* */ require_once '3rdparty/feedcreator/feedcreator.class.php'; OCP\App::checkAppEnabled('notify'); OCP\Util::writeLog("notify", "making feed from {$path_info}", OCP\Util::DEBUG); if ($path_info == '/notify_feed/feed.rss') { $type = 'RSS2.0'; } else { if ($path_info == '/notify_feed/feed.atom') { $type = 'ATOM1.0'; } else { header('HTTP/1.0 404 Not Found'); exit; } } if (!isset($_SERVER["PHP_AUTH_USER"]) or !OCP\User::checkPassword($uid = $_SERVER["PHP_AUTH_USER"], $_SERVER["PHP_AUTH_PW"])) { header('WWW-Authenticate: Basic realm="ownCloud Login"'); header('HTTP/1.0 401 Unauthorized'); exit; } $lang = OC_Preferences::getValue($uid, 'core', 'lang', OC_L10N::findLanguage()); $l = OC_L10N::get('notify', $lang); //TODO: use different feed creator library (like Zend_Feed) and switch html flag to true $notifications = OC_Notify::getNotifications($uid, 50, $lang, false); $baseAddress = (isset($_SERVER["HTTPS"]) ? 'https://' : 'http://') . $_SERVER["SERVER_NAME"]; $rssURI = $baseAddress . $baseuri . 'feed.rss'; $atomURI = $baseAddress . $baseuri . 'feed.atom'; $feed = new UniversalFeedCreator(); $feed->title = $l->t('ownCloud notifications'); $feed->description = $l->t('ownCloud notification stream of the user "%s".', array($uid)); $feed->link = $baseAddress . OC::$WEBROOT;
<?php function validateBoolean($val) { return $val === true || $val === 'true'; } OCP\JSON::callCheck(); $username = $_POST['username']; $password = $_POST['password']; $ocUser = new OCP\User(); $auth = $password !== null ? $ocUser->checkPassword($username, $password) : OCP\User::isLoggedIn(); if (!$auth) { OCP\JSON::encodedPrint(array('result' => 'noauth')); exit; } $data = array(); $data['xmpp'] = array(); $data['xmpp']['url'] = OCP\Config::getAppValue('ojsxc', 'boshUrl'); $data['xmpp']['domain'] = OCP\Config::getAppValue('ojsxc', 'xmppDomain'); $data['xmpp']['resource'] = OCP\Config::getAppValue('ojsxc', 'xmppResource'); $data['xmpp']['overwrite'] = validateBoolean(OCP\Config::getAppValue('ojsxc', 'xmppOverwrite')); $data['xmpp']['onlogin'] = true; $options = OCP\Config::getUserValue($username, 'ojsxc', 'options'); if ($options !== null) { $options = json_decode($options, true); foreach ($options as $prop => $value) { if ($prop !== 'xmpp' || $data['xmpp']['overwrite']) { foreach ($value as $key => $v) { if ($v !== "") { $data[$prop][$key] = $v === 'false' || $v === 'true' ? validateBoolean($v) : $v; }
case 'shared': // check if we are already logged in if ( ! OCP\User::isLoggedIn() ) { if ( ! isset($_SERVER['PHP_AUTH_USER'])) { // first, non-authenticated attempt, request authentication header('WWW-Authenticate: Basic realm="OwnCloud relay authorization"'); header('HTTP/1.0 401 Unauthorized'); // important: flush, so that auth headers are not swallowed by OC flush(); ob_flush(); // fallback: refuse forwarding => 403: Forbidden OC_Shorty_Hooks::registerClick ( $result[0], $request, 'failed' ); throw new OC_Shorty_HttpException ( 403 ); } elseif ( ! OCP\User::checkPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) ) { // second, authenticated attempt, request repeated authentication header('WWW-Authenticate: Basic realm="Retry OwnCloud relay authorization"'); header('HTTP/1.0 401 Unauthorized'); // important: flush, so that auth headers are not swallowed by OC flush(); ob_flush(); // log denied access attempt OC_Shorty_Hooks::registerClick ( $result[0], $request, 'failed' ); // fallback: refuse forwarding => 403: Forbidden throw new OC_Shorty_HttpException ( 403 ); } } break; case 'public':
/** * Perform a user authorization * @global array $profile */ function authorize_mode() { global $profile; global $USERNAME; global $IDENTITY; // this is a user session // the user needs refresh urls in their session to access this mode if (!isset($_SESSION['post_auth_url']) || !isset($_SESSION['cancel_auth_url'])) { error_500('You may not access this mode directly.'); } $profile['idp_url'] = $IDENTITY; if (isset($_SERVER['PHP_AUTH_USER']) && $profile['authorized'] === false && $_SERVER['PHP_AUTH_USER'] == $USERNAME) { if (OCP\User::checkPassword($USERNAME, $_SERVER['PHP_AUTH_PW'])) { // successful login! // return to the refresh url if they get in $_SESSION['openid_auth'] = true; $_SESSION['openid_user'] = $USERNAME; wrap_redirect($_SESSION['post_auth_url']); // failed login } else { $_SESSION['failures']++; debug('Login failed'); debug('Fail count: ' . $_SESSION['failures']); } } // if we get this far the user is not authorized, so send the headers $uid = uniqid(mt_rand(1, 9)); $_SESSION['uniqid'] = $uid; // debug('Prompting user to log in. Stale? ' . $stale); header('HTTP/1.0 401 Unauthorized'); // header(sprintf('WWW-Authenticate: Digest qop="auth-int, auth", realm="%s", domain="%s", nonce="%s", opaque="%s", stale="%s", algorithm="MD5"', $profile['auth_realm'], $profile['auth_domain'], $uid, md5($profile['auth_realm']), $stale ? 'true' : 'false')); header('WWW-Authenticate: Basic realm="ownCloud"'); $q = strpos($_SESSION['cancel_auth_url'], '?') ? '&' : '?'; wrap_refresh($_SESSION['cancel_auth_url'] . $q . 'openid.mode=cancel'); // die('401 Unauthorized'); }
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ /** * This script authentificates a user against owncloud. * * Usage: ./auth_oc_user.php OC_PATH USER [PASSWORD] * * If no password is given, we will check if the user exists, otherwise * we check if the credentials are valid. */ if ($argc === 1) { exit; } $RUNTIME_NOAPPS = true; require_once $argv[1] . 'lib/base.php'; $ocUser = new OCP\User(); if ($argc === 3) { $ret = $ocUser->userExists($argv[2]); } else { if ($argc === 4) { $ret = $ocUser->checkPassword($argv[2], $argv[3]); $ret = strtolower($ret) === strtolower($argv[2]) ? 1 : 0; } else { exit; } } echo $ret;