Dolibarr / dolibarr

htdocs/includes/sabre/sabre/dav/lib/DAV/Locks/Backend/PDO.php

Indentation +151 added lines, -151 removed lines

@@ -18,155 +18,155 @@
  */
 class PDO extends AbstractBackend
 {
-    /**
-     * The PDO tablename this backend uses.
-     *
-     * @var string
-     */
-    public $tableName = 'locks';
-
-    /**
-     * The PDO connection object.
-     *
-     * @var pdo
-     */
-    protected $pdo;
-
-    /**
-     * Constructor.
-     */
-    public function __construct(\PDO $pdo)
-    {
-        $this->pdo = $pdo;
-    }
-
-    /**
-     * Returns a list of Sabre\DAV\Locks\LockInfo objects.
-     *
-     * This method should return all the locks for a particular uri, including
-     * locks that might be set on a parent uri.
-     *
-     * If returnChildLocks is set to true, this method should also look for
-     * any locks in the subtree of the uri for locks.
-     *
-     * @param string $uri
-     * @param bool   $returnChildLocks
-     *
-     * @return array
-     */
-    public function getLocks($uri, $returnChildLocks)
-    {
-        // NOTE: the following 10 lines or so could be easily replaced by
-        // pure sql. MySQL's non-standard string concatenation prevents us
-        // from doing this though.
-        $query = 'SELECT owner, token, timeout, created, scope, depth, uri FROM '.$this->tableName.' WHERE (created > (? - timeout)) AND ((uri = ?)';
-        $params = [time(), $uri];
-
-        // We need to check locks for every part in the uri.
-        $uriParts = explode('/', $uri);
-
-        // We already covered the last part of the uri
-        array_pop($uriParts);
-
-        $currentPath = '';
-
-        foreach ($uriParts as $part) {
-            if ($currentPath) {
-                $currentPath .= '/';
-            }
-            $currentPath .= $part;
-
-            $query .= ' OR (depth!=0 AND uri = ?)';
-            $params[] = $currentPath;
-        }
-
-        if ($returnChildLocks) {
-            $query .= ' OR (uri LIKE ?)';
-            $params[] = $uri.'/%';
-        }
-        $query .= ')';
-
-        $stmt = $this->pdo->prepare($query);
-        $stmt->execute($params);
-        $result = $stmt->fetchAll();
-
-        $lockList = [];
-        foreach ($result as $row) {
-            $lockInfo = new LockInfo();
-            $lockInfo->owner = $row['owner'];
-            $lockInfo->token = $row['token'];
-            $lockInfo->timeout = $row['timeout'];
-            $lockInfo->created = $row['created'];
-            $lockInfo->scope = $row['scope'];
-            $lockInfo->depth = $row['depth'];
-            $lockInfo->uri = $row['uri'];
-            $lockList[] = $lockInfo;
-        }
-
-        return $lockList;
-    }
-
-    /**
-     * Locks a uri.
-     *
-     * @param string $uri
-     *
-     * @return bool
-     */
-    public function lock($uri, LockInfo $lockInfo)
-    {
-        // We're making the lock timeout 30 minutes
-        $lockInfo->timeout = 30 * 60;
-        $lockInfo->created = time();
-        $lockInfo->uri = $uri;
-
-        $locks = $this->getLocks($uri, false);
-        $exists = false;
-        foreach ($locks as $lock) {
-            if ($lock->token == $lockInfo->token) {
-                $exists = true;
-            }
-        }
-
-        if ($exists) {
-            $stmt = $this->pdo->prepare('UPDATE '.$this->tableName.' SET owner = ?, timeout = ?, scope = ?, depth = ?, uri = ?, created = ? WHERE token = ?');
-            $stmt->execute([
-                $lockInfo->owner,
-                $lockInfo->timeout,
-                $lockInfo->scope,
-                $lockInfo->depth,
-                $uri,
-                $lockInfo->created,
-                $lockInfo->token,
-            ]);
-        } else {
-            $stmt = $this->pdo->prepare('INSERT INTO '.$this->tableName.' (owner,timeout,scope,depth,uri,created,token) VALUES (?,?,?,?,?,?,?)');
-            $stmt->execute([
-                $lockInfo->owner,
-                $lockInfo->timeout,
-                $lockInfo->scope,
-                $lockInfo->depth,
-                $uri,
-                $lockInfo->created,
-                $lockInfo->token,
-            ]);
-        }
-
-        return true;
-    }
-
-    /**
-     * Removes a lock from a uri.
-     *
-     * @param string $uri
-     *
-     * @return bool
-     */
-    public function unlock($uri, LockInfo $lockInfo)
-    {
-        $stmt = $this->pdo->prepare('DELETE FROM '.$this->tableName.' WHERE uri = ? AND token = ?');
-        $stmt->execute([$uri, $lockInfo->token]);
-
-        return 1 === $stmt->rowCount();
-    }
+	/**
+	 * The PDO tablename this backend uses.
+	 *
+	 * @var string
+	 */
+	public $tableName = 'locks';
+
+	/**
+	 * The PDO connection object.
+	 *
+	 * @var pdo
+	 */
+	protected $pdo;
+
+	/**
+	 * Constructor.
+	 */
+	public function __construct(\PDO $pdo)
+	{
+		$this->pdo = $pdo;
+	}
+
+	/**
+	 * Returns a list of Sabre\DAV\Locks\LockInfo objects.
+	 *
+	 * This method should return all the locks for a particular uri, including
+	 * locks that might be set on a parent uri.
+	 *
+	 * If returnChildLocks is set to true, this method should also look for
+	 * any locks in the subtree of the uri for locks.
+	 *
+	 * @param string $uri
+	 * @param bool   $returnChildLocks
+	 *
+	 * @return array
+	 */
+	public function getLocks($uri, $returnChildLocks)
+	{
+		// NOTE: the following 10 lines or so could be easily replaced by
+		// pure sql. MySQL's non-standard string concatenation prevents us
+		// from doing this though.
+		$query = 'SELECT owner, token, timeout, created, scope, depth, uri FROM '.$this->tableName.' WHERE (created > (? - timeout)) AND ((uri = ?)';
+		$params = [time(), $uri];
+
+		// We need to check locks for every part in the uri.
+		$uriParts = explode('/', $uri);
+
+		// We already covered the last part of the uri
+		array_pop($uriParts);
+
+		$currentPath = '';
+
+		foreach ($uriParts as $part) {
+			if ($currentPath) {
+				$currentPath .= '/';
+			}
+			$currentPath .= $part;
+
+			$query .= ' OR (depth!=0 AND uri = ?)';
+			$params[] = $currentPath;
+		}
+
+		if ($returnChildLocks) {
+			$query .= ' OR (uri LIKE ?)';
+			$params[] = $uri.'/%';
+		}
+		$query .= ')';
+
+		$stmt = $this->pdo->prepare($query);
+		$stmt->execute($params);
+		$result = $stmt->fetchAll();
+
+		$lockList = [];
+		foreach ($result as $row) {
+			$lockInfo = new LockInfo();
+			$lockInfo->owner = $row['owner'];
+			$lockInfo->token = $row['token'];
+			$lockInfo->timeout = $row['timeout'];
+			$lockInfo->created = $row['created'];
+			$lockInfo->scope = $row['scope'];
+			$lockInfo->depth = $row['depth'];
+			$lockInfo->uri = $row['uri'];
+			$lockList[] = $lockInfo;
+		}
+
+		return $lockList;
+	}
+
+	/**
+	 * Locks a uri.
+	 *
+	 * @param string $uri
+	 *
+	 * @return bool
+	 */
+	public function lock($uri, LockInfo $lockInfo)
+	{
+		// We're making the lock timeout 30 minutes
+		$lockInfo->timeout = 30 * 60;
+		$lockInfo->created = time();
+		$lockInfo->uri = $uri;
+
+		$locks = $this->getLocks($uri, false);
+		$exists = false;
+		foreach ($locks as $lock) {
+			if ($lock->token == $lockInfo->token) {
+				$exists = true;
+			}
+		}
+
+		if ($exists) {
+			$stmt = $this->pdo->prepare('UPDATE '.$this->tableName.' SET owner = ?, timeout = ?, scope = ?, depth = ?, uri = ?, created = ? WHERE token = ?');
+			$stmt->execute([
+				$lockInfo->owner,
+				$lockInfo->timeout,
+				$lockInfo->scope,
+				$lockInfo->depth,
+				$uri,
+				$lockInfo->created,
+				$lockInfo->token,
+			]);
+		} else {
+			$stmt = $this->pdo->prepare('INSERT INTO '.$this->tableName.' (owner,timeout,scope,depth,uri,created,token) VALUES (?,?,?,?,?,?,?)');
+			$stmt->execute([
+				$lockInfo->owner,
+				$lockInfo->timeout,
+				$lockInfo->scope,
+				$lockInfo->depth,
+				$uri,
+				$lockInfo->created,
+				$lockInfo->token,
+			]);
+		}
+
+		return true;
+	}
+
+	/**
+	 * Removes a lock from a uri.
+	 *
+	 * @param string $uri
+	 *
+	 * @return bool
+	 */
+	public function unlock($uri, LockInfo $lockInfo)
+	{
+		$stmt = $this->pdo->prepare('DELETE FROM '.$this->tableName.' WHERE uri = ? AND token = ?');
+		$stmt->execute([$uri, $lockInfo->token]);
+
+		return 1 === $stmt->rowCount();
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Locks/LockInfo.php

