nextcloud / server

apps/oauth2/lib/Controller/OauthApiController.php

Indentation +52 added lines, -52 removed lines

@@ -30,59 +30,59 @@
 use OCP\Security\ISecureRandom;
 
 class OauthApiController extends Controller {
-	/** @var AccessTokenMapper */
-	private $accessTokenMapper;
-	/** @var ICrypto */
-	private $crypto;
-	/** @var DefaultTokenMapper */
-	private $defaultTokenMapper;
-	/** @var ISecureRandom */
-	private $secureRandom;
+    /** @var AccessTokenMapper */
+    private $accessTokenMapper;
+    /** @var ICrypto */
+    private $crypto;
+    /** @var DefaultTokenMapper */
+    private $defaultTokenMapper;
+    /** @var ISecureRandom */
+    private $secureRandom;
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param ICrypto $crypto
-	 * @param AccessTokenMapper $accessTokenMapper
-	 * @param DefaultTokenMapper $defaultTokenMapper
-	 * @param ISecureRandom $secureRandom
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								ICrypto $crypto,
-								AccessTokenMapper $accessTokenMapper,
-								DefaultTokenMapper $defaultTokenMapper,
-								ISecureRandom $secureRandom) {
-		parent::__construct($appName, $request);
-		$this->crypto = $crypto;
-		$this->accessTokenMapper = $accessTokenMapper;
-		$this->defaultTokenMapper = $defaultTokenMapper;
-		$this->secureRandom = $secureRandom;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param ICrypto $crypto
+     * @param AccessTokenMapper $accessTokenMapper
+     * @param DefaultTokenMapper $defaultTokenMapper
+     * @param ISecureRandom $secureRandom
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                ICrypto $crypto,
+                                AccessTokenMapper $accessTokenMapper,
+                                DefaultTokenMapper $defaultTokenMapper,
+                                ISecureRandom $secureRandom) {
+        parent::__construct($appName, $request);
+        $this->crypto = $crypto;
+        $this->accessTokenMapper = $accessTokenMapper;
+        $this->defaultTokenMapper = $defaultTokenMapper;
+        $this->secureRandom = $secureRandom;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $code
-	 * @return JSONResponse
-	 */
-	public function getToken($code) {
-		$accessToken = $this->accessTokenMapper->getByCode($code);
-		$decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code);
-		$newCode = $this->secureRandom->generate(128);
-		$accessToken->setHashedCode(hash('sha512', $newCode));
-		$accessToken->setEncryptedToken($this->crypto->encrypt($decryptedToken, $newCode));
-		$this->accessTokenMapper->update($accessToken);
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $code
+     * @return JSONResponse
+     */
+    public function getToken($code) {
+        $accessToken = $this->accessTokenMapper->getByCode($code);
+        $decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code);
+        $newCode = $this->secureRandom->generate(128);
+        $accessToken->setHashedCode(hash('sha512', $newCode));
+        $accessToken->setEncryptedToken($this->crypto->encrypt($decryptedToken, $newCode));
+        $this->accessTokenMapper->update($accessToken);
 
-		return new JSONResponse(
-			[
-				'access_token' => $decryptedToken,
-				'token_type' => 'Bearer',
-				'expires_in' => 3600,
-				'refresh_token' => $newCode,
-				'user_id' => $this->defaultTokenMapper->getTokenById($accessToken->getTokenId())->getUID(),
-			]
-		);
-	}
+        return new JSONResponse(
+            [
+                'access_token' => $decryptedToken,
+                'token_type' => 'Bearer',
+                'expires_in' => 3600,
+                'refresh_token' => $newCode,
+                'user_id' => $this->defaultTokenMapper->getTokenById($accessToken->getTokenId())->getUID(),
+            ]
+        );
+    }
 }

core/Controller/ClientFlowLoginController.php

Indentation +243 added lines, -243 removed lines

@@ -43,267 +43,267 @@
 use OCP\Session\Exceptions\SessionNotAvailableException;
 
 class ClientFlowLoginController extends Controller {
-	/** @var IUserSession */
-	private $userSession;
-	/** @var IL10N */
-	private $l10n;
-	/** @var Defaults */
-	private $defaults;
-	/** @var ISession */
-	private $session;
-	/** @var IProvider */
-	private $tokenProvider;
-	/** @var ISecureRandom */
-	private $random;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var ClientMapper */
-	private $clientMapper;
-	/** @var AccessTokenMapper */
-	private $accessTokenMapper;
-	/** @var ICrypto */
-	private $crypto;
+    /** @var IUserSession */
+    private $userSession;
+    /** @var IL10N */
+    private $l10n;
+    /** @var Defaults */
+    private $defaults;
+    /** @var ISession */
+    private $session;
+    /** @var IProvider */
+    private $tokenProvider;
+    /** @var ISecureRandom */
+    private $random;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var ClientMapper */
+    private $clientMapper;
+    /** @var AccessTokenMapper */
+    private $accessTokenMapper;
+    /** @var ICrypto */
+    private $crypto;
 
-	const stateName = 'client.flow.state.token';
+    const stateName = 'client.flow.state.token';
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IUserSession $userSession
-	 * @param IL10N $l10n
-	 * @param Defaults $defaults
-	 * @param ISession $session
-	 * @param IProvider $tokenProvider
-	 * @param ISecureRandom $random
-	 * @param IURLGenerator $urlGenerator
-	 * @param ClientMapper $clientMapper
-	 * @param AccessTokenMapper $accessTokenMapper
-	 * @param ICrypto $crypto
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IUserSession $userSession,
-								IL10N $l10n,
-								Defaults $defaults,
-								ISession $session,
-								IProvider $tokenProvider,
-								ISecureRandom $random,
-								IURLGenerator $urlGenerator,
-								ClientMapper $clientMapper,
-								AccessTokenMapper $accessTokenMapper,
-								ICrypto $crypto) {
-		parent::__construct($appName, $request);
-		$this->userSession = $userSession;
-		$this->l10n = $l10n;
-		$this->defaults = $defaults;
-		$this->session = $session;
-		$this->tokenProvider = $tokenProvider;
-		$this->random = $random;
-		$this->urlGenerator = $urlGenerator;
-		$this->clientMapper = $clientMapper;
-		$this->accessTokenMapper = $accessTokenMapper;
-		$this->crypto = $crypto;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IUserSession $userSession
+     * @param IL10N $l10n
+     * @param Defaults $defaults
+     * @param ISession $session
+     * @param IProvider $tokenProvider
+     * @param ISecureRandom $random
+     * @param IURLGenerator $urlGenerator
+     * @param ClientMapper $clientMapper
+     * @param AccessTokenMapper $accessTokenMapper
+     * @param ICrypto $crypto
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IUserSession $userSession,
+                                IL10N $l10n,
+                                Defaults $defaults,
+                                ISession $session,
+                                IProvider $tokenProvider,
+                                ISecureRandom $random,
+                                IURLGenerator $urlGenerator,
+                                ClientMapper $clientMapper,
+                                AccessTokenMapper $accessTokenMapper,
+                                ICrypto $crypto) {
+        parent::__construct($appName, $request);
+        $this->userSession = $userSession;
+        $this->l10n = $l10n;
+        $this->defaults = $defaults;
+        $this->session = $session;
+        $this->tokenProvider = $tokenProvider;
+        $this->random = $random;
+        $this->urlGenerator = $urlGenerator;
+        $this->clientMapper = $clientMapper;
+        $this->accessTokenMapper = $accessTokenMapper;
+        $this->crypto = $crypto;
+    }
 
-	/**
-	 * @return string
-	 */
-	private function getClientName() {
-		$userAgent = $this->request->getHeader('USER_AGENT');
-		return $userAgent !== null ? $userAgent : 'unknown';
-	}
+    /**
+     * @return string
+     */
+    private function getClientName() {
+        $userAgent = $this->request->getHeader('USER_AGENT');
+        return $userAgent !== null ? $userAgent : 'unknown';
+    }
 
