From 71205b8b07be83c0a1ced3ce5dfe92629c7a5cc3 Mon Sep 17 00:00:00 2001
From: "Michiel@unhosted" <michiel@unhosted.org>
Date: Fri, 2 Sep 2011 14:56:40 +0200
Subject: [PATCH] adding core_unhosted app

---
 apps/core_unhosted/admin.php                |  50 +++++++++
 apps/core_unhosted/ajax/deletetoken.php     |  12 +++
 apps/core_unhosted/ajax/link.php            |  49 +++++++++
 apps/core_unhosted/appinfo/database.xml     |  59 +++++++++++
 apps/core_unhosted/appinfo/info.xml         |  10 ++
 apps/core_unhosted/compat.php               | 110 ++++++++++++++++++++
 apps/core_unhosted/css/admin.css            |   2 +
 apps/core_unhosted/img/island.png           | Bin 0 -> 3674 bytes
 apps/core_unhosted/js/admin.js              |  16 +++
 apps/core_unhosted/lib_unhosted.php         |  86 +++++++++++++++
 apps/core_unhosted/oauth_ro_auth.php        |  73 +++++++++++++
 apps/core_unhosted/templates/admin.php      |  19 ++++
 apps/core_unhosted/templates/breadcrumb.php |   4 +
 apps/core_unhosted/templates/files.php      |   9 ++
 14 files changed, 499 insertions(+)
 create mode 100644 apps/core_unhosted/admin.php
 create mode 100644 apps/core_unhosted/ajax/deletetoken.php
 create mode 100644 apps/core_unhosted/ajax/link.php
 create mode 100644 apps/core_unhosted/appinfo/database.xml
 create mode 100644 apps/core_unhosted/appinfo/info.xml
 create mode 100644 apps/core_unhosted/compat.php
 create mode 100644 apps/core_unhosted/css/admin.css
 create mode 100644 apps/core_unhosted/img/island.png
 create mode 100644 apps/core_unhosted/js/admin.js
 create mode 100644 apps/core_unhosted/lib_unhosted.php
 create mode 100644 apps/core_unhosted/oauth_ro_auth.php
 create mode 100644 apps/core_unhosted/templates/admin.php
 create mode 100644 apps/core_unhosted/templates/breadcrumb.php
 create mode 100644 apps/core_unhosted/templates/files.php

diff --git a/apps/core_unhosted/admin.php b/apps/core_unhosted/admin.php
new file mode 100644
index 0000000000..8a4f9f9a2e
--- /dev/null
+++ b/apps/core_unhosted/admin.php
@@ -0,0 +1,50 @@
+<?php
+
+/**
+* ownCloud app for using your OwnCloud on the unhosted web
+*
+* @author Michiel de Jong
+* Some parts are from the files_publiclink app, and thus:
+* @copyright 2010 Robin Appelman icewind1991@gmail.com
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+// Init owncloud
+require_once('../../lib/base.php');
+require_once( 'lib_unhosted.php' );
+require( 'template.php' );
+
+// Check if we are a user
+if( !OC_USER::isLoggedIn()){
+//var_export($_COOKIE);
+//var_export($_SESSION);
+//die('get a cookie!');
+	header( "Location: ".OC_HELPER::linkTo( "index.php" ));
+	exit();
+}
+
+OC_APP::setActiveNavigationEntry( "unhosted_web_administration" );
+
+OC_UTIL::addStyle( 'unhosted_web', 'admin' );
+OC_UTIL::addScript( 'unhosted_web', 'admin' );
+
+// return template
+$tmpl = new OC_TEMPLATE( "unhosted_web", "admin", "admin" );
+$tmpl->assign( 'tokens', OC_UnhostedWeb::getAllTokens());
+$tmpl->printPage();
+
+?>
diff --git a/apps/core_unhosted/ajax/deletetoken.php b/apps/core_unhosted/ajax/deletetoken.php
new file mode 100644
index 0000000000..3e3668188b
--- /dev/null
+++ b/apps/core_unhosted/ajax/deletetoken.php
@@ -0,0 +1,12 @@
+<?php
+$RUNTIME_NOAPPS=true; //no need to load the apps
+
+require_once '../../../lib/base.php';
+
+require_once '../lib_unhosted.php';
+
+$token=$_GET['token'];
+if(OC_User::isLoggedIn()) {
+	OC_UnhostedWeb::deleteToken($token);
+}
+?>
diff --git a/apps/core_unhosted/ajax/link.php b/apps/core_unhosted/ajax/link.php
new file mode 100644
index 0000000000..9f479cbd51
--- /dev/null
+++ b/apps/core_unhosted/ajax/link.php
@@ -0,0 +1,49 @@
+<?php
+// We send json data
+header( "Content-Type: application/jsonrequest" );
+header("Access-Control-Allow-Origin: https://myfavouritesandwich.org");
+header('Access-Control-Max-Age: 3600');
+header('Access-Control-Allow-Methods: OPTIONS, POST');
+
+try {
+	if($_POST['secret'] && $_POST['userAddress'] && $_POST['dataScope'] && $_POST['secret']=='XRlc2FuZHdpY2gub3JnIiwiZW1haWwiOiJhc2RmYXNkZkB1b') {
+		// Init owncloud
+		require_once('../../../lib/base.php');
+		require_once('../lib_unhosted.php');
+
+		$ownCloudDetails = array(
+			'url' => 'https://myfavouritesandwich.org:444/',
+			'usr' => $_POST['userAddress'],//this is not necessarily the case, you could also use one owncloud user and many user addresses on it
+			'pwd' => OC_User::generatePassword(),
+			);
+		$storage = array(
+			'dataScope' => $_POST['dataScope'],
+			'storageType' => 'http://unhosted.org/spec/dav/0.1',
+			'davUrl' => 'https://myfavouritesandwich.org:444/apps/unhosted_web/compat.php/'.$ownCloudDetails['usr'].'/unhosted/',
+			'userAddress' => $_POST['userAddress'],//here, it refers to the user sent to DAV in the basic auth
+			);
+		if(OC_User::userExists($ownCloudDetails['usr'])){
+			$message = 'account reopened';
+			$result = OC_User::setPassword($ownCloudDetails['usr'], $ownCloudDetails['pwd']);
+		} else {
+			$message = 'account created';
+			$result = OC_User::createUser($ownCloudDetails['usr'], $ownCloudDetails['pwd']);
+		}
+		if($result) {
+			$storage['davToken'] = OC_UnhostedWeb::createDataScope(
+				'https://myfavouritesandwich.org/',
+				$ownCloudDetails['usr'], $storage['dataScope']);
+			echo json_encode(array('ownCloudDetails' => $ownCloudDetails, 'storage' => $storage));
+			exit();
+		} else {
+			echo json_encode( array( "status" => "error", "data" => "couldn't ", "ownCloudDetails" => $ownCloudDetails));
+			exit();
+		}
+	} else {
+		echo json_encode( array( "status" => "error", "data" => "post not ok"));
+	}	
+} catch(Exception $e) {
+	echo json_encode( array( "status" => "error", "data" => $e));
+}
+echo json_encode( array( "status" => "error", "data" => array( "message" => "Computer says 'no'" )));
+?>
diff --git a/apps/core_unhosted/appinfo/database.xml b/apps/core_unhosted/appinfo/database.xml
new file mode 100644
index 0000000000..db25657085
--- /dev/null
+++ b/apps/core_unhosted/appinfo/database.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<database>
+	 <name>*dbname*</name>
+	 <create>true</create>
+	 <overwrite>false</overwrite>
+	 <charset>latin1</charset>
+	 <table>
+		<name>*dbprefix*authtoken</name>
+		<declaration>
+			<field>
+				<name>token</name>
+				<type>text</type>
+				<default></default>
+				<notnull>true</notnull>
+				<length>40</length>
+			</field>
+			<field>
+				<name>appUrl</name>
+				<type>text</type>
+				<default></default>
+				<notnull>true</notnull>
+				<length>128</length>
+			</field>
+			<field>
+				<name>user</name>
+				<type>text</type>
+				<default></default>
+				<notnull>true</notnull>
+				<length>64</length>
+			 </field>
+			<field>
+				<name>dataScope</name>
+				<type>text</type>
+				<default></default>
+				<notnull>true</notnull>
+				<length>64</length>
+			 </field>
+			<field>
+				<name>userAddress</name>
+				<type>text</type>
+				<default></default>
+				<notnull>true</notnull>
+				<length>64</length>
+			 </field>
+			<index>
+				<name>a_app_unhostedweb_user</name>
+				<unique>true</unique>
+				<field>
+					<name>user</name>
+					<sorting>ascending</sorting>
+				</field>
+				<field>
+					<name>token</name>
+					<sorting>ascending</sorting>
+				</field>
+			</index>
+		</declaration>
+	</table>
+</database>
diff --git a/apps/core_unhosted/appinfo/info.xml b/apps/core_unhosted/appinfo/info.xml
new file mode 100644
index 0000000000..dccbd3b824
--- /dev/null
+++ b/apps/core_unhosted/appinfo/info.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0"?>
+<info>
+	<id>core_unhosted</id>
+	<name>Unhosted Web</name>
+	<description>On websites that allow unhosted accounts, use your owncloud as the storage for your user data</description>
+	<version>0.1</version>
+	<licence>AGPL</licence>
+	<author>Michiel de Jong</author>
+	<require>2</require>
+</info>
diff --git a/apps/core_unhosted/compat.php b/apps/core_unhosted/compat.php
new file mode 100644
index 0000000000..88dac5e7b5
--- /dev/null
+++ b/apps/core_unhosted/compat.php
@@ -0,0 +1,110 @@
+<?php
+
+/**
+* ownCloud
+*
+* Original:
+* @author Frank Karlitschek
+* @copyright 2010 Frank Karlitschek karlitschek@kde.org
+* 
+* Adapted:
+* @author Michiel de Jong, 2011
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+
+// Do not load FS ...
