[Owncloud] WebDAV with OAuth 2.0 support

fkooman at tuxed.net fkooman at tuxed.net
Sun Oct 28 12:22:22 UTC 2012 

Hi,

The first part of implementing OAuth 2.0 in Owncloud is more or less
finished, i.e.: it works for me with some simple cURL testing :)

Why is this cool?
- you don't need to store the password on your device
- it is easy to use other authentication protocols (like OpenID,
BrowserID and SAML from the mobile apps and not just with the web
interface)
- if you lose your device you can revoke the access token at your
owncloud instance

The second part is modifying the Owncloud apps to be able to use this
OAuth enabled WebDAV endpoint instead of the regular endpoint and deal
with fetching a token from the OAuth authorization server and using
that instead of username/password

Then the real testing can start and we'll make a lot of people in The
Netherlands and enterprise users happy :-)

Other stuff to do:
- the API also needs to support OAuth 2.0
- test this with both php-oauth (https://github.com/fkooman/php-oauth)
and Google's services
(https://developers.google.com/accounts/docs/OAuth2Login#validatingtoken)
- figure out whether or not Owncloud should incorporate its own OAuth
2.0 authorization server (use the one from remoteStorage app?)
- don't have a separate endpoint for OAuth enabled webdav
- write some tests
- add documentation

Regards,
François


Obligatory "screenshot":

$ curl -v -H "Authorization: Bearer 71e5c79afbd5b814fc41b3246f9c6943"
http://localhost/owncloud/remote.php/odav/hello.txt
* About to connect() to localhost port 80 (#0)
*   Trying ::1...
* connected
* Connected to localhost (::1) port 80 (#0)
> GET /owncloud/remote.php/odav/hello.txt HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: localhost
> Accept: */*
> Authorization: Bearer 71e5c79afbd5b814fc41b3246f9c6943
>
< HTTP/1.1 200 OK
< Date: Sun, 28 Oct 2012 12:21:27 GMT
< Server: Apache/2.2.22 (Unix) DAV/2 PHP/5.3.15 with Suhosin-Patch
mod_ssl/2.2.22 OpenSSL/0.9.8r
< X-Powered-By: PHP/5.3.15
< Set-Cookie: PHPSESSID=ipjq9fm012nl6g6p4o6hqsp3l2; path=/; HttpOnly
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Last-Modified: Sun, 28 Oct 2012 12:21:12 GMT
< ETag: "508d234759f447.43028220"
< Content-Length: 12
< Content-Type: text/plain
<
* Connection #0 to host localhost left intact
Hello World!
* Closing connection #0

More information about the Owncloud mailing list