Loading patches/034-oidc-bearer-token-auth.patch +15 −22 Original line number Diff line number Diff line --- ../patches/CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ ../patches/CORSMiddleware-new.php 2024-04-08 09:00:48.857350421 +0530 @@ -93,6 +93,16 @@ --- lib/private/AppFramework/Middleware/Security/CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ lib/private/AppFramework/Middleware/Security/CORSMiddleware-new.php 2024-04-09 19:05:21.133629632 +0530 @@ -93,6 +93,22 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + + $appManager = \OC::$server->get(\OCP\App\IAppManager::class); + if ($appManager->isEnabledForUser('oidc_login')) { + $loginService = \OC::$server->get(OCA\OIDCLogin\Service\LoginService::class); + $authHeader = $this->request->getHeader('Authorization'); + $bearerToken = substr($authHeader, 7); + if ($this->request->getHeader('OIDC-LOGIN-WITH-TOKEN') === 'true' && $loginService->loginWithBearerToken($bearerToken)) { + return; + } + } // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) { --- CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ CORSMiddleware-new.php 2024-04-08 17:49:15.942402353 +0530 @@ -93,6 +93,10 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + $appManager = \OC::$server->get(OCP\App\IAppManager); + + if ($this->session->getSession() instanceof ISession && $this->session->getSession()->exists('is_oidc')) { + if ($this->session->getSession() instanceof ISession && $this->session->getSession()->exists('is_oidc') + && $appManager->isEnabledForUser('oidc_login') && $this->request->getHeader('OIDC-LOGIN-WITH-TOKEN') === 'true' && !empty($bearerToken)) { + try { + $loginService = \OC::$server->get(OCA\OIDCLogin\Service\LoginService::class); + $loginService->loginWithBearerToken($bearerToken); + $this->session->set('is_oidc', 1); + return; + } catch (\Exception $e) { + $this->logger->debug("WebDAV bearer token validation failed with: {$e->getMessage()}", $this->context); + } + } // Allow to use the current session if a CSRF token is provided Loading Loading
patches/034-oidc-bearer-token-auth.patch +15 −22 Original line number Diff line number Diff line --- ../patches/CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ ../patches/CORSMiddleware-new.php 2024-04-08 09:00:48.857350421 +0530 @@ -93,6 +93,16 @@ --- lib/private/AppFramework/Middleware/Security/CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ lib/private/AppFramework/Middleware/Security/CORSMiddleware-new.php 2024-04-09 19:05:21.133629632 +0530 @@ -93,6 +93,22 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + + $appManager = \OC::$server->get(\OCP\App\IAppManager::class); + if ($appManager->isEnabledForUser('oidc_login')) { + $loginService = \OC::$server->get(OCA\OIDCLogin\Service\LoginService::class); + $authHeader = $this->request->getHeader('Authorization'); + $bearerToken = substr($authHeader, 7); + if ($this->request->getHeader('OIDC-LOGIN-WITH-TOKEN') === 'true' && $loginService->loginWithBearerToken($bearerToken)) { + return; + } + } // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) { --- CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ CORSMiddleware-new.php 2024-04-08 17:49:15.942402353 +0530 @@ -93,6 +93,10 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + $appManager = \OC::$server->get(OCP\App\IAppManager); + + if ($this->session->getSession() instanceof ISession && $this->session->getSession()->exists('is_oidc')) { + if ($this->session->getSession() instanceof ISession && $this->session->getSession()->exists('is_oidc') + && $appManager->isEnabledForUser('oidc_login') && $this->request->getHeader('OIDC-LOGIN-WITH-TOKEN') === 'true' && !empty($bearerToken)) { + try { + $loginService = \OC::$server->get(OCA\OIDCLogin\Service\LoginService::class); + $loginService->loginWithBearerToken($bearerToken); + $this->session->set('is_oidc', 1); + return; + } catch (\Exception $e) { + $this->logger->debug("WebDAV bearer token validation failed with: {$e->getMessage()}", $this->context); + } + } // Allow to use the current session if a CSRF token is provided Loading
