wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Catch auth coming from JS in OCS

Browse source
This commit is contained in:
Lukas Reschke 2016-02-15 15:38:37 +01:00
parent b8b77709c0
commit dfc3536d2b
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
lib/private/api.php
View file

@ -377,9 +377,16 @@ class OC_API {
* @param string $format the format xml|json
*/
public static function respond($result, $format='xml') {
$request = \OC::$server->getRequest();
// Send 401 headers if unauthorised
if($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
header('WWW-Authenticate: Basic realm="Authorisation Required"');
// If request comes from JS return dummy auth request
if($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
} else {
header('WWW-Authenticate: Basic realm="Authorisation Required"');
}
header('HTTP/1.0 401 Unauthorized');
}
@ -389,7 +396,7 @@ class OC_API {
$meta = $result->getMeta();
$data = $result->getData();
if (self::isV2(\OC::$server->getRequest())) {
if (self::isV2($request)) {
$statusCode = self::mapStatusCodes($result->getStatusCode());
if (!is_null($statusCode)) {
$meta['statuscode'] = $statusCode;