+$RUNTIME_NOSETUPFS = true;
+
+require_once('../../lib/base.php');
+require_once('Sabre/autoload.php');
+require_once('lib_unhosted.php');
+require_once('oauth_ro_auth.php');
+
+ini_set('default_charset', 'UTF-8');
+#ini_set('error_reporting', '');
+@ob_clean();
+
+//allow use as unhosted storage for other websites
+if(isset($_SERVER['HTTP_ORIGIN'])) {
+	header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
+	header('Access-Control-Max-Age: 3600');
+	header('Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, PROPFIND');
+  	header('Access-Control-Allow-Headers: Authorization');
+} else {
+	header('Access-Control-Allow-Origin: *');
+}
+
+$path = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]));
+$pathParts =  explode('/', $path);
+// for webdav:
+// 0/     1       /   2    /   3  /   4     /    5     /   6     / 7
+//  /$ownCloudUser/unhosted/webdav/$userHost/$userName/$dataScope/$key
+// for oauth:
+// 0/      1      /  2     /  3  / 4
+//  /$ownCloudUser/unhosted/oauth/auth
+
+if(count($pathParts) >= 8 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'webdav') {
+	list($dummy0, $ownCloudUser, $dummy2, $dummy3, $userHost, $userName, $dataScope) = $pathParts;
+
+	OC_Util::setupFS($ownCloudUser);
+
+	// Create ownCloud Dir
+	$publicDir = new OC_Connector_Sabre_Directory('');
+	$server = new Sabre_DAV_Server($publicDir);
+
+	// Path to our script
+	$server->setBaseUri("$WEBROOT/apps/core_unhosted/compat.php/$ownCloudUser");
+
+	// Auth backend
+	$authBackend = new OC_Connector_Sabre_Auth_ro_oauth(OC_UnhostedWeb::getValidTokens($ownCloudUser, $userName.'@'.$userHost, $dataScope));
+
+	$authPlugin = new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud');//should use $validTokens here
+	$server->addPlugin($authPlugin);
+
+	// Also make sure there is a 'data' directory, writable by the server. This directory is used to store information about locks
+	$lockBackend = new OC_Connector_Sabre_Locks();
+	$lockPlugin = new Sabre_DAV_Locks_Plugin($lockBackend);
+	$server->addPlugin($lockPlugin);
+
+	// And off we go!
+	$server->exec();
+} else if(count($pathParts) >= 4 && $pathParts[0] == '' && $pathParts[2] == 'unhosted' && $pathParts[3] == 'oauth2' && $pathParts[4] = 'auth') {
+	if(isset($_POST['allow'])) {
+		//TODO: input checking. these explodes may fail to produces the desired arrays:
+		$ownCloudUser = $pathParts[1];
+		foreach($_GET as $k => $v) {
+			if($k=='user_address'){
+				$userAddress=$v;
+			} else if($k=='redirect_uri'){
+				$appUrl=$v;
+			} else if($k=='scope'){
+				$dataScope=$v;
+			}
+		}
+		if(OC_User::getUser() == $ownCloudUser) {
+			//TODO: check if this can be faked by editing the cookie in firebug!
