nextcloud / server

apps/oauth2/lib/Db/ClientMapper.php

Indentation +54 added lines, -54 removed lines

@@ -28,62 +28,62 @@
 
 class ClientMapper extends Mapper {
 
-	/**
-	 * @param IDBConnection $db
-	 */
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'oauth2_clients');
-	}
+    /**
+     * @param IDBConnection $db
+     */
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'oauth2_clients');
+    }
 
-	/**
-	 * @param string $clientIdentifier
-	 * @return Client
-	 * @throws ClientNotFoundException
-	 */
-	public function getByIdentifier($clientIdentifier) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName)
-			->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-		if($row === false) {
-			throw new ClientNotFoundException();
-		}
-		return Client::fromRow($row);
-	}
+    /**
+     * @param string $clientIdentifier
+     * @return Client
+     * @throws ClientNotFoundException
+     */
+    public function getByIdentifier($clientIdentifier) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName)
+            ->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
+        if($row === false) {
+            throw new ClientNotFoundException();
+        }
+        return Client::fromRow($row);
+    }
 
-	/**
-	 * @param string $uid internal uid of the client
-	 * @return Client
-	 * @throws ClientNotFoundException
-	 */
-	public function getByUid($uid) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName)
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($uid, IQueryBuilder::PARAM_INT)));
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-		if($row === false) {
-			throw new ClientNotFoundException();
-		}
-		return Client::fromRow($row);
-	}
+    /**
+     * @param string $uid internal uid of the client
+     * @return Client
+     * @throws ClientNotFoundException
+     */
+    public function getByUid($uid) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName)
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($uid, IQueryBuilder::PARAM_INT)));
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
+        if($row === false) {
+            throw new ClientNotFoundException();
+        }
+        return Client::fromRow($row);
+    }
 
-	/**
-	 * @return Client[]
-	 */
-	public function getClients() {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName);
+    /**
+     * @return Client[]
+     */
+    public function getClients() {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName);
 
-		return $this->findEntities($qb->getSQL());
-	}
+        return $this->findEntities($qb->getSQL());
+    }
 }

apps/oauth2/lib/Db/AccessTokenMapper.php

Indentation +37 added lines, -37 removed lines

@@ -28,43 +28,43 @@
 
 class AccessTokenMapper extends Mapper {
 
-	/**
-	 * @param IDBConnection $db
-	 */
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'oauth2_access_tokens');
-	}
+    /**
+     * @param IDBConnection $db
+     */
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'oauth2_access_tokens');
+    }
 
-	/**
-	 * @param string $code
-	 * @return AccessToken
-	 * @throws AccessTokenNotFoundException
-	 */
-	public function getByCode($code) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName)
-			->where($qb->expr()->eq('hashed_code', $qb->createNamedParameter(hash('sha512', $code))));
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
-		if($row === false) {
-			throw new AccessTokenNotFoundException();
-		}
-		return AccessToken::fromRow($row);
-	}
+    /**
+     * @param string $code
+     * @return AccessToken
+     * @throws AccessTokenNotFoundException
+     */
+    public function getByCode($code) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName)
+            ->where($qb->expr()->eq('hashed_code', $qb->createNamedParameter(hash('sha512', $code))));
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
+        if($row === false) {
+            throw new AccessTokenNotFoundException();
+        }
+        return AccessToken::fromRow($row);
+    }
 
-	/**
-	 * delete all access token from a given client
-	 *
-	 * @param int $id
-	 */
-	public function deleteByClientId($id) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->delete($this->tableName)
-			->where($qb->expr()->eq('client_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
-		$qb->execute();
-	}
+    /**
+     * delete all access token from a given client
+     *
+     * @param int $id
+     */
+    public function deleteByClientId($id) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->delete($this->tableName)
+            ->where($qb->expr()->eq('client_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
+        $qb->execute();
+    }
 }

apps/oauth2/appinfo/routes.php

Indentation +22 added lines, -22 removed lines

@@ -20,26 +20,26 @@
  */
 
 return [
-	'routes' => [
-		[
-			'name' => 'Settings#addClient',
-			'url' => '/settings',
-			'verb' => 'POST',
-		],
-		[
-			'name' => 'Settings#deleteClient',
-			'url' => '/clients/{id}/delete',
-			'verb' => 'POST'
-		],
-		[
-			'name' => 'LoginRedirector#authorize',
-			'url' => '/authorize',
-			'verb' => 'GET',
-		],
-		[
-			'name' => 'OauthApi#getToken',
-			'url' => '/api/v1/token',
-			'verb' => 'POST'
-		],
-	],
+    'routes' => [
+        [
+            'name' => 'Settings#addClient',
+            'url' => '/settings',
+            'verb' => 'POST',
+        ],
+        [
+            'name' => 'Settings#deleteClient',
+            'url' => '/clients/{id}/delete',
+            'verb' => 'POST'
+        ],
+        [
+            'name' => 'LoginRedirector#authorize',
+            'url' => '/authorize',
+            'verb' => 'GET',
+        ],
+        [
+            'name' => 'OauthApi#getToken',
+            'url' => '/api/v1/token',
+            'verb' => 'POST'
+        ],
+    ],
 ];