-	/**
-	 * @param string $stateToken
-	 * @return bool
-	 */
-	private function isValidToken($stateToken) {
-		$currentToken = $this->session->get(self::stateName);
-		if(!is_string($stateToken) || !is_string($currentToken)) {
-			return false;
-		}
-		return hash_equals($currentToken, $stateToken);
-	}
+    /**
+     * @param string $stateToken
+     * @return bool
+     */
+    private function isValidToken($stateToken) {
+        $currentToken = $this->session->get(self::stateName);
+        if(!is_string($stateToken) || !is_string($currentToken)) {
+            return false;
+        }
+        return hash_equals($currentToken, $stateToken);
+    }
 
-	/**
-	 * @return TemplateResponse
-	 */
-	private function stateTokenForbiddenResponse() {
-		$response = new TemplateResponse(
-			$this->appName,
-			'403',
-			[
-				'file' => $this->l10n->t('State token does not match'),
-			],
-			'guest'
-		);
-		$response->setStatus(Http::STATUS_FORBIDDEN);
-		return $response;
-	}
+    /**
+     * @return TemplateResponse
+     */
+    private function stateTokenForbiddenResponse() {
+        $response = new TemplateResponse(
+            $this->appName,
+            '403',
+            [
+                'file' => $this->l10n->t('State token does not match'),
+            ],
+            'guest'
+        );
+        $response->setStatus(Http::STATUS_FORBIDDEN);
+        return $response;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $clientIdentifier
-	 *
-	 * @return TemplateResponse
-	 */
-	public function showAuthPickerPage($clientIdentifier = '') {
-		$clientName = $this->getClientName();
-		$client = null;
-		if($clientIdentifier !== '') {
-			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
-			$clientName = $client->getName();
-		}
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $clientIdentifier
+     *
+     * @return TemplateResponse
+     */
+    public function showAuthPickerPage($clientIdentifier = '') {
+        $clientName = $this->getClientName();
+        $client = null;
+        if($clientIdentifier !== '') {
+            $client = $this->clientMapper->getByIdentifier($clientIdentifier);
+            $clientName = $client->getName();
+        }
 
-		// No valid clientIdentifier given and no valid API Request (APIRequest header not set)
-		$clientRequest = $this->request->getHeader('OCS-APIREQUEST');
-		if ($clientRequest !== 'true' && $client === null) {
-			return new TemplateResponse(
-				$this->appName,
-				'error',
-				[
-					'errors' =>
-					[
-						[
-							'error' => 'Access Forbidden',
-							'hint' => 'Invalid request',
-						],
-					],
-				],
-				'guest'
-			);
-		}
+        // No valid clientIdentifier given and no valid API Request (APIRequest header not set)
+        $clientRequest = $this->request->getHeader('OCS-APIREQUEST');
+        if ($clientRequest !== 'true' && $client === null) {
+            return new TemplateResponse(
+                $this->appName,
+                'error',
+                [
+                    'errors' =>
+                    [
+                        [
+                            'error' => 'Access Forbidden',
+                            'hint' => 'Invalid request',
+                        ],
+                    ],
+                ],
+                'guest'
+            );
+        }
 
-		$stateToken = $this->random->generate(
-			64,
-			ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
-		);
-		$this->session->set(self::stateName, $stateToken);
+        $stateToken = $this->random->generate(
+            64,
+            ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
+        );
+        $this->session->set(self::stateName, $stateToken);
 
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/authpicker',
-			[
-				'client' => $clientName,
-				'clientIdentifier' => $clientIdentifier,
-				'instanceName' => $this->defaults->getName(),
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-				'serverHost' => $this->request->getServerHost(),
-			],
-			'guest'
-		);
-	}
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/authpicker',
+            [
+                'client' => $clientName,
+                'clientIdentifier' => $clientIdentifier,
+                'instanceName' => $this->defaults->getName(),
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+                'serverHost' => $this->request->getServerHost(),
+            ],
+            'guest'
+        );
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @param string $clientIdentifier
-	 * @return TemplateResponse
-	 */
-	public function redirectPage($stateToken = '',
-								 $clientIdentifier = '') {
-		if(!$this->isValidToken($stateToken)) {
-			return $this->stateTokenForbiddenResponse();
-		}
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @param string $clientIdentifier
+     * @return TemplateResponse
+     */
+    public function redirectPage($stateToken = '',
+                                    $clientIdentifier = '') {
+        if(!$this->isValidToken($stateToken)) {
+            return $this->stateTokenForbiddenResponse();
+        }
 
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/redirect',
-			[
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-				'clientIdentifier' => $clientIdentifier,
-				'oauthState' => $this->session->get('oauth.state'),
-			],
-			'empty'
-		);
-	}
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/redirect',
+            [
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+                'clientIdentifier' => $clientIdentifier,
+                'oauthState' => $this->session->get('oauth.state'),
+            ],
+            'empty'
+        );
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @param string $clientIdentifier
-	 * @return Http\RedirectResponse|Response
-	 */
-	public function generateAppPassword($stateToken,
-										$clientIdentifier = '') {
-		if(!$this->isValidToken($stateToken)) {
-			$this->session->remove(self::stateName);
-			return $this->stateTokenForbiddenResponse();
-		}
+    /**
+     * @NoAdminRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @param string $clientIdentifier
+     * @return Http\RedirectResponse|Response
+     */
+    public function generateAppPassword($stateToken,
+                                        $clientIdentifier = '') {
+        if(!$this->isValidToken($stateToken)) {
+            $this->session->remove(self::stateName);
+            return $this->stateTokenForbiddenResponse();
+        }
 
-		$this->session->remove(self::stateName);
+        $this->session->remove(self::stateName);
 
-		try {
-			$sessionId = $this->session->getId();
-		} catch (SessionNotAvailableException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
+        try {
+            $sessionId = $this->session->getId();
+        } catch (SessionNotAvailableException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
 
-		try {
-			$sessionToken = $this->tokenProvider->getToken($sessionId);
-			$loginName = $sessionToken->getLoginName();
-			try {
-				$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
-			} catch (PasswordlessTokenException $ex) {
-				$password = null;
-			}
-		} catch (InvalidTokenException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
+        try {
+            $sessionToken = $this->tokenProvider->getToken($sessionId);
+            $loginName = $sessionToken->getLoginName();
+            try {
+                $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
+            } catch (PasswordlessTokenException $ex) {
+                $password = null;
+            }
+        } catch (InvalidTokenException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
 
-		$clientName = $this->getClientName();
-		$client = false;
-		if($clientIdentifier !== '') {
-			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
-			$clientName = $client->getName();
-		}
+        $clientName = $this->getClientName();
+        $client = false;
+        if($clientIdentifier !== '') {
+            $client = $this->clientMapper->getByIdentifier($clientIdentifier);
+            $clientName = $client->getName();
+        }
 
-		$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
-		$uid = $this->userSession->getUser()->getUID();
-		$generatedToken = $this->tokenProvider->generateToken(
-			$token,
-			$uid,
-			$loginName,
-			$password,
-			$clientName,
-			IToken::PERMANENT_TOKEN,
-			IToken::DO_NOT_REMEMBER
-		);
+        $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+        $uid = $this->userSession->getUser()->getUID();
+        $generatedToken = $this->tokenProvider->generateToken(
+            $token,
+            $uid,
+            $loginName,
+            $password,
+            $clientName,
+            IToken::PERMANENT_TOKEN,
+            IToken::DO_NOT_REMEMBER
+        );
 
-		if($client) {
-			$code = $this->random->generate(128);
-			$accessToken = new AccessToken();
-			$accessToken->setClientId($client->getId());
-			$accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
-			$accessToken->setHashedCode(hash('sha512', $code));
-			$accessToken->setTokenId($generatedToken->getId());
-			$this->accessTokenMapper->insert($accessToken);
+        if($client) {
+            $code = $this->random->generate(128);
+            $accessToken = new AccessToken();
+            $accessToken->setClientId($client->getId());
+            $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
+            $accessToken->setHashedCode(hash('sha512', $code));
+            $accessToken->setTokenId($generatedToken->getId());
+            $this->accessTokenMapper->insert($accessToken);
 
