Loading patches/034-oidc-bearer-token-auth.patch 0 → 100644 +19 −0 Original line number Diff line number Diff line --- ../patches/CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ ../patches/CORSMiddleware-new.php 2024-04-08 09:00:48.857350421 +0530 @@ -93,6 +93,16 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + + $appManager = \OC::$server->get(\OCP\App\IAppManager::class); + if ($appManager->isEnabledForUser('oidc_login')) { + $loginService = \OC::$server->get(OCA\OIDCLogin\Service\LoginService::class); + $authHeader = $this->request->getHeader('Authorization'); + $bearerToken = substr($authHeader, 7); + if ($this->request->getHeader('OIDC-LOGIN-WITH-TOKEN') === 'true' && $loginService->loginWithBearerToken($bearerToken)) { + return; + } + } // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) { Loading
patches/034-oidc-bearer-token-auth.patch 0 → 100644 +19 −0 Original line number Diff line number Diff line --- ../patches/CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ ../patches/CORSMiddleware-new.php 2024-04-08 09:00:48.857350421 +0530 @@ -93,6 +93,16 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + + $appManager = \OC::$server->get(\OCP\App\IAppManager::class); + if ($appManager->isEnabledForUser('oidc_login')) { + $loginService = \OC::$server->get(OCA\OIDCLogin\Service\LoginService::class); + $authHeader = $this->request->getHeader('Authorization'); + $bearerToken = substr($authHeader, 7); + if ($this->request->getHeader('OIDC-LOGIN-WITH-TOKEN') === 'true' && $loginService->loginWithBearerToken($bearerToken)) { + return; + } + } // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) {
