http.php 2.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. <?php
  2. /**
  3. * ownCloud
  4. *
  5. * @author Frank Karlitschek
  6. * @copyright 2012 Robin Appelman icewind@owncloud.com
  7. *
  8. * This library is free software; you can redistribute it and/or
  9. * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
  10. * License as published by the Free Software Foundation; either
  11. * version 3 of the License, or any later version.
  12. *
  13. * This library is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
  17. *
  18. * You should have received a copy of the GNU Affero General Public
  19. * License along with this library. If not, see <http://www.gnu.org/licenses/>.
  20. *
  21. */
  22. /**
  23. * user backend using http auth requests
  24. */
  25. class OC_User_HTTP extends OC_User_Backend {
  26. /**
  27. * split http://user@host/path into a user and url part
  28. * @param string path
  29. * @return array
  30. */
  31. private function parseUrl($url){
  32. $parts=parse_url($url);
  33. $url=$parts['scheme'].'://'.$parts['host'];
  34. if(isset($parts['port'])){
  35. $url.=':'.$parts['port'];
  36. }
  37. $url.=$parts['path'];
  38. if(isset($parts['query'])){
  39. $url.='?'.$parts['query'];
  40. }
  41. return array($parts['user'],$url);
  42. }
  43. /**
  44. * check if an url is a valid login
  45. * @param string url
  46. * @return boolean
  47. */
  48. private function matchUrl($url){
  49. return ! is_null(parse_url($url,PHP_URL_USER));
  50. }
  51. /**
  52. * @brief Check if the password is correct
  53. * @param $uid The username
  54. * @param $password The password
  55. * @returns string
  56. *
  57. * Check if the password is correct without logging in the user
  58. * returns the user id or false
  59. */
  60. public function checkPassword($uid, $password){
  61. if(!$this->matchUrl($uid)){
  62. return false;
  63. }
  64. list($user,$url)=$this->parseUrl($uid);
  65. $ch = curl_init();
  66. curl_setopt($ch, CURLOPT_URL, $url);
  67. curl_setopt($ch, CURLOPT_USERPWD, $user.':'.$password);
  68. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  69. curl_exec($ch);
  70. $status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
  71. curl_close($ch);
  72. return $status==200;
  73. }
  74. /**
  75. * @brief check if a user exists
  76. * @param string $uid the username
  77. * @return boolean
  78. */
  79. public function userExists($uid){
  80. return $this->matchUrl($uid);
  81. }
  82. /**
  83. * @brief get the user's home directory
  84. * @param string $uid the username
  85. * @return boolean
  86. */
  87. public function getHome($uid){
  88. if($this->userExists($uid)){
  89. return OC_Config::getValue( "datadirectory", OC::$SERVERROOT."/data" ) . '/' . $uid;
  90. }else{
  91. return false;
  92. }
  93. }
  94. }