1
0

PublicAuth.php 2.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  6. * @author Roeland Jago Douma <roeland@famdouma.nl>
  7. * @author Thomas Müller <thomas.mueller@tmit.eu>
  8. *
  9. * @license AGPL-3.0
  10. *
  11. * This code is free software: you can redistribute it and/or modify
  12. * it under the terms of the GNU Affero General Public License, version 3,
  13. * as published by the Free Software Foundation.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License, version 3,
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>
  22. *
  23. */
  24. namespace OCA\DAV\DAV;
  25. use Sabre\DAV\Auth\Backend\BackendInterface;
  26. use Sabre\HTTP\RequestInterface;
  27. use Sabre\HTTP\ResponseInterface;
  28. class PublicAuth implements BackendInterface {
  29. /** @var string[] */
  30. private $publicURLs;
  31. public function __construct() {
  32. $this->publicURLs = [
  33. 'public-calendars',
  34. 'principals/system/public'
  35. ];
  36. }
  37. /**
  38. * When this method is called, the backend must check if authentication was
  39. * successful.
  40. *
  41. * The returned value must be one of the following
  42. *
  43. * [true, "principals/username"]
  44. * [false, "reason for failure"]
  45. *
  46. * If authentication was successful, it's expected that the authentication
  47. * backend returns a so-called principal url.
  48. *
  49. * Examples of a principal url:
  50. *
  51. * principals/admin
  52. * principals/user1
  53. * principals/users/joe
  54. * principals/uid/123457
  55. *
  56. * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
  57. * return a string such as:
  58. *
  59. * principals/users/[username]
  60. *
  61. * @param RequestInterface $request
  62. * @param ResponseInterface $response
  63. * @return array
  64. */
  65. public function check(RequestInterface $request, ResponseInterface $response) {
  66. if ($this->isRequestPublic($request)) {
  67. return [true, "principals/system/public"];
  68. }
  69. return [false, "No public access to this resource."];
  70. }
  71. /**
  72. * @inheritdoc
  73. */
  74. public function challenge(RequestInterface $request, ResponseInterface $response) {
  75. }
  76. /**
  77. * @param RequestInterface $request
  78. * @return bool
  79. */
  80. private function isRequestPublic(RequestInterface $request) {
  81. $url = $request->getPath();
  82. $matchingUrls = array_filter($this->publicURLs, function ($publicUrl) use ($url) {
  83. return strpos($url, $publicUrl, 0) === 0;
  84. });
  85. return !empty($matchingUrls);
  86. }
  87. }