enable signature auth in public share auth middleware

[C0rby]

Description

Added signature authentication to the public share auth middleware.

Motivation and Context

To support archive downloads in password protected public links we need some way to authenticate the requests.
We can't provide the password via the Authorization header because the download is triggered via browser mechanisms like <a href= and not via fetch or XmlHttpRequests.
Here the public share signature comes into play. To support archive downloads you can take the signature and expiration parameters from a files downloadURL and append them to the archive download url.

This could look like this:

curl -k 'https://localhost:9200/archiver?public-token=urxyrXobvuXYaFi&id=ZTFhNzNlZGUtNTQ5Yi00MjI2LWFiZGYtNDBlNjljYTgyMzBkOnVyeHlyWG9idnVYWWFGaS9hZGM1Nzc3MS0wNTI2LTQxYzgtYTk3Yy0wNDk5NWZjY2FkMzE=&id=ZTFhNzNlZGUtNTQ5Yi00MjI2LWFiZGYtNDBlNjljYTgyMzBkOnVyeHlyWG9idnVYWWFGaS82ZThiMmQ2NC03ZDAxLTRiMjctOTFkOC0yZjZlNTdmZThjZTk=&signature=eec4738af66435fd2075e0eb5542aa22e5630fb4733c76cf63ece90eac9887ee&expiration=2021-11-30T15:59:20%2b01:00' -o download.tar

There are some drawbacks though, like if there are no files, only folders, in the current PROPFIND response then you don't have access to the signature and expiration. One way to solve that could be to add one or two new attributes to the PROPFIND root where we would add the signature and expiration. This way these values would always be present and accessible. Though this would divert from the behavior in ownCloud 10.

/cc @fschade

How Has This Been Tested?

• locally via curl

Screenshots (if appropriate):

Types of changes

• New feature (non-breaking change which adds functionality)

Checklist:

• Code changes

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
1 Code Smell

0.0% Coverage
0.0% Duplication