From d05f0674f79811c9dea3b37cd96642f9be9b7826 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?John=20Molakvo=C3=A6?= Date: Thu, 5 Oct 2023 11:23:55 +0200 Subject: [PATCH] fix(files_external): basic auth user storage trigger MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: John Molakvoæ --- apps/files_external/lib/Controller/ApiController.php | 1 + apps/files_external/src/actions/enterCredentialsAction.ts | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/apps/files_external/lib/Controller/ApiController.php b/apps/files_external/lib/Controller/ApiController.php index 5a62a19e3cb8f..163d403dc2c4f 100644 --- a/apps/files_external/lib/Controller/ApiController.php +++ b/apps/files_external/lib/Controller/ApiController.php @@ -126,6 +126,7 @@ public function getUserMounts(): DataResponse { /** * @NoAdminRequired + * @NoCSRFRequired * * Ask for credentials using a browser's native basic auth prompt * Then returns it if provided diff --git a/apps/files_external/src/actions/enterCredentialsAction.ts b/apps/files_external/src/actions/enterCredentialsAction.ts index eeb2f5f879322..162a359f48866 100644 --- a/apps/files_external/src/actions/enterCredentialsAction.ts +++ b/apps/files_external/src/actions/enterCredentialsAction.ts @@ -75,11 +75,13 @@ export const action = new FileAction({ async exec(node: Node) { // always resolve auth request, we'll process the data afterwards - const response = await axios.get(generateOcsUrl('/apps/files_external/api/v1/auth'), { - validateStatus: () => true, + // Using fetch as axios have integrated auth handling and X-Requested-With header + const response = await fetch(generateOcsUrl('/apps/files_external/api/v1/auth'), { + headers: new Headers({ Accept: 'application/json' }), + credentials: 'include', }) - const data = (response?.data || {}) as OCSAuthResponse + const data = (await response?.json() || {}) as OCSAuthResponse if (data.ocs.data.user && data.ocs.data.password) { const configResponse = await axios.put(generateUrl('apps/files_external/userglobalstorages/{id}', node.attributes), { backendOptions: data.ocs.data,