||||
* @group DB
|
||||
*/
|
||||
class Auth extends TestCase {
|
||||
/** @var ISession */
|
||||
|
|
@ -330,21 +332,31 @@ class Auth extends TestCase {
|
|||
$httpResponse = $this->getMockBuilder('\Sabre\HTTP\ResponseInterface')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
/** @var IUser */
|
||||
$user = $this->getMock('OCP\IUser');
|
||||
$user->method('getUID')->willReturn('MyTestUser');
|
||||
$this->userSession
|
||||
->expects($this->any())
|
||||
->method('isLoggedIn')
|
||||
->will($this->returnValue(true));
|
||||
$this->userSession
|
||||
->expects($this->any())
|
||||
->method('getUser')
|
||||
->willReturn($user);
|
||||
$this->session
|
||||
->expects($this->once())
|
||||
->expects($this->atLeastOnce())
|
||||
->method('get')
|
||||
->with('AUTHENTICATED_TO_DAV_BACKEND')
|
||||
->will($this->returnValue('MyTestUser'));
|
||||
$httpRequest
|
||||
->expects($this->once())
|
||||
->expects($this->atLeastOnce())
|
||||
->method('getHeader')
|
||||
->with('Authorization')
|
||||
->will($this->returnValue(null));
|
||||
$this->auth->check($httpRequest, $httpResponse);
|
||||
$this->assertEquals(
|
||||
[true, 'principals/users/MyTestUser'],
|
||||
$this->auth->check($httpRequest, $httpResponse)
|
||||
);
|
||||
}
|
||||
|
||||
public function testAuthenticateValidCredentials() {
|
||||
|
|
|
|||
Loading…
Reference in a new issue