apps/dav/lib/Connector/Sabre/Auth.php

Indentation +192 added lines, -192 removed lines

@@ -48,213 +48,213 @@
 class Auth extends AbstractBasic {
 
 
-	const DAV_AUTHENTICATED = 'AUTHENTICATED_TO_DAV_BACKEND';
+    const DAV_AUTHENTICATED = 'AUTHENTICATED_TO_DAV_BACKEND';
 
-	/** @var ISession */
-	private $session;
-	/** @var Session */
-	private $userSession;
-	/** @var IRequest */
-	private $request;
-	/** @var string */
-	private $currentUser;
-	/** @var Manager */
-	private $twoFactorManager;
-	/** @var Throttler */
-	private $throttler;
+    /** @var ISession */
+    private $session;
+    /** @var Session */
+    private $userSession;
+    /** @var IRequest */
+    private $request;
+    /** @var string */
+    private $currentUser;
+    /** @var Manager */
+    private $twoFactorManager;
+    /** @var Throttler */
+    private $throttler;
 
-	/**
-	 * @param ISession $session
-	 * @param Session $userSession
-	 * @param IRequest $request
-	 * @param Manager $twoFactorManager
-	 * @param Throttler $throttler
-	 * @param string $principalPrefix
-	 */
-	public function __construct(ISession $session,
-								Session $userSession,
-								IRequest $request,
-								Manager $twoFactorManager,
-								Throttler $throttler,
-								$principalPrefix = 'principals/users/') {
-		$this->session = $session;
-		$this->userSession = $userSession;
-		$this->twoFactorManager = $twoFactorManager;
-		$this->request = $request;
-		$this->throttler = $throttler;
-		$this->principalPrefix = $principalPrefix;
+    /**
+     * @param ISession $session
+     * @param Session $userSession
+     * @param IRequest $request
+     * @param Manager $twoFactorManager
+     * @param Throttler $throttler
+     * @param string $principalPrefix
+     */
+    public function __construct(ISession $session,
+                                Session $userSession,
+                                IRequest $request,
+                                Manager $twoFactorManager,
+                                Throttler $throttler,
+                                $principalPrefix = 'principals/users/') {
+        $this->session = $session;
+        $this->userSession = $userSession;
+        $this->twoFactorManager = $twoFactorManager;
+        $this->request = $request;
+        $this->throttler = $throttler;
+        $this->principalPrefix = $principalPrefix;
 
-		// setup realm
-		$defaults = new \OCP\Defaults();
-		$this->realm = $defaults->getName();
-	}
+        // setup realm
+        $defaults = new \OCP\Defaults();
+        $this->realm = $defaults->getName();
+    }
 
-	/**
-	 * Whether the user has initially authenticated via DAV
-	 *
-	 * This is required for WebDAV clients that resent the cookies even when the
-	 * account was changed.
-	 *
-	 * @see https://github.com/owncloud/core/issues/13245
-	 *
-	 * @param string $username
-	 * @return bool
-	 */
-	public function isDavAuthenticated($username) {
-		return !is_null($this->session->get(self::DAV_AUTHENTICATED)) &&
-		$this->session->get(self::DAV_AUTHENTICATED) === $username;
-	}
+    /**
+     * Whether the user has initially authenticated via DAV
+     *
+     * This is required for WebDAV clients that resent the cookies even when the
+     * account was changed.
+     *
+     * @see https://github.com/owncloud/core/issues/13245
+     *
+     * @param string $username
+     * @return bool
+     */
+    public function isDavAuthenticated($username) {
+        return !is_null($this->session->get(self::DAV_AUTHENTICATED)) &&
+        $this->session->get(self::DAV_AUTHENTICATED) === $username;
+    }
 
