예제 #1
0
파일: feed.php 프로젝트: netcon-source/apps
*
*/
require_once '3rdparty/feedcreator/feedcreator.class.php';
OCP\App::checkAppEnabled('notify');
OCP\Util::writeLog("notify", "making feed from {$path_info}", OCP\Util::DEBUG);
if ($path_info == '/notify_feed/feed.rss') {
    $type = 'RSS2.0';
} else {
    if ($path_info == '/notify_feed/feed.atom') {
        $type = 'ATOM1.0';
    } else {
        header('HTTP/1.0 404 Not Found');
        exit;
    }
}
if (!isset($_SERVER["PHP_AUTH_USER"]) or !OCP\User::checkPassword($uid = $_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) {
    header('WWW-Authenticate: Basic realm="ownCloud Login"');
    header('HTTP/1.0 401 Unauthorized');
    exit;
}
$lang = OC_Preferences::getValue($uid, 'core', 'lang', OC_L10N::findLanguage());
$l = OC_L10N::get('notify', $lang);
//TODO: use different feed creator library (like Zend_Feed) and switch html flag to true
$notifications = OC_Notify::getNotifications($uid, 50, $lang, false);
$baseAddress = (isset($_SERVER["HTTPS"]) ? 'https://' : 'http://') . $_SERVER["SERVER_NAME"];
$rssURI = $baseAddress . $baseuri . 'feed.rss';
$atomURI = $baseAddress . $baseuri . 'feed.atom';
$feed = new UniversalFeedCreator();
$feed->title = $l->t('ownCloud notifications');
$feed->description = $l->t('ownCloud notification stream of the user "%s".', array($uid));
$feed->link = $baseAddress . OC::$WEBROOT;
예제 #2
0
<?php

function validateBoolean($val)
{
    return $val === true || $val === 'true';
}
OCP\JSON::callCheck();
$username = $_POST['username'];
$password = $_POST['password'];
$ocUser = new OCP\User();
$auth = $password !== null ? $ocUser->checkPassword($username, $password) : OCP\User::isLoggedIn();
if (!$auth) {
    OCP\JSON::encodedPrint(array('result' => 'noauth'));
    exit;
}
$data = array();
$data['xmpp'] = array();
$data['xmpp']['url'] = OCP\Config::getAppValue('ojsxc', 'boshUrl');
$data['xmpp']['domain'] = OCP\Config::getAppValue('ojsxc', 'xmppDomain');
$data['xmpp']['resource'] = OCP\Config::getAppValue('ojsxc', 'xmppResource');
$data['xmpp']['overwrite'] = validateBoolean(OCP\Config::getAppValue('ojsxc', 'xmppOverwrite'));
$data['xmpp']['onlogin'] = true;
$options = OCP\Config::getUserValue($username, 'ojsxc', 'options');
if ($options !== null) {
    $options = json_decode($options, true);
    foreach ($options as $prop => $value) {
        if ($prop !== 'xmpp' || $data['xmpp']['overwrite']) {
            foreach ($value as $key => $v) {
                if ($v !== "") {
                    $data[$prop][$key] = $v === 'false' || $v === 'true' ? validateBoolean($v) : $v;
                }
예제 #3
0
				case 'shared':
				// check if we are already logged in
				if ( ! OCP\User::isLoggedIn() )
				{
					if (   ! isset($_SERVER['PHP_AUTH_USER'])) {
						// first, non-authenticated attempt, request authentication
						header('WWW-Authenticate: Basic realm="OwnCloud relay authorization"');
						header('HTTP/1.0 401 Unauthorized');
						// important: flush, so that auth headers are not swallowed by OC
						flush(); ob_flush();
						// fallback: refuse forwarding => 403: Forbidden
						OC_Shorty_Hooks::registerClick ( $result[0], $request, 'failed' );
						throw new OC_Shorty_HttpException ( 403 );
					}
					elseif ( ! OCP\User::checkPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) )
					{
						// second, authenticated attempt, request repeated authentication
						header('WWW-Authenticate: Basic realm="Retry OwnCloud relay authorization"');
						header('HTTP/1.0 401 Unauthorized');
						// important: flush, so that auth headers are not swallowed by OC
						flush(); ob_flush();
						// log denied access attempt
						OC_Shorty_Hooks::registerClick ( $result[0], $request, 'failed' );
						// fallback: refuse forwarding => 403: Forbidden
						throw new OC_Shorty_HttpException ( 403 );
					}
				}
				break;

				case 'public':
예제 #4
0
/**
 * Perform a user authorization
 * @global array $profile
 */
function authorize_mode()
{
    global $profile;
    global $USERNAME;
    global $IDENTITY;
    // this is a user session
    // the user needs refresh urls in their session to access this mode
    if (!isset($_SESSION['post_auth_url']) || !isset($_SESSION['cancel_auth_url'])) {
        error_500('You may not access this mode directly.');
    }
    $profile['idp_url'] = $IDENTITY;
    if (isset($_SERVER['PHP_AUTH_USER']) && $profile['authorized'] === false && $_SERVER['PHP_AUTH_USER'] == $USERNAME) {
        if (OCP\User::checkPassword($USERNAME, $_SERVER['PHP_AUTH_PW'])) {
            // successful login!
            // return to the refresh url if they get in
            $_SESSION['openid_auth'] = true;
            $_SESSION['openid_user'] = $USERNAME;
            wrap_redirect($_SESSION['post_auth_url']);
            // failed login
        } else {
            $_SESSION['failures']++;
            debug('Login failed');
            debug('Fail count: ' . $_SESSION['failures']);
        }
    }
    // if we get this far the user is not authorized, so send the headers
    $uid = uniqid(mt_rand(1, 9));
    $_SESSION['uniqid'] = $uid;
    // 	debug('Prompting user to log in. Stale? ' . $stale);
    header('HTTP/1.0 401 Unauthorized');
    // 	header(sprintf('WWW-Authenticate: Digest qop="auth-int, auth", realm="%s", domain="%s", nonce="%s", opaque="%s", stale="%s", algorithm="MD5"', $profile['auth_realm'], $profile['auth_domain'], $uid, md5($profile['auth_realm']), $stale ? 'true' : 'false'));
    header('WWW-Authenticate: Basic realm="ownCloud"');
    $q = strpos($_SESSION['cancel_auth_url'], '?') ? '&' : '?';
    wrap_refresh($_SESSION['cancel_auth_url'] . $q . 'openid.mode=cancel');
    // 	die('401 Unauthorized');
}
예제 #5
0
  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
  FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
  COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
  IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/**
 * This script authentificates a user against owncloud.
 *
 * Usage: ./auth_oc_user.php OC_PATH USER [PASSWORD]
 * 
 * If no password is given, we will check if the user exists, otherwise 
 * we check if the credentials are valid. 
 */
if ($argc === 1) {
    exit;
}
$RUNTIME_NOAPPS = true;
require_once $argv[1] . 'lib/base.php';
$ocUser = new OCP\User();
if ($argc === 3) {
    $ret = $ocUser->userExists($argv[2]);
} else {
    if ($argc === 4) {
        $ret = $ocUser->checkPassword($argv[2], $argv[3]);
        $ret = strtolower($ret) === strtolower($argv[2]) ? 1 : 0;
    } else {
        exit;
    }
}
echo $ret;