Merge pull request #23237 from owncloud/backport-22901

[stable9] Add DAV authenticated also to other scopes

2 files changed, 26 insertions, 1 deletions

diff --git a/lib/private/api.php b/lib/private/api.php
index 87f2aa9b118..12a78f1424b 100644
--- a/lib/private/api.php
+++ b/lib/private/api.php
@@ -364,6 +364,18 @@ class OC_API {
 				\OC_Util::setUpFS(\OC_User::getUser());
 				self::$isLoggedIn = true;
 
+				/**
+				 * Add DAV authenticated. This should in an ideal world not be
+				 * necessary but the iOS App reads cookies from anywhere instead
+				 * only the DAV endpoint.
+				 * This makes sure that the cookies will be valid for the whole scope
+				 * @see https://github.com/owncloud/core/issues/22893
+				 */
+				\OC::$server->getSession()->set(
+					\OCA\DAV\Connector\Sabre\Auth::DAV_AUTHENTICATED,
+					\OC::$server->getUserSession()->getUser()->getUID()
+				);
+
 				return \OC_User::getUser();
 			}
 		}
diff --git a/lib/private/user.php b/lib/private/user.php
index b91f60e3b9b..26062f503d2 100644
--- a/lib/private/user.php
+++ b/lib/private/user.php
@@ -281,7 +281,20 @@ class OC_User {
 	 */
 	public static function tryBasicAuthLogin() {
 		if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
-			\OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+			$result = \OC_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+			if($result === true) {
+				/**
+				 * Add DAV authenticated. This should in an ideal world not be
+				 * necessary but the iOS App reads cookies from anywhere instead
+				 * only the DAV endpoint.
+				 * This makes sure that the cookies will be valid for the whole scope
+				 * @see https://github.com/owncloud/core/issues/22893
+				 */
+				\OC::$server->getSession()->set(
+					\OCA\DAV\Connector\Sabre\Auth::DAV_AUTHENTICATED,
+					\OC::$server->getUserSession()->getUser()->getUID()
+				);
+			}
 		}
 	}