-			$redirectUri = sprintf(
-				'%s?state=%s&code=%s',
-				$client->getRedirectUri(),
-				urlencode($this->session->get('oauth.state')),
-				urlencode($code)
-			);
-			$this->session->remove('oauth.state');
-		} else {
-			$redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
-		}
+            $redirectUri = sprintf(
+                '%s?state=%s&code=%s',
+                $client->getRedirectUri(),
+                urlencode($this->session->get('oauth.state')),
+                urlencode($code)
+            );
+            $this->session->remove('oauth.state');
+        } else {
+            $redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
+        }
 
-		return new Http\RedirectResponse($redirectUri);
-	}
+        return new Http\RedirectResponse($redirectUri);
+    }
 }

Spacing +7 added lines, -7 removed lines

@@ -119,7 +119,7 @@ 
 	 */
 	private function isValidToken($stateToken) {
 		$currentToken = $this->session->get(self::stateName);
-		if(!is_string($stateToken) || !is_string($currentToken)) {
+		if (!is_string($stateToken) || !is_string($currentToken)) {
 			return false;
 		}
 		return hash_equals($currentToken, $stateToken);
@@ -153,7 +153,7 @@ 
 	public function showAuthPickerPage($clientIdentifier = '') {
 		$clientName = $this->getClientName();
 		$client = null;
-		if($clientIdentifier !== '') {
+		if ($clientIdentifier !== '') {
 			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
 			$clientName = $client->getName();
 		}
@@ -209,7 +209,7 @@ 
 	 */
 	public function redirectPage($stateToken = '',
 								 $clientIdentifier = '') {
-		if(!$this->isValidToken($stateToken)) {
+		if (!$this->isValidToken($stateToken)) {
 			return $this->stateTokenForbiddenResponse();
 		}
 
@@ -236,7 +236,7 @@ 
 	 */
 	public function generateAppPassword($stateToken,
 										$clientIdentifier = '') {
-		if(!$this->isValidToken($stateToken)) {
+		if (!$this->isValidToken($stateToken)) {
 			$this->session->remove(self::stateName);
 			return $this->stateTokenForbiddenResponse();
 		}
@@ -267,7 +267,7 @@ 
 
 		$clientName = $this->getClientName();
 		$client = false;
-		if($clientIdentifier !== '') {
+		if ($clientIdentifier !== '') {
 			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
 			$clientName = $client->getName();
 		}
@@ -284,7 +284,7 @@ 
 			IToken::DO_NOT_REMEMBER
 		);
 
-		if($client) {
+		if ($client) {
 			$code = $this->random->generate(128);
 			$accessToken = new AccessToken();
 			$accessToken->setClientId($client->getId());
@@ -301,7 +301,7 @@ 
 			);
 			$this->session->remove('oauth.state');
 		} else {
-			$redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
+			$redirectUri = 'nc://login/server:'.$this->request->getServerHost().'&user:'.urlencode($loginName).'&password:'.urlencode($token);
 		}
 
 		return new Http\RedirectResponse($redirectUri);

lib/private/Authentication/Token/DefaultTokenMapper.php

Indentation +129 added lines, -129 removed lines

@@ -30,135 +30,135 @@
 
 class DefaultTokenMapper extends Mapper {
 
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'authtoken');
-	}
-
-	/**
-	 * Invalidate (delete) a given token
-	 *
-	 * @param string $token
-	 */
-	public function invalidate($token) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->eq('token', $qb->createParameter('token')))
-			->setParameter('token', $token)
-			->execute();
-	}
-
-	/**
-	 * @param int $olderThan
-	 * @param int $remember
-	 */
-	public function invalidateOld($olderThan, $remember = IToken::DO_NOT_REMEMBER) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->lt('last_activity', $qb->createNamedParameter($olderThan, IQueryBuilder::PARAM_INT)))
-			->andWhere($qb->expr()->eq('type', $qb->createNamedParameter(IToken::TEMPORARY_TOKEN, IQueryBuilder::PARAM_INT)))
-			->andWhere($qb->expr()->eq('remember', $qb->createNamedParameter($remember, IQueryBuilder::PARAM_INT)))
-			->execute();
-	}
-
-	/**
-	 * Get the user UID for the given token
-	 *
-	 * @param string $token
-	 * @throws DoesNotExistException
-	 * @return DefaultToken
-	 */
-	public function getToken($token) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
-			->from('authtoken')
-			->where($qb->expr()->eq('token', $qb->createNamedParameter($token)))
-			->execute();
-
-		$data = $result->fetch();
-		$result->closeCursor();
-		if ($data === false) {
-			throw new DoesNotExistException('token does not exist');
-		}
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'authtoken');
+    }
+
+    /**
+     * Invalidate (delete) a given token
+     *
+     * @param string $token
+     */
+    public function invalidate($token) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->eq('token', $qb->createParameter('token')))
+            ->setParameter('token', $token)
+            ->execute();
+    }
+
+    /**
+     * @param int $olderThan
+     * @param int $remember
+     */
+    public function invalidateOld($olderThan, $remember = IToken::DO_NOT_REMEMBER) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->lt('last_activity', $qb->createNamedParameter($olderThan, IQueryBuilder::PARAM_INT)))
+            ->andWhere($qb->expr()->eq('type', $qb->createNamedParameter(IToken::TEMPORARY_TOKEN, IQueryBuilder::PARAM_INT)))
+            ->andWhere($qb->expr()->eq('remember', $qb->createNamedParameter($remember, IQueryBuilder::PARAM_INT)))
+            ->execute();
+    }
+
+    /**
+     * Get the user UID for the given token
+     *
+     * @param string $token
+     * @throws DoesNotExistException
+     * @return DefaultToken
+     */
+    public function getToken($token) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
+            ->from('authtoken')
+            ->where($qb->expr()->eq('token', $qb->createNamedParameter($token)))
+            ->execute();
+
+        $data = $result->fetch();
+        $result->closeCursor();
+        if ($data === false) {
+            throw new DoesNotExistException('token does not exist');
+        }
 ;
-		return DefaultToken::fromRow($data);
-	}
-
-	/**
-	 * Get the token for $id
-	 *
-	 * @param string $id
-	 * @throws DoesNotExistException
-	 * @return DefaultToken
-	 */
-	public function getTokenById($id) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope')
-			->from('authtoken')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->execute();
-
-		$data = $result->fetch();
-		$result->closeCursor();
-		if ($data === false) {
-			throw new DoesNotExistException('token does not exist');
-		};
-		return DefaultToken::fromRow($data);
-	}
-
-	/**
-	 * Get all token of a user
-	 *
-	 * The provider may limit the number of result rows in case of an abuse
-	 * where a high number of (session) tokens is generated
-	 *
-	 * @param IUser $user
-	 * @return DefaultToken[]
-	 */
-	public function getTokenByUser(IUser $user) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
-			->from('authtoken')
-			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
-			->setMaxResults(1000);
-		$result = $qb->execute();
-		$data = $result->fetchAll();
-		$result->closeCursor();
-
-		$entities = array_map(function ($row) {
-			return DefaultToken::fromRow($row);
-		}, $data);
-
-		return $entities;
-	}
-
-	/**
-	 * @param IUser $user
-	 * @param int $id
-	 */
-	public function deleteById(IUser $user, $id) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())));
-		$qb->execute();
-	}
-
-	/**
-	 * delete all auth token which belong to a specific client if the client was deleted
-	 *
-	 * @param string $name
-	 */
-	public function deleteByName($name) {
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->eq('name', $qb->createNamedParameter($name)));
-		$qb->execute();
-	}
+        return DefaultToken::fromRow($data);
+    }
+
+    /**
+     * Get the token for $id
+     *
+     * @param string $id
+     * @throws DoesNotExistException
+     * @return DefaultToken
+     */
+    public function getTokenById($id) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope')
+            ->from('authtoken')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+            ->execute();
+
+        $data = $result->fetch();
+        $result->closeCursor();
+        if ($data === false) {
+            throw new DoesNotExistException('token does not exist');
+        };
+        return DefaultToken::fromRow($data);
+    }
+
+    /**
+     * Get all token of a user
+     *
+     * The provider may limit the number of result rows in case of an abuse
+     * where a high number of (session) tokens is generated
+     *
+     * @param IUser $user
+     * @return DefaultToken[]
+     */
+    public function getTokenByUser(IUser $user) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
+            ->from('authtoken')
+            ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+            ->setMaxResults(1000);
+        $result = $qb->execute();
+        $data = $result->fetchAll();
+        $result->closeCursor();
+
+        $entities = array_map(function ($row) {
+            return DefaultToken::fromRow($row);
+        }, $data);
+
+        return $entities;
+    }
+
+    /**
+     * @param IUser $user
+     * @param int $id
+     */
+    public function deleteById(IUser $user, $id) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+            ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())));
+        $qb->execute();
+    }
+
+    /**
+     * delete all auth token which belong to a specific client if the client was deleted
+     *
+     * @param string $name
+     */
+    public function deleteByName($name) {
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->eq('name', $qb->createNamedParameter($name)));
+        $qb->execute();
+    }
 
 }

apps/oauth2/lib/Db/ClientMapper.php

Indentation +54 added lines, -54 removed lines

@@ -28,62 +28,62 @@
 
 class ClientMapper extends Mapper {
 
-	/**
-	 * @param IDBConnection $db
-	 */
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'oauth2_clients');
-	}
+    /**
+     * @param IDBConnection $db
+     */
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'oauth2_clients');
+    }
 
-	/**
-	 * @param string $clientIdentifier
-	 * @return Client
-	 * @throws ClientNotFoundException
-	 */
-	public function getByIdentifier($clientIdentifier) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName)
-			->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-		if($row === false) {
-			throw new ClientNotFoundException();
-		}
-		return Client::fromRow($row);
-	}
+    /**
+     * @param string $clientIdentifier
+     * @return Client
+     * @throws ClientNotFoundException
+     */
+    public function getByIdentifier($clientIdentifier) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName)
+            ->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
+        if($row === false) {
+            throw new ClientNotFoundException();
+        }
+        return Client::fromRow($row);
+    }
 
-	/**
-	 * @param string $uid internal uid of the client
-	 * @return Client
-	 * @throws ClientNotFoundException
-	 */
-	public function getByUid($uid) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName)
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($uid, IQueryBuilder::PARAM_INT)));
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-		if($row === false) {
-			throw new ClientNotFoundException();
-		}
-		return Client::fromRow($row);
-	}
+    /**
+     * @param string $uid internal uid of the client
+     * @return Client
+     * @throws ClientNotFoundException
+     */
+    public function getByUid($uid) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName)
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($uid, IQueryBuilder::PARAM_INT)));
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
+        if($row === false) {
+            throw new ClientNotFoundException();
+        }
+        return Client::fromRow($row);
+    }
 
-	/**
-	 * @return Client[]
-	 */
-	public function getClients() {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName);
+    /**
+     * @return Client[]
+     */
+    public function getClients() {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName);
 
-		return $this->findEntities($qb->getSQL());
-	}
+        return $this->findEntities($qb->getSQL());
+    }
 }

Spacing +2 added lines, -2 removed lines

@@ -49,7 +49,7 @@ 
 		$result = $qb->execute();
 		$row = $result->fetch();
 		$result->closeCursor();
-		if($row === false) {
+		if ($row === false) {
 			throw new ClientNotFoundException();
 		}
 		return Client::fromRow($row);
@@ -69,7 +69,7 @@ 
 		$result = $qb->execute();
 		$row = $result->fetch();
 		$result->closeCursor();
-		if($row === false) {
+		if ($row === false) {
 			throw new ClientNotFoundException();
 		}
 		return Client::fromRow($row);

apps/oauth2/lib/Db/AccessTokenMapper.php

Indentation +37 added lines, -37 removed lines

@@ -28,43 +28,43 @@
 
 class AccessTokenMapper extends Mapper {
 
-	/**
-	 * @param IDBConnection $db
-	 */
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'oauth2_access_tokens');
-	}
+    /**
+     * @param IDBConnection $db
+     */
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'oauth2_access_tokens');
+    }
 
-	/**
-	 * @param string $code
-	 * @return AccessToken
-	 * @throws AccessTokenNotFoundException
-	 */
-	public function getByCode($code) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName)
-			->where($qb->expr()->eq('hashed_code', $qb->createNamedParameter(hash('sha512', $code))));
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-		if($row === false) {
-			throw new AccessTokenNotFoundException();
-		}
-		return AccessToken::fromRow($row);
-	}
+    /**
+     * @param string $code
+     * @return AccessToken
+     * @throws AccessTokenNotFoundException
+     */
+    public function getByCode($code) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName)
+            ->where($qb->expr()->eq('hashed_code', $qb->createNamedParameter(hash('sha512', $code))));
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
+        if($row === false) {
+            throw new AccessTokenNotFoundException();
+        }
+        return AccessToken::fromRow($row);
+    }
 
-	/**
-	 * delete all access token from a given client
-	 *
-	 * @param int $id
-	 */
-	public function deleteByClientId($id) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->delete($this->tableName)
-			->where($qb->expr()->eq('client_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
-		$qb->execute();
-	}
+    /**
+     * delete all access token from a given client
+     *
+     * @param int $id
+     */
+    public function deleteByClientId($id) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->delete($this->tableName)
+            ->where($qb->expr()->eq('client_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
+        $qb->execute();
+    }
 }

Spacing +1 added lines, -1 removed lines

@@ -49,7 +49,7 @@
 		$result = $qb->execute();
 		$row = $result->fetch();
 		$result->closeCursor();
-		if($row === false) {
+		if ($row === false) {
 			throw new AccessTokenNotFoundException();
 		}
 		return AccessToken::fromRow($row);

apps/oauth2/appinfo/routes.php

Indentation +22 added lines, -22 removed lines

@@ -20,26 +20,26 @@
  */
 
 return [
-	'routes' => [
-		[
-			'name' => 'Settings#addClient',
-			'url' => '/settings',
-			'verb' => 'POST',
-		],
-		[
-			'name' => 'Settings#deleteClient',
-			'url' => '/clients/{id}/delete',
-			'verb' => 'POST'
-		],
-		[
-			'name' => 'LoginRedirector#authorize',
-			'url' => '/authorize',
-			'verb' => 'GET',
-		],
-		[
-			'name' => 'OauthApi#getToken',
-			'url' => '/api/v1/token',
-			'verb' => 'POST'
-		],
-	],
+    'routes' => [
+        [
+            'name' => 'Settings#addClient',
+            'url' => '/settings',
+            'verb' => 'POST',
+        ],
+        [
+            'name' => 'Settings#deleteClient',
+            'url' => '/clients/{id}/delete',
+            'verb' => 'POST'
+        ],
+        [
+            'name' => 'LoginRedirector#authorize',
+            'url' => '/authorize',
+            'verb' => 'GET',
+        ],
+        [
+            'name' => 'OauthApi#getToken',
+            'url' => '/api/v1/token',
+            'verb' => 'POST'
+        ],
+    ],
 ];

apps/dav/lib/Connector/Sabre/Auth.php

Indentation +192 added lines, -192 removed lines

@@ -48,213 +48,213 @@
 class Auth extends AbstractBasic {
 
 
-	const DAV_AUTHENTICATED = 'AUTHENTICATED_TO_DAV_BACKEND';
+    const DAV_AUTHENTICATED = 'AUTHENTICATED_TO_DAV_BACKEND';
 
-	/** @var ISession */
-	private $session;
-	/** @var Session */
-	private $userSession;
-	/** @var IRequest */
-	private $request;
-	/** @var string */
-	private $currentUser;
-	/** @var Manager */
-	private $twoFactorManager;
-	/** @var Throttler */
-	private $throttler;
+    /** @var ISession */
+    private $session;
+    /** @var Session */
+    private $userSession;
+    /** @var IRequest */
+    private $request;
+    /** @var string */
+    private $currentUser;
+    /** @var Manager */
+    private $twoFactorManager;
+    /** @var Throttler */
+    private $throttler;
 