+			$token=OC_UnhostedWeb::createDataScope($appUrl, $userAddress, $dataScope);
+			header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=unhosted');
+		} else {
+			die('not logged in: '.var_export($pathParts, true));
+		}
+	} else {
+		echo '<form method="POST"><input name="allow" type="submit" value="Allow this web app to store stuff on your owncloud."></form>';
+	}
+} else {
+	die('not webdav and not oauth. dont know what to do '.var_export($pathParts, true));
+}
diff --git a/apps/core_unhosted/css/admin.css b/apps/core_unhosted/css/admin.css
new file mode 100644
index 0000000000..f21b289f04
--- /dev/null
+++ b/apps/core_unhosted/css/admin.css
@@ -0,0 +1,2 @@
+td.path{min-width:200px}
+td.expire{width:120px}
\ No newline at end of file
diff --git a/apps/core_unhosted/img/island.png b/apps/core_unhosted/img/island.png
new file mode 100644
index 0000000000000000000000000000000000000000..8536e508e34ee62aad11321fdf245645afc2811b
GIT binary patch
literal 3674
zcmeAS@N?(olHy`uVBq!ia0y~yU@!n-4kiW$h8qca7Z?~AIP=}yiWwLfBpE>9-{+@u
zL4pMyksv`21_lNX2Dg*hb|AsB0>^X)28KkC5e%F*;j9b{ycV7=jv*0;TO&Ou%N#GQ
zd!Ksknr-y?eFX**0@{ufSR9ztSQ;Bxx>QsqnmxVnZh}l&MQ6Yb_SX*<>)ZW)V*g-+
zY*CA@Wsa;sqLs!>YX&A3ha47z8yq}o2F82C%X5F$oLI9o-C?zQmDTE9TAx?HugyPs
z{RjX5AMY6$7&tmO8aNozIDYZIj4Zx;%(>!EcjM;3^OAaVl56|UT6RwOFRAdeX~x<<
zSB-eKgumRIwJ$a}9^g@x5=cu;U~`+$k#WLsfd%_?#UrKOUxdEwj=RIGHFsX4;n5}h
z0ul~NiTd(anwc3ZY*+Q1kPDfiH;<RgBS??o!kp9;76vz#1heT18;&SRwobhssm(k$
z`r*bW355-o_BY@1aGaTQ=-3x7my`sD&Y5Qoq77xmSf(=n{r{jw)8)yOjUggYrn4k-
zb#(PRJy?%3#k4CkH@<wF)IZ_F>Ch{WlV?Z^U6_#4kkG~>7^##x<w;(A%Z#A29Ue_H
zW;Sa6esy~0As_vl%ePGk<6ib)#!Ut0gb6Ii4jQc%^_gP7|FK1(40~e6?P=N8juMaF
zZ<5kJ7i+V4*48KnNlA;+-7%gm9S+Zgd)IL?a&mGC26{c*b?)Y8@!R|UKV0em$YNhv
z?ZHW6P5Yeh`%L+#ZnAy%x@f(rzr0e<f9*I?!8_A*g2LY3uJ{v+W=ns}E>~e;P&^W~
z^_W*{V#&Kds@DtctZMUi7%iESl&08WZY9PnsOoihUv+-&+FQJbIzL{#IWzP4w#6Du
zCaa!Zxi7#d8Tmhb8tcP`=T=o!N?gqoW^xv8*#CcSx%~_6>9N;8#w@>>#p?Lu_IEp*
zq8|#&HoxAlqsXCI_xJVo^RYWzJi4Ze6zwo7c{DY7_VcvE22MtPtUMiSCN^$Vnsvpo
zBk0t5z4*Ol$&RWgpY6O^d;XoGV`tF(`!Oqcc-;a+R`RqZMo3D<M8)0w_QXapa@x@|
zUYZOYiy}CjR8&6Po_jicJ-5>N;;BgtaWPSLrOz&}jeh3LXF9j##IM4h;|$CO8!A4t
z*S9eACI3I4f8YM+xBP3Xwr<_}YU=s?HDTGi%kzX?0%fkh=G9DHdu>O_)6XwgdMd@l
zL~$M75mIz}Uw-s70g;x40xnH0OBx&PZf^?<TfKH$e~0S&C%@-1|NfpgZ}!xnTibk_
zgr+K_ZB*ku*&);*dwgGc{l~|b(|?~z<-Py;j`#HSx%YQHy>Re(tH9N$+N`8M*WT`)
z>$m-4#u3k^hVAd~MenFp@0+Ziwk*!7W<ywh#k|)R-%e$f7Jh6KNcvw~?WMXtEZ-&~
z#_Hp%>t(t3qgG!R&$}Dy)yor}mcC4+SmwCLi8;sJI~#(czRTN$bO|a1atTglQarj>
zU+w^7=%+h}+xg~LR`0v}QpK~VzVPMGz32D*KDhGaM?<9|nT@-4mA&s~e_vbi>*eyY
zUF$yk@Bfi1;_A6bps?=qoAUdAzV*)D&i4EFd;5wX=l}m&?Y6nK!(~hL^>6t#e?3lq
z7Ft@ewwb3#$25AH>gFwntx}Av`_|4l?&f}N)z+6MJHt+Yzdg5e<3;W3>-_zFj}-QF
z^ro%8nG?IKYVXag*xmaQBEvRcofO2Sl(uhY!Sg5e`#*o$s60P*=eL)w-roITzkZ)O
zbLPzd-~Wym&rXZ8*|7d?IY;N#=Zs#CD?*ISt&?wuvAIT<|Grk~!gDxdhf#>6)UKMZ
zzoz~4UH96cSfDM4Bki63bnCf!BCbz^G&!1HuIzk#oX<Wga_$@n<^w?|=gyq<=f#zq
z#?SQ_4qRNnZ^xEDCkkb*Z+!mT?Crg+x;)B?EuH2)2NXIrx*pAZxpMD$yTAY3)7jX6
zF)p~6W4As1`?<H#TSEjFMy;-1r@SO$N9pn)$*7tgZ+5<OsE<GW{r0~84lhm3r>9Ou
z?Y&r&cRtwoa<J0`fkij7=KgxJXUeCq!p9eDFg2`=epZ%KeW~=W-}2LII1JBMas;`*
z*5Hb_{TH<O;+}$+TugcQw>|y7|F74gDc=}1Qy1TS#kTP5wEHj1nxAH^ja#0!_@>tM
zJsMq8layE*47#$mMhUQV@SG`>`Txq^|C;pK`Tw8Jx3jeWezdtgI9OQuuxQw+@3kr>
zWk#H0jgdl1N(P(X-nd`&_Q#VW7R>TD{>RkETk<%co^(cGsY{Cj$E)6DxsjJ9{jGiK
zxBd0bb9a_WGVCa?59C-V;;k89Q8)kjF8O);EH1?V`}6B-vACY)w$gu(o^HJOu=As!
