/** * When this method is called, the backend must check if authentication was * successful. * * The returned value must be one of the following * * [true, "principals/username"] * [false, "reason for failure"] * * If authentication was successful, it's expected that the authentication * backend returns a so-called principal url. * * Examples of a principal url: * * principals/admin * principals/user1 * principals/users/joe * principals/uid/123457 * * If you don't use WebDAV ACL (RFC3744) we recommend that you simply * return a string such as: * * principals/users/[username] * * @param RequestInterface $request * @param ResponseInterface $response * @return array */ public function check(\Sabre\HTTP\RequestInterface $request, \Sabre\HTTP\ResponseInterface $response) { $auth = new \Sabre\HTTP\Auth\Basic($this->realm, $request, $response); $userpass = $auth->getCredentials($request); if (!$userpass) { return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is mis-configured"]; } $mValidateResult = $this->validateUserPass($userpass[0], $userpass[1]); if (!$mValidateResult) { return [false, "Username or password was incorrect"]; } return [true, $this->principalPrefix . $mValidateResult]; }
/** * @static * @throws \Exception * @return User */ public static function authenticateHttpBasic() { // we're using Sabre\HTTP for basic auth $request = \Sabre\HTTP\Sapi::getRequest(); $response = new \Sabre\HTTP\Response(); $auth = new \Sabre\HTTP\Auth\Basic(Tool::getHostname(), $request, $response); $result = $auth->getCredentials(); if (is_array($result)) { list($username, $password) = $result; $user = self::authenticatePlaintext($username, $password); if ($user) { return $user; } } $auth->requireLogin(); $response->setBody("Authentication required"); \Logger::error("Authentication Basic (WebDAV) required"); \Sabre\HTTP\Sapi::sendResponse($response); die; }
/** * When this method is called, the backend must check if authentication was * successful. * * The returned value must be one of the following * * [true, "principals/username"] * [false, "reason for failure"] * * If authentication was successful, it's expected that the authentication * backend returns a so-called principal url. * * Examples of a principal url: * * principals/admin * principals/user1 * principals/users/joe * principals/uid/123457 * * If you don't use WebDAV ACL (RFC3744) we recommend that you simply * return a string such as: * * principals/users/[username] * * @param RequestInterface $request * @param ResponseInterface $response * @return array */ function check(RequestInterface $request, ResponseInterface $response) { if (local_channel()) { $this->setAuthenticated(\App::get_channel()); return [true, $this->principalPrefix . $this->channel_name]; } $auth = new \Sabre\HTTP\Auth\Basic($this->realm, $request, $response); $userpass = $auth->getCredentials(); if (!$userpass) { return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured"]; } if (!$this->validateUserPass($userpass[0], $userpass[1])) { return [false, "Username or password was incorrect"]; } return [true, $this->principalPrefix . $userpass[0]]; }