From bbce8c3ea1c73726f233961fe7bdb16b8a08bb67 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Mon, 28 May 2018 17:13:19 +0200 Subject: [PATCH] adjust to latest api version Signed-off-by: Bjoern Schiessle --- .../cloud_federation_api/lib/Capabilities.php | 6 ++-- .../Controller/RequestHandlerController.php | 31 +++++++++++-------- .../Controller/RequestHandlerController.php | 2 +- .../lib/Notifications.php | 2 +- .../lib/ocm/CloudFederationProviderFiles.php | 9 +++--- apps/files_sharing/lib/External/Manager.php | 12 ++++--- .../Federation/CloudFederationFactory.php | 8 ++--- .../CloudFederationNotification.php | 9 ++++-- .../CloudFederationProviderManager.php | 18 +++++------ .../Federation/CloudFederationShare.php | 28 +++++++++++++---- .../Federation/ICloudFederationFactory.php | 6 ++-- .../ICloudFederationNotification.php | 6 ++-- .../Federation/ICloudFederationProvider.php | 5 +-- .../Federation/ICloudFederationShare.php | 10 ++++++ 14 files changed, 97 insertions(+), 55 deletions(-) diff --git a/apps/cloud_federation_api/lib/Capabilities.php b/apps/cloud_federation_api/lib/Capabilities.php index 15417f8522..88b8c7b391 100644 --- a/apps/cloud_federation_api/lib/Capabilities.php +++ b/apps/cloud_federation_api/lib/Capabilities.php @@ -46,9 +46,9 @@ class Capabilities implements ICapability { $capabilities = ['ocm' => [ 'enabled' => true, - 'api-version' => '1.0-proposal1', - 'end-point' => substr($url, 0, strrpos($url, '/')), - 'share-types' => ['file'], + 'apiVersion' => '1.0-proposal1', + 'endPoint' => substr($url, 0, strrpos($url, '/')), + 'shareTypes' => ['file'], 'protocol' => [ 'webdav' => '/public.php/webdav/', ] diff --git a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php index 319380ec3c..5ec1496ce6 100644 --- a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php +++ b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php @@ -105,16 +105,16 @@ class RequestHandlerController extends Controller { * @param string $owner provider specific UID of the user who owns the resource * @param string $ownerDisplayName display name of the user who shared the item * @param string $sharedBy provider specific UID of the user who shared the resource - * @param $sharedByDisplayName display name of the user who shared the resource + * @param string $sharedByDisplayName display name of the user who shared the resource + * @param string $sharedSecret use to authenticate accross servers * @param array $protocol (e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]]) * @param string $shareType ('group' or 'user' share) * @param $resourceType ('file', 'calendar',...) * @return Http\DataResponse|JSONResponse * - * Example: curl -H "Content-Type: application/json" -X POST -d '{"shareWith":"admin1@serve1","name":"welcome server2.txt","description":"desc","providerId":"2","owner":"admin2@http://localhost/server2","ownerDisplayName":"admin2 display","shareType":"user","resourceType":"file","protocol":{"name":"webdav","options":{"access_token":"8Lrd1FVEREthux7","permissions":31}}}' http://localhost/server/index.php/ocm/shares + * Example: curl -H "Content-Type: application/json" -X POST -d '{"shareWith":"admin1@serve1","name":"welcome server2.txt","description":"desc","providerId":"2","owner":"admin2@http://localhost/server2","ownerDisplayName":"admin2 display","shareType":"user","resourceType":"file","protocol":{"name":"webdav","options":{"sharedSecret":"secret","permissions":"webdav-property"}}}' http://localhost/server/index.php/ocm/shares */ public function addShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType) { - if (!