zQ`Xj629Y2J=H;5bj1w6JKiv1*w|Ft5AZy|m`TwOtf^n90S3bw2ZP0!FZ0&7x@pmP=
z?pl9;x4Z8$FO#B+085|<KQAA{fmczc-doO`;c0GmJ`=P0ddMV;zO!c%MSA;t^Qw}5
zo&4#$yDVqxlBJutI&Y>#rm;=PoZG<@@aaxtqn+ZB69r49S+oMT>E_?v`TJY`J>ANA
z0wKxgPAeXH`qZ6AXQ|I5mGvtGR$momnBdej!Bfb1v&fcD8BgEs)wlcc;>-O%U(c%@
zb3d$cO6$oR;nK!sxg8B%SIh5NG&VR2Oo?${{#^L}k6XR7xx4wNUtA*d*XDrNeO6DI
z&2|j2sT0+-`<(rrcC{1=g|q#R`~OUPv9jn=A;%OoCb!rR%uVaIXz1E-th~*;%Tb&|
zvVl=(>Xg$<ll5i&L_BT_UJ|;bl<Ar2d0HuR;uMvZ4LO>+in@t6mn{*Pv_w@$Q|I)i
zT&0Iq_x$Vs{9P|+HAD2nvJW2J^05n2wsOo2@=)MZa#2!paa?ry<-QHyXU1A@-&Py%
z!Pw!_;*$B*MTJFCQBY}<*9=i(?Wr%;vI!bF2)Nz<eeSjY`+GMtwt4vXs<kiOpt1U_
zfFP%W?uAQSTnvI==6Za&Yyacgiw^}7ZcYN)Q;!tNw0g>{RPmb>QFv(06fXvbRt3cg
zEqy2M=1mtU%enpO%)7b!-bYWnav^ZB*VBwJQ|4ISl;aJWB2F$sN?nUie%!df;`Q-K
z8v@rKFO)bgsD1R*loGF%DxM4io->$&1UL^eG&3{bulf2q|L>FEGoF3fQfBf;=;?+D
z0e?O$uV=c_ytZJgVt>aX3pvSkJJ!XnHn+MPz_BoNj*B1z$LULLK8GAW&pyIw{QdjX
zc)PM6Hzqm<ail36s^Oloj%9DDjcCYJp~cyEuk`&gQ*;$M`un@x@6Y>xeZDyHVcBlw
zjwxO<Ec+H&@HFncooCF<cqN-Ry35>ePtB7Hjd%UuIy6{#Y8X3hZ1d|pIc3t(g+9)i
z;!941MrGXI_IBsF+4+0E>F@vXbn#Tt+l4J63<uV{+Inl++1Y>cc5Dl?{&gul&SuB^
z&X*^{Zp%wc_Dy!-N}MBeR;~B4tl76+d(Wt(EV;_e+Lag(f1S7KZ}s<{e%}9Y@BiJK
zR3O7GA$9iJMdkRPht1=xKfg?0b7i%@e5hAzV2IxIM;2;}_MAO%V%hnH{SBsaYu#Kv
zF1D}h-Zb}uRZ@^kriX)zKvR=~gsj}WxpVD`-zBYnyS?^*Ywh_zZ_d{xS@$Vytbaex
zpy!drwTaWt?3r2HW5{*Bvm>p%jiKVx-u}&I&2_<kzEx(@%Xhmk-LZdt&Bsqy{m;eD
znI&QWrTTa7?XJfz91~SK=jrxd%FOY<9W-azdYk5%j0VQ@YW|1l>AgAF#Hyh=<Bsdp
zpmncrOgnn!Zr%hHPEM`7y``IU6qqLaSIX*`bxu3@=JbZ^UOSg??QZ&FaDL&oRM$k2
z66d`Sx94cTX!~_Y#jiy{QI%2S+{{Z?SG;U6FrLNY>UNK(LC8E~8N&wm2UW_q^UBZ7
z+56!4TtD*_JiOCR$F05g!CF?)W#yBtQMoQMGB5JC-e&mmtMl;$m6vV?hmRh}Fzamf
z&kf$m$jc;oTBO79WA}uJm1(PGSstE^E?>U<*zUUrHa)rWq+;{cdxpmE%Xew74t0=N
z$Fp|Ly3(d~&v$t)Vi25p*=yecvDxq1y=L=ezMc3r-pIu2{Y;rv{G1Fq$Md$<GR(OD
z$3^D2@nzw@w;`)b&zI`Q@0C2xskEx)`l_!A9WuAs(q!kCe$h5F?NKSQ^ZYp>^8ky}
zrHmC4?Ob}?9XxL;&vF0$X3_U{SKjWo{Jh_`->MT}*_La)?X5+bKwEaUsbb5NOOuQ|
zL&E%;ULI30(!QpX@m9fTa%Pp2m_&7uPrqQWtzw{v+vQ+kuay>kvB#xk-lT_3UC5}J
znwn9N`7`ij@ozI<;YIgf9`V#^4OsKLJ;$o&z!?pRnURfry$5&}FiiM3H#mLcgWw+)
zCR27wzfxGj#mT-|P5Y&9p_kh`?ns+cRZnvk@xAV1jL@u|v~-Hm?1=A<9_`2XSZS?@
zzP{J#OBu(fclWJW)Kb12@%U`UAX32PX1F2fQt_KTh0zZ@+iT7!2i?m*A3dLgRj>L(
z%3|Kwi#i^gf=+!{lB~QrX~Me4DLX!gUP@}%prLnJ@Wic;t$(gu{-*zAhEu?qx<?5N
z3`f^QyYKutgVDii+tztcwk+PSIDd)lmD2s)BG-<WzRAhScy7cLdSgQ2tiUC?C;xnJ
zD4DiL_x9sI6NGjqZk%_ox^U6)6I_>F(&`va#WNfT5)jqXHaooah~nEd(kZqNu5bJ$
z;hX+BFF{+Ev1ilPK8gSQp$~V3+4QEDF)%QwmbgZgq$HN4S|t~yCYGc!7#SEE=o%X6
z8d-)InphcFS{WE?8yHv_7_<pFsH14e%}>cptHiD0yZ?{b3=9n7AR7wu(yfv*OLS9G
z3raF{%ZoBgN>cL}IF=vL`2_0!fs_R2r<If^7Ns(z=jG?7>J}##rKaW;XXKZ>XWkF$
P0y22I`njxgN@xNA9ns2h

