extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-14 03:54:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

untested fallback-auth GET parameter implementation (base64 encoded "username:password")

Browse Source
This commit is contained in:
ralf 2023-11-13 09:12:33 +02:00
parent 4bd33fc609
commit 2740632bdb
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/src/Vfs/Base.php
View File

@ -295,6 +295,16 @@ class Base
'host' => $GLOBALS['egw_info']['user']['domain'],
'home' => str_replace(array('\\\\', '\\'), array('', '/'), $GLOBALS['egw_info']['user']['homedirectory'] ?? ''),
);
// check if we have a (base64 encoded) fallback-auth GET parameter and need to use it
if (empty($GLOBALS['egw_info']['user']['passwd']) && strpos(($query=Vfs::parse_url($_path, PHP_URL_QUERY)), 'fallback-auth=') !== false)
{
parse_str($query, $query_params);
if (!empty($query_params['fallback-auth']) && ($raw = base64_decode($query_params['fallback-auth'])) && strpos($raw, ':') !== false)
{
list($defaults['user'], $defaults['pass']) = explode(':', $raw, 2);
$defaults['pass'] = urlencode($defaults['pass']);
}
}
$parts = array_merge(Vfs::parse_url($_path), Vfs::parse_url($path) ?: [], $defaults);
if(!$parts['host'])
{