diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-01-05 18:41:48 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-05 18:41:48 +0300 |
| commit | de761e22d0078e599500e6b85e6259122f2e30ce (patch) | |
| tree | d5ba1291fba5a1d1215b767825288da67875f7f4 | |
| parent | 14c841668536cd74c18eec37c5c312a98bc63915 (diff) | |
| parent | 2757a429071a9df012751662d7d990b5d92f5074 (diff) | |
Merge pull request #13374 from nextcloud/backport/13363/stable13
[stable13] Fix loginflow with apptoken enter on iOS
| -rw-r--r-- | core/Controller/ClientFlowLoginController.php | 30 | ||||
| -rw-r--r-- | core/js/login/authpicker.js | 8 | ||||
| -rw-r--r-- | core/routes.php | 1 | ||||
| -rw-r--r-- | core/templates/loginflow/authpicker.php | 7 |
4 files changed, 35 insertions, 11 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index 3050248f4ec..7846dfcfd64 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -336,4 +336,34 @@ class ClientFlowLoginController extends Controller { return new Http\RedirectResponse($redirectUri); } + + /** + * @PublicPage + */ + public function apptokenRedirect(string $stateToken, string $user, string $password) { + if (!$this->isValidToken($stateToken)) { + return $this->stateTokenForbiddenResponse(); + } + + $redirectUri = 'nc://login/server:' . $this->getServerPath() . '&user:' . urlencode($user) . '&password:' . urlencode($password); + return new Http\RedirectResponse($redirectUri); + } + + private function getServerPath() { + $serverPostfix = ''; + if (strpos($this->request->getRequestUri(), '/index.php') !== false) { + $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/index.php')); + } else if (strpos($this->request->getRequestUri(), '/login/flow') !== false) { + $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow')); + } + $protocol = $this->request->getServerProtocol(); + if ($protocol !== "https") { + $xForwardedProto = $this->request->getHeader('X-Forwarded-Proto'); + $xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl'); + if ($xForwardedProto === 'https' || $xForwardedSSL === 'on') { + $protocol = 'https'; + } + } + return $protocol . "://" . $this->request->getServerHost() . $serverPostfix; + } } diff --git a/core/js/login/authpicker.js b/core/js/login/authpicker.js index 2d4bcc33158..e1e34bbd8d6 100644 --- a/core/js/login/authpicker.js +++ b/core/js/login/authpicker.js @@ -5,12 +5,4 @@ jQuery(document).ready(function() { $('#redirect-link').addClass('hidden'); $('#app-token-login-field').removeClass('hidden'); }); - - $('#submit-app-token-login').click(function(e) { - e.preventDefault(); - window.location.href = 'nc://login/server:' - + encodeURIComponent($('#serverHost').val()) - + "&user:" + encodeURIComponent($('#user').val()) - + "&password:" + encodeURIComponent($('#password').val()); - }); }); diff --git a/core/routes.php b/core/routes.php index 1cb44e47d9d..4508ecad81d 100644 --- a/core/routes.php +++ b/core/routes.php @@ -53,6 +53,7 @@ $application->registerRoutes($this, [ ['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'], ['name' => 'ClientFlowLogin#redirectPage', 'url' => '/login/flow/redirect', 'verb' => 'GET'], ['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'], + ['name' => 'ClientFlowLogin#apptokenRedirect', 'url' => '/login/flow/apptoken', 'verb' => 'POST'], ['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'], ['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'], ['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'], diff --git a/core/templates/loginflow/authpicker.php b/core/templates/loginflow/authpicker.php index 1858f8bcb62..824a1af32bc 100644 --- a/core/templates/loginflow/authpicker.php +++ b/core/templates/loginflow/authpicker.php @@ -44,7 +44,7 @@ $urlGenerator = $_['urlGenerator']; </a> </p> - <fieldset id="app-token-login-field" class="hidden"> + <form action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLogin.apptokenRedirect')); ?>" method="post" id="app-token-login-field" class="hidden"> <p class="grouptop"> <input type="text" name="user" id="user" placeholder="<?php p($l->t('Username')) ?>"> <label for="user" class="infield"><?php p($l->t('Username')) ?></label> @@ -53,9 +53,10 @@ $urlGenerator = $_['urlGenerator']; <input type="password" name="password" id="password" placeholder="<?php p($l->t('App token')) ?>"> <label for="password" class="infield"><?php p($l->t('Password')) ?></label> </p> - <input type="hidden" id="serverHost" value="<?php p($_['serverHost']) ?>" /> + <input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" /> + <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>"> <input id="submit-app-token-login" type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Grant access')) ?>"> - </fieldset> + </form> </div> <?php if(empty($_['oauthState'])): ?> |