Unverified Commit 5a8cfab6 authored by Christoph Wurst's avatar Christoph Wurst
Browse files

throw PasswordLoginForbidden on DAV

parent 82b50d12
......@@ -34,6 +34,7 @@ use OC\AppFramework\Http\Request;
use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
use OC\Authentication\TwoFactorAuth\Manager;
use OC\User\Session;
use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden;
use OCP\IRequest;
use OCP\ISession;
use Sabre\DAV\Auth\Backend\AbstractBasic;
......@@ -127,9 +128,8 @@ class Auth extends AbstractBasic {
return false;
}
} catch (PasswordLoginForbiddenException $ex) {
// TODO: throw sabre exception
$this->session->close();
return false;
throw new PasswordLoginForbidden();
}
}
}
......
<?php
/**
* @author Christoph Wurst <christoph@owncloud.com>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\DAV\Connector\Sabre\Exception;
use DOMElement;
use Sabre\DAV\Exception;
use Sabre\DAV\Server;
class PasswordLoginForbidden extends Exception {
const NS_OWNCLOUD = 'http://owncloud.org/ns';
public function getHTTPCode() {
return 401;
}
/**
* This method allows the exception to include additional information
* into the WebDAV error response
*
* @param Server $server
* @param DOMElement $errorNode
* @return void
*/
public function serialize(Server $server, DOMElement $errorNode) {
// set ownCloud namespace
$errorNode->setAttribute('xmlns:o', self::NS_OWNCLOUD);
$error = $errorNode->ownerDocument->createElementNS('o:', 'o:hint', 'password login forbidden');
$errorNode->appendChild($error);
}
}
......@@ -208,6 +208,9 @@ class AuthTest extends TestCase {
$this->assertFalse($this->invokePrivate($this->auth, 'validateUserPass', ['MyTestUser', 'MyTestPassword']));
}
/**
* @expectedException \OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden
*/
public function testValidateUserPassWithPasswordLoginForbidden() {
$this->userSession
->expects($this->once())
......@@ -222,7 +225,7 @@ class AuthTest extends TestCase {
->expects($this->once())
->method('close');
$this->assertFalse($this->invokePrivate($this->auth, 'validateUserPass', ['MyTestUser', 'MyTestPassword']));
$this->invokePrivate($this->auth, 'validateUserPass', ['MyTestUser', 'MyTestPassword']);
}
public function testAuthenticateAlreadyLoggedInWithoutCsrfTokenForNonGet() {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment