-
Notifications
You must be signed in to change notification settings - Fork 1
/
filecrypt.rb
90 lines (76 loc) · 2.7 KB
/
filecrypt.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
require 'sinatra'
require 'net/http'
require 'net/https'
require 'json'
require 'base64'
require 'openssl'
require 'aws/s3'
set :s3_bucket, ENV['AWS_BUCKET']
set :s3_key, ENV['AWS_KEY']
set :s3_secret, ENV['AWS_SECRET']
set :salesforce_instance, ENV['SFDC_INSTANCE']
set :aes_key, Base64.decode64(ENV['AES_KEY'])
def decrypt(encrypted_data)
aes = OpenSSL::Cipher::Cipher.new('AES-256-CBC')
aes.decrypt
aes.key = settings.aes_key
aes.iv = encrypted_data.slice!(0,16)
data = aes.update(encrypted_data)
data << aes.final
end
def encrypt(data)
aes = OpenSSL::Cipher::Cipher.new('AES-256-CBC')
aes.encrypt
aes.key = settings.aes_key
aes.iv = initialization_vector = aes.random_iv
cipher_text = aes.update(data)
cipher_text << aes.final
return initialization_vector + cipher_text
end
get '/' do
"BofA Upload/Download app -edit for Larry"
end
get '/download/:user/:filename' do
#add in code to validate user via sid - same as upload
AWS::S3::Base.establish_connection!(:access_key_id => settings.s3_key, :secret_access_key => settings.s3_secret)
s3_path = params[:user] + '/' + params[:filename]
file = AWS::S3::S3Object.find(s3_path, settings.s3_bucket)
status 200
headers \
"Content-type" => file.content_type
body decrypt(file.value)
end
post '/upload' do
sid = params[:session]
user = params[:user]
org = params[:org]
header = 'OAuth ' + params[:session]
sfdc = Net::HTTP.new(settings.salesforce_instance, 443)
sfdc.use_ssl = true
headers = {'Authorization'=> header}
id_path = '/id/' + org + '/' + user + '?format=json&version=latest'
resp, data = sfdc.get(id_path, headers)
if resp = Net::HTTPSuccess
user_info = JSON.parse(data)
if user_info['asserted_user'] && params[:file] && ( params[:file].size > 0 )
tmpfile = params[:file][:tempfile].path
filename = params[:file][:filename]
s3_path = user + '/' + filename
encrypted_file = encrypt(File.open(tmpfile).read)
AWS::S3::Base.establish_connection!(:access_key_id => settings.s3_key, :secret_access_key => settings.s3_secret)
AWS::S3::S3Object.store(s3_path, encrypted_file, settings.s3_bucket, :access => :private)
headers = {'Authorization'=> header, 'Content-Type'=> 'application/json' }
path = '/services/data/v21.0/sobjects/cmort__EncryptedFile__c'
s3_url = 'https://filecrypt.heroku.com/download/' + s3_path
data = {"Name" => filename, "cmort__FileURL__c" => s3_url }
resp, data = sfdc.post(path, data.to_json, headers)
puts resp
puts data
else
return 'invalid user'
end
else
return 'error validating user'
end
redirect to('https://' + settings.salesforce_instance + '/apex/MyFiles')
end