-	/**
-	 * @param ISession $session
-	 * @param Session $userSession
-	 * @param IRequest $request
-	 * @param Manager $twoFactorManager
-	 * @param Throttler $throttler
-	 * @param string $principalPrefix
-	 */
-	public function __construct(ISession $session,
-								Session $userSession,
-								IRequest $request,
-								Manager $twoFactorManager,
-								Throttler $throttler,
-								$principalPrefix = 'principals/users/') {
-		$this->session = $session;
-		$this->userSession = $userSession;
-		$this->twoFactorManager = $twoFactorManager;
-		$this->request = $request;
-		$this->throttler = $throttler;
-		$this->principalPrefix = $principalPrefix;
+    /**
+     * @param ISession $session
+     * @param Session $userSession
+     * @param IRequest $request
+     * @param Manager $twoFactorManager
+     * @param Throttler $throttler
+     * @param string $principalPrefix
+     */
+    public function __construct(ISession $session,
+                                Session $userSession,
+                                IRequest $request,
+                                Manager $twoFactorManager,
+                                Throttler $throttler,
+                                $principalPrefix = 'principals/users/') {
+        $this->session = $session;
+        $this->userSession = $userSession;
+        $this->twoFactorManager = $twoFactorManager;
+        $this->request = $request;
+        $this->throttler = $throttler;
+        $this->principalPrefix = $principalPrefix;
 
-		// setup realm
-		$defaults = new \OCP\Defaults();
-		$this->realm = $defaults->getName();
-	}
+        // setup realm
+        $defaults = new \OCP\Defaults();
+        $this->realm = $defaults->getName();
+    }
 
-	/**
-	 * Whether the user has initially authenticated via DAV
-	 *
-	 * This is required for WebDAV clients that resent the cookies even when the
-	 * account was changed.
-	 *
-	 * @see https://github.com/owncloud/core/issues/13245
-	 *
-	 * @param string $username
-	 * @return bool
-	 */
-	public function isDavAuthenticated($username) {
-		return !is_null($this->session->get(self::DAV_AUTHENTICATED)) &&
-		$this->session->get(self::DAV_AUTHENTICATED) === $username;
-	}
+    /**
+     * Whether the user has initially authenticated via DAV
+     *
+     * This is required for WebDAV clients that resent the cookies even when the
+     * account was changed.
+     *
+     * @see https://github.com/owncloud/core/issues/13245
+     *
+     * @param string $username
+     * @return bool
+     */
+    public function isDavAuthenticated($username) {
+        return !is_null($this->session->get(self::DAV_AUTHENTICATED)) &&
+        $this->session->get(self::DAV_AUTHENTICATED) === $username;
+    }
 
-	/**
-	 * Validates a username and password
-	 *
-	 * This method should return true or false depending on if login
-	 * succeeded.
-	 *
-	 * @param string $username
-	 * @param string $password
-	 * @return bool
-	 * @throws PasswordLoginForbidden
-	 */
-	protected function validateUserPass($username, $password) {
-		if ($this->userSession->isLoggedIn() &&
-			$this->isDavAuthenticated($this->userSession->getUser()->getUID())
-		) {
-			\OC_Util::setupFS($this->userSession->getUser()->getUID());
-			$this->session->close();
-			return true;
-		} else {
-			\OC_Util::setupFS(); //login hooks may need early access to the filesystem
-			try {
-				if ($this->userSession->logClientIn($username, $password, $this->request, $this->throttler)) {
-					\OC_Util::setupFS($this->userSession->getUser()->getUID());
-					$this->session->set(self::DAV_AUTHENTICATED, $this->userSession->getUser()->getUID());
-					$this->session->close();
-					return true;
-				} else {
-					$this->session->close();
-					return false;
-				}
-			} catch (PasswordLoginForbiddenException $ex) {
-				$this->session->close();
-				throw new PasswordLoginForbidden();
-			}
-		}
-	}
+    /**
+     * Validates a username and password
+     *
+     * This method should return true or false depending on if login
+     * succeeded.
+     *
+     * @param string $username
+     * @param string $password
+     * @return bool
+     * @throws PasswordLoginForbidden
+     */
+    protected function validateUserPass($username, $password) {
+        if ($this->userSession->isLoggedIn() &&
+            $this->isDavAuthenticated($this->userSession->getUser()->getUID())
+        ) {
+            \OC_Util::setupFS($this->userSession->getUser()->getUID());
+            $this->session->close();
+            return true;
+        } else {
+            \OC_Util::setupFS(); //login hooks may need early access to the filesystem
+            try {
+                if ($this->userSession->logClientIn($username, $password, $this->request, $this->throttler)) {
+                    \OC_Util::setupFS($this->userSession->getUser()->getUID());
+                    $this->session->set(self::DAV_AUTHENTICATED, $this->userSession->getUser()->getUID());
+                    $this->session->close();
+                    return true;
+                } else {
+                    $this->session->close();
+                    return false;
+                }
+            } catch (PasswordLoginForbiddenException $ex) {
+                $this->session->close();
+                throw new PasswordLoginForbidden();
+            }
+        }
+    }
 
-	/**
-	 * @param RequestInterface $request
-	 * @param ResponseInterface $response
-	 * @return array
-	 * @throws NotAuthenticated
-	 * @throws ServiceUnavailable
-	 */
-	function check(RequestInterface $request, ResponseInterface $response) {
-		try {
-			$result = $this->auth($request, $response);
-			return $result;
-		} catch (NotAuthenticated $e) {
-			throw $e;
-		} catch (Exception $e) {
-			$class = get_class($e);
-			$msg = $e->getMessage();
-			\OC::$server->getLogger()->logException($e);
-			throw new ServiceUnavailable("$class: $msg");
-		}
-	}
+    /**
+     * @param RequestInterface $request
+     * @param ResponseInterface $response
+     * @return array
+     * @throws NotAuthenticated
+     * @throws ServiceUnavailable
+     */
+    function check(RequestInterface $request, ResponseInterface $response) {
+        try {
+            $result = $this->auth($request, $response);
+            return $result;
+        } catch (NotAuthenticated $e) {
+            throw $e;
+        } catch (Exception $e) {
+            $class = get_class($e);
+            $msg = $e->getMessage();
+            \OC::$server->getLogger()->logException($e);
+            throw new ServiceUnavailable("$class: $msg");
+        }
+    }
 
-	/**
-	 * Checks whether a CSRF check is required on the request
-	 *
-	 * @return bool
-	 */
-	private function requiresCSRFCheck() {
-		// GET requires no check at all
-		if($this->request->getMethod() === 'GET') {
-			return false;
-		}
+    /**
+     * Checks whether a CSRF check is required on the request
+     *
+     * @return bool
+     */
+    private function requiresCSRFCheck() {
+        // GET requires no check at all
+        if($this->request->getMethod() === 'GET') {
+            return false;
+        }
 
-		// Official Nextcloud clients require no checks
-		if($this->request->isUserAgent([
-			IRequest::USER_AGENT_CLIENT_DESKTOP,
-			IRequest::USER_AGENT_CLIENT_ANDROID,
-			IRequest::USER_AGENT_CLIENT_IOS,
-		])) {
-			return false;
-		}
+        // Official Nextcloud clients require no checks
+        if($this->request->isUserAgent([
+            IRequest::USER_AGENT_CLIENT_DESKTOP,
+            IRequest::USER_AGENT_CLIENT_ANDROID,
+            IRequest::USER_AGENT_CLIENT_IOS,
+        ])) {
+            return false;
+        }
 
-		// If not logged-in no check is required
-		if(!$this->userSession->isLoggedIn()) {
-			return false;
-		}
+        // If not logged-in no check is required
+        if(!$this->userSession->isLoggedIn()) {
+            return false;
+        }
 
-		// POST always requires a check
-		if($this->request->getMethod() === 'POST') {
-			return true;
-		}
+        // POST always requires a check
+        if($this->request->getMethod() === 'POST') {
+            return true;
+        }
 
-		// If logged-in AND DAV authenticated no check is required
-		if($this->userSession->isLoggedIn() &&
-			$this->isDavAuthenticated($this->userSession->getUser()->getUID())) {
-			return false;
-		}
+        // If logged-in AND DAV authenticated no check is required
+        if($this->userSession->isLoggedIn() &&
+            $this->isDavAuthenticated($this->userSession->getUser()->getUID())) {
+            return false;
+        }
 
