function testRequireLogin() { $this->basicAuth->requireLogin(); $this->assertEquals('SabreDAV', $this->basicAuth->getRealm()); $this->assertEquals('HTTP/1.1 401 Unauthorized', $this->response->status, 'We expected a 401 status to be set'); $this->assertEquals('Basic realm="SabreDAV"', $this->response->headers['WWW-Authenticate'], 'The WWW-Autenticate header was not set!'); }
public function authenticate(Sabre\DAV\Server $server, $realm) { $auth = new Sabre\HTTP\BasicAuth(); $auth->setHTTPRequest($server->httpRequest); $auth->setHTTPResponse($server->httpResponse); $auth->setRealm($realm); $userpass = $auth->getUserPass(); if (!$userpass) { $auth->requireLogin(); throw new Sabre\DAV\Exception\NotAuthenticated('No basic authentication headers were found'); } // Authenticates the user //AJXP_Logger::info(__CLASS__,"authenticate",$userpass[0]); $confDriver = ConfService::getConfStorageImpl(); $userObject = $confDriver->createUserObject($userpass[0]); $webdavData = $userObject->getPref("AJXP_WEBDAV_DATA"); if (empty($webdavData) || !isset($webdavData["ACTIVE"]) || $webdavData["ACTIVE"] !== true) { throw new Sabre\DAV\Exception\NotAuthenticated(); } // check if there are cached credentials. prevents excessive authentication calls to external // auth mechanism. $cachedPasswordValid = 0; $secret = defined("AJXP_SECRET_KEY") ? AJXP_SECRET_KEY : "CDAFx¨op#"; $encryptedPass = md5($userpass[1] . $secret . date('YmdHi')); if (isset($webdavData["TMP_PASS"]) && $encryptedPass == $webdavData["TMP_PASS"]) { $cachedPasswordValid = true; //AJXP_Logger::debug("Using Cached Password"); } if (!$cachedPasswordValid && !$this->validateUserPass($userpass[0], $userpass[1])) { $auth->requireLogin(); throw new Sabre\DAV\Exception\NotAuthenticated('Username or password does not match'); } $this->currentUser = $userpass[0]; $res = AuthService::logUser($this->currentUser, $userpass[1], true); if ($res < 1) { throw new Sabre\DAV\Exception\NotAuthenticated(); } $this->updateCurrentUserRights(AuthService::getLoggedUser()); // the method used here will invalidate the cached password every minute on the minute if (!$cachedPasswordValid) { $webdavData["TMP_PASS"] = $encryptedPass; $userObject->setPref("AJXP_WEBDAV_DATA", $webdavData); $userObject->save("user"); AuthService::updateUser($userObject); } return true; }
public static function handleRequest() { if (extension_loaded('newrelic')) { newrelic_disable_autorum(); } // retrieve authentication attempt if ($GLOBALS['Session']->hasAccountLevel('Developer')) { $User = $GLOBALS['Session']->Person; } else { $authEngine = new \Sabre\HTTP\BasicAuth(); $authEngine->setRealm('Develop ' . \Site::$title); $authUserPass = $authEngine->getUserPass(); // try to get user $userClass = \User::$defaultClass; $User = $userClass::getByLogin($authUserPass[0], $authUserPass[1]); // send auth request if login is inadiquate if (!$User || !$User->hasAccountLevel('Developer')) { $authEngine->requireLogin(); die("You must login using a " . \Site::getConfig('primary_hostname') . " account with Developer access\n"); } } // store login to session if (isset($GLOBALS['Session'])) { $GLOBALS['Session'] = $GLOBALS['Session']->changeClass('UserSession', array('PersonID' => $User->ID)); } // detect base path $basePath = array_slice(\Site::$requestPath, 0, count(\Site::$resolvedPath)); // switch to JSON response mode if (static::peekPath() == 'json') { $basePath[] = static::$responseMode = static::shiftPath(); } // handle /develop request if ($_SERVER['REQUEST_METHOD'] == 'GET' && static::getResponseMode() == 'html' && !static::peekPath()) { \RequestHandler::respond('app/ext', array('App' => \Sencha_App::getByName('EmergenceEditor'), 'mode' => 'production', 'title' => 'EmergenceEditor')); } // initial and configure SabreDAV $server = new \Sabre\DAV\Server(new RootCollection()); $server->setBaseUri('/' . join('/', $basePath)); // The lock manager is reponsible for making sure users don't overwrite each others changes. Change 'data' to a different // directory, if you're storing your data somewhere else. # $lockBackend = new Sabre_DAV_Locks_Backend_FS('/tmp/dav-lock'); # $lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend); # $server->addPlugin($lockPlugin); // filter temporary files $server->addPlugin(new \Sabre\DAV\TemporaryFileFilterPlugin('/tmp/dav-tmp')); // ?mount support $server->addPlugin(new \Sabre\DAV\Mount\Plugin()); // emergence :) $server->addPlugin(new \Emergence\DAV\ServerPlugin()); // All we need to do now, is to fire up the server $server->exec(); }
/** * @static * @throws Exception * @return User */ public static function authenticateHttpBasic() { $auth = new \Sabre\HTTP\BasicAuth(); $auth->setRealm("pimcore"); $result = $auth->getUserPass(); if (is_array($result)) { list($username, $password) = $result; return self::authenticatePlaintext($username, $password); } $auth->requireLogin(); \Logger::error("Authentication Basic (WebDAV) required"); echo "Authentication required\n"; die; }
<?php // !!!! Make sure the Sabre directory is in the include_path !!! // example: // set_include_path('lib/' . PATH_SEPARATOR . get_include_path()); // settings date_default_timezone_set('Canada/Eastern'); // Files we need require_once 'vendor/autoload.php'; $u = 'admin'; $p = '1234'; $auth = new \Sabre\HTTP\BasicAuth(); $result = $auth->getUserPass(); if (!$result || $result[0] != $u || $result[1] != $p) { $auth->requireLogin(); echo "Authentication required\n"; die; }