Indentation +54 added lines, -54 removed lines

@@ -16,67 +16,67 @@
  */
 class LockInfo
 {
-    /**
-     * A shared lock.
-     */
-    const SHARED = 1;
+	/**
+	 * A shared lock.
+	 */
+	const SHARED = 1;
 
-    /**
-     * An exclusive lock.
-     */
-    const EXCLUSIVE = 2;
+	/**
+	 * An exclusive lock.
+	 */
+	const EXCLUSIVE = 2;
 
-    /**
-     * A never expiring timeout.
-     */
-    const TIMEOUT_INFINITE = -1;
+	/**
+	 * A never expiring timeout.
+	 */
+	const TIMEOUT_INFINITE = -1;
 
-    /**
-     * The owner of the lock.
-     *
-     * @var string
-     */
-    public $owner;
+	/**
+	 * The owner of the lock.
+	 *
+	 * @var string
+	 */
+	public $owner;
 
-    /**
-     * The locktoken.
-     *
-     * @var string
-     */
-    public $token;
+	/**
+	 * The locktoken.
+	 *
+	 * @var string
+	 */
+	public $token;
 
-    /**
-     * How long till the lock is expiring.
-     *
-     * @var int
-     */
-    public $timeout;
+	/**
+	 * How long till the lock is expiring.
+	 *
+	 * @var int
+	 */
+	public $timeout;
 
-    /**
-     * UNIX Timestamp of when this lock was created.
-     *
-     * @var int
-     */
-    public $created;
+	/**
+	 * UNIX Timestamp of when this lock was created.
+	 *
+	 * @var int
+	 */
+	public $created;
 
-    /**
-     * Exclusive or shared lock.
-     *
-     * @var int
-     */
-    public $scope = self::EXCLUSIVE;
+	/**
+	 * Exclusive or shared lock.
+	 *
+	 * @var int
+	 */
+	public $scope = self::EXCLUSIVE;
 
-    /**
-     * Depth of lock, can be 0 or Sabre\DAV\Server::DEPTH_INFINITY.
-     */
-    public $depth = 0;
+	/**
+	 * Depth of lock, can be 0 or Sabre\DAV\Server::DEPTH_INFINITY.
+	 */
+	public $depth = 0;
 
-    /**
-     * The uri this lock locks.
-     *
-     * TODO: This value is not always set
-     *
-     * @var mixed
-     */
-    public $uri;
+	/**
+	 * The uri this lock locks.
+	 *
+	 * TODO: This value is not always set
+	 *
+	 * @var mixed
+	 */
+	public $uri;
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/IProperties.php

