diff options
author | Lukas Reschke <lukas@owncloud.com> | 2016-06-29 13:06:50 +0300 |
---|---|---|
committer | Lukas Reschke <lukas@owncloud.com> | 2016-06-29 13:06:50 +0300 |
commit | 03646e61590d206e34cb19251af9377a61563282 (patch) | |
tree | d780b71f02ef14a3af9392b6405aac4f35eabae3 /appinfo | |
parent | 943797c32918946d1aeb58c316eb4a2695cf467a (diff) |
Make compatible with desktop clients
The cookie "_SHIBSESSION_" is expected.
Fixes https://github.com/nextcloud/user_saml/issues/9
Diffstat (limited to 'appinfo')
-rw-r--r-- | appinfo/app.php | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/appinfo/app.php b/appinfo/app.php index a8ef2490..54fd0938 100644 --- a/appinfo/app.php +++ b/appinfo/app.php @@ -25,6 +25,7 @@ require_once __DIR__ . '/../3rdparty/vendor/autoload.php'; $urlGenerator = \OC::$server->getURLGenerator(); $config = \OC::$server->getConfig(); +$request = \OC::$server->getRequest(); $samlSettings = new \OCA\User_SAML\SAMLSettings( $urlGenerator, $config @@ -45,10 +46,20 @@ OC_User::useBackend($userBackend); OC_User::handleApacheAuth(); // Redirect all requests to the login page to the SAML login -$currentUrl = substr(explode('?', \OC::$server->getRequest()->getRequestUri(), 2)[0], strlen(\OC::$WEBROOT)); +$currentUrl = substr(explode('?',$request->getRequestUri(), 2)[0], strlen(\OC::$WEBROOT)); if($currentUrl === '/index.php/login' && !OC_User::isLoggedIn()) { $csrfToken = \OC::$server->getCsrfTokenManager()->getToken(); header('Location: '.$urlGenerator->linkToRouteAbsolute('user_saml.SAML.login') .'?requesttoken='. urlencode($csrfToken->getEncryptedValue())); exit(); } +// If a request to OCS or remote.php is sent by the official desktop clients it can +// be intercepted as it supports SAML. All other clients don't yet and thus we +// require the usage of application specific passwords there. +if(substr($currentUrl, 0, 12) === '/remote.php/' || substr($currentUrl, 0, 5) === '/ocs/') { + if(!OC_User::isLoggedIn() && $request->isUserAgent([\OC\AppFramework\Http\Request::USER_AGENT_OWNCLOUD_DESKTOP])) { + $csrfToken = \OC::$server->getCsrfTokenManager()->getToken(); + header('Location: '.$urlGenerator->linkToRouteAbsolute('user_saml.SAML.login') .'?requesttoken='. urlencode($csrfToken->getEncryptedValue())); + exit(); + } +} |