diff options
| author | Andrew Manning <tamanning@zoho.com> | 2016-06-15 21:48:47 -0400 |
|---|---|---|
| committer | Andrew Manning <tamanning@zoho.com> | 2016-06-15 21:48:47 -0400 |
| commit | fc7c4e64ff71bfccdbad763ee60096e3d262d277 (patch) | |
| tree | 69f5ed162b0a848b2f3a08316323d78d1b935479 /Zotlabs/Storage/BasicAuth.php | |
| parent | 688171d016412f30a3ed60d4dc70feb64a19621b (diff) | |
| parent | 476116a972c0f8b8ade495de557b8fc8d3097964 (diff) | |
| download | volse-hubzilla-fc7c4e64ff71bfccdbad763ee60096e3d262d277.tar.gz volse-hubzilla-fc7c4e64ff71bfccdbad763ee60096e3d262d277.tar.bz2 volse-hubzilla-fc7c4e64ff71bfccdbad763ee60096e3d262d277.zip | |
Merge remote-tracking branch 'upstream/dev' into wiki
Diffstat (limited to 'Zotlabs/Storage/BasicAuth.php')
| -rw-r--r-- | Zotlabs/Storage/BasicAuth.php | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/Zotlabs/Storage/BasicAuth.php b/Zotlabs/Storage/BasicAuth.php index 121a9c3a1..60fc2c988 100644 --- a/Zotlabs/Storage/BasicAuth.php +++ b/Zotlabs/Storage/BasicAuth.php @@ -3,6 +3,8 @@ namespace Zotlabs\Storage; use Sabre\DAV; +use Sabre\HTTP\RequestInterface; +use Sabre\HTTP\ResponseInterface; /** * @brief Authentication backend class for DAV. @@ -145,6 +147,57 @@ class BasicAuth extends DAV\Auth\Backend\AbstractBasic { return true; } + /** + * When this method is called, the backend must check if authentication was + * successful. + * + * The returned value must be one of the following + * + * [true, "principals/username"] + * [false, "reason for failure"] + * + * If authentication was successful, it's expected that the authentication + * backend returns a so-called principal url. + * + * Examples of a principal url: + * + * principals/admin + * principals/user1 + * principals/users/joe + * principals/uid/123457 + * + * If you don't use WebDAV ACL (RFC3744) we recommend that you simply + * return a string such as: + * + * principals/users/[username] + * + * @param RequestInterface $request + * @param ResponseInterface $response + * @return array + */ + function check(RequestInterface $request, ResponseInterface $response) { + + if(local_channel()) { + return [ true, $this->principalPrefix . $this->channel_name ]; + } + + $auth = new \Sabre\HTTP\Auth\Basic( + $this->realm, + $request, + $response + ); + + $userpass = $auth->getCredentials(); + if (!$userpass) { + return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured"]; + } + if (!$this->validateUserPass($userpass[0], $userpass[1])) { + return [false, "Username or password was incorrect"]; + } + return [true, $this->principalPrefix . $userpass[0]]; + + } + protected function check_module_access($channel_id) { if($channel_id && \App::$module === 'cdav') { $x = get_pconfig($channel_id,'cdav','enabled'); |