$this->config->incomingRequestsEnabled()) { return new JSONResponse( ['message' => 'This server doesn\'t support outgoing federated shares'], @@ -132,7 +132,8 @@ class RequestHandlerController extends Controller { !is_array($protocol) || !isset($protocol['name']) || !isset ($protocol['options']) || - !is_array($protocol['options']) + !is_array($protocol['options']) || + !isset($protocol['options']['sharedSecret']) ) { return new JSONResponse( ['message' => 'Missing arguments'], @@ -163,7 +164,8 @@ class RequestHandlerController extends Controller { try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType); - $share = $this->factory->getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType); + $share = $this->factory->getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, '', $shareType, $resourceType); + $share->setProtocol($protocol); $id = $provider->shareReceived($share); } catch (ProviderDoesNotExistsException $e) { return new JSONResponse( @@ -191,12 +193,17 @@ class RequestHandlerController extends Controller { /** * receive notification about existing share * + * @NoCSRFRequired + * @PublicPage + * @BruteForceProtection(action=receiveFederatedShareNotification) + * * @param string $notificationType (notification type, e.g. SHARE_ACCEPTED) * @param string $resourceType (calendar, file, contact,...) - * @param array $message contain the actual notification, content is defined by cloud federation provider + * @param string $providerId id of the share + * @param array $notification the actual payload of the notification * @return JSONResponse */ - public function receiveNotification($notificationType, $resourceType, $message) { + public function receiveNotification($notificationType, $resourceType, $providerId, array $notification) { if (!$this->config->incomingRequestsEnabled()) { return new JSONResponse( ['message' => 'This server doesn\'t support outgoing federated shares'], @@ -207,7 +214,8 @@ class RequestHandlerController extends Controller { // check if all required parameters are set if ($notificationType === null || $resourceType === null || - !is_array($message) + $providerId === null || + !is_array($notification) ) { return new JSONResponse( ['message' => 'Missing arguments'], @@ -217,7 +225,7 @@ class RequestHandlerController extends Controller { try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider($resourceType); - $provider->notificationReceived($notificationType, $message); + $provider->notificationReceived($notificationType, $providerId, $notification); } catch (ProviderDoesNotExistsException $e) { return new JSONResponse( ['message' => $e->getMessage()], @@ -241,10 +249,7 @@ class RequestHandlerController extends Controller { } - return new JSONResponse( - ['id' => $id, 'createdAt' => date()], - Http::STATUS_CREATED); - + return new JSONResponse([],Http::STATUS_CREATED); } diff --git a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php index 2d0a3c528f..e2cc050d87 100644 --- a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php +++ b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php @@ -170,7 +170,7 @@ class RequestHandlerController extends OCSController { $owner, $sharedByFederatedId, $sharedBy, - ['name' => 'webdav', 'options' => ['access_token' => $token]], + $token, 'user', 'file' ); diff --git a/apps/federatedfilesharing/lib/Notifications.php b/apps/federatedfilesharing/lib/Notifications.php index 65151e3413..e0f8735f90 100644 --- a/apps/federatedfilesharing/lib/Notifications.php +++ b/apps/federatedfilesharing/lib/Notifications.php @@ -379,7 +379,7 @@ class Notifications { $fields['owner'], $fields['sharedByFederatedId'], $fields['sharedBy'], - ['name' => 'webdav', 'options' => ['access_token' => $fields['token'], 'permissions' => ['read', 'write', 'share']]], + $fields['token'], 'user', 'file' ); diff --git a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php index 6c5b63b1cd..e7f6f1b919 100644 --- a/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php +++ b/apps/federatedfilesharing/lib/ocm/CloudFederationProviderFiles.php @@ -135,7 +135,7 @@ class CloudFederationProviderFiles implements ICloudFederationProvider { list($ownerUid, $remote) = $this->addressHandler->splitUserRemote($share->getOwner()); $remote = $remote; - $token = isset($protocol['options']['access_token']) ? $protocol['options']['access_token'] : null; + $token = $share->getShareSecret(); $name = $share->getResourceName(); $owner = $share->getOwnerDisplayName(); $sharedBy = $share->getSharedByDisplayName(); @@ -234,21 +234,22 @@ class CloudFederationProviderFiles implements ICloudFederationProvider { * notification received from another server * * @param string $notificationType (e.g. SHARE_ACCEPTED) - * @param array $message + * @param string $providerId id of the share + * @param array $notification payload of the notification * * @throws ShareNotFoundException * @throws ActionNotSupportedException * * @since 14.0.0 */ - public function notificationReceived($notificationType, array $message) { + public function notificationReceived($notificationType, $providerId, array $notification) { switch ($notificationType) { case 'SHARE_ACCEPTED' : return; } - throw new ActionNotSupportedException($notificationType); + throw new ActionNotSupportedException($notification); } /** diff --git a/apps/files_sharing/lib/External/Manager.php b/apps/files_sharing/lib/External/Manager.php index cb1e947f60..0bbbbea767 100644 --- a/apps/files_sharing/lib/External/Manager.php +++ b/apps/files_sharing/lib/External/Manager.php @@ -324,7 +324,7 @@ class Manager { * * @param string $remoteDomain * @param string $token - * @param $remoteId + * @param $remoteId id of the share * @param string $feedback * @return mixed */ @@ -332,11 +332,15 @@ class Manager { switch ($feedback) { case 'accept': $notification = $this->cloudFederationFactory->getCloudFederationNotification(); - $notification->setMessage('SHARE_ACCEPTED', 'file', + $notification->setMessage( + 'SHARE_ACCEPTED', + 'file', + $remoteId, [ - 'id' => $remoteId, - 'access_token' => $token + 'sharedSecret' => $token, + 'message' => 'Recipient accept the share' ] + ); return $this->cloudFederationProviderManager->sendNotification($remoteDomain, $notification); } diff --git a/lib/private/Federation/CloudFederationFactory.php b/lib/private/Federation/CloudFederationFactory.php index 4f42eb50bc..11566dd44a 100644 --- a/lib/private/Federation/CloudFederationFactory.php +++ b/lib/private/Federation/CloudFederationFactory.php @@ -37,16 +37,16 @@ class CloudFederationFactory implements ICloudFederationFactory { * @param string $owner provider specific UID of the user who owns the resource * @param string $ownerDisplayName display name of the user who shared the item * @param string $sharedBy provider specific UID of the user who shared the resource - * @param $sharedByDisplayName display name of the user who shared the resource - * @param array $protocol (e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]]) + * @param string $sharedByDisplayName display name of the user who shared the resource + * @param string $sharedSecret used to authenticate requests across servers * @param string $shareType ('group' or 'user' share) * @param $resourceType ('file', 'calendar',...) * @return ICloudFederationShare * * @since 14.0.0 */ - public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType) { - return new CloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType); + public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $sharedSecret, $shareType, $resourceType) { + return new CloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $shareType, $resourceType, $sharedSecret); } /** diff --git a/lib/private/Federation/CloudFederationNotification.php b/lib/private/Federation/CloudFederationNotification.php index 356c47968f..fec69174a2 100644 --- a/lib/private/Federation/CloudFederationNotification.php +++ b/lib/private/Federation/CloudFederationNotification.php @@ -32,16 +32,19 @@ class CloudFederationNotification implements ICloudFederationNotification { * * @param string $notificationType (e.g. SHARE_ACCEPTED) * @param string $resourceType (e.g. file, calendar, contact,...) - * @param array $message + * @param string $providerId id of the share + * @param array $notification payload of the notification * * @since 14.0.0 */ - public function setMessage($notificationType, $resourceType, array $message) { + public function setMessage($notificationType, $resourceType, $providerId, array $notification) { $this->message = [ 'notificationType' => $notificationType, 'resourceType' => $resourceType, - 'message' => $message, + 'providerId' => $providerId, + 'notification' => $notification, ]; + } /** diff --git a/lib/private/Federation/CloudFederationProviderManager.php b/lib/private/Federation/CloudFederationProviderManager.php index b0f5c58f51..77866795c3 100644 --- a/lib/private/Federation/CloudFederationProviderManager.php +++ b/lib/private/Federation/CloudFederationProviderManager.php @@ -57,7 +57,7 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager /** @var ILogger */ private $logger; - private $supportedAPIVersion = '2.0-draft'; + private $supportedAPIVersion = '1.0-proposal1'; /** * CloudFederationProviderManager constructor. @@ -131,7 +131,8 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager } public function sendShare(ICloudFederationShare $share) { - $ocmEndPoint = $this->getOCMEndPoint($share->getShareWith()); + $cloudID = $this->cloudIdManager->resolveCloudId($share->getShareWith()); + $ocmEndPoint = $this->getOCMEndPoint($cloudID->getRemote()); if (empty($ocmEndPoint)) { return false; @@ -203,14 +204,13 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager /** * check if server supports the new OCM api and ask for the correct end-point * - * @param string $recipient full federated cloud ID of the recipient of a share + * @param string $url full base URL of the cloud server * @return string */ - protected function getOCMEndPoint($recipient) { - $cloudId = $this->cloudIdManager->resolveCloudId($recipient); + protected function getOCMEndPoint($url) { $client = $this->httpClientService->newClient(); try { - $response = $client->get($cloudId->getRemote() . '/ocm-provider/', ['timeout' => 10, 'connect_timeout' => 10]); + $response = $client->get($url . '/ocm-provider/', ['timeout' => 10, 'connect_timeout' => 10]); } catch (\Exception $e) { return ''; } @@ -218,10 +218,10 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager $result = $response->getBody(); $result = json_decode($result, true); - $supportedVersion = isset($result['api-version']) && $result['api-version'] === $this->supportedAPIVersion; + $supportedVersion = isset($result['apiVersion']) && $result['apiVersion'] === $this->supportedAPIVersion; - if (isset($result['end-point']) && $supportedVersion) { - return $result['end-point']; + if (isset($result['endPoint']) && $supportedVersion) { + return $result['endPoint']; } return ''; diff --git a/lib/private/Federation/CloudFederationShare.php b/lib/private/Federation/CloudFederationShare.php index 5bc172ab6b..d26073be82 100644 --- a/lib/private/Federation/CloudFederationShare.php +++ b/lib/private/Federation/CloudFederationShare.php @@ -50,10 +50,9 @@ class CloudFederationShare implements ICloudFederationShare { * @param string $ownerDisplayName display name of the user who shared the item * @param string $sharedBy provider specific UID of the user who shared the resource * @param string $sharedByDisplayName display name of the user who shared the resource - * @param array $protocol (e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]]) * @param string $shareType ('group' or 'user' share) - * @param $resourceType ('file', 'calendar',...) - * + * @param string $resourceType ('file', 'calendar',...) + * @param string $sharedSecret */ public function __construct($shareWith = '', $name = '', @@ -63,9 +62,9 @@ class CloudFederationShare implements ICloudFederationShare { $ownerDisplayName = '', $sharedBy = '', $sharedByDisplayName = '', - $protocol = [], $shareType = '', - $resourceType = '' + $resourceType = '', + $sharedSecret = '' ) { $this->setShareWith($shareWith); $this->setResourceName($name); @@ -75,7 +74,13 @@ class CloudFederationShare implements ICloudFederationShare { $this->setOwnerDisplayName($ownerDisplayName); $this->setSharedBy($sharedBy); $this->setSharedByDisplayName($sharedByDisplayName); - $this->setProtocol($protocol); + $this->setProtocol([ + 'name' => 'webdav', + 'options' => [ + 'sharedSecret' => $sharedSecret, + 'permissions' => '{http://open-collaboration-services.org/ns}share-permissions' + ] + ]); $this->setShareType($shareType); $this->setResourceType($resourceType); @@ -323,6 +328,17 @@ class CloudFederationShare implements ICloudFederationShare { return $this->share['shareType']; } + /** + * get share Secret + * + * @return string + * + * @since 14.0.0 + */ + public function getShareSecret() { + return $this->share['protocol']['options']['sharedSecret']; + } + /** * get protocol specification * diff --git a/lib/public/Federation/ICloudFederationFactory.php b/lib/public/Federation/ICloudFederationFactory.php index e33608bcab..8c6925c2b6 100644 --- a/lib/public/Federation/ICloudFederationFactory.php +++ b/lib/public/Federation/ICloudFederationFactory.php @@ -33,15 +33,15 @@ interface ICloudFederationFactory { * @param string $owner provider specific UID of the user who owns the resource * @param string $ownerDisplayName display name of the user who shared the item * @param string $sharedBy provider specific UID of the user who shared the resource - * @param $sharedByDisplayName display name of the user who shared the resource - * @param array $protocol (e,.g. ['name' => 'webdav', 'options' => ['username' => 'john', 'permissions' => 31]]) + * @param string $sharedByDisplayName display name of the user who shared the resource + * @param string $sharedSecret used to authenticate requests across servers * @param string $shareType ('group' or 'user' share) * @param $resourceType ('file', 'calendar',...) * @return ICloudFederationShare * * @since 14.0.0 */ - public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $protocol, $shareType, $resourceType); + public function getCloudFederationShare($shareWith, $name, $description, $providerId, $owner, $ownerDisplayName, $sharedBy, $sharedByDisplayName, $sharedSecret, $shareType, $resourceType); /** * get a Cloud FederationNotification object to prepare a notification you diff --git a/lib/public/Federation/ICloudFederationNotification.php b/lib/public/Federation/ICloudFederationNotification.php index dcdb5b73bd..c68cd7b5e4 100644 --- a/lib/public/Federation/ICloudFederationNotification.php +++ b/lib/public/Federation/ICloudFederationNotification.php @@ -28,11 +28,13 @@ interface ICloudFederationNotification { * * @param string $notificationType (e.g. SHARE_ACCEPTED) * @param string $resourceType (e.g. file, calendar, contact,...) - * @param array $message + * @param $providerId id of the share + * @param array $notification , payload of the notification * + * @return * @since 14.0.0 */ - public function setMessage($notificationType, $resourceType, array $message); + public function setMessage($notificationType, $resourceType, $providerId, array $notification); /** * get message, ready to send out diff --git a/lib/public/Federation/ICloudFederationProvider.php b/lib/public/Federation/ICloudFederationProvider.php index 0d87d76ee5..f11ed4fde3 100644 --- a/lib/public/Federation/ICloudFederationProvider.php +++ b/lib/public/Federation/ICloudFederationProvider.php @@ -62,13 +62,14 @@ interface ICloudFederationProvider { * notification received from another server * * @param string $notificationType (e.g SHARE_ACCEPTED) - * @param array $message provider specific notification + * @param string $providerId share ID + * @param array $notification provider specific notification * * @throws ShareNotFoundException * @throws ActionNotSupportedException * * @since 14.0.0 */ - public function notificationReceived($notificationType, array $message); + public function notificationReceived($notificationType, $providerId, array $notification); } diff --git a/lib/public/Federation/ICloudFederationShare.php b/lib/public/Federation/ICloudFederationShare.php index ce5065c70b..b721ffb168 100644 --- a/lib/public/Federation/ICloudFederationShare.php +++ b/lib/public/Federation/ICloudFederationShare.php @@ -221,6 +221,16 @@ interface ICloudFederationShare { */ public function getShareType(); + /** + * get share Secret + * + * @return string + * + * @since 14.0.0 + */ + public function getShareSecret(); + + /** * get protocol specification *