Indentation +27 added lines, -27 removed lines

@@ -15,32 +15,32 @@
  */
 interface IProperties extends INode
 {
-    /**
-     * Updates properties on this node.
-     *
-     * This method received a PropPatch object, which contains all the
-     * information about the update.
-     *
-     * To update specific properties, call the 'handle' method on this object.
-     * Read the PropPatch documentation for more information.
-     */
-    public function propPatch(PropPatch $propPatch);
+	/**
+	 * Updates properties on this node.
+	 *
+	 * This method received a PropPatch object, which contains all the
+	 * information about the update.
+	 *
+	 * To update specific properties, call the 'handle' method on this object.
+	 * Read the PropPatch documentation for more information.
+	 */
+	public function propPatch(PropPatch $propPatch);
 
-    /**
-     * Returns a list of properties for this nodes.
-     *
-     * The properties list is a list of propertynames the client requested,
-     * encoded in clark-notation {xmlnamespace}tagname
-     *
-     * If the array is empty, it means 'all properties' were requested.
-     *
-     * Note that it's fine to liberally give properties back, instead of
-     * conforming to the list of requested properties.
-     * The Server class will filter out the extra.
-     *
-     * @param array $properties
-     *
-     * @return array
-     */
-    public function getProperties($properties);
+	/**
+	 * Returns a list of properties for this nodes.
+	 *
+	 * The properties list is a list of propertynames the client requested,
+	 * encoded in clark-notation {xmlnamespace}tagname
+	 *
+	 * If the array is empty, it means 'all properties' were requested.
+	 *
+	 * Note that it's fine to liberally give properties back, instead of
+	 * conforming to the list of requested properties.
+	 * The Server class will filter out the extra.
+	 *
+	 * @param array $properties
+	 *
+	 * @return array
+	 */
+	public function getProperties($properties);
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Auth/Plugin.php