-	/**
-	 * Validates a username and password
-	 *
-	 * This method should return true or false depending on if login
-	 * succeeded.
-	 *
-	 * @param string $username
-	 * @param string $password
-	 * @return bool
-	 * @throws PasswordLoginForbidden
-	 */
-	protected function validateUserPass($username, $password) {
-		if ($this->userSession->isLoggedIn() &&
-			$this->isDavAuthenticated($this->userSession->getUser()->getUID())
-		) {
-			\OC_Util::setupFS($this->userSession->getUser()->getUID());
-			$this->session->close();
-			return true;
-		} else {
-			\OC_Util::setupFS(); //login hooks may need early access to the filesystem
-			try {
-				if ($this->userSession->logClientIn($username, $password, $this->request, $this->throttler)) {
-					\OC_Util::setupFS($this->userSession->getUser()->getUID());
-					$this->session->set(self::DAV_AUTHENTICATED, $this->userSession->getUser()->getUID());
-					$this->session->close();
-					return true;
-				} else {
-					$this->session->close();
-					return false;
-				}
-			} catch (PasswordLoginForbiddenException $ex) {
-				$this->session->close();
-				throw new PasswordLoginForbidden();
-			}
-		}
-	}
+    /**
+     * Validates a username and password
+     *
+     * This method should return true or false depending on if login
+     * succeeded.
+     *
+     * @param string $username
+     * @param string $password
+     * @return bool
+     * @throws PasswordLoginForbidden
+     */
+    protected function validateUserPass($username, $password) {
+        if ($this->userSession->isLoggedIn() &&
+            $this->isDavAuthenticated($this->userSession->getUser()->getUID())
+        ) {
+            \OC_Util::setupFS($this->userSession->getUser()->getUID());
+            $this->session->close();
+            return true;
+        } else {
+            \OC_Util::setupFS(); //login hooks may need early access to the filesystem
+            try {
+                if ($this->userSession->logClientIn($username, $password, $this->request, $this->throttler)) {
+                    \OC_Util::setupFS($this->userSession->getUser()->getUID());
+                    $this->session->set(self::DAV_AUTHENTICATED, $this->userSession->getUser()->getUID());
+                    $this->session->close();
+                    return true;
+                } else {
+                    $this->session->close();
+                    return false;
+                }
+            } catch (PasswordLoginForbiddenException $ex) {
+                $this->session->close();
+                throw new PasswordLoginForbidden();
+            }
+        }
+    }
 
-	/**
-	 * @param RequestInterface $request
-	 * @param ResponseInterface $response
-	 * @return array
-	 * @throws NotAuthenticated
-	 * @throws ServiceUnavailable
-	 */
-	function check(RequestInterface $request, ResponseInterface $response) {
-		try {
-			$result = $this->auth($request, $response);
-			return $result;
-		} catch (NotAuthenticated $e) {
-			throw $e;
-		} catch (Exception $e) {
-			$class = get_class($e);
-			$msg = $e->getMessage();
-			\OC::$server->getLogger()->logException($e);
-			throw new ServiceUnavailable("$class: $msg");
-		}
-	}
+    /**
+     * @param RequestInterface $request
+     * @param ResponseInterface $response
+     * @return array
+     * @throws NotAuthenticated
+     * @throws ServiceUnavailable
+     */
+    function check(RequestInterface $request, ResponseInterface $response) {
+        try {
+            $result = $this->auth($request, $response);
+            return $result;
+        } catch (NotAuthenticated $e) {
+            throw $e;
+        } catch (Exception $e) {
+            $class = get_class($e);
+            $msg = $e->getMessage();
+            \OC::$server->getLogger()->logException($e);
+            throw new ServiceUnavailable("$class: $msg");
+        }
+    }
 
-	/**
-	 * Checks whether a CSRF check is required on the request
-	 *
-	 * @return bool
-	 */
-	private function requiresCSRFCheck() {
-		// GET requires no check at all
-		if($this->request->getMethod() === 'GET') {
-			return false;
-		}
+    /**
+     * Checks whether a CSRF check is required on the request
+     *
+     * @return bool
+     */
+    private function requiresCSRFCheck() {
+        // GET requires no check at all
+        if($this->request->getMethod() === 'GET') {
+            return false;
+        }
 
-		// Official Nextcloud clients require no checks
-		if($this->request->isUserAgent([
-			IRequest::USER_AGENT_CLIENT_DESKTOP,
-			IRequest::USER_AGENT_CLIENT_ANDROID,
-			IRequest::USER_AGENT_CLIENT_IOS,
-		])) {
-			return false;
-		}
+        // Official Nextcloud clients require no checks
+        if($this->request->isUserAgent([
+            IRequest::USER_AGENT_CLIENT_DESKTOP,
+            IRequest::USER_AGENT_CLIENT_ANDROID,
+            IRequest::USER_AGENT_CLIENT_IOS,
+        ])) {
+            return false;
+        }
 
