Fix Digest Auth in WebDAV

pydio · Oct 13, 2016 · f6247b5 · f6247b5
1 parent 7249d05
commit f6247b5
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 6 deletions.
diff --git a/core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php b/core/src/core/src/pydio/Core/Http/Dav/AuthBackendDigest.php
@@ -118,14 +118,14 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
             try{
                 $loggedUser = AuthService::logUser($this->currentUser, null, true);
             }catch (LoginException $l){
-                throw new Sabre\DAV\Exception\NotAuthenticated();
+                $this->breakNotAuthenticatedAndRequireLogin($server, $realm, $errmsg);
             }
             $this->updateCurrentUserRights($loggedUser);
         } else {
-          if ($success === false) {
-            Logger::warning(__CLASS__, "Login failed", array("user" => $this->currentUser, "error" => "Invalid WebDAV user or password"));
-          }
-          throw new Sabre\DAV\Exception\NotAuthenticated($errmsg);
+            if ($success === false) {
+                Logger::warning(__CLASS__, "Login failed", array("user" => $this->currentUser, "error" => "Invalid WebDAV user or password"));
+            }
+            $this->breakNotAuthenticatedAndRequireLogin($server, $realm, $errmsg);
         }
 
         if($this->context->hasRepository()){
@@ -159,6 +159,24 @@ public function authenticate(Sabre\DAV\Server $server, $realm)
         return true;
     }
 
+    /**
+     * @param Sabre\DAV\Server $server
+     * @param $errmsg
+     */
+    function breakNotAuthenticatedAndRequireLogin(Sabre\DAV\Server $server, $realm, $errmsg){
+        $digest = new Sabre\HTTP\DigestAuth();
+
+        // Hooking up request and response objects
+        $digest->setHTTPRequest($server->httpRequest);
+        $digest->setHTTPResponse($server->httpResponse);
+
+        $digest->setRealm($realm);
+        $digest->init();
+        $digest->requireLogin();
+        throw new Sabre\DAV\Exception\NotAuthenticated($errmsg);
+
+    }
+
     /**
      * @param \Pydio\Core\Model\UserInterface $user
      * @return bool

diff --git a/core/src/core/src/pydio/Core/Http/Dav/DAVServer.php b/core/src/core/src/pydio/Core/Http/Dav/DAVServer.php
@@ -101,7 +101,7 @@ public static function handleRoute($baseURI, $davRoute){
         }
         $server->httpResponse = new DAVResponse();
 
-        if((AuthBackendBasic::detectBasicHeader() || ConfService::getGlobalConf("WEBDAV_FORCE_BASIC"))){
+        if(AuthBackendBasic::detectBasicHeader() || ConfService::getGlobalConf("WEBDAV_FORCE_BASIC")){
             $authBackend = new AuthBackendBasic(self::$context);
         } else {
             $authBackend = new AuthBackendDigest(self::$context);