Indentation +226 added lines, -226 removed lines

@@ -26,230 +26,230 @@
  */
 class Plugin extends ServerPlugin
 {
-    /**
-     * By default this plugin will require that the user is authenticated,
-     * and refuse any access if the user is not authenticated.
-     *
-     * If this setting is set to false, we let the user through, whether they
-     * are authenticated or not.
-     *
-     * This is useful if you want to allow both authenticated and
-     * unauthenticated access to your server.
-     *
-     * @param bool
-     */
-    public $autoRequireLogin = true;
-
-    /**
-     * authentication backends.
-     */
-    protected $backends;
-
-    /**
-     * The currently logged in principal. Will be `null` if nobody is currently
-     * logged in.
-     *
-     * @var string|null
-     */
-    protected $currentPrincipal;
-
-    /**
-     * Creates the authentication plugin.
-     *
-     * @param Backend\BackendInterface $authBackend
-     */
-    public function __construct(Backend\BackendInterface $authBackend = null)
-    {
-        if (!is_null($authBackend)) {
-            $this->addBackend($authBackend);
-        }
-    }
-
-    /**
-     * Adds an authentication backend to the plugin.
-     */
-    public function addBackend(Backend\BackendInterface $authBackend)
-    {
-        $this->backends[] = $authBackend;
-    }
-
-    /**
-     * Initializes the plugin. This function is automatically called by the server.
-     */
-    public function initialize(Server $server)
-    {
-        $server->on('beforeMethod:*', [$this, 'beforeMethod'], 10);
-    }
-
-    /**
-     * Returns a plugin name.
-     *
-     * Using this name other plugins will be able to access other plugins
-     * using DAV\Server::getPlugin
-     *
-     * @return string
-     */
-    public function getPluginName()
-    {
-        return 'auth';
-    }
-
-    /**
-     * Returns the currently logged-in principal.
-     *
-     * This will return a string such as:
-     *
-     * principals/username
-     * principals/users/username
-     *
-     * This method will return null if nobody is logged in.
-     *
-     * @return string|null
-     */
-    public function getCurrentPrincipal()
-    {
-        return $this->currentPrincipal;
-    }
-
-    /**
-     * This method is called before any HTTP method and forces users to be authenticated.
-     */
-    public function beforeMethod(RequestInterface $request, ResponseInterface $response)
-    {
-        if ($this->currentPrincipal) {
-            // We already have authentication information. This means that the
-            // event has already fired earlier, and is now likely fired for a
-            // sub-request.
-            //
-            // We don't want to authenticate users twice, so we simply don't do
-            // anything here. See Issue #700 for additional reasoning.
-            //
-            // This is not a perfect solution, but will be fixed once the
-            // "currently authenticated principal" is information that's not
-            // not associated with the plugin, but rather per-request.
-            //
-            // See issue #580 for more information about that.
-            return;
-        }
-
-        $authResult = $this->check($request, $response);
-
-        if ($authResult[0]) {
-            // Auth was successful
-            $this->currentPrincipal = $authResult[1];
-            $this->loginFailedReasons = null;
-
-            return;
-        }
-
-        // If we got here, it means that no authentication backend was
-        // successful in authenticating the user.
-        $this->currentPrincipal = null;
-        $this->loginFailedReasons = $authResult[1];
-
-        if ($this->autoRequireLogin) {
-            $this->challenge($request, $response);
-            throw new NotAuthenticated(implode(', ', $authResult[1]));
-        }
-    }
-
-    /**
-     * Checks authentication credentials, and logs the user in if possible.
-     *
-     * This method returns an array. The first item in the array is a boolean
-     * indicating if login was successful.
-     *
-     * If login was successful, the second item in the array will contain the
-     * current principal url/path of the logged in user.
-     *
-     * If login was not successful, the second item in the array will contain a
-     * an array with strings. The strings are a list of reasons why login was
-     * unsuccessful. For every auth backend there will be one reason, so usually
-     * there's just one.
-     *
-     * @return array
-     */
-    public function check(RequestInterface $request, ResponseInterface $response)
-    {
-        if (!$this->backends) {
-            throw new \Sabre\DAV\Exception('No authentication backends were configured on this server.');
-        }
-        $reasons = [];
-        foreach ($this->backends as $backend) {
-            $result = $backend->check(
-                $request,
-                $response
-            );
-
-            if (!is_array($result) || 2 !== count($result) || !is_bool($result[0]) || !is_string($result[1])) {
-                throw new \Sabre\DAV\Exception('The authentication backend did not return a correct value from the check() method.');
-            }
-
-            if ($result[0]) {
-                $this->currentPrincipal = $result[1];
-                // Exit early
-                return [true, $result[1]];
-            }
-            $reasons[] = $result[1];
-        }
-
-        return [false, $reasons];
-    }
-
-    /**
-     * This method sends authentication challenges to the user.
-     *
-     * This method will for example cause a HTTP Basic backend to set a
-     * WWW-Authorization header, indicating to the client that it should
-     * authenticate.
-     */
-    public function challenge(RequestInterface $request, ResponseInterface $response)
-    {
-        foreach ($this->backends as $backend) {
-            $backend->challenge($request, $response);
-        }
-    }
-
-    /**
-     * List of reasons why login failed for the last login operation.
-     *
-     * @var string[]|null
-     */
-    protected $loginFailedReasons;
-
-    /**
-     * Returns a list of reasons why login was unsuccessful.
-     *
-     * This method will return the login failed reasons for the last login
-     * operation. One for each auth backend.
-     *
-     * This method returns null if the last authentication attempt was
-     * successful, or if there was no authentication attempt yet.
-     *
-     * @return string[]|null
-     */
-    public function getLoginFailedReasons()
-    {
-        return $this->loginFailedReasons;
-    }
-
-    /**
-     * Returns a bunch of meta-data about the plugin.
-     *
-     * Providing this information is optional, and is mainly displayed by the
-     * Browser plugin.
-     *
-     * The description key in the returned array may contain html and will not
-     * be sanitized.
-     *
-     * @return array
-     */
-    public function getPluginInfo()
-    {
-        return [
-            'name' => $this->getPluginName(),
-            'description' => 'Generic authentication plugin',
-            'link' => 'http://sabre.io/dav/authentication/',
-        ];
-    }
+	/**
+	 * By default this plugin will require that the user is authenticated,
+	 * and refuse any access if the user is not authenticated.
+	 *
+	 * If this setting is set to false, we let the user through, whether they
+	 * are authenticated or not.
+	 *
+	 * This is useful if you want to allow both authenticated and
+	 * unauthenticated access to your server.
+	 *
+	 * @param bool
+	 */
+	public $autoRequireLogin = true;
+
+	/**
+	 * authentication backends.
+	 */
+	protected $backends;
+
+	/**
+	 * The currently logged in principal. Will be `null` if nobody is currently
+	 * logged in.
+	 *
+	 * @var string|null
+	 */
+	protected $currentPrincipal;
+
+	/**
+	 * Creates the authentication plugin.
+	 *
+	 * @param Backend\BackendInterface $authBackend
+	 */
+	public function __construct(Backend\BackendInterface $authBackend = null)
+	{
+		if (!is_null($authBackend)) {
+			$this->addBackend($authBackend);
+		}
+	}
+
+	/**
+	 * Adds an authentication backend to the plugin.
+	 */
+	public function addBackend(Backend\BackendInterface $authBackend)
+	{
+		$this->backends[] = $authBackend;
+	}
+
+	/**
+	 * Initializes the plugin. This function is automatically called by the server.
+	 */
+	public function initialize(Server $server)
+	{
+		$server->on('beforeMethod:*', [$this, 'beforeMethod'], 10);
+	}
+
+	/**
+	 * Returns a plugin name.
+	 *
+	 * Using this name other plugins will be able to access other plugins
+	 * using DAV\Server::getPlugin
+	 *
+	 * @return string
+	 */
+	public function getPluginName()
+	{
+		return 'auth';
+	}
+
+	/**
+	 * Returns the currently logged-in principal.
+	 *
+	 * This will return a string such as:
+	 *
+	 * principals/username
+	 * principals/users/username
+	 *
+	 * This method will return null if nobody is logged in.
+	 *
+	 * @return string|null
+	 */
+	public function getCurrentPrincipal()
+	{
+		return $this->currentPrincipal;
+	}
+
+	/**
+	 * This method is called before any HTTP method and forces users to be authenticated.
+	 */
+	public function beforeMethod(RequestInterface $request, ResponseInterface $response)
+	{
+		if ($this->currentPrincipal) {
+			// We already have authentication information. This means that the
+			// event has already fired earlier, and is now likely fired for a
+			// sub-request.
+			//
+			// We don't want to authenticate users twice, so we simply don't do
+			// anything here. See Issue #700 for additional reasoning.
+			//
+			// This is not a perfect solution, but will be fixed once the
+			// "currently authenticated principal" is information that's not
+			// not associated with the plugin, but rather per-request.
+			//
+			// See issue #580 for more information about that.
+			return;
+		}
+
+		$authResult = $this->check($request, $response);
+
+		if ($authResult[0]) {
+			// Auth was successful
+			$this->currentPrincipal = $authResult[1];
+			$this->loginFailedReasons = null;
+
+			return;
+		}
+
+		// If we got here, it means that no authentication backend was
+		// successful in authenticating the user.
+		$this->currentPrincipal = null;
+		$this->loginFailedReasons = $authResult[1];
+
+		if ($this->autoRequireLogin) {
+			$this->challenge($request, $response);
+			throw new NotAuthenticated(implode(', ', $authResult[1]));
+		}
+	}
+
+	/**
+	 * Checks authentication credentials, and logs the user in if possible.
+	 *
+	 * This method returns an array. The first item in the array is a boolean
+	 * indicating if login was successful.
+	 *
+	 * If login was successful, the second item in the array will contain the
+	 * current principal url/path of the logged in user.
+	 *
+	 * If login was not successful, the second item in the array will contain a
+	 * an array with strings. The strings are a list of reasons why login was
+	 * unsuccessful. For every auth backend there will be one reason, so usually
+	 * there's just one.
+	 *
+	 * @return array
+	 */
+	public function check(RequestInterface $request, ResponseInterface $response)
+	{
+		if (!$this->backends) {
+			throw new \Sabre\DAV\Exception('No authentication backends were configured on this server.');
+		}
+		$reasons = [];
+		foreach ($this->backends as $backend) {
+			$result = $backend->check(
+				$request,
+				$response
+			);
+
+			if (!is_array($result) || 2 !== count($result) || !is_bool($result[0]) || !is_string($result[1])) {
+				throw new \Sabre\DAV\Exception('The authentication backend did not return a correct value from the check() method.');
+			}
+
+			if ($result[0]) {
+				$this->currentPrincipal = $result[1];
+				// Exit early
+				return [true, $result[1]];
+			}
+			$reasons[] = $result[1];
+		}
+
+		return [false, $reasons];
+	}
+
+	/**
+	 * This method sends authentication challenges to the user.
+	 *
+	 * This method will for example cause a HTTP Basic backend to set a
+	 * WWW-Authorization header, indicating to the client that it should
+	 * authenticate.
+	 */
+	public function challenge(RequestInterface $request, ResponseInterface $response)
+	{
+		foreach ($this->backends as $backend) {
+			$backend->challenge($request, $response);
+		}
+	}
+
+	/**
+	 * List of reasons why login failed for the last login operation.
+	 *
+	 * @var string[]|null
+	 */
+	protected $loginFailedReasons;
+
+	/**
+	 * Returns a list of reasons why login was unsuccessful.
+	 *
+	 * This method will return the login failed reasons for the last login
+	 * operation. One for each auth backend.
+	 *
+	 * This method returns null if the last authentication attempt was
+	 * successful, or if there was no authentication attempt yet.
+	 *
+	 * @return string[]|null
+	 */
+	public function getLoginFailedReasons()
+	{
+		return $this->loginFailedReasons;
+	}
+
+	/**
+	 * Returns a bunch of meta-data about the plugin.
+	 *
+	 * Providing this information is optional, and is mainly displayed by the
+	 * Browser plugin.
+	 *
+	 * The description key in the returned array may contain html and will not
+	 * be sanitized.
+	 *
+	 * @return array
+	 */
+	public function getPluginInfo()
+	{
+		return [
+			'name' => $this->getPluginName(),
+			'description' => 'Generic authentication plugin',
+			'link' => 'http://sabre.io/dav/authentication/',
+		];
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Auth/Backend/Apache.php

Indentation +66 added lines, -66 removed lines

@@ -21,73 +21,73 @@
  */
 class Apache implements BackendInterface
 {
-    /**
-     * This is the prefix that will be used to generate principal urls.
-     *
-     * @var string
-     */
-    protected $principalPrefix = 'principals/';
+	/**
+	 * This is the prefix that will be used to generate principal urls.
+	 *
+	 * @var string
+	 */
+	protected $principalPrefix = 'principals/';
 
-    /**
-     * When this method is called, the backend must check if authentication was
-     * successful.
-     *
-     * The returned value must be one of the following
-     *
-     * [true, "principals/username"]
-     * [false, "reason for failure"]
-     *
-     * If authentication was successful, it's expected that the authentication
-     * backend returns a so-called principal url.
-     *
-     * Examples of a principal url:
-     *
-     * principals/admin
-     * principals/user1
-     * principals/users/joe
-     * principals/uid/123457
-     *
-     * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
-     * return a string such as:
-     *
-     * principals/users/[username]
-     *
-     * @return array
-     */
-    public function check(RequestInterface $request, ResponseInterface $response)
-    {
-        $remoteUser = $request->getRawServerValue('REMOTE_USER');
-        if (is_null($remoteUser)) {
-            $remoteUser = $request->getRawServerValue('REDIRECT_REMOTE_USER');
-        }
-        if (is_null($remoteUser)) {
-            $remoteUser = $request->getRawServerValue('PHP_AUTH_USER');
-        }
-        if (is_null($remoteUser)) {
-            return [false, 'No REMOTE_USER, REDIRECT_REMOTE_USER, or PHP_AUTH_USER property was found in the PHP $_SERVER super-global. This likely means your server is not configured correctly'];
-        }
+	/**
+	 * When this method is called, the backend must check if authentication was
+	 * successful.
+	 *
+	 * The returned value must be one of the following
+	 *
+	 * [true, "principals/username"]
+	 * [false, "reason for failure"]
+	 *
+	 * If authentication was successful, it's expected that the authentication
+	 * backend returns a so-called principal url.
+	 *
+	 * Examples of a principal url:
+	 *
+	 * principals/admin
+	 * principals/user1
+	 * principals/users/joe
+	 * principals/uid/123457
+	 *
+	 * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
+	 * return a string such as:
+	 *
+	 * principals/users/[username]
+	 *
+	 * @return array
+	 */
+	public function check(RequestInterface $request, ResponseInterface $response)
+	{
+		$remoteUser = $request->getRawServerValue('REMOTE_USER');
+		if (is_null($remoteUser)) {
+			$remoteUser = $request->getRawServerValue('REDIRECT_REMOTE_USER');
+		}
+		if (is_null($remoteUser)) {
+			$remoteUser = $request->getRawServerValue('PHP_AUTH_USER');
+		}
+		if (is_null($remoteUser)) {
+			return [false, 'No REMOTE_USER, REDIRECT_REMOTE_USER, or PHP_AUTH_USER property was found in the PHP $_SERVER super-global. This likely means your server is not configured correctly'];
+		}
 
-        return [true, $this->principalPrefix.$remoteUser];
-    }
+		return [true, $this->principalPrefix.$remoteUser];
+	}
 
-    /**
-     * This method is called when a user could not be authenticated, and
-     * authentication was required for the current request.
-     *
-     * This gives you the opportunity to set authentication headers. The 401
-     * status code will already be set.
-     *
-     * In this case of Basic Auth, this would for example mean that the
-     * following header needs to be set:
-     *
-     * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
-     *
-     * Keep in mind that in the case of multiple authentication backends, other
-     * WWW-Authenticate headers may already have been set, and you'll want to
-     * append your own WWW-Authenticate header instead of overwriting the
-     * existing one.
-     */
-    public function challenge(RequestInterface $request, ResponseInterface $response)
-    {
-    }
+	/**
+	 * This method is called when a user could not be authenticated, and
+	 * authentication was required for the current request.
+	 *
+	 * This gives you the opportunity to set authentication headers. The 401
+	 * status code will already be set.
+	 *
+	 * In this case of Basic Auth, this would for example mean that the
+	 * following header needs to be set:
+	 *
+	 * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
+	 *
+	 * Keep in mind that in the case of multiple authentication backends, other
+	 * WWW-Authenticate headers may already have been set, and you'll want to
+	 * append your own WWW-Authenticate header instead of overwriting the
+	 * existing one.
+	 */
+	public function challenge(RequestInterface $request, ResponseInterface $response)
+	{
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Auth/Backend/BackendInterface.php