-		// If not logged-in no check is required
-		if(!$this->userSession->isLoggedIn()) {
-			return false;
-		}
+        // If not logged-in no check is required
+        if(!$this->userSession->isLoggedIn()) {
+            return false;
+        }
 
-		// POST always requires a check
-		if($this->request->getMethod() === 'POST') {
-			return true;
-		}
+        // POST always requires a check
+        if($this->request->getMethod() === 'POST') {
+            return true;
+        }
 
-		// If logged-in AND DAV authenticated no check is required
-		if($this->userSession->isLoggedIn() &&
-			$this->isDavAuthenticated($this->userSession->getUser()->getUID())) {
-			return false;
-		}
+        // If logged-in AND DAV authenticated no check is required
+        if($this->userSession->isLoggedIn() &&
+            $this->isDavAuthenticated($this->userSession->getUser()->getUID())) {
+            return false;
+        }
 
-		return true;
-	}
+        return true;
+    }
 
-	/**
-	 * @param RequestInterface $request
-	 * @param ResponseInterface $response
-	 * @return array
-	 * @throws NotAuthenticated
-	 */
-	private function auth(RequestInterface $request, ResponseInterface $response) {
-		$forcedLogout = false;
+    /**
+     * @param RequestInterface $request
+     * @param ResponseInterface $response
+     * @return array
+     * @throws NotAuthenticated
+     */
+    private function auth(RequestInterface $request, ResponseInterface $response) {
+        $forcedLogout = false;
 
-		if(!$this->request->passesCSRFCheck() &&
-			$this->requiresCSRFCheck()) {
-			// In case of a fail with POST we need to recheck the credentials
-			if($this->request->getMethod() === 'POST') {
-				$forcedLogout = true;
-			} else {
-				$response->setStatus(401);
-				throw new \Sabre\DAV\Exception\NotAuthenticated('CSRF check not passed.');
-			}
-		}
+        if(!$this->request->passesCSRFCheck() &&
+            $this->requiresCSRFCheck()) {
+            // In case of a fail with POST we need to recheck the credentials
+            if($this->request->getMethod() === 'POST') {
+                $forcedLogout = true;
+            } else {
+                $response->setStatus(401);
+                throw new \Sabre\DAV\Exception\NotAuthenticated('CSRF check not passed.');
+            }
+        }
 
-		if($forcedLogout) {
-			$this->userSession->logout();
-		} else {
-			if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
-				throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
-			}
-			if (\OC_User::handleApacheAuth() ||
-				//Fix for broken webdav clients
-				($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
-				//Well behaved clients that only send the cookie are allowed
-				($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
-			) {
-				$user = $this->userSession->getUser()->getUID();
-				\OC_Util::setupFS($user);
-				$this->currentUser = $user;
-				$this->session->close();
-				return [true, $this->principalPrefix . $user];
-			}
-		}
+        if($forcedLogout) {
+            $this->userSession->logout();
+        } else {
+            if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
+                throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
+            }
+            if (\OC_User::handleApacheAuth() ||
+                //Fix for broken webdav clients
+                ($this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) ||
+                //Well behaved clients that only send the cookie are allowed
+                ($this->userSession->isLoggedIn() && $this->session->get(self::DAV_AUTHENTICATED) === $this->userSession->getUser()->getUID() && $request->getHeader('Authorization') === null)
+            ) {
+                $user = $this->userSession->getUser()->getUID();
+                \OC_Util::setupFS($user);
+                $this->currentUser = $user;
+                $this->session->close();
+                return [true, $this->principalPrefix . $user];
+            }
+        }
 
-		if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
-			// do not re-authenticate over ajax, use dummy auth name to prevent browser popup
-			$response->addHeader('WWW-Authenticate','DummyBasic realm="' . $this->realm . '"');
-			$response->setStatus(401);
-			throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
-		}
+        if (!$this->userSession->isLoggedIn() && in_array('XMLHttpRequest', explode(',', $request->getHeader('X-Requested-With')))) {
+            // do not re-authenticate over ajax, use dummy auth name to prevent browser popup
+            $response->addHeader('WWW-Authenticate','DummyBasic realm="' . $this->realm . '"');
+            $response->setStatus(401);
+            throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
+        }
 
