Permalink
Browse files

Add a constant for pydio booster task identifier

  • Loading branch information...
1 parent f1e2b3c commit 9ac73a706d34d5822a8e7f6a038eaed6b73a0996 @cdujeu cdujeu committed Sep 29, 2016
@@ -91,6 +91,9 @@
define("HASH_SALT_INDEX", 2);
define("HASH_PBKDF2_INDEX", 3);
+// Used to identify the booster admin tasks
+define("PYDIO_BOOSTER_TASK_IDENTIFIER", "pydio-booster");
+
// CAN BE SWITCHED TO TRUE TO MAKE THE SECURE TOKEN MORE SAFE
// MAKE SURE YOU HAVE PHP.5.3, OPENSSL, AND THAT IT DOES NOT DEGRADE PERFORMANCES
define("USE_OPENSSL_RANDOM", false);
@@ -442,7 +442,7 @@ protected function sendToAccelerator($accelConfiguration, $localPathOrNode, $ser
// Pydio Agent acceleration - We make sure that request was really proxied by Agent, by checking a specific header.
if($accelConfiguration === "pydio" && array_key_exists("HTTP_X_PYDIO_DOWNLOAD_SUPPORTED", $serverParams)
- && ApiKeysService::requestHasValidHeadersForAdminTask($serverParams, "go-upload")) {
+ && ApiKeysService::requestHasValidHeadersForAdminTask($serverParams, PYDIO_BOOSTER_TASK_IDENTIFIER)) {
if ($localPathOrNode instanceof AJXP_Node) {
$options = MetaStreamWrapper::getResolvedOptionsForNode($localPathOrNode);
@@ -86,16 +86,18 @@ public static function generatePairForAuthfront($userId, $deviceId = "", $device
* @throws PydioException
* @throws \Exception
*/
- public static function generatePairForAdminTask($adminTaskId, $userId, $restrictToIP = ""){
+ public static function generatePairForAdminTask($adminTaskId, $userId = "", $restrictToIP = ""){
$store = self::getStore();
$token = StringHelper::generateRandomString();
$private = StringHelper::generateRandomString();
$data = [
- "USER_ID" => $userId,
"PRIVATE" => $private,
"ADMIN_TASK_ID" => $adminTaskId
];
+ if(!empty($userId)){
+ $data["USER_ID"] = $userId;
+ }
if(!empty($restrictToIP)){
$data["RESTRICT_TO_IP"] = $restrictToIP;
}
@@ -154,7 +156,7 @@ public static function requestHasValidHeadersForAdminTask($serverData, $adminTas
return false;
}
list($t, $p) = explode(":", trim($serverData['HTTP_X_PYDIO_ADMIN_AUTH']));
- $existingKey = self::findPairForAdminTask("go-upload", $userId);
+ $existingKey = self::findPairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER);
if($existingKey === null || $existingKey['p'] !== $p || $existingKey['t'] !== $t){
Logger::error(__CLASS__, __FUNCTION__, "Invalid tokens for admin task $adminTaskId");
return false;
@@ -467,7 +467,7 @@ public function generateAdminKey($params, $ctx){
$this->getAdminKeyString();
return "SUCCESS: Nothing to do, a pair already exists";
}catch(PydioException $e){
- $adminPair = $this->getAdminKeyString($u->getId());
+ $adminPair = $this->getAdminKeyString(true);
$pairFile = $this->getPluginWorkDir(true)."/apikey";
$r = file_put_contents($pairFile, $adminPair);
if($r === false){
@@ -489,7 +489,7 @@ public function revokeAdminKey($params, $ctx){
if(!$u->isAdmin()){
return "ERROR: You are not administrator";
}
- $c = ApiKeysService::revokePairForAdminTask("go-upload", $u->getId());
+ $c = ApiKeysService::revokePairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER, $u->getId());
if($c > 0){
return "SUCCESS: Successfully revoked $c pair of keys. You may have to generate new ones and reload PydioBooster.";
}else{
@@ -499,21 +499,21 @@ public function revokeAdminKey($params, $ctx){
/**
- * @param string $writeForUserId
+ * @param bool $createIfNotExists
* @param string $restrictToIp
* @throws PydioException
* @return string
*/
- protected function getAdminKeyString($writeForUserId = "", $restrictToIp = ""){
+ protected function getAdminKeyString($createIfNotExists = false, $restrictToIp = ""){
- if($writeForUserId){
- $adminKey = ApiKeysService::findPairForAdminTask("go-upload", $writeForUserId);
+ if($createIfNotExists){
+ $adminKey = ApiKeysService::findPairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER);
if($adminKey === null){
- $adminKey = ApiKeysService::generatePairForAdminTask("go-upload", $writeForUserId, $restrictToIp);
+ $adminKey = ApiKeysService::generatePairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER, "", $restrictToIp);
}
$adminKeyString = $adminKey["t"].":".$adminKey["p"];
}else{
- $adminKey = ApiKeysService::findPairForAdminTask("go-upload");
+ $adminKey = ApiKeysService::findPairForAdminTask(PYDIO_BOOSTER_TASK_IDENTIFIER);
if($adminKey === null){
throw new PydioException("Cannot find any key pair for admin access, something went wrong!");
}
@@ -131,7 +131,7 @@ public function preProcess(\Psr\Http\Message\ServerRequestInterface &$request, \
if($externalUploadStatus === ExternalUploadedFile::STATUS_REQUEST_OPTIONS){
- if(!ApiKeysService::requestHasValidHeadersForAdminTask($request->getServerParams(), "go-upload")){
+ if(!ApiKeysService::requestHasValidHeadersForAdminTask($request->getServerParams(), PYDIO_BOOSTER_TASK_IDENTIFIER)){
throw new AuthRequiredException();
}

0 comments on commit 9ac73a7

Please sign in to comment.