Permalink
Browse files

Re-setting admin auth for Websocket authentication

  • Loading branch information...
1 parent 0a09ff3 commit a1b4abb1e267897e6446168681fde70eb4280124 @ghecquet ghecquet committed Jun 6, 2016
@@ -318,13 +318,15 @@ public function clientChannelMethod(ServerRequestInterface $request, ResponseInt
}
}
- public function wsAuthenticate(ServerRequestInterface $requestInterface, ResponseInterface &$responseInterface)
+ public function wsAuthenticate(ServerRequestInterface $request, ResponseInterface &$response)
{
$this->logDebug("Entering wsAuthenticate");
+
$configs = $this->getConfigs();
- /*if (!isSet($httpVars["key"]) || $httpVars["key"] != $configs["WS_SERVER_ADMIN"]) {
+ $httpVars = $request->getQueryParams();
+ if (!isSet($httpVars["key"]) || $httpVars["key"] != $configs["WS_SERVER_ADMIN"]) {
throw new Exception("Cannot authentify admin key");
- }*/
+ }
$user = AuthService::getLoggedUser();
if ($user == null) {
$this->logDebug("Error Authenticating through WebSocket (not logged)");
@@ -339,7 +341,7 @@ public function wsAuthenticate(ServerRequestInterface $requestInterface, Respons
$this->logDebug("Authenticating user ".$user->id." through WebSocket");
$x = new \Pydio\Core\Http\Response\SerializableResponseStream();
$x->addChunk(new \Pydio\Core\Http\Message\XMLMessage($xml));
- $responseInterface = $responseInterface->withBody($x);
+ $response = $response->withBody($x);
}
@@ -399,12 +401,14 @@ public function generateCaddyFile($params) {
$hosts = [];
- // Getting URLs of the Pydio system
+ $configs = $this->getConfigs();
+
+ // Getting URLs of the Pydio system
$serverURL = Utils::detectServerURL();
$tokenURL = $serverURL . "?get_action=keystore_generate_auth_token";
- $authURL = $serverURL . "/api/pydio/ws_authenticate";
+ $authURL = $serverURL . "/api/pydio/ws_authenticate?key=" . $configs["WS_SERVER_ADMIN"];
- // Websocket
+ // Websocket Server Config
$host = $params["WS_HOST"];
$port = $params["WS_PORT"];
$secure = $params["WS_SECURE"];
@@ -419,7 +423,7 @@ public function generateCaddyFile($params) {
]
);
- // Upload
+ // Upload Server Config
$host = $params["UPLOAD_HOST"];
$port = $params["UPLOAD_PORT"];
$secure = $params["UPLOAD_SECURE"];
@@ -62,6 +62,7 @@ Class.create("PydioInstantMessenger", {
},
initForRepoId:function(repoId){
+
if(window.WebSocket && this.configs.get("WS_ACTIVE")){
if(this.ws) {
@@ -81,6 +82,7 @@ Class.create("PydioInstantMessenger", {
}else{
if(repoId){
var url = "ws"+(this.configs.get("WS_SECURE")?"s":"")+"://"+this.configs.get("WS_HOST")+":"+this.configs.get("WS_PORT")+"/"+this.configs.get("WS_PATH");
+
this.ws = new WebSocket(url);
this.ws.onmessage = function(event){
var obj = parseXml(event.data);
@@ -23,7 +23,7 @@
<global_param group="CONF_MESSAGE[WebSocket Server]" description="CONF_MESSAGE[WebSocket port]" label="CONF_MESSAGE[WS Port]" name="WS_PORT" type="string" expose="true" default="8090"/>
<global_param group="CONF_MESSAGE[WebSocket Server]" description="CONF_MESSAGE[WebSocket secure]" label="CONF_MESSAGE[WS Client SSL]" name="WS_SECURE" type="boolean" expose="true" default="false"/>
<global_param group="CONF_MESSAGE[WebSocket Server]" description="CONF_MESSAGE[WebSocket path]" label="CONF_MESSAGE[WS Path]" name="WS_PATH" type="string" expose="true" default="ws"/>
-
+ <global_param group="CONF_MESSAGE[WebSocket Server]" description="CONF_MESSAGE[WebSocket Authentication Key]" label="CONF_MESSAGE[WS Admin Key]" name="WS_SERVER_ADMIN" type="string" default="adminsecretkey"/>
<global_param group="CONF_MESSAGE[Upload]" description="CONF_MESSAGE[Upload server is running]" label="CONF_MESSAGE[Upload]" name="UPLOAD_ACTIVE" type="boolean" expose="true"/>

0 comments on commit a1b4abb

Please sign in to comment.