-		$data = parent::check($request, $response);
-		if($data[0] === true) {
-			$startPos = strrpos($data[1], '/') + 1;
-			$user = $this->userSession->getUser()->getUID();
-			$data[1] = substr_replace($data[1], $user, $startPos);
-		}
-		return $data;
-	}
+        $data = parent::check($request, $response);
+        if($data[0] === true) {
+            $startPos = strrpos($data[1], '/') + 1;
+            $user = $this->userSession->getUser()->getUID();
+            $data[1] = substr_replace($data[1], $user, $startPos);
+        }
+        return $data;
+    }
 }

apps/dav/lib/Connector/Sabre/BearerAuth.php

Indentation +41 added lines, -41 removed lines

@@ -27,50 +27,50 @@
 use Sabre\DAV\Auth\Backend\AbstractBearer;
 
 class BearerAuth extends AbstractBearer {
-	/** @var IUserSession */
-	private $userSession;
-	/** @var ISession */
-	private $session;
-	/** @var IRequest */
-	private $request;
-	/** @var string */
-	private $principalPrefix;
+    /** @var IUserSession */
+    private $userSession;
+    /** @var ISession */
+    private $session;
+    /** @var IRequest */
+    private $request;
+    /** @var string */
+    private $principalPrefix;
 
-	/**
-	 * @param IUserSession $userSession
-	 * @param ISession $session
-	 * @param string $principalPrefix
-	 * @param IRequest $request
-	 */
-	public function __construct(IUserSession $userSession,
-								ISession $session,
-								IRequest $request,
-								$principalPrefix = 'principals/users/') {
-		$this->userSession = $userSession;
-		$this->session = $session;
-		$this->request = $request;
-		$this->principalPrefix = $principalPrefix;
-	}
+    /**
+     * @param IUserSession $userSession
+     * @param ISession $session
+     * @param string $principalPrefix
+     * @param IRequest $request
+     */
+    public function __construct(IUserSession $userSession,
+                                ISession $session,
+                                IRequest $request,
+                                $principalPrefix = 'principals/users/') {
+        $this->userSession = $userSession;
+        $this->session = $session;
+        $this->request = $request;
+        $this->principalPrefix = $principalPrefix;
+    }
 
-	private function setupUserFs($userId) {
-		\OC_Util::setupFS($userId);
-		$this->session->close();
-		return $this->principalPrefix . $userId;
-	}
+    private function setupUserFs($userId) {
+        \OC_Util::setupFS($userId);
+        $this->session->close();
+        return $this->principalPrefix . $userId;
+    }
 
-	/**
-	 * {@inheritdoc}
-	 */
-	public function validateBearerToken($bearerToken) {
-		\OC_Util::setupFS();
+    /**
+     * {@inheritdoc}
+     */
+    public function validateBearerToken($bearerToken) {
+        \OC_Util::setupFS();
 
-		if(!$this->userSession->isLoggedIn()) {
-			$this->userSession->tryTokenLogin($this->request);
-		}
-		if($this->userSession->isLoggedIn()) {
-			return $this->setupUserFs($this->userSession->getUser()->getUID());
-		}
+        if(!$this->userSession->isLoggedIn()) {
+            $this->userSession->tryTokenLogin($this->request);
+        }
+        if($this->userSession->isLoggedIn()) {
+            return $this->setupUserFs($this->userSession->getUser()->getUID());
+        }
 
