server/apps/remoteStorage/oauth_ro_auth.php
2012-02-25 21:59:58 +00:00

77 lines
2.4 KiB
PHP

<?php
/**
* HTTP Basic authentication backend class
*
* This class can be used by authentication objects wishing to use HTTP Basic
* Most of the digest logic is handled, implementors just need to worry about
* the validateUserPass method.
*
* @package Sabre
* @subpackage DAV
* @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
* @author James David Low (http://jameslow.com/)
* @author Evert Pot (http://www.rooftopsolutions.nl/)
* @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
*/
class OC_Connector_Sabre_Auth_ro_oauth extends Sabre_DAV_Auth_Backend_AbstractBasic {
private $validTokens;
private $category;
public function __construct($validTokensArg, $categoryArg) {
$this->validTokens = $validTokensArg;
$this->category = $categoryArg;
}
/**
* Validates a username and password
*
* This method should return true or false depending on if login
* succeeded.
*
* @return bool
*/
protected function validateUserPass($username, $password){
//always give read-only:
if(($_SERVER['REQUEST_METHOD'] == 'OPTIONS')
|| (isset($this->validTokens[$password]))
|| (($_SERVER['REQUEST_METHOD'] == 'GET') && ($this->category == 'public'))
) {
OC_Util::setUpFS();
return true;
} else {
//var_export($_SERVER);
//var_export($this->validTokens);
//die('not getting in with "'.$username.'"/"'.$password.'"!');
return false;
}
}
//overwriting this to make it not automatically fail if no auth header is found:
public function authenticate(Sabre_DAV_Server $server,$realm) {
$auth = new Sabre_HTTP_BearerAuth();
$auth->setHTTPRequest($server->httpRequest);
$auth->setHTTPResponse($server->httpResponse);
$auth->setRealm($realm);
$userpass = $auth->getUserPass();
if (!$userpass) {
if(($_SERVER['REQUEST_METHOD'] == 'OPTIONS')
||(($_SERVER['REQUEST_METHOD'] == 'GET') && ($this->category == 'public'))
) {
$userpass = array('', '');
} else {
$auth->requireLogin();
throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found');
}
}
// Authenticates the user
if (!$this->validateUserPass($userpass[0],$userpass[1])) {
$auth->requireLogin();
throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
}
$this->currentUser = $userpass[0];
return true;
}
}