Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support signed urls #37634

Merged
merged 1 commit into from
Jul 9, 2020
Merged

Support signed urls #37634

merged 1 commit into from
Jul 9, 2020

Conversation

DeepDiver1975
Copy link
Member

@DeepDiver1975 DeepDiver1975 commented Jul 2, 2020
edited
Loading

Description

  • OCS API /cloud/user/signing-key to get the user's key for url signing
  • capability to state that signed urls are supported
  • allow signed url access for webdav endpoints

Related Issue

How Has This Been Tested?

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Database schema changes (next release will require increase of minor version instead of patch)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:
  • Changelog item, see TEMPLATE

@update-docs
Copy link

update-docs bot commented Jul 2, 2020

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@DeepDiver1975 DeepDiver1975 force-pushed the feature/pre-signed-url branch 2 times, most recently from 4c6c090 to e04d2b8 Compare July 3, 2020 10:21
@codecov
Copy link

codecov bot commented Jul 3, 2020
edited
Loading

Codecov Report

Merging #37634 into master will decrease coverage by 0.03%.
The diff coverage is 42.99%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master   #37634      +/-   ##
============================================
- Coverage     64.74%   64.71%   -0.04%     
- Complexity    19360    19383      +23     
============================================
  Files          1281     1283       +2     
  Lines         75622    75724     +102     
  Branches       1333     1333              
============================================
+ Hits          48959    49001      +42     
- Misses        26271    26331      +60     
  Partials        392      392
Flag Coverage Δ Complexity Δ
#javascript 54.03% <ø> (ø) 0.00 <ø> (ø)
#phpunit 65.88% <42.99%> (-0.04%) 19383.00 <24.00> (+23.00) ⬇️
Impacted Files Coverage Δ Complexity Δ
apps/dav/appinfo/v1/caldav.php 0.00% <0.00%> (ø) 0.00 <0.00> (ø)
apps/dav/appinfo/v1/carddav.php 0.00% <0.00%> (ø) 0.00 <0.00> (ø)
apps/dav/appinfo/v1/webdav.php 0.00% <0.00%> (ø) 0.00 <0.00> (ø)
core/Command/Security/CreateSignKey.php 0.00% <0.00%> (ø) 6.00 <6.00> (?)
core/Controller/CloudController.php 0.00% <0.00%> (ø) 5.00 <2.00> (+2.00)
core/register_command.php 0.00% <0.00%> (ø) 0.00 <0.00> (ø)
core/routes.php 50.00% <ø> (ø) 0.00 <0.00> (ø)
lib/private/OCS/CoreCapabilities.php 0.00% <0.00%> (ø) 2.00 <0.00> (ø)
apps/dav/lib/Connector/Sabre/Auth.php 78.18% <25.00%> (-11.18%) 43.00 <5.00> (+4.00) ⬇️
lib/private/Security/SignedUrl/Verifier.php 95.12% <95.12%> (ø) 11.00 <11.00> (?)
... and 3 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9687d77...e32cbef. Read the comment docs.

@DeepDiver1975 DeepDiver1975 self-assigned this Jul 3, 2020
@DeepDiver1975 DeepDiver1975 marked this pull request as ready for review July 3, 2020 12:42
butonic
butonic reviewed Jul 3, 2020
View reviewed changes
apps/dav/lib/Connector/Sabre/Auth.php Outdated
@@ -230,7 +236,7 @@ private function auth(RequestInterface $request, ResponseInterface $response) {
$this->checkAccountModule($user);
$uid = $user->getUID();
\OC_Util::setupFS($uid);
$this->currentUser = $uid;
$currentUser = $uid;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see $currentUser being used anywhere (neither was there a $this->currentUser to begin with). Remove completely?

core/Controller/CloudController.php Show resolved Hide resolved
PVince81
PVince81 approved these changes Jul 3, 2020
View reviewed changes
Copy link
Contributor

@PVince81 PVince81 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some minor picky stuff.

Otherwise this looks good from the code perspective, I haven't tested 👍

apps/dav/lib/Connector/Sabre/Auth.php Show resolved Hide resolved
apps/dav/lib/Files/FileLocksBackend.php Outdated
@@ -192,6 +192,7 @@ public function lock($uri, Locks\LockInfo $lockInfo) {

// in case the timeout has not been accepted, adjust in lock info
$lockInfo->timeout = $lock->getTimeout();
$lockInfo->owner = $lock->getOwner();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR mix up ?

core/Controller/CloudController.php Show resolved Hide resolved
lib/private/Security/SignedUrl/Verifier.php Show resolved Hