Make legacy DAV backend use the BearerAuth backend as well
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
Lukas Reschke
parent
ba7b6bd973
commit
f93db724d7
5 changed files with 22 additions and 7 deletions
|
|
@ -42,6 +42,7 @@ $authBackend = new OCA\DAV\Connector\PublicAuth(
|
|||
\OC::$server->getShareManager(),
|
||||
\OC::$server->getSession()
|
||||
);
|
||||
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
|
||||
|
||||
$serverFactory = new OCA\DAV\Connector\Sabre\ServerFactory(
|
||||
\OC::$server->getConfig(),
|
||||
|
|
@ -59,7 +60,7 @@ $requestUri = \OC::$server->getRequest()->getRequestUri();
|
|||
$linkCheckPlugin = new \OCA\DAV\Files\Sharing\PublicLinkCheckPlugin();
|
||||
$filesDropPlugin = new \OCA\DAV\Files\Sharing\FilesDropPlugin();
|
||||
|
||||
$server = $serverFactory->createServer($baseuri, $requestUri, $authBackend, function (\Sabre\DAV\Server $server) use ($authBackend, $linkCheckPlugin, $filesDropPlugin) {
|
||||
$server = $serverFactory->createServer($baseuri, $requestUri, $authPlugin, function (\Sabre\DAV\Server $server) use ($authBackend, $linkCheckPlugin, $filesDropPlugin) {
|
||||
$isAjax = (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] === 'XMLHttpRequest');
|
||||
$federatedSharingApp = new \OCA\FederatedFileSharing\AppInfo\Application();
|
||||
$federatedShareProvider = $federatedSharingApp->getFederatedShareProvider();
|
||||
|
|
|
|||
|
|
@ -52,9 +52,17 @@ $authBackend = new \OCA\DAV\Connector\Sabre\Auth(
|
|||
\OC::$server->getBruteForceThrottler(),
|
||||
'principals/'
|
||||
);
|
||||
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
|
||||
$bearerAuthPlugin = new \OCA\DAV\Connector\Sabre\BearerAuth(
|
||||
\OC::$server->getUserSession(),
|
||||
\OC::$server->getSession(),
|
||||
\OC::$server->getRequest()
|
||||
);
|
||||
$authPlugin->addBackend($bearerAuthPlugin);
|
||||
|
||||
$requestUri = \OC::$server->getRequest()->getRequestUri();
|
||||
|
||||
$server = $serverFactory->createServer($baseuri, $requestUri, $authBackend, function() {
|
||||
$server = $serverFactory->createServer($baseuri, $requestUri, $authPlugin, function() {
|
||||
// use the view for the logged in user
|
||||
return \OC\Files\Filesystem::getView();
|
||||
});
|
||||
|
|
|
|||
|
|
@ -40,6 +40,7 @@ use OCP\IRequest;
|
|||
use OCP\ITagManager;
|
||||
use OCP\IUserSession;
|
||||
use Sabre\DAV\Auth\Backend\BackendInterface;
|
||||
use Sabre\DAV\Auth\Plugin;
|
||||
|
||||
class ServerFactory {
|
||||
/** @var IConfig */
|
||||
|
|
@ -92,13 +93,13 @@ class ServerFactory {
|
|||
/**
|
||||
* @param string $baseUri
|
||||
* @param string $requestUri
|
||||
* @param BackendInterface $authBackend
|
||||
* @param Plugin $authPlugin
|
||||
* @param callable $viewCallBack callback that should return the view for the dav endpoint
|
||||
* @return Server
|
||||
*/
|
||||
public function createServer($baseUri,
|
||||
$requestUri,
|
||||
BackendInterface $authBackend,
|
||||
Plugin $authPlugin,
|
||||
callable $viewCallBack) {
|
||||
// Fire up server
|
||||
$objectTree = new \OCA\DAV\Connector\Sabre\ObjectTree();
|
||||
|
|
@ -110,7 +111,7 @@ class ServerFactory {
|
|||
// Load plugins
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin($this->config));
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\BlockLegacyClientPlugin($this->config));
|
||||
$server->addPlugin(new \Sabre\DAV\Auth\Plugin($authBackend));
|
||||
$server->addPlugin($authPlugin);
|
||||
// FIXME: The following line is a workaround for legacy components relying on being able to send a GET to /
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\DummyGetResponsePlugin());
|
||||
$server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $this->logger));
|
||||
|
|
|
|||
|
|
@ -138,8 +138,9 @@ abstract class RequestTestCase extends TestCase {
|
|||
*/
|
||||
protected function getSabreServer(View $view, $user, $password, ExceptionPlugin $exceptionPlugin) {
|
||||
$authBackend = new Auth($user, $password);
|
||||
$authPlugin = new \Sabre\DAV\Auth\Plugin($authBackend);
|
||||
|
||||
$server = $this->serverFactory->createServer('/', 'dummy', $authBackend, function () use ($view) {
|
||||
$server = $this->serverFactory->createServer('/', 'dummy', $authPlugin, function () use ($view) {
|
||||
return $view;
|
||||
});
|
||||
$server->addPlugin($exceptionPlugin);
|
||||
|
|
|
|||
|
|
@ -53,10 +53,14 @@ Feature: auth
|
|||
When requesting "/remote.php/webdav" with "PROPFIND" using restricted basic token auth
|
||||
Then the HTTP status code should be "207"
|
||||
|
||||
Scenario: using WebDAV with restricted basic token auth
|
||||
Scenario: using old WebDAV endpoint with unrestricted client token
|
||||
When requesting "/remote.php/webdav" with "PROPFIND" using an unrestricted client token
|
||||
Then the HTTP status code should be "207"
|
||||
|
||||
Scenario: using new WebDAV endpoint with unrestricted client token
|
||||
When requesting "/remote.php/dav/" with "PROPFIND" using an unrestricted client token
|
||||
Then the HTTP status code should be "207"
|
||||
|
||||
Scenario: using WebDAV with browser session
|
||||
Given a new browser session is started
|
||||
When requesting "/remote.php/webdav" with "PROPFIND" using browser session
|
||||
|
|
|
|||
Loading…
Reference in a new issue