mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-04-30 16:24:52 +02:00
Merge pull request #188 from nextcloud/dav_saml
Add sabredav plugin to register environment auth for dav requests
This commit is contained in:
commit
6734601db8
|
@ -81,6 +81,9 @@ if($returnScript === true) {
|
|||
return;
|
||||
}
|
||||
|
||||
$app = new \OCA\User_SAML\AppInfo\Application();
|
||||
$app->registerDavAuth();
|
||||
|
||||
$redirectSituation = false;
|
||||
|
||||
$user = $userSession->getUser();
|
||||
|
|
|
@ -21,9 +21,11 @@
|
|||
|
||||
namespace OCA\User_SAML\AppInfo;
|
||||
|
||||
use OCA\User_SAML\DavPlugin;
|
||||
use OCA\User_SAML\Middleware\OnlyLoggedInMiddleware;
|
||||
use OCP\AppFramework\App;
|
||||
use OCP\AppFramework\IAppContainer;
|
||||
use OCP\SabrePluginEvent;
|
||||
|
||||
class Application extends App {
|
||||
public function __construct(array $urlParams = array()) {
|
||||
|
@ -33,12 +35,32 @@ class Application extends App {
|
|||
/**
|
||||
* Middleware
|
||||
*/
|
||||
$container->registerService('OnlyLoggedInMiddleware', function(IAppContainer $c){
|
||||
$container->registerService('OnlyLoggedInMiddleware', function (IAppContainer $c) {
|
||||
return new OnlyLoggedInMiddleware(
|
||||
$c->query('ControllerMethodReflector'),
|
||||
$c->query('ServerContainer')->getUserSession()
|
||||
);
|
||||
});
|
||||
|
||||
$container->registerService(DavPlugin::class, function (IAppContainer $c) {
|
||||
$server = $c->getServer();
|
||||
return new DavPlugin(
|
||||
$server->getSession(),
|
||||
$server->getConfig(),
|
||||
$_SERVER
|
||||
);
|
||||
});
|
||||
|
||||
$container->registerMiddleWare('OnlyLoggedInMiddleware');
|
||||
}
|
||||
|
||||
public function registerDavAuth() {
|
||||
|
||||
$container = $this->getContainer();
|
||||
|
||||
$dispatcher = $container->getServer()->getEventDispatcher();
|
||||
$dispatcher->addListener('OCA\DAV\Connector\Sabre::addPlugin', function (SabrePluginEvent $event) use ($container) {
|
||||
$event->getServer()->addPlugin($container->query(DavPlugin::class));
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
67
lib/DavPlugin.php
Normal file
67
lib/DavPlugin.php
Normal file
|
@ -0,0 +1,67 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2018 Robin Appelman <robin@icewind.nl>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\User_SAML;
|
||||
|
||||
use OCA\DAV\Connector\Sabre\Auth;
|
||||
use OCP\IConfig;
|
||||
use OCP\ISession;
|
||||
use Sabre\DAV\CorePlugin;
|
||||
use Sabre\DAV\FS\Directory;
|
||||
use Sabre\DAV\Server;
|
||||
use Sabre\DAV\ServerPlugin;
|
||||
use Sabre\DAV\Tree;
|
||||
use Sabre\HTTP\RequestInterface;
|
||||
use Sabre\HTTP\ResponseInterface;
|
||||
|
||||
class DavPlugin extends ServerPlugin {
|
||||
private $session;
|
||||
private $config;
|
||||
private $auth;
|
||||
/** @var Server */
|
||||
private $server;
|
||||
|
||||
public function __construct(ISession $session, IConfig $config, array $auth) {
|
||||
$this->session = $session;
|
||||
$this->config = $config;
|
||||
$this->auth = $auth;
|
||||
}
|
||||
|
||||
|
||||
public function initialize(Server $server) {
|
||||
// before auth
|
||||
$server->on('beforeMethod', [$this, 'beforeMethod'], 9);
|
||||
$this->server = $server;
|
||||
}
|
||||
|
||||
public function beforeMethod(RequestInterface $request, ResponseInterface $response) {
|
||||
if (
|
||||
$this->config->getAppValue('user_saml', 'type') === 'environment-variable' &&
|
||||
!$this->session->exists('user_saml.samlUserData')
|
||||
) {
|
||||
$uidMapping = $this->config->getAppValue('user_saml', 'general-uid_mapping');
|
||||
if (isset($this->auth[$uidMapping])) {
|
||||
$this->session->set(Auth::DAV_AUTHENTICATED, $this->auth[$uidMapping]);
|
||||
$this->session->set('user_saml.samlUserData', $this->auth);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -177,7 +177,7 @@ class SAMLControllerTest extends TestCase {
|
|||
->with('/')
|
||||
->willReturn('https://nextcloud.com/absolute/');
|
||||
$this->userBackend
|
||||
->expects($this->once())
|
||||
->expects($this->any())
|
||||
->method('getCurrentUserId')
|
||||
->willReturn('MyUid');
|
||||
/** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */
|
||||
|
|
Loading…
Reference in a new issue