literal 0
HcmV?d00001

diff --git a/apps/core_unhosted/js/admin.js b/apps/core_unhosted/js/admin.js
new file mode 100644
index 0000000000..bf578c0b54
--- /dev/null
+++ b/apps/core_unhosted/js/admin.js
@@ -0,0 +1,16 @@
+$(document).ready(function() {
+	$("button.revoke").live('click', function( event ) {
+		event.preventDefault();
+		var token=$(this).attr('data-token');
+		var data="token="+token;
+		$.ajax({
+			type: 'GET',
+			url: 'ajax/deletetoken.php',
+			cache: false,
+			data: data,
+			success: function(){
+				$('#'+token).remove();
+			}
+		});
+	});
+});
diff --git a/apps/core_unhosted/lib_unhosted.php b/apps/core_unhosted/lib_unhosted.php
new file mode 100644
index 0000000000..304759c521
--- /dev/null
+++ b/apps/core_unhosted/lib_unhosted.php
@@ -0,0 +1,86 @@
+<?php
+
+class OC_UnhostedWeb {
+	public static function getValidTokens($ownCloudUser, $userAddress, $dataScope) {
+		$user=OC_DB::escape($ownCloudUser);
+		$userAddress=OC_DB::escape($userAddress);
+		$dataScope=OC_DB::escape($dataScope);
+		$query=OC_DB::prepare("SELECT token,appUrl FROM *PREFIX*authtoken WHERE user=? AND userAddress=? AND dataScope=? LIMIT 100");
+		$result=$query->execute(array($user,$userAddress,$dataScope));
+		if( PEAR::isError($result)) {
+			$entry = 'DB Error: "'.$result->getMessage().'"<br />';
+			$entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+			error_log( $entry );
+			die( $entry );
+		}
+		$ret = array();
+		while($row=$result->fetchRow()){
+			$ret[$row['token']]=$userAddress;
+		}
+		return $ret;
+	}
+
+	public static function getAllTokens() {
+		$user=OC_User::getUser();
+		$query=OC_DB::prepare("SELECT token,appUrl,userAddress,dataScope FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
+		$result=$query->execute(array($user));
+		if( PEAR::isError($result)) {
+			$entry = 'DB Error: "'.$result->getMessage().'"<br />';
+			$entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+			error_log( $entry );
+			die( $entry );
+		}
+		$ret = array();
+		while($row=$result->fetchRow()){
+			$ret[$row['token']] = array(
+				'appUrl' => $row['appurl'],
+				'userAddress' => $row['useraddress'],
+				'dataScope' => $row['datascope'],
+			);
+		}
+		return $ret;
+	}
+
+	public static function deleteToken($token) {
+		$user=OC_User::getUser();
+		$token=OC_DB::escape($token);
+		$query=OC_DB::prepare("DELETE FROM *PREFIX*authtoken WHERE token=? AND user=?");
+		$result=$query->execute(array($token,$user));
+		if( PEAR::isError($result)) {
+			$entry = 'DB Error: "'.$result->getMessage().'"<br />';
