123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 |
- <?php
- declare(strict_types=1);
- /**
- * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
- namespace OCA\Settings\SetupChecks;
- use OCP\Http\Client\IClientService;
- use OCP\IConfig;
- use OCP\IL10N;
- use OCP\IURLGenerator;
- use OCP\SetupCheck\ISetupCheck;
- use OCP\SetupCheck\SetupResult;
- use Psr\Log\LoggerInterface;
- class WellKnownUrls implements ISetupCheck {
- use CheckServerResponseTrait;
- public function __construct(
- protected IL10N $l10n,
- protected IConfig $config,
- protected IURLGenerator $urlGenerator,
- protected IClientService $clientService,
- protected LoggerInterface $logger,
- ) {
- }
- public function getCategory(): string {
- return 'network';
- }
- public function getName(): string {
- return $this->l10n->t('.well-known URLs');
- }
- public function run(): SetupResult {
- if (!$this->config->getSystemValueBool('check_for_working_wellknown_setup', true)) {
- return SetupResult::info($this->l10n->t('`check_for_working_wellknown_setup` is set to false in your configuration, so this check was skipped.'));
- }
- $urls = [
- ['get', '/.well-known/webfinger', [200, 404], true],
- ['get', '/.well-known/nodeinfo', [200, 404], true],
- ['propfind', '/.well-known/caldav', [207], false],
- ['propfind', '/.well-known/carddav', [207], false],
- ];
- foreach ($urls as [$verb,$url,$validStatuses,$checkCustomHeader]) {
- $works = null;
- foreach ($this->runRequest($verb, $url, ['httpErrors' => false, 'options' => ['allow_redirects' => ['track_redirects' => true]]]) as $response) {
- // Check that the response status matches
- $works = in_array($response->getStatusCode(), $validStatuses);
- // and (if needed) the custom Nextcloud header is set
- if ($checkCustomHeader) {
- $works = $works && !empty($response->getHeader('X-NEXTCLOUD-WELL-KNOWN'));
- } else {
- // For default DAV endpoints we lack authorization, but we still can check that the redirect works as expected
- if (!$works && $response->getStatusCode() === 401) {
- $redirectHops = explode(',', $response->getHeader('X-Guzzle-Redirect-History'));
- $effectiveUri = end($redirectHops);
- $works = str_ends_with(rtrim($effectiveUri, '/'), '/remote.php/dav');
- }
- }
- // Skip the other requests if one works
- if ($works === true) {
- break;
- }
- }
- // If 'works' is null then we could not connect to the server
- if ($works === null) {
- return SetupResult::info(
- $this->l10n->t('Could not check that your web server serves `.well-known` correctly. Please check manually.') . "\n" . $this->serverConfigHelp(),
- $this->urlGenerator->linkToDocs('admin-setup-well-known-URL'),
- );
- }
- // Otherwise if we fail we can abort here
- if ($works === false) {
- return SetupResult::warning(
- $this->l10n->t("Your web server is not properly set up to resolve `.well-known` URLs, failed on:\n`%s`", [$url]),
- $this->urlGenerator->linkToDocs('admin-setup-well-known-URL'),
- );
- }
- }
- return SetupResult::success(
- $this->l10n->t('Your server is correctly configured to serve `.well-known` URLs.')
- );
- }
- }
|