-		return false;
-	}
+        return false;
+    }
 }

apps/dav/lib/Server.php

Indentation +194 added lines, -194 removed lines

@@ -58,198 +58,198 @@
 
 class Server {
 
-	/** @var IRequest */
-	private $request;
-
-	/** @var  string */
-	private $baseUri;
-
-	/** @var Connector\Sabre\Server  */
-	private $server;
-
-	public function __construct(IRequest $request, $baseUri) {
-		$this->request = $request;
-		$this->baseUri = $baseUri;
-		$logger = \OC::$server->getLogger();
-		$mailer = \OC::$server->getMailer();
-		$dispatcher = \OC::$server->getEventDispatcher();
-
-		$root = new RootCollection();
-		$this->server = new \OCA\DAV\Connector\Sabre\Server($root);
-
-		// Add maintenance plugin
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig()));
-
-		// Backends
-		$authBackend = new Auth(
-			\OC::$server->getSession(),
-			\OC::$server->getUserSession(),
-			\OC::$server->getRequest(),
-			\OC::$server->getTwoFactorAuthManager(),
-			\OC::$server->getBruteForceThrottler()
-		);
-
-		// Set URL explicitly due to reverse-proxy situations
-		$this->server->httpRequest->setUrl($this->request->getRequestUri());
-		$this->server->setBaseUri($this->baseUri);
-
-		$this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig()));
-		$authPlugin = new Plugin();
-		$authPlugin->addBackend(new PublicAuth());
-		$this->server->addPlugin($authPlugin);
-
-		// allow setup of additional auth backends
-		$event = new SabrePluginEvent($this->server);
-		$dispatcher->dispatch('OCA\DAV\Connector\Sabre::authInit', $event);
-
-		$bearerAuthBackend = new BearerAuth(
-			\OC::$server->getUserSession(),
-			\OC::$server->getSession(),
-			\OC::$server->getRequest()
-		);
-		$authPlugin->addBackend($bearerAuthBackend);
-		// because we are throwing exceptions this plugin has to be the last one
-		$authPlugin->addBackend($authBackend);
-
-		// debugging
-		if(\OC::$server->getConfig()->getSystemValue('debug', false)) {
-			$this->server->addPlugin(new \Sabre\DAV\Browser\Plugin());
-		} else {
-			$this->server->addPlugin(new DummyGetResponsePlugin());
-		}
-
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $logger));
-		$this->server->addPlugin(new \OCA\DAV\Connector\Sabre\LockPlugin());
-		$this->server->addPlugin(new \Sabre\DAV\Sync\Plugin());
-
-		// acl
-		$acl = new DavAclPlugin();
-		$acl->principalCollectionSet = [
-			'principals/users', 'principals/groups'
-		];
-		$acl->defaultUsernamePath = 'principals/users';
-		$this->server->addPlugin($acl);
-
-		// calendar plugins
-		$this->server->addPlugin(new \OCA\DAV\CalDAV\Plugin());
-		$this->server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());
-		$this->server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin());
-		$this->server->addPlugin(new IMipPlugin($mailer, $logger));
-		$this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
-		$this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
-		$this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest()));
-		$this->server->addPlugin(new \OCA\DAV\CalDAV\Publishing\PublishPlugin(
-			\OC::$server->getConfig(),
-			\OC::$server->getURLGenerator()
-		));
-
-		// addressbook plugins
-		$this->server->addPlugin(new \OCA\DAV\CardDAV\Plugin());
-		$this->server->addPlugin(new VCFExportPlugin());
-		$this->server->addPlugin(new ImageExportPlugin(new PhotoCache(\OC::$server->getAppDataDir('dav-photocache'))));
-
-		// system tags plugins
-		$this->server->addPlugin(new SystemTagPlugin(
-			\OC::$server->getSystemTagManager(),
-			\OC::$server->getGroupManager(),
-			\OC::$server->getUserSession()
-		));
-
-		// comments plugin
-		$this->server->addPlugin(new CommentsPlugin(
-			\OC::$server->getCommentsManager(),
-			\OC::$server->getUserSession()
-		));
-
-		$this->server->addPlugin(new CopyEtagHeaderPlugin());
-
-		// Some WebDAV clients do require Class 2 WebDAV support (locking), since
-		// we do not provide locking we emulate it using a fake locking plugin.
-		if($request->isUserAgent([
-			'/WebDAVFS/',
-			'/Microsoft Office OneNote 2013/',
-			'/^Microsoft-WebDAV/',// Microsoft-WebDAV-MiniRedir/6.1.7601
-		])) {
-			$this->server->addPlugin(new FakeLockerPlugin());
-		}
-
-		if (BrowserErrorPagePlugin::isBrowserRequest($request)) {
-			$this->server->addPlugin(new BrowserErrorPagePlugin());
-		}
-
-		// wait with registering these until auth is handled and the filesystem is setup
-		$this->server->on('beforeMethod', function () {
-			// custom properties plugin must be the last one
-			$userSession = \OC::$server->getUserSession();
-			$user = $userSession->getUser();
-			if ($user !== null) {
-				$view = \OC\Files\Filesystem::getView();
-				$this->server->addPlugin(
-					new FilesPlugin(
-						$this->server->tree,
-						\OC::$server->getConfig(),
-						$this->request,
-						\OC::$server->getPreviewManager(),
-						false,
-						!\OC::$server->getConfig()->getSystemValue('debug', false)