-		return true;
-	}
+        return true;
+    }
 
-	/**
-	 * @param RequestInterface $request
-	 * @param ResponseInterface $response
-	 * @return array
-	 * @throws NotAuthenticated
-	 */
-	private function auth(RequestInterface $request, ResponseInterface $response) {
-		$forcedLogout = false;
+    /**
+     * @param RequestInterface $request
+     * @param ResponseInterface $response
+     * @return array
+     * @throws NotAuthenticated
+     */
+    private function auth(RequestInterface $request, ResponseInterface $response) {
+        $forcedLogout = false;
 
-		if(!$this->request->passesCSRFCheck() &&
-			$this->requiresCSRFCheck()) {
-			// In case of a fail with POST we need to recheck the credentials
-			if($this->request->getMethod() === 'POST') {
-				$forcedLogout = true;
-			} else {
-				$response->setStatus(401);
-				throw new \Sabre\DAV\Exception\NotAuthenticated('CSRF check not passed.');
-			}
-		}
+        if(!$this->request->passesCSRFCheck() &&
+            $this->requiresCSRFCheck()) {
+            // In case of a fail with POST we need to recheck the credentials
+            if($this->request->getMethod() === 'POST') {
+                $forcedLogout = true;
+            } else {
+                $response->setStatus(401);
+                throw new \Sabre\DAV\Exception\NotAuthenticated('CSRF check not passed.');
+            }
+        }
 
-		if($forcedLogout) {
-			$this->userSession->logout();
-		} else {
-			if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
-				throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
-			}
-			if (\OC_User::handleApacheAuth() ||
-				//Fix for broken webdav clients
-				($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
-				//Well behaved clients that only send the cookie are allowed
-				($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
-			) {
-				$user = $this->userSession->getUser()->getUID();
-				\OC_Util::setupFS($user);
-				$this->currentUser = $user;
-				$this->session->close();
-				return [true, $this->principalPrefix . $user];
-			}
-		}
+        if($forcedLogout) {
+            $this->userSession->logout();
+        } else {
+            if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
+                throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
+            }
+            if (\OC_User::handleApacheAuth() ||
+                //Fix for broken webdav clients
+                ($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
+                //Well behaved clients that only send the cookie are allowed
+                ($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
+            ) {
+                $user = $this->userSession->getUser()->getUID();
+                \OC_Util::setupFS($user);
+                $this->currentUser = $user;
+                $this->session->close();
+                return [true, $this->principalPrefix . $user];
+            }
+        }
 
-		if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
-			// do not re-authenticate over ajax, use dummy auth name to prevent browser popup
-			$response->addHeader('WWW-Authenticate','DummyBasic realm="' . $this->realm . '"');
-			$response->setStatus(401);
-			throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
-		}
+        if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
+            // do not re-authenticate over ajax, use dummy auth name to prevent browser popup
+            $response->addHeader('WWW-Authenticate','DummyBasic realm="' . $this->realm . '"');
+            $response->setStatus(401);
+            throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
+        }
 
-		$data = parent::check($request, $response);
-		if($data[0] === true) {
-			$startPos = strrpos($data[1], '/') + 1;
-			$user = $this->userSession->getUser()->getUID();
-			$data[1] = substr_replace($data[1], $user, $startPos);
-		}
-		return $data;
-	}
+        $data = parent::check($request, $response);
+        if($data[0] === true) {
+            $startPos = strrpos($data[1], '/') + 1;
+            $user = $this->userSession->getUser()->getUID();
+            $data[1] = substr_replace($data[1], $user, $startPos);
+        }
+        return $data;
+    }
 }

Spacing +12 added lines, -12 removed lines

@@ -170,12 +170,12 @@ 
 	 */
 	private function requiresCSRFCheck() {
 		// GET requires no check at all
-		if($this->request->getMethod() === 'GET') {
+		if ($this->request->getMethod() === 'GET') {
 			return false;
 		}
 
 		// Official Nextcloud clients require no checks
-		if($this->request->isUserAgent([
+		if ($this->request->isUserAgent([
 			IRequest::USER_AGENT_CLIENT_DESKTOP,
 			IRequest::USER_AGENT_CLIENT_ANDROID,
 			IRequest::USER_AGENT_CLIENT_IOS,
@@ -184,17 +184,17 @@ 
 		}
 
 		// If not logged-in no check is required
-		if(!$this->userSession->isLoggedIn()) {
+		if (!$this->userSession->isLoggedIn()) {
 			return false;
 		}
 
 		// POST always requires a check
-		if($this->request->getMethod() === 'POST') {
+		if ($this->request->getMethod() === 'POST') {
 			return true;
 		}
 
 		// If logged-in AND DAV authenticated no check is required
-		if($this->userSession->isLoggedIn() &&
+		if ($this->userSession->isLoggedIn() &&
 			$this->isDavAuthenticated($this->userSession->getUser()->getUID())) {
 			return false;
 		}
@@ -211,10 +211,10 @@ 
 	private function auth(RequestInterface $request, ResponseInterface $response) {
 		$forcedLogout = false;
 
-		if(!$this->request->passesCSRFCheck() &&
+		if (!$this->request->passesCSRFCheck() &&
 			$this->requiresCSRFCheck()) {
 			// In case of a fail with POST we need to recheck the credentials
-			if($this->request->getMethod() === 'POST') {
+			if ($this->request->getMethod() === 'POST') {
 				$forcedLogout = true;
 			} else {
 				$response->setStatus(401);
@@ -222,10 +222,10 @@ 
 			}
 		}
 
-		if($forcedLogout) {
+		if ($forcedLogout) {
 			$this->userSession->logout();
 		} else {
-			if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
+			if ($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
 				throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
 			}
 			if (\OC_User::handleApacheAuth() ||
@@ -238,19 +238,19 @@ 
 				\OC_Util::setupFS($user);
 				$this->currentUser = $user;
 				$this->session->close();
-				return [true, $this->principalPrefix . $user];
+				return [true, $this->principalPrefix.$user];
 			}
 		}
 
 		if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
 			// do not re-authenticate over ajax, use dummy auth name to prevent browser popup
-			$response->addHeader('WWW-Authenticate','DummyBasic realm="' . $this->realm . '"');
+			$response->addHeader('WWW-Authenticate', 'DummyBasic realm="'.$this->realm.'"');
 			$response->setStatus(401);
 			throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
 		}
 
 		$data = parent::check($request, $response);
-		if($data[0] === true) {
+		if ($data[0] === true) {
 			$startPos = strrpos($data[1], '/') + 1;
 			$user = $this->userSession->getUser()->getUID();
 			$data[1] = substr_replace($data[1], $user, $startPos);

apps/dav/lib/Connector/Sabre/BearerAuth.php

Indentation +41 added lines, -41 removed lines

@@ -27,50 +27,50 @@
 use Sabre\DAV\Auth\Backend\AbstractBearer;
 
 class BearerAuth extends AbstractBearer {
-	/** @var IUserSession */
-	private $userSession;
-	/** @var ISession */
-	private $session;
-	/** @var IRequest */
-	private $request;
-	/** @var string */
-	private $principalPrefix;
+    /** @var IUserSession */
+    private $userSession;
+    /** @var ISession */
+    private $session;
+    /** @var IRequest */
+    private $request;
+    /** @var string */
+    private $principalPrefix;
 
-	/**
-	 * @param IUserSession $userSession
-	 * @param ISession $session
-	 * @param string $principalPrefix
-	 * @param IRequest $request
-	 */
-	public function __construct(IUserSession $userSession,
-								ISession $session,
-								IRequest $request,
-								$principalPrefix = 'principals/users/') {
-		$this->userSession = $userSession;
-		$this->session = $session;
-		$this->request = $request;
-		$this->principalPrefix = $principalPrefix;
-	}
+    /**
+     * @param IUserSession $userSession
+     * @param ISession $session
+     * @param string $principalPrefix
+     * @param IRequest $request
+     */
+    public function __construct(IUserSession $userSession,
+                                ISession $session,
+                                IRequest $request,
+                                $principalPrefix = 'principals/users/') {
+        $this->userSession = $userSession;
+        $this->session = $session;
+        $this->request = $request;
+        $this->principalPrefix = $principalPrefix;
+    }
 