Indentation +45 added lines, -45 removed lines

@@ -16,50 +16,50 @@
  */
 interface BackendInterface
 {
-    /**
-     * When this method is called, the backend must check if authentication was
-     * successful.
-     *
-     * The returned value must be one of the following
-     *
-     * [true, "principals/username"]
-     * [false, "reason for failure"]
-     *
-     * If authentication was successful, it's expected that the authentication
-     * backend returns a so-called principal url.
-     *
-     * Examples of a principal url:
-     *
-     * principals/admin
-     * principals/user1
-     * principals/users/joe
-     * principals/uid/123457
-     *
-     * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
-     * return a string such as:
-     *
-     * principals/users/[username]
-     *
-     * @return array
-     */
-    public function check(RequestInterface $request, ResponseInterface $response);
+	/**
+	 * When this method is called, the backend must check if authentication was
+	 * successful.
+	 *
+	 * The returned value must be one of the following
+	 *
+	 * [true, "principals/username"]
+	 * [false, "reason for failure"]
+	 *
+	 * If authentication was successful, it's expected that the authentication
+	 * backend returns a so-called principal url.
+	 *
+	 * Examples of a principal url:
+	 *
+	 * principals/admin
+	 * principals/user1
+	 * principals/users/joe
+	 * principals/uid/123457
+	 *
+	 * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
+	 * return a string such as:
+	 *
+	 * principals/users/[username]
+	 *
+	 * @return array
+	 */
+	public function check(RequestInterface $request, ResponseInterface $response);
 
-    /**
-     * This method is called when a user could not be authenticated, and
-     * authentication was required for the current request.
-     *
-     * This gives you the opportunity to set authentication headers. The 401
-     * status code will already be set.
-     *
-     * In this case of Basic Auth, this would for example mean that the
-     * following header needs to be set:
-     *
-     * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
-     *
-     * Keep in mind that in the case of multiple authentication backends, other
-     * WWW-Authenticate headers may already have been set, and you'll want to
-     * append your own WWW-Authenticate header instead of overwriting the
-     * existing one.
-     */
-    public function challenge(RequestInterface $request, ResponseInterface $response);
+	/**
+	 * This method is called when a user could not be authenticated, and
+	 * authentication was required for the current request.
+	 *
+	 * This gives you the opportunity to set authentication headers. The 401
+	 * status code will already be set.
+	 *
+	 * In this case of Basic Auth, this would for example mean that the
+	 * following header needs to be set:
+	 *
+	 * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
+	 *
+	 * Keep in mind that in the case of multiple authentication backends, other
+	 * WWW-Authenticate headers may already have been set, and you'll want to
+	 * append your own WWW-Authenticate header instead of overwriting the
+	 * existing one.
+	 */
+	public function challenge(RequestInterface $request, ResponseInterface $response);
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Auth/Backend/BasicCallBack.php

Indentation +32 added lines, -32 removed lines

@@ -18,39 +18,39 @@
  */
 class BasicCallBack extends AbstractBasic
 {
-    /**
-     * Callback.
-     *
-     * @var callable
-     */
-    protected $callBack;
+	/**
+	 * Callback.
+	 *
+	 * @var callable
+	 */
+	protected $callBack;
 
-    /**
-     * Creates the backend.
-     *
-     * A callback must be provided to handle checking the username and
-     * password.
-     */
-    public function __construct(callable $callBack)
-    {
-        $this->callBack = $callBack;
-    }
+	/**
+	 * Creates the backend.
+	 *
+	 * A callback must be provided to handle checking the username and
+	 * password.
+	 */
+	public function __construct(callable $callBack)
+	{
+		$this->callBack = $callBack;
+	}
 
-    /**
-     * Validates a username and password.
-     *
-     * This method should return true or false depending on if login
-     * succeeded.
-     *
-     * @param string $username
-     * @param string $password
-     *
-     * @return bool
-     */
-    protected function validateUserPass($username, $password)
-    {
-        $cb = $this->callBack;
+	/**
+	 * Validates a username and password.
+	 *
+	 * This method should return true or false depending on if login
+	 * succeeded.
+	 *
+	 * @param string $username
+	 * @param string $password
+	 *
+	 * @return bool
+	 */
+	protected function validateUserPass($username, $password)
+	{
+		$cb = $this->callBack;
 
-        return $cb($username, $password);
-    }
+		return $cb($username, $password);
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Auth/Backend/AbstractBasic.php

Indentation +104 added lines, -104 removed lines

@@ -22,115 +22,115 @@
  */
 abstract class AbstractBasic implements BackendInterface
 {
-    /**
-     * Authentication Realm.
-     *
-     * The realm is often displayed by browser clients when showing the
-     * authentication dialog.
-     *
-     * @var string
-     */
-    protected $realm = 'sabre/dav';
+	/**
+	 * Authentication Realm.
+	 *
+	 * The realm is often displayed by browser clients when showing the
+	 * authentication dialog.
+	 *
+	 * @var string
+	 */
+	protected $realm = 'sabre/dav';
 
-    /**
-     * This is the prefix that will be used to generate principal urls.
-     *
-     * @var string
-     */
-    protected $principalPrefix = 'principals/';
+	/**
+	 * This is the prefix that will be used to generate principal urls.
+	 *
+	 * @var string
+	 */
+	protected $principalPrefix = 'principals/';
 
-    /**
-     * Validates a username and password.
-     *
-     * This method should return true or false depending on if login
-     * succeeded.
-     *
-     * @param string $username
-     * @param string $password
-     *
-     * @return bool
-     */
-    abstract protected function validateUserPass($username, $password);
+	/**
+	 * Validates a username and password.
+	 *
+	 * This method should return true or false depending on if login
+	 * succeeded.
+	 *
+	 * @param string $username
+	 * @param string $password
+	 *
+	 * @return bool
+	 */
+	abstract protected function validateUserPass($username, $password);
 