-					)
-				);
-
-				$this->server->addPlugin(
-					new \Sabre\DAV\PropertyStorage\Plugin(
-						new CustomPropertiesBackend(
-							$this->server->tree,
-							\OC::$server->getDatabaseConnection(),
-							\OC::$server->getUserSession()->getUser()
-						)
-					)
-				);
-				if ($view !== null) {
-					$this->server->addPlugin(
-						new QuotaPlugin($view));
-				}
-				$this->server->addPlugin(
-					new TagsPlugin(
-						$this->server->tree, \OC::$server->getTagManager()
-					)
-				);
-				// TODO: switch to LazyUserFolder
-				$userFolder = \OC::$server->getUserFolder();
-				$this->server->addPlugin(new SharesPlugin(
-					$this->server->tree,
-					$userSession,
-					$userFolder,
-					\OC::$server->getShareManager()
-				));
-				$this->server->addPlugin(new CommentPropertiesPlugin(
-					\OC::$server->getCommentsManager(),
-					$userSession
-				));
-				$this->server->addPlugin(new \OCA\DAV\CalDAV\Search\SearchPlugin());
-				if ($view !== null) {
-					$this->server->addPlugin(new FilesReportPlugin(
-						$this->server->tree,
-						$view,
-						\OC::$server->getSystemTagManager(),
-						\OC::$server->getSystemTagObjectMapper(),
-						\OC::$server->getTagManager(),
-						$userSession,
-						\OC::$server->getGroupManager(),
-						$userFolder
-					));
-					$this->server->addPlugin(new SearchPlugin(new \OCA\DAV\Files\FileSearchBackend(
-						$this->server->tree,
-						$user,
-						\OC::$server->getRootFolder(),
-						\OC::$server->getShareManager(),
-						$view
-					)));
-				}
-			}
-		});
-	}
-
-	public function exec() {
-		$this->server->exec();
-	}
+    /** @var IRequest */
+    private $request;
+
+    /** @var  string */
+    private $baseUri;
+
+    /** @var Connector\Sabre\Server  */
+    private $server;
+
+    public function __construct(IRequest $request, $baseUri) {
+        $this->request = $request;
+        $this->baseUri = $baseUri;
+        $logger = \OC::$server->getLogger();
+        $mailer = \OC::$server->getMailer();
+        $dispatcher = \OC::$server->getEventDispatcher();
+
+        $root = new RootCollection();
+        $this->server = new \OCA\DAV\Connector\Sabre\Server($root);
+
+        // Add maintenance plugin
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\MaintenancePlugin(\OC::$server->getConfig()));
+
+        // Backends
+        $authBackend = new Auth(
+            \OC::$server->getSession(),
+            \OC::$server->getUserSession(),
+            \OC::$server->getRequest(),
+            \OC::$server->getTwoFactorAuthManager(),
+            \OC::$server->getBruteForceThrottler()
+        );
+
+        // Set URL explicitly due to reverse-proxy situations
+        $this->server->httpRequest->setUrl($this->request->getRequestUri());
+        $this->server->setBaseUri($this->baseUri);
+
+        $this->server->addPlugin(new BlockLegacyClientPlugin(\OC::$server->getConfig()));
+        $authPlugin = new Plugin();
+        $authPlugin->addBackend(new PublicAuth());
+        $this->server->addPlugin($authPlugin);
+
+        // allow setup of additional auth backends
+        $event = new SabrePluginEvent($this->server);
+        $dispatcher->dispatch('OCA\DAV\Connector\Sabre::authInit', $event);
+
+        $bearerAuthBackend = new BearerAuth(
+            \OC::$server->getUserSession(),
+            \OC::$server->getSession(),
+            \OC::$server->getRequest()
+        );
+        $authPlugin->addBackend($bearerAuthBackend);
+        // because we are throwing exceptions this plugin has to be the last one
+        $authPlugin->addBackend($authBackend);
+
+        // debugging
+        if(\OC::$server->getConfig()->getSystemValue('debug', false)) {
+            $this->server->addPlugin(new \Sabre\DAV\Browser\Plugin());
+        } else {
+            $this->server->addPlugin(new DummyGetResponsePlugin());
+        }
+
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\ExceptionLoggerPlugin('webdav', $logger));
+        $this->server->addPlugin(new \OCA\DAV\Connector\Sabre\LockPlugin());
+        $this->server->addPlugin(new \Sabre\DAV\Sync\Plugin());
+
+        // acl
+        $acl = new DavAclPlugin();
+        $acl->principalCollectionSet = [
+            'principals/users', 'principals/groups'
+        ];
+        $acl->defaultUsernamePath = 'principals/users';
+        $this->server->addPlugin($acl);
+
+        // calendar plugins
+        $this->server->addPlugin(new \OCA\DAV\CalDAV\Plugin());
+        $this->server->addPlugin(new \Sabre\CalDAV\ICSExportPlugin());
+        $this->server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin());
+        $this->server->addPlugin(new IMipPlugin($mailer, $logger));
+        $this->server->addPlugin(new \Sabre\CalDAV\Subscriptions\Plugin());
+        $this->server->addPlugin(new \Sabre\CalDAV\Notifications\Plugin());
