[Owncloud] Question about token based Authentication

[Michael Göhler]

Hi Borislav,

The token generated in oc_preferences is for persistent login cookie
handling which is used for the web interface only.

I guess, if you want to connect from a mobile-app you have to use the
webdav (sabredav) backend. Which does not support cookies or tokens at
all.

Regards,
Michael


Am Thu, 23 Aug 2012 14:46:55 +0300
schrieb Борислав Събев <borislavsabev at gmail.com>:

> Hello all.
> 
> I'm new to the owncloud community so let me introduce myself. You
> already know my name, but for the sake of correctness it's Borislav
> Sabev. Currently I'm a PHP developer at my workplace, a Python dev
> and GNU Linux enthusiast by hearth.
> 
> So with this said I can continue to the question at hand. Firstly is
> there token based authentication (authorization) in the core system?
> After digging through the core, db and apps we found that there is
> somekind of a token generated in *oc_preferences*:
> 
> userid: ******
> appid: login
> configkey: token
> configvalue: TheTokenItSelf
> 
> Can this be used for tokenizing access to the cloud via mobile apps?
> We would like to add such support as (maybe) an app, but because of
> scarse (next to none actually) documentation we don't know where to
> begin. I've looking at the code for a day and a half now and we're
> nowhere past knowing that we should use the hooks system. Our
> requirement states that we should provide token based Authorization
> in conjunction with LDAP Authentication. My question requires more of
> a technical guideline than as to how to proceed. A big drawback is
> that the Class inheritance
> diagram<http://api.owncloud.org/graph_class.html>does not load. So
> any ideas and info on the core auth system flow?
> 
> Thank you in advance.
> Cheers,
>    Borislav.