HEX
Server: LiteSpeed
System: Linux d8 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64
User: wbwebdes (3015)
PHP: 8.1.31
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/wbwebdes/domains/files.wb-cloud.nl/private_html/apps/app_api/lib/
Upload Files
File: /home/wbwebdes/domains/files.wb-cloud.nl/private_html/apps/app_api/lib/AppAPIAuthBackend.php
<?php

declare(strict_types=1);

/**
 * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

namespace OCA\AppAPI;

use OCA\DAV\Connector\Sabre\Auth;
use OCP\IRequest;
use OCP\ISession;
use Sabre\DAV\Auth\Backend\BackendInterface;
use Sabre\HTTP\RequestInterface;
use Sabre\HTTP\ResponseInterface;

class AppAPIAuthBackend implements BackendInterface {

	public function __construct(
		private IRequest $request,
		private ISession $session,
	) {
	}

	public function check(RequestInterface $request, ResponseInterface $response): array {
		if ($this->request->getHeader('AUTHORIZATION-APP-API')) {
			$davAuthenticated = $this->session->get(Auth::DAV_AUTHENTICATED);
			$userIdHeader = explode(':', base64_decode($this->request->getHeader('AUTHORIZATION-APP-API')), 2)[0];
			$sessionUserId = $this->session->get('user_id');
			if ($sessionUserId === $userIdHeader && $davAuthenticated === $sessionUserId) {
				$authString = 'principals/users/' . $this->session->get('user_id');
				return [true, $authString];
			}
		}
		return [false, 'AppAPIAuth has not passed'];
	}

	public function challenge(RequestInterface $request, ResponseInterface $response) {
	}
}
@ Telegram