-	private function setupUserFs($userId) {
-		\OC_Util::setupFS($userId);
-		$this->session->close();
-		return $this->principalPrefix . $userId;
-	}
+    private function setupUserFs($userId) {
+        \OC_Util::setupFS($userId);
+        $this->session->close();
+        return $this->principalPrefix . $userId;
+    }
 
-	/**
-	 * {@inheritdoc}
-	 */
-	public function validateBearerToken($bearerToken) {
-		\OC_Util::setupFS();
+    /**
+     * {@inheritdoc}
+     */
+    public function validateBearerToken($bearerToken) {
+        \OC_Util::setupFS();
 
-		if(!$this->userSession->isLoggedIn()) {
-			$this->userSession->tryTokenLogin($this->request);
-		}
-		if($this->userSession->isLoggedIn()) {
-			return $this->setupUserFs($this->userSession->getUser()->getUID());
-		}
+        if(!$this->userSession->isLoggedIn()) {
+            $this->userSession->tryTokenLogin($this->request);
+        }
+        if($this->userSession->isLoggedIn()) {
+            return $this->setupUserFs($this->userSession->getUser()->getUID());
+        }
 
-		return false;
-	}
+        return false;
+    }
 }

Spacing +3 added lines, -3 removed lines

@@ -55,7 +55,7 @@ 
 	private function setupUserFs($userId) {
 		\OC_Util::setupFS($userId);
 		$this->session->close();
-		return $this->principalPrefix . $userId;
+		return $this->principalPrefix.$userId;
 	}
 
 	/**
@@ -64,10 +64,10 @@ 
 	public function validateBearerToken($bearerToken) {
 		\OC_Util::setupFS();
 
-		if(!$this->userSession->isLoggedIn()) {
+		if (!$this->userSession->isLoggedIn()) {
 			$this->userSession->tryTokenLogin($this->request);
 		}
-		if($this->userSession->isLoggedIn()) {
+		if ($this->userSession->isLoggedIn()) {
 			return $this->setupUserFs($this->userSession->getUser()->getUID());
 		}
 