-    /**
-     * Sets the authentication realm for this backend.
-     *
-     * @param string $realm
-     */
-    public function setRealm($realm)
-    {
-        $this->realm = $realm;
-    }
+	/**
+	 * Sets the authentication realm for this backend.
+	 *
+	 * @param string $realm
+	 */
+	public function setRealm($realm)
+	{
+		$this->realm = $realm;
+	}
 
-    /**
-     * When this method is called, the backend must check if authentication was
-     * successful.
-     *
-     * The returned value must be one of the following
-     *
-     * [true, "principals/username"]
-     * [false, "reason for failure"]
-     *
-     * If authentication was successful, it's expected that the authentication
-     * backend returns a so-called principal url.
-     *
-     * Examples of a principal url:
-     *
-     * principals/admin
-     * principals/user1
-     * principals/users/joe
-     * principals/uid/123457
-     *
-     * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
-     * return a string such as:
-     *
-     * principals/users/[username]
-     *
-     * @return array
-     */
-    public function check(RequestInterface $request, ResponseInterface $response)
-    {
-        $auth = new HTTP\Auth\Basic(
-            $this->realm,
-            $request,
-            $response
-        );
+	/**
+	 * When this method is called, the backend must check if authentication was
+	 * successful.
+	 *
+	 * The returned value must be one of the following
+	 *
+	 * [true, "principals/username"]
+	 * [false, "reason for failure"]
+	 *
+	 * If authentication was successful, it's expected that the authentication
+	 * backend returns a so-called principal url.
+	 *
+	 * Examples of a principal url:
+	 *
+	 * principals/admin
+	 * principals/user1
+	 * principals/users/joe
+	 * principals/uid/123457
+	 *
+	 * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
+	 * return a string such as:
+	 *
+	 * principals/users/[username]
+	 *
+	 * @return array
+	 */
+	public function check(RequestInterface $request, ResponseInterface $response)
+	{
+		$auth = new HTTP\Auth\Basic(
+			$this->realm,
+			$request,
+			$response
+		);
 
-        $userpass = $auth->getCredentials();
-        if (!$userpass) {
-            return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured"];
-        }
-        if (!$this->validateUserPass($userpass[0], $userpass[1])) {
-            return [false, 'Username or password was incorrect'];
-        }
+		$userpass = $auth->getCredentials();
+		if (!$userpass) {
+			return [false, "No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured"];
+		}
+		if (!$this->validateUserPass($userpass[0], $userpass[1])) {
+			return [false, 'Username or password was incorrect'];
+		}
 
-        return [true, $this->principalPrefix.$userpass[0]];
-    }
+		return [true, $this->principalPrefix.$userpass[0]];
+	}
 
-    /**
-     * This method is called when a user could not be authenticated, and
-     * authentication was required for the current request.
-     *
-     * This gives you the opportunity to set authentication headers. The 401
-     * status code will already be set.
-     *
-     * In this case of Basic Auth, this would for example mean that the
-     * following header needs to be set:
-     *
-     * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
-     *
-     * Keep in mind that in the case of multiple authentication backends, other
-     * WWW-Authenticate headers may already have been set, and you'll want to
-     * append your own WWW-Authenticate header instead of overwriting the
-     * existing one.
-     */
-    public function challenge(RequestInterface $request, ResponseInterface $response)
-    {
-        $auth = new HTTP\Auth\Basic(
-            $this->realm,
-            $request,
-            $response
-        );
-        $auth->requireLogin();
-    }
+	/**
+	 * This method is called when a user could not be authenticated, and
+	 * authentication was required for the current request.
+	 *
+	 * This gives you the opportunity to set authentication headers. The 401
+	 * status code will already be set.
+	 *
+	 * In this case of Basic Auth, this would for example mean that the
+	 * following header needs to be set:
+	 *
+	 * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
+	 *
+	 * Keep in mind that in the case of multiple authentication backends, other
+	 * WWW-Authenticate headers may already have been set, and you'll want to
+	 * append your own WWW-Authenticate header instead of overwriting the
+	 * existing one.
+	 */
+	public function challenge(RequestInterface $request, ResponseInterface $response)
+	{
+		$auth = new HTTP\Auth\Basic(
+			$this->realm,
+			$request,
+			$response
+		);
+		$auth->requireLogin();
+	}
 }

