Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 10 |
|
0.00% |
0 / 3 |
CRAP | |
0.00% |
0 / 1 |
| CallbackAuthBackend | |
0.00% |
0 / 10 |
|
0.00% |
0 / 3 |
20 | |
0.00% |
0 / 1 |
| __construct | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| check | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
6 | |||
| challenge | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| 1 | <?php |
| 2 | |
| 3 | declare(strict_types=1); |
| 4 | |
| 5 | namespace Olz\Apps\Files\Service; |
| 6 | |
| 7 | use Sabre\HTTP\RequestInterface; |
| 8 | use Sabre\HTTP\ResponseInterface; |
| 9 | |
| 10 | /** |
| 11 | * Callback auth backend. |
| 12 | * |
| 13 | * This backend works by calling a function to determine the authenticated user. |
| 14 | */ |
| 15 | class CallbackAuthBackend implements \Sabre\DAV\Auth\Backend\BackendInterface { |
| 16 | /** |
| 17 | * This is the prefix that will be used to generate principal urls. |
| 18 | */ |
| 19 | protected string $principalPrefix = 'principals/'; |
| 20 | |
| 21 | /** |
| 22 | * Callback. |
| 23 | * |
| 24 | * @var callable |
| 25 | */ |
| 26 | protected mixed $callBack; |
| 27 | |
| 28 | /** |
| 29 | * Creates the backend. |
| 30 | * |
| 31 | * A callback must be provided to handle authentication. |
| 32 | */ |
| 33 | public function __construct(callable $callBack) { |
| 34 | $this->callBack = $callBack; |
| 35 | } |
| 36 | |
| 37 | /** |
| 38 | * When this method is called, the backend must check if authentication was |
| 39 | * successful. |
| 40 | * |
| 41 | * The returned value must be one of the following |
| 42 | * |
| 43 | * [true, "principals/username"] |
| 44 | * [false, "reason for failure"] |
| 45 | * |
| 46 | * If authentication was successful, it's expected that the authentication |
| 47 | * backend returns a so-called principal url. |
| 48 | * |
| 49 | * Examples of a principal url: |
| 50 | * |
| 51 | * principals/admin |
| 52 | * principals/user1 |
| 53 | * principals/users/joe |
| 54 | * principals/uid/123457 |
| 55 | * |
| 56 | * If you don't use WebDAV ACL (RFC3744) we recommend that you simply |
| 57 | * return a string such as: |
| 58 | * |
| 59 | * principals/users/[username] |
| 60 | * |
| 61 | * @return array{0: bool, 1: string} |
| 62 | */ |
| 63 | public function check(RequestInterface $request, ResponseInterface $response): array { |
| 64 | $cb = $this->callBack; |
| 65 | $result = $cb(); |
| 66 | |
| 67 | $was_successful = $result[0]; |
| 68 | if ($was_successful) { |
| 69 | $username = $result[1]; |
| 70 | return [true, $this->principalPrefix.$username]; |
| 71 | } |
| 72 | $failure_reason = $result[1]; |
| 73 | return [false, $failure_reason]; |
| 74 | } |
| 75 | |
| 76 | /** |
| 77 | * This method is called when a user could not be authenticated, and |
| 78 | * authentication was required for the current request. |
| 79 | * |
| 80 | * This gives you the opportunity to set authentication headers. The 401 |
| 81 | * status code will already be set. |
| 82 | * |
| 83 | * In this case of Basic Auth, this would for example mean that the |
| 84 | * following header needs to be set: |
| 85 | * |
| 86 | * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV'); |
| 87 | * |
| 88 | * Keep in mind that in the case of multiple authentication backends, other |
| 89 | * WWW-Authenticate headers may already have been set, and you'll want to |
| 90 | * append your own WWW-Authenticate header instead of overwriting the |
| 91 | * existing one. |
| 92 | */ |
| 93 | public function challenge(RequestInterface $request, ResponseInterface $response): void { |
| 94 | } |
| 95 | } |