apps/dav/lib/Server.php

Indentation +194 added lines, -194 removed lines

@@ -58,198 +58,198 @@
 
 class Server {
 
-	/** @var IRequest */
-	private $request;
-
-	/** @var  string */
-	private $baseUri;
-
-	/** @var Connector\Sabre\Server  */
-	private $server;
-
-	public function __construct(IRequest $request, $baseUri) {
-		$this->request = $request;
-		$this->baseUri = $baseUri;
-		$logger = \OC::$server->getLogger();
-		$mailer = \OC::$server->getMailer();
-		$dispatcher = \OC::$server->getEventDispatcher();
-
-		$root = new RootCollection();
-		$this->server = new \OCA\DAV\Connector\Sabre\Server($root);
-
-		// Add maintenance plugin
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig()));
-
-		// Backends
-		$authBackend = new Auth(
-			\OC::$server->getSession(),
-			\OC::$server->getUserSession(),
-			\OC::$server->getRequest(),
-			\OC::$server->getTwoFactorAuthManager(),
-			\OC::$server->getBruteForceThrottler()
-		);
-
-		// Set URL explicitly due to reverse-proxy situations
-		$this->server->httpRequest->setUrl($this->request->getRequestUri());
-		$this->server->setBaseUri($this->baseUri);
-
-		$this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig()));
-		$authPlugin = new Plugin();
-		$authPlugin->addBackend(new PublicAuth());
-		$this->server->addPlugin($authPlugin);
-
-		// allow setup of additional auth backends
-		$event = new SabrePluginEvent($this->server);
-		$dispatcher->dispatch('OCA\DAV\Connector\Sabre::authInit', $event);
-
-		$bearerAuthBackend = new BearerAuth(
-			\OC::$server->getUserSession(),
-			\OC::$server->getSession(),
-			\OC::$server->getRequest()
-		);
-		$authPlugin->addBackend($bearerAuthBackend);
-		// because we are throwing exceptions this plugin has to be the last one
-		$authPlugin->addBackend($authBackend);
-
-		// debugging
-		if(\OC::$server->getConfig()->getSystemValue('debug', false)) {
-			$this->server->addPlugin(new \Sabre\DAV\Browser\Plugin());
-		} else {
-			$this->server->addPlugin(new DummyGetResponsePlugin());
-		}
-
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $logger));
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\LockPlugin());
-		$this->server->addPlugin(new \Sabre\DAV\Sync\Plugin());
-
-		// acl
-		$acl = new DavAclPlugin();
-		$acl->principalCollectionSet = [
-			'principals/users', 'principals/groups'
-		];
-		$acl->defaultUsernamePath = 'principals/users';
-		$this->server->addPlugin($acl);
-
-		// calendar plugins
-		$this->server->addPlugin(new \OCA\DAV\CalDAV\Plugin());
-		$this->server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());
-		$this->server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin());
-		$this->server->addPlugin(new IMipPlugin($mailer, $logger));
-		$this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
-		$this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
-		$this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest()));
-		$this->server->addPlugin(new \OCA\DAV\CalDAV\Publishing\PublishPlugin(
-			\OC::$server->getConfig(),
-			\OC::$server->getURLGenerator()
-		));
-
-		// addressbook plugins
-		$this->server->addPlugin(new \OCA\DAV\CardDAV\Plugin());
-		$this->server->addPlugin(new VCFExportPlugin());
-		$this->server->addPlugin(new ImageExportPlugin(new PhotoCache(\OC::$server->getAppDataDir('dav-photocache'))));
-
-		// system tags plugins
-		$this->server->addPlugin(new SystemTagPlugin(
-			\OC::$server->getSystemTagManager(),
-			\OC::$server->getGroupManager(),
-			\OC::$server->getUserSession()
-		));
-
-		// comments plugin
-		$this->server->addPlugin(new CommentsPlugin(
-			\OC::$server->getCommentsManager(),
-			\OC::$server->getUserSession()
-		));
-
-		$this->server->addPlugin(new CopyEtagHeaderPlugin());
-
-		// Some WebDAV clients do require Class 2 WebDAV support (locking), since
-		// we do not provide locking we emulate it using a fake locking plugin.
-		if($request->isUserAgent([
-			'/WebDAVFS/',
-			'/Microsoft Office OneNote 2013/',
-			'/^Microsoft-WebDAV/',// Microsoft-WebDAV-MiniRedir/6.1.7601
-		])) {
-			$this->server->addPlugin(new FakeLockerPlugin());
-		}
-
-		if (BrowserErrorPagePlugin::isBrowserRequest($request)) {
-			$this->server->addPlugin(new BrowserErrorPagePlugin());
-		}
-
-		// wait with registering these until auth is handled and the filesystem is setup
-		$this->server->on('beforeMethod', function () {
-			// custom properties plugin must be the last one
-			$userSession = \OC::$server->getUserSession();
-			$user = $userSession->getUser();
-			if ($user !== null) {
-				$view = \OC\Files\Filesystem::getView();
-				$this->server->addPlugin(
-					new FilesPlugin(
-						$this->server->tree,
-						\OC::$server->getConfig(),
-						$this->request,
-						\OC::$server->getPreviewManager(),
-						false,
-						!\OC::$server->getConfig()->getSystemValue('debug', false)
-					)
-				);
-
-				$this->server->addPlugin(
-					new \Sabre\DAV\PropertyStorage\Plugin(
-						new CustomPropertiesBackend(
-							$this->server->tree,
-							\OC::$server->getDatabaseConnection(),
-							\OC::$server->getUserSession()->getUser()
-						)
-					)
-				);
-				if ($view !== null) {
-					$this->server->addPlugin(
-						new QuotaPlugin($view));
-				}
-				$this->server->addPlugin(
-					new TagsPlugin(
-						$this->server->tree, \OC::$server->getTagManager()
-					)
-				);
-				// TODO: switch to LazyUserFolder
-				$userFolder = \OC::$server->getUserFolder();
-				$this->server->addPlugin(new SharesPlugin(
-					$this->server->tree,
-					$userSession,
-					$userFolder,
-					\OC::$server->getShareManager()
-				));
-				$this->server->addPlugin(new CommentPropertiesPlugin(
-					\OC::$server->getCommentsManager(),
-					$userSession
-				));
-				$this->server->addPlugin(new \OCA\DAV\CalDAV\Search\SearchPlugin());
-				if ($view !== null) {
-					$this->server->addPlugin(new FilesReportPlugin(
-						$this->server->tree,
-						$view,
-						\OC::$server->getSystemTagManager(),
-						\OC::$server->getSystemTagObjectMapper(),
-						\OC::$server->getTagManager(),
-						$userSession,
-						\OC::$server->getGroupManager(),
-						$userFolder
-					));
-					$this->server->addPlugin(new SearchPlugin(new \OCA\DAV\Files\FileSearchBackend(
-						$this->server->tree,
-						$user,
-						\OC::$server->getRootFolder(),
-						\OC::$server->getShareManager(),
-						$view
-					)));
-				}
-			}
-		});
-	}
-
-	public function exec() {
-		$this->server->exec();
-	}
+    /** @var IRequest */
+    private $request;
+
+    /** @var  string */
+    private $baseUri;
+
+    /** @var Connector\Sabre\Server  */
+    private $server;
+
+    public function __construct(IRequest $request, $baseUri) {
+        $this->request = $request;
+        $this->baseUri = $baseUri;
+        $logger = \OC::$server->getLogger();
+        $mailer = \OC::$server->getMailer();
+        $dispatcher = \OC::$server->getEventDispatcher();
+
+        $root = new RootCollection();
+        $this->server = new \OCA\DAV\Connector\Sabre\Server($root);
+
+        // Add maintenance plugin
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig()));
+
+        // Backends
+        $authBackend = new Auth(
+            \OC::$server->getSession(),
+            \OC::$server->getUserSession(),
+            \OC::$server->getRequest(),
+            \OC::$server->getTwoFactorAuthManager(),
+            \OC::$server->getBruteForceThrottler()
+        );
+
+        // Set URL explicitly due to reverse-proxy situations
+        $this->server->httpRequest->setUrl($this->request->getRequestUri());
+        $this->server->setBaseUri($this->baseUri);
+
+        $this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig()));
+        $authPlugin = new Plugin();
+        $authPlugin->addBackend(new PublicAuth());
+        $this->server->addPlugin($authPlugin);
+
+        // allow setup of additional auth backends
+        $event = new SabrePluginEvent($this->server);
+        $dispatcher->dispatch('OCA\DAV\Connector\Sabre::authInit', $event);
+
+        $bearerAuthBackend = new BearerAuth(
+            \OC::$server->getUserSession(),
+            \OC::$server->getSession(),
+            \OC::$server->getRequest()
+        );
+        $authPlugin->addBackend($bearerAuthBackend);
+        // because we are throwing exceptions this plugin has to be the last one
+        $authPlugin->addBackend($authBackend);
+
+        // debugging
+        if(\OC::$server->getConfig()->getSystemValue('debug', false)) {
+            $this->server->addPlugin(new \Sabre\DAV\Browser\Plugin());
+        } else {
+            $this->server->addPlugin(new DummyGetResponsePlugin());
+        }
+
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $logger));
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\LockPlugin());
+        $this->server->addPlugin(new \Sabre\DAV\Sync\Plugin());
+
+        // acl
+        $acl = new DavAclPlugin();
+        $acl->principalCollectionSet = [
+            'principals/users', 'principals/groups'
+        ];
+        $acl->defaultUsernamePath = 'principals/users';
+        $this->server->addPlugin($acl);
+
+        // calendar plugins
+        $this->server->addPlugin(new \OCA\DAV\CalDAV\Plugin());
+        $this->server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());
+        $this->server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin());
+        $this->server->addPlugin(new IMipPlugin($mailer, $logger));
+        $this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
+        $this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
+        $this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest()));
+        $this->server->addPlugin(new \OCA\DAV\CalDAV\Publishing\PublishPlugin(
+            \OC::$server->getConfig(),
+            \OC::$server->getURLGenerator()
+        ));
+
+        // addressbook plugins
+        $this->server->addPlugin(new \OCA\DAV\CardDAV\Plugin());
+        $this->server->addPlugin(new VCFExportPlugin());
+        $this->server->addPlugin(new ImageExportPlugin(new PhotoCache(\OC::$server->getAppDataDir('dav-photocache'))));
+
+        // system tags plugins
+        $this->server->addPlugin(new SystemTagPlugin(
+            \OC::$server->getSystemTagManager(),
+            \OC::$server->getGroupManager(),
+            \OC::$server->getUserSession()
+        ));
+
+        // comments plugin
+        $this->server->addPlugin(new CommentsPlugin(
+            \OC::$server->getCommentsManager(),
+            \OC::$server->getUserSession()
+        ));
+
+        $this->server->addPlugin(new CopyEtagHeaderPlugin());
+
+        // Some WebDAV clients do require Class 2 WebDAV support (locking), since
+        // we do not provide locking we emulate it using a fake locking plugin.
+        if($request->isUserAgent([
+            '/WebDAVFS/',
+            '/Microsoft Office OneNote 2013/',
+            '/^Microsoft-WebDAV/',// Microsoft-WebDAV-MiniRedir/6.1.7601
+        ])) {
+            $this->server->addPlugin(new FakeLockerPlugin());
+        }
+
+        if (BrowserErrorPagePlugin::isBrowserRequest($request)) {
+            $this->server->addPlugin(new BrowserErrorPagePlugin());
+        }
+
+        // wait with registering these until auth is handled and the filesystem is setup
+        $this->server->on('beforeMethod', function () {
+            // custom properties plugin must be the last one
+            $userSession = \OC::$server->getUserSession();
+            $user = $userSession->getUser();
+            if ($user !== null) {
+                $view = \OC\Files\Filesystem::getView();
+                $this->server->addPlugin(
+                    new FilesPlugin(
+                        $this->server->tree,
+                        \OC::$server->getConfig(),
+                        $this->request,
+                        \OC::$server->getPreviewManager(),
+                        false,
+                        !\OC::$server->getConfig()->getSystemValue('debug', false)
+                    )
+                );
+
+                $this->server->addPlugin(
+                    new \Sabre\DAV\PropertyStorage\Plugin(
+                        new CustomPropertiesBackend(
+                            $this->server->tree,
+                            \OC::$server->getDatabaseConnection(),
+                            \OC::$server->getUserSession()->getUser()
+                        )
+                    )
+                );
+                if ($view !== null) {
+                    $this->server->addPlugin(
+                        new QuotaPlugin($view));
+                }
+                $this->server->addPlugin(
+                    new TagsPlugin(
+                        $this->server->tree, \OC::$server->getTagManager()
+                    )
+                );
+                // TODO: switch to LazyUserFolder
+                $userFolder = \OC::$server->getUserFolder();
+                $this->server->addPlugin(new SharesPlugin(
+                    $this->server->tree,
+                    $userSession,
+                    $userFolder,
+                    \OC::$server->getShareManager()
+                ));
+                $this->server->addPlugin(new CommentPropertiesPlugin(
+                    \OC::$server->getCommentsManager(),
+                    $userSession
+                ));
+                $this->server->addPlugin(new \OCA\DAV\CalDAV\Search\SearchPlugin());
+                if ($view !== null) {
+                    $this->server->addPlugin(new FilesReportPlugin(
+                        $this->server->tree,
+                        $view,
+                        \OC::$server->getSystemTagManager(),
+                        \OC::$server->getSystemTagObjectMapper(),
+                        \OC::$server->getTagManager(),
+                        $userSession,
+                        \OC::$server->getGroupManager(),
+                        $userFolder
+                    ));
+                    $this->server->addPlugin(new SearchPlugin(new \OCA\DAV\Files\FileSearchBackend(
+                        $this->server->tree,
+                        $user,
+                        \OC::$server->getRootFolder(),
+                        \OC::$server->getShareManager(),
+                        $view
+                    )));
+                }
+            }
+        });
+    }
+
+    public function exec() {
+        $this->server->exec();
+    }
 }