PublicAuth.php 2.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Thomas Müller <thomas.mueller@tmit.eu>
  6. *
  7. * @license AGPL-3.0
  8. *
  9. * This code is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License, version 3,
  11. * as published by the Free Software Foundation.
  12. *
  13. * This program is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU Affero General Public License for more details.
  17. *
  18. * You should have received a copy of the GNU Affero General Public License, version 3,
  19. * along with this program. If not, see <http://www.gnu.org/licenses/>
  20. *
  21. */
  22. namespace OCA\DAV\DAV;
  23. use Sabre\DAV\Auth\Backend\BackendInterface;
  24. use Sabre\HTTP\RequestInterface;
  25. use Sabre\HTTP\ResponseInterface;
  26. class PublicAuth implements BackendInterface {
  27. /** @var string[] */
  28. private $publicURLs;
  29. public function __construct() {
  30. $this->publicURLs = [
  31. 'public-calendars',
  32. 'principals/system/public'
  33. ];
  34. }
  35. /**
  36. * When this method is called, the backend must check if authentication was
  37. * successful.
  38. *
  39. * The returned value must be one of the following
  40. *
  41. * [true, "principals/username"]
  42. * [false, "reason for failure"]
  43. *
  44. * If authentication was successful, it's expected that the authentication
  45. * backend returns a so-called principal url.
  46. *
  47. * Examples of a principal url:
  48. *
  49. * principals/admin
  50. * principals/user1
  51. * principals/users/joe
  52. * principals/uid/123457
  53. *
  54. * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
  55. * return a string such as:
  56. *
  57. * principals/users/[username]
  58. *
  59. * @param RequestInterface $request
  60. * @param ResponseInterface $response
  61. * @return array
  62. */
  63. function check(RequestInterface $request, ResponseInterface $response) {
  64. if ($this->isRequestPublic($request)) {
  65. return [true, "principals/system/public"];
  66. }
  67. return [false, "No public access to this resource."];
  68. }
  69. /**
  70. * @inheritdoc
  71. */
  72. function challenge(RequestInterface $request, ResponseInterface $response) {
  73. }
  74. /**
  75. * @param RequestInterface $request
  76. * @return bool
  77. */
  78. private function isRequestPublic(RequestInterface $request) {
  79. $url = $request->getPath();
  80. $matchingUrls = array_filter($this->publicURLs, function ($publicUrl) use ($url) {
  81. return strpos($url, $publicUrl, 0) === 0;
  82. });
  83. return !empty($matchingUrls);
  84. }
  85. }