Permalink
Browse files

Ability to have the token and hash in the jwt wopi token

  • Loading branch information...
1 parent 4cbb836 commit 90bcc199539392767044c82be40371d7f39f0c95 @ghecquet ghecquet committed Sep 22, 2016
@@ -55,13 +55,30 @@ function detectVar(&$httpVars, $varName)
return "";
}
+ function retrieveParams(ServerRequestInterface &$request, ResponseInterface &$response) {
+ $httpVars = $request->getParsedBody();
+ $jwt = $this->detectVar($httpVars, "access_token");
+ if (empty($jwt)) {
+ return false;
+ }
+
+ // We have an access token - decode
+ $payload = JWT::decode($jwt);
+
+ $httpVars["auth_token"] = $payload->token;
+ $httpVars["auth_hash"] = $payload->hash;
+
+ $request = $request->withParsedBody($httpVars);
+ }
+
/**
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param bool $isLast
* @return bool
*/
function tryToLogUser(ServerRequestInterface &$request, ResponseInterface &$response, $isLast = false) {
+
// This plugin is depending on other authfront having found the current user
$currentUser = AuthService::getLoggedUser();
if (!isset($currentUser)) {
@@ -86,7 +103,6 @@ function tryToLogUser(ServerRequestInterface &$request, ResponseInterface &$resp
$task = $payload->task;
$key = ApiKeysService::findPairForAdminTask($task, $currentUser->getId());
- $signature = self::NOT_FOUND;
if ($key["t"] !== $token) {
return false;
@@ -27,7 +27,6 @@
use Pydio\Core\Exception\PydioException;
use Pydio\Core\Exception\WorkspaceForbiddenException;
-use Pydio\Core\Http\Server;
use Pydio\Core\Model\Context;
use Pydio\Core\Model\ContextInterface;
use Pydio\Core\PluginFramework\PluginsService;
@@ -60,12 +59,15 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R
$driverImpl = ConfService::getAuthDriverImpl();
PluginsService::getInstance(Context::emptyContext())->setPluginUniqueActiveForType("auth", $driverImpl->getName(), $driverImpl);
+ $jwtFrontend = new AuthFrontend("jwt-auth-frontend", "");
+ $jwtFrontend->retrieveParams($requestInterface, $responseInterface);
+
$response = FrontendsLoader::frontendsAsAuthMiddlewares($requestInterface, $responseInterface);
- if($response != null){
+ if($response != null) {
return $response;
}
- $response = (new AuthFrontend("jwt-auth-frontend", ""))->tryToLogUser($requestInterface, $responseInterface);
+ $response = $jwtFrontend->tryToLogUser($requestInterface, $responseInterface);
if(!$response != null) {
$responseInterface = $responseInterface->withStatus(401);
$responseInterface->getBody()->write('You are not authorized to access this API.');
@@ -108,7 +110,6 @@ public static function handleRequest(ServerRequestInterface $requestInterface, R
}
return Server::callNextMiddleWare($requestInterface, $responseInterface, $next);
-
}

0 comments on commit 90bcc19

Please sign in to comment.