+        $this->server->addPlugin(new DAV\Sharing\Plugin($authBackend, \OC::$server->getRequest()));
+        $this->server->addPlugin(new \OCA\DAV\CalDAV\Publishing\PublishPlugin(
+            \OC::$server->getConfig(),
+            \OC::$server->getURLGenerator()
+        ));
+
+        // addressbook plugins
+        $this->server->addPlugin(new \OCA\DAV\CardDAV\Plugin());
+        $this->server->addPlugin(new VCFExportPlugin());
+        $this->server->addPlugin(new ImageExportPlugin(new PhotoCache(\OC::$server->getAppDataDir('dav-photocache'))));
+
+        // system tags plugins
+        $this->server->addPlugin(new SystemTagPlugin(
+            \OC::$server->getSystemTagManager(),
+            \OC::$server->getGroupManager(),
+            \OC::$server->getUserSession()
+        ));
+
+        // comments plugin
+        $this->server->addPlugin(new CommentsPlugin(
+            \OC::$server->getCommentsManager(),
+            \OC::$server->getUserSession()
+        ));
+
+        $this->server->addPlugin(new CopyEtagHeaderPlugin());
+
+        // Some WebDAV clients do require Class 2 WebDAV support (locking), since
+        // we do not provide locking we emulate it using a fake locking plugin.
+        if($request->isUserAgent([
+            '/WebDAVFS/',
+            '/Microsoft Office OneNote 2013/',
+            '/^Microsoft-WebDAV/',// Microsoft-WebDAV-MiniRedir/6.1.7601
+        ])) {
+            $this->server->addPlugin(new FakeLockerPlugin());
+        }
+
+        if (BrowserErrorPagePlugin::isBrowserRequest($request)) {
+            $this->server->addPlugin(new BrowserErrorPagePlugin());
+        }
+
+        // wait with registering these until auth is handled and the filesystem is setup
+        $this->server->on('beforeMethod', function () {
+            // custom properties plugin must be the last one
+            $userSession = \OC::$server->getUserSession();
+            $user = $userSession->getUser();
+            if ($user !== null) {
+                $view = \OC\Files\Filesystem::getView();
+                $this->server->addPlugin(
+                    new FilesPlugin(
+                        $this->server->tree,
+                        \OC::$server->getConfig(),
+                        $this->request,
+                        \OC::$server->getPreviewManager(),
+                        false,
+                        !\OC::$server->getConfig()->getSystemValue('debug', false)
+                    )
+                );
+
+                $this->server->addPlugin(
+                    new \Sabre\DAV\PropertyStorage\Plugin(
+                        new CustomPropertiesBackend(
+                            $this->server->tree,
+                            \OC::$server->getDatabaseConnection(),
+                            \OC::$server->getUserSession()->getUser()
+                        )
+                    )
+                );
+                if ($view !== null) {
+                    $this->server->addPlugin(
+                        new QuotaPlugin($view));
+                }
+                $this->server->addPlugin(
+                    new TagsPlugin(
+                        $this->server->tree, \OC::$server->getTagManager()
+                    )
+                );
+                // TODO: switch to LazyUserFolder
+                $userFolder = \OC::$server->getUserFolder();
+                $this->server->addPlugin(new SharesPlugin(
+                    $this->server->tree,
+                    $userSession,
+                    $userFolder,
+                    \OC::$server->getShareManager()
+                ));
+                $this->server->addPlugin(new CommentPropertiesPlugin(
+                    \OC::$server->getCommentsManager(),
+                    $userSession
+                ));
+                $this->server->addPlugin(new \OCA\DAV\CalDAV\Search\SearchPlugin());
+                if ($view !== null) {
+                    $this->server->addPlugin(new FilesReportPlugin(
+                        $this->server->tree,
+                        $view,
+                        \OC::$server->getSystemTagManager(),
+                        \OC::$server->getSystemTagObjectMapper(),
+                        \OC::$server->getTagManager(),
+                        $userSession,
+                        \OC::$server->getGroupManager(),
+                        $userFolder
+                    ));
+                    $this->server->addPlugin(new SearchPlugin(new \OCA\DAV\Files\FileSearchBackend(
+                        $this->server->tree,
+                        $user,
+                        \OC::$server->getRootFolder(),
+                        \OC::$server->getShareManager(),
+                        $view
+                    )));
+                }
+            }
+        });
+    }
+
+    public function exec() {
+        $this->server->exec();
+    }
 }