+			$entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+			error_log( $entry );
+			die( $entry );
+		}
+	}
+	private static function addToken($token, $appUrl, $userAddress, $dataScope){
+		$user=OC_User::getUser();
+		$token=OC_DB::escape($token);
+		$appUrl=OC_DB::escape($appUrl);
+		$userAddress=OC_DB::escape($userAddress);
+		$dataScope=OC_DB::escape($dataScope);
+		$query=OC_DB::prepare("INSERT INTO *PREFIX*authtoken (`token`,`appUrl`,`user`,`userAddress`,`dataScope`) VALUES(?,?,?,?,?)");
+		$result=$query->execute(array($token,$appUrl,$user,$userAddress,$dataScope));
+		if( PEAR::isError($result)) {
+			$entry = 'DB Error: "'.$result->getMessage().'"<br />';
+			$entry .= 'Offending command was: '.$result->getDebugInfo().'<br />';
+			error_log( $entry );
+			die( $entry );
+		}
+	}
+	public static function createDataScope($appUrl, $userAddress, $dataScope){
+		$token=uniqid();
+		self::addToken($token, $appUrl, $userAddress, $dataScope);
+		//TODO: input checking on $userAddress and $dataScope
+		list($userName, $userHost) = explode('@', $userAddress);
+		OC_Util::setupFS(OC_User::getUser());
+		$scopePathParts = array('unhosted', 'webdav', $userHost, $userName, $dataScope);
+		for($i=0;$i<=count($scopePathParts);$i++){
+			$thisPath = '/'.implode('/', array_slice($scopePathParts, 0, $i));
+			if(!OC_Filesystem::file_exists($thisPath)) {
+				OC_Filesystem::mkdir($thisPath);
+			}
+		}
+		return $token;
+	}
+}
diff --git a/apps/core_unhosted/oauth_ro_auth.php b/apps/core_unhosted/oauth_ro_auth.php
new file mode 100644
index 0000000000..b785d85fea
--- /dev/null
+++ b/apps/core_unhosted/oauth_ro_auth.php
@@ -0,0 +1,73 @@
+<?php
+/**
+ * HTTP Basic authentication backend class
+ *
+ * This class can be used by authentication objects wishing to use HTTP Basic
+ * Most of the digest logic is handled, implementors just need to worry about
+ * the validateUserPass method.
+ *
+ * @package Sabre
+ * @subpackage DAV
+ * @copyright Copyright (C) 2007-2011 Rooftop Solutions. All rights reserved.
+ * @author James David Low (http://jameslow.com/)
+ * @author Evert Pot (http://www.rooftopsolutions.nl/) 
+ * @license http://code.google.com/p/sabredav/wiki/License Modified BSD License
+ */
+class OC_Connector_Sabre_Auth_ro_oauth extends Sabre_DAV_Auth_Backend_AbstractBasic {
+	private $validTokens;
+
+	public function __construct($validTokensArg) {
+		$this->validTokens = $validTokensArg;
+	}
+
+	/**
+	 * Validates a username and password
+	 *
+	 * This method should return true or false depending on if login
+	 * succeeded.
