*
*/
require_once '3rdparty/feedcreator/feedcreator.class.php';
OCP\App::checkAppEnabled('notify');
OCP\Util::writeLog("notify", "making feed from {$path_info}", OCP\Util::DEBUG);
if ($path_info == '/notify_feed/feed.rss') {
$type = 'RSS2.0';
} else {
if ($path_info == '/notify_feed/feed.atom') {
$type = 'ATOM1.0';
} else {
header('HTTP/1.0 404 Not Found');
exit;
}
}
if (!isset($_SERVER["PHP_AUTH_USER"]) or !OCP\User::checkPassword($uid = $_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
header('WWW-Authenticate: Basic realm="ownCloud Login"');
header('HTTP/1.0 401 Unauthorized');
exit;
}
$lang = OC_Preferences::getValue($uid, 'core', 'lang', OC_L10N::findLanguage());
$l = OC_L10N::get('notify', $lang);
//TODO: use different feed creator library (like Zend_Feed) and switch html flag to true
$notifications = OC_Notify::getNotifications($uid, 50, $lang, false);
$baseAddress = (isset($_SERVER["HTTPS"]) ? 'https://' : 'http://') . $_SERVER["SERVER_NAME"];
$rssURI = $baseAddress . $baseuri . 'feed.rss';
$atomURI = $baseAddress . $baseuri . 'feed.atom';
$feed = new UniversalFeedCreator();
$feed->title = $l->t('ownCloud notifications');
$feed->description = $l->t('ownCloud notification stream of the user "%s".', array($uid));
$feed->link = $baseAddress . OC::$WEBROOT;
<?php
function validateBoolean($val)
{
return $val === true || $val === 'true';
}
OCP\JSON::callCheck();
$username = $_POST['username'];
$password = $_POST['password'];
$ocUser = new OCP\User();
$auth = $password !== null ? $ocUser->checkPassword($username, $password) : OCP\User::isLoggedIn();
if (!$auth) {
OCP\JSON::encodedPrint(array('result' => 'noauth'));
exit;
}
$data = array();
$data['xmpp'] = array();
$data['xmpp']['url'] = OCP\Config::getAppValue('ojsxc', 'boshUrl');
$data['xmpp']['domain'] = OCP\Config::getAppValue('ojsxc', 'xmppDomain');
$data['xmpp']['resource'] = OCP\Config::getAppValue('ojsxc', 'xmppResource');
$data['xmpp']['overwrite'] = validateBoolean(OCP\Config::getAppValue('ojsxc', 'xmppOverwrite'));
$data['xmpp']['onlogin'] = true;
$options = OCP\Config::getUserValue($username, 'ojsxc', 'options');
if ($options !== null) {
$options = json_decode($options, true);
foreach ($options as $prop => $value) {
if ($prop !== 'xmpp' || $data['xmpp']['overwrite']) {
foreach ($value as $key => $v) {
if ($v !== "") {
$data[$prop][$key] = $v === 'false' || $v === 'true' ? validateBoolean($v) : $v;
}
case 'shared':
// check if we are already logged in
if ( ! OCP\User::isLoggedIn() )
{
if ( ! isset($_SERVER['PHP_AUTH_USER'])) {
// first, non-authenticated attempt, request authentication
header('WWW-Authenticate: Basic realm="OwnCloud relay authorization"');
header('HTTP/1.0 401 Unauthorized');
// important: flush, so that auth headers are not swallowed by OC
flush(); ob_flush();
// fallback: refuse forwarding => 403: Forbidden
OC_Shorty_Hooks::registerClick ( $result[0], $request, 'failed' );
throw new OC_Shorty_HttpException ( 403 );
}
elseif ( ! OCP\User::checkPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) )
{
// second, authenticated attempt, request repeated authentication
header('WWW-Authenticate: Basic realm="Retry OwnCloud relay authorization"');
header('HTTP/1.0 401 Unauthorized');
// important: flush, so that auth headers are not swallowed by OC
flush(); ob_flush();
// log denied access attempt
OC_Shorty_Hooks::registerClick ( $result[0], $request, 'failed' );
// fallback: refuse forwarding => 403: Forbidden
throw new OC_Shorty_HttpException ( 403 );
}
}
break;
case 'public':
/**
* Perform a user authorization
* @global array $profile
*/
function authorize_mode()
{
global $profile;
global $USERNAME;
global $IDENTITY;
// this is a user session
// the user needs refresh urls in their session to access this mode
if (!isset($_SESSION['post_auth_url']) || !isset($_SESSION['cancel_auth_url'])) {
error_500('You may not access this mode directly.');
}
$profile['idp_url'] = $IDENTITY;
if (isset($_SERVER['PHP_AUTH_USER']) && $profile['authorized'] === false && $_SERVER['PHP_AUTH_USER'] == $USERNAME) {
if (OCP\User::checkPassword($USERNAME, $_SERVER['PHP_AUTH_PW'])) {
// successful login!
// return to the refresh url if they get in
$_SESSION['openid_auth'] = true;
$_SESSION['openid_user'] = $USERNAME;
wrap_redirect($_SESSION['post_auth_url']);
// failed login
} else {
$_SESSION['failures']++;
debug('Login failed');
debug('Fail count: ' . $_SESSION['failures']);
}
}
// if we get this far the user is not authorized, so send the headers
$uid = uniqid(mt_rand(1, 9));
$_SESSION['uniqid'] = $uid;
// debug('Prompting user to log in. Stale? ' . $stale);
header('HTTP/1.0 401 Unauthorized');
// header(sprintf('WWW-Authenticate: Digest qop="auth-int, auth", realm="%s", domain="%s", nonce="%s", opaque="%s", stale="%s", algorithm="MD5"', $profile['auth_realm'], $profile['auth_domain'], $uid, md5($profile['auth_realm']), $stale ? 'true' : 'false'));
header('WWW-Authenticate: Basic realm="ownCloud"');
$q = strpos($_SESSION['cancel_auth_url'], '?') ? '&' : '?';
wrap_refresh($_SESSION['cancel_auth_url'] . $q . 'openid.mode=cancel');
// die('401 Unauthorized');
}
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/**
* This script authentificates a user against owncloud.
*
* Usage: ./auth_oc_user.php OC_PATH USER [PASSWORD]
*
* If no password is given, we will check if the user exists, otherwise
* we check if the credentials are valid.
*/
if ($argc === 1) {
exit;
}
$RUNTIME_NOAPPS = true;
require_once $argv[1] . 'lib/base.php';
$ocUser = new OCP\User();
if ($argc === 3) {
$ret = $ocUser->userExists($argv[2]);
} else {
if ($argc === 4) {
$ret = $ocUser->checkPassword($argv[2], $argv[3]);
$ret = strtolower($ret) === strtolower($argv[2]) ? 1 : 0;
} else {
exit;
}
}
echo $ret;
