enable archiver for public shares

graph/pkg/middleware/auth.go

@@ -61,7 +61,7 @@ func Auth(opts ...account.Option) func(http.Handler) http.Handler {
 				errorcode.InvalidAuthenticationToken.Render(w, r, http.StatusUnauthorized, "invalid token")
 				return
 			}
-			if ok, err := scope.VerifyScope(tokenScope, r); err != nil || !ok {
+			if ok, err := scope.VerifyScope(ctx, tokenScope, r); err != nil || !ok {
 				opt.Logger.Error().Err(err).Msg("verifying scope failed")
 				errorcode.InvalidAuthenticationToken.Render(w, r, http.StatusUnauthorized, "verifying scope failed")
 				return

ocis-pkg/middleware/account.go

@@ -60,7 +60,7 @@ func ExtractAccountUUID(opts ...account.Option) func(http.Handler) http.Handler
 				opt.Logger.Error().Err(err)
 				return
 			}
-			if ok, err := scope.VerifyScope(tokenScope, r); err != nil || !ok {
+			if ok, err := scope.VerifyScope(r.Context(), tokenScope, r); err != nil || !ok {
 				opt.Logger.Error().Err(err).Msg("verifying scope failed")
 				return
 			}

proxy/pkg/middleware/public_share_auth.go

@@ -2,7 +2,6 @@ package middleware
 
 import (
 	"net/http"
-	"strings"
 
 	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
 )
@@ -10,7 +9,6 @@ import (
 const (
 	headerRevaAccessToken   = "x-access-token"
 	headerShareToken        = "public-token"
-	appProviderPathPrefix   = "/app/open"
 	basicAuthPasswordPrefix = "basic|"
 	authenticationType      = "publicshares"
 )
@@ -24,7 +22,7 @@ func PublicShareAuth(opts ...Option) func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			// Currently we only want to authenticate app open request coming from public shares.
 			shareToken := r.Header.Get(headerShareToken)
-			if shareToken == "" || !strings.HasPrefix(appProviderPathPrefix, r.URL.Path) {
+			if shareToken == "" {
 				// Don't authenticate
 				next.ServeHTTP(w, r)
 				return