fix some authentication cases

services/proxy/pkg/middleware/authentication.go

@@ -41,6 +41,8 @@ var (
 	// _unprotectedPathPrefixes contains paths which don't need to be authenticated.
 	_unprotectedPathPrefixes = [...]string{
 		"/files",
+		"/data",
+		"/s/",
 		"/settings",
 		"/user-management",
 		"/.well-known",

services/proxy/pkg/middleware/public_share_auth.go

@@ -34,10 +34,10 @@ func (a PublicShareAuthenticator) Authenticate(r *http.Request) (*http.Request,
 		shareToken = query.Get(headerShareToken)
 	}
 
-	// Currently we only want to authenticate app open request coming from public shares.
 	if shareToken == "" {
-		// Don't authenticate
-		return nil, false
+		// If the share token is not set then we don't need to inject the user to
+		// the request context so we can just continue with the request.
+		return r, true
 	}
 
 	var sharePassword string