htdocs/includes/sabre/sabre/dav/lib/DAV/Auth/Backend/AbstractDigest.php

Indentation +135 added lines, -135 removed lines

@@ -22,139 +22,139 @@
  */
 abstract class AbstractDigest implements BackendInterface
 {
-    /**
-     * Authentication Realm.
-     *
-     * The realm is often displayed by browser clients when showing the
-     * authentication dialog.
-     *
-     * @var string
-     */
-    protected $realm = 'SabreDAV';
-
-    /**
-     * This is the prefix that will be used to generate principal urls.
-     *
-     * @var string
-     */
-    protected $principalPrefix = 'principals/';
-
-    /**
-     * Sets the authentication realm for this backend.
-     *
-     * Be aware that for Digest authentication, the realm influences the digest
-     * hash. Choose the realm wisely, because if you change it later, all the
-     * existing hashes will break and nobody can authenticate.
-     *
-     * @param string $realm
-     */
-    public function setRealm($realm)
-    {
-        $this->realm = $realm;
-    }
-
-    /**
-     * Returns a users digest hash based on the username and realm.
-     *
-     * If the user was not known, null must be returned.
-     *
-     * @param string $realm
-     * @param string $username
-     *
-     * @return string|null
-     */
-    abstract public function getDigestHash($realm, $username);
-
-    /**
-     * When this method is called, the backend must check if authentication was
-     * successful.
-     *
-     * The returned value must be one of the following
-     *
-     * [true, "principals/username"]
-     * [false, "reason for failure"]
-     *
-     * If authentication was successful, it's expected that the authentication
-     * backend returns a so-called principal url.
-     *
-     * Examples of a principal url:
-     *
-     * principals/admin
-     * principals/user1
-     * principals/users/joe
-     * principals/uid/123457
-     *
-     * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
-     * return a string such as:
-     *
-     * principals/users/[username]
-     *
-     * @return array
-     */
-    public function check(RequestInterface $request, ResponseInterface $response)
-    {
-        $digest = new HTTP\Auth\Digest(
-            $this->realm,
-            $request,
-            $response
-        );
-        $digest->init();
-
-        $username = $digest->getUsername();
-
-        // No username was given
-        if (!$username) {
-            return [false, "No 'Authorization: Digest' header found. Either the client didn't send one, or the server is misconfigured"];
-        }
-
-        $hash = $this->getDigestHash($this->realm, $username);
-        // If this was false, the user account didn't exist
-        if (false === $hash || is_null($hash)) {
-            return [false, 'Username or password was incorrect'];
-        }
-        if (!is_string($hash)) {
-            throw new DAV\Exception('The returned value from getDigestHash must be a string or null');
-        }
-
-        // If this was false, the password or part of the hash was incorrect.
-        if (!$digest->validateA1($hash)) {
-            return [false, 'Username or password was incorrect'];
-        }
-
-        return [true, $this->principalPrefix.$username];
-    }
-
-    /**
-     * This method is called when a user could not be authenticated, and
-     * authentication was required for the current request.
-     *
-     * This gives you the opportunity to set authentication headers. The 401
-     * status code will already be set.
-     *
-     * In this case of Basic Auth, this would for example mean that the
-     * following header needs to be set:
-     *
-     * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
-     *
-     * Keep in mind that in the case of multiple authentication backends, other
-     * WWW-Authenticate headers may already have been set, and you'll want to
-     * append your own WWW-Authenticate header instead of overwriting the
-     * existing one.
-     */
-    public function challenge(RequestInterface $request, ResponseInterface $response)
-    {
-        $auth = new HTTP\Auth\Digest(
-            $this->realm,
-            $request,
-            $response
-        );
-        $auth->init();
-
-        $oldStatus = $response->getStatus() ?: 200;
-        $auth->requireLogin();
-
-        // Preventing the digest utility from modifying the http status code,
-        // this should be handled by the main plugin.
-        $response->setStatus($oldStatus);
-    }
+	/**
+	 * Authentication Realm.
+	 *
+	 * The realm is often displayed by browser clients when showing the
+	 * authentication dialog.
+	 *
+	 * @var string
+	 */
+	protected $realm = 'SabreDAV';
+
+	/**
+	 * This is the prefix that will be used to generate principal urls.
+	 *
+	 * @var string
+	 */
+	protected $principalPrefix = 'principals/';
+
+	/**
+	 * Sets the authentication realm for this backend.
+	 *
+	 * Be aware that for Digest authentication, the realm influences the digest
+	 * hash. Choose the realm wisely, because if you change it later, all the
+	 * existing hashes will break and nobody can authenticate.
+	 *
+	 * @param string $realm
+	 */
+	public function setRealm($realm)
+	{
+		$this->realm = $realm;
+	}
+
+	/**
+	 * Returns a users digest hash based on the username and realm.
+	 *
+	 * If the user was not known, null must be returned.
+	 *
+	 * @param string $realm
+	 * @param string $username
+	 *
+	 * @return string|null
+	 */
+	abstract public function getDigestHash($realm, $username);
+
+	/**
+	 * When this method is called, the backend must check if authentication was
+	 * successful.
+	 *
+	 * The returned value must be one of the following
+	 *
+	 * [true, "principals/username"]
+	 * [false, "reason for failure"]
+	 *
+	 * If authentication was successful, it's expected that the authentication
+	 * backend returns a so-called principal url.
+	 *
+	 * Examples of a principal url:
+	 *
+	 * principals/admin
+	 * principals/user1
+	 * principals/users/joe
+	 * principals/uid/123457
+	 *
+	 * If you don't use WebDAV ACL (RFC3744) we recommend that you simply
+	 * return a string such as:
+	 *
+	 * principals/users/[username]
+	 *
+	 * @return array
+	 */
+	public function check(RequestInterface $request, ResponseInterface $response)
+	{
+		$digest = new HTTP\Auth\Digest(
+			$this->realm,
+			$request,
+			$response
+		);
+		$digest->init();
+
+		$username = $digest->getUsername();
+
+		// No username was given
+		if (!$username) {
+			return [false, "No 'Authorization: Digest' header found. Either the client didn't send one, or the server is misconfigured"];
+		}
+
+		$hash = $this->getDigestHash($this->realm, $username);
+		// If this was false, the user account didn't exist
+		if (false === $hash || is_null($hash)) {
+			return [false, 'Username or password was incorrect'];
+		}
+		if (!is_string($hash)) {
+			throw new DAV\Exception('The returned value from getDigestHash must be a string or null');
+		}
+
+		// If this was false, the password or part of the hash was incorrect.
+		if (!$digest->validateA1($hash)) {
+			return [false, 'Username or password was incorrect'];
+		}
+
+		return [true, $this->principalPrefix.$username];
+	}
+
+	/**
+	 * This method is called when a user could not be authenticated, and
+	 * authentication was required for the current request.
+	 *
+	 * This gives you the opportunity to set authentication headers. The 401
+	 * status code will already be set.
+	 *
+	 * In this case of Basic Auth, this would for example mean that the
+	 * following header needs to be set:
+	 *
+	 * $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
+	 *
+	 * Keep in mind that in the case of multiple authentication backends, other
+	 * WWW-Authenticate headers may already have been set, and you'll want to
+	 * append your own WWW-Authenticate header instead of overwriting the
+	 * existing one.
+	 */
+	public function challenge(RequestInterface $request, ResponseInterface $response)
+	{
+		$auth = new HTTP\Auth\Digest(
+			$this->realm,
+			$request,
+			$response
+		);
+		$auth->init();
+
+		$oldStatus = $response->getStatus() ?: 200;
+		$auth->requireLogin();
+
+		// Preventing the digest utility from modifying the http status code,
+		// this should be handled by the main plugin.
+		$response->setStatus($oldStatus);
+	}
 }