+	 *
+	 * @return bool
+	 */
+	protected function validateUserPass($username, $password){
+		//always give read-only:
+		if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
+			OC_Util::setUpFS();
+			return true;
+		} else if(isset($this->validTokens[$password]) && $this->validTokens[$password] == $username) {
+			OC_Util::setUpFS();
+			return true;
+		} else {
+var_export($_SERVER);
+var_export($this->validTokens);
+die('not getting in with "'.$username.'"/"'.$password.'"!');
+			return false;	
+		}
+	}
+
+	//overwriting this to make it not automatically fail if no auth header is found:
+	public function authenticate(Sabre_DAV_Server $server,$realm) {
+		$auth = new Sabre_HTTP_BasicAuth();
+		$auth->setHTTPRequest($server->httpRequest);
+		$auth->setHTTPResponse($server->httpResponse);
+		$auth->setRealm($realm);
+		$userpass = $auth->getUserPass();
+		if (!$userpass) {
+			if(in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD', 'OPTIONS'))) {
+				$userpass = array('', '');
+			} else {
+				$auth->requireLogin();
+				throw new Sabre_DAV_Exception_NotAuthenticated('No basic authentication headers were found');
+			}
+		}
+
+		// Authenticates the user
+		if (!$this->validateUserPass($userpass[0],$userpass[1])) {
+			$auth->requireLogin();
+			throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
+		}
+		$this->currentUser = $userpass[0];
+		return true;
+	}
+
+} 
+
diff --git a/apps/core_unhosted/templates/admin.php b/apps/core_unhosted/templates/admin.php
new file mode 100644
index 0000000000..5ad76cc17c
--- /dev/null
+++ b/apps/core_unhosted/templates/admin.php
@@ -0,0 +1,19 @@
+<table id='tokenlist'>
+	<thead>
+		<tr>
+			<td class='appUrl'><?php echo $l->t( 'App-Url' ); ?></td>
+			<td class='userAddress'><?php echo $l->t( 'User-Address' ); ?></td>
+			<td class='token'><?php echo $l->t( 'Token' ); ?></td>
+		</tr>
+	</thead>
+	<tbody>
+		<?php foreach($_['tokens'] as $token=>$details):?>
+			<tr class='token' id='<?php echo $token;?>'>
+				<td class='appUrl'><?php echo $details['appUrl'];?></td>
+				<td class='userAddress'><?php echo $details['userAddress'];?></td>
+				<td class='token'><?php echo $token;?></td>
+				<td><button class='revoke fancybutton' data-token='<?php echo $token;?>'><?php echo $l->t( 'Revoke' ); ?></button></td>
+			</tr>
+		<?php endforeach;?>
+	</tbody>
+</table>
diff --git a/apps/core_unhosted/templates/breadcrumb.php b/apps/core_unhosted/templates/breadcrumb.php
new file mode 100644
index 0000000000..733531d9e1
--- /dev/null
+++ b/apps/core_unhosted/templates/breadcrumb.php
@@ -0,0 +1,4 @@
+	<a href="<?php echo link_to("files_publiclink", "get.php?token=".$_['token']); ?>"><img src="<?php echo image_path("", "actions/go-home.png"); ?>" alt="Root" /></a>
+	<?php foreach($_["breadcrumb"] as $crumb): ?>
+		<a href="<?php echo link_to("files_publiclink", "get.php?token=".$_['token']."&path=".$crumb["dir"]); ?>"><?php echo htmlspecialchars($crumb["name"]); ?></a>
+	<?php endforeach; ?>
\ No newline at end of file
diff --git a/apps/core_unhosted/templates/files.php b/apps/core_unhosted/templates/files.php
new file mode 100644
index 0000000000..b4ae17656c
--- /dev/null
+++ b/apps/core_unhosted/templates/files.php
@@ -0,0 +1,9 @@
+		<?php foreach($_["files"] as $file): ?>
+			<tr>
+				<td class="selection"><input type="checkbox" /></td>
+				<td class="filename"><a style="background-image:url(<?php if($file["type"] == "dir") echo mimetype_icon("dir"); else echo mimetype_icon($file["mime"]); ?>)" href="<?php if($file["type"] == "dir") echo link_to("files_publiclink", "get.php?token=".$_['token']."&path=".$file["directory"]."/".$file["name"]); else echo link_to("files_publiclink", "get.php?token=".$_['token']."&path=".$file["directory"]."/".$file["name"]); ?>" title=""><?php echo htmlspecialchars($file["name"]); ?></a></td>
+				<td class="filesize"><?php echo human_file_size($file["size"]); ?></td>
+				<td class="date"><?php if($file["type"] != "dir") echo $file["date"]; ?></td>
+				<td class="fileaction"><a href="" title=""><img src="images/drop-arrow.png" alt="+" /></a></td>
+			</tr>
+		<?php endforeach; ?>
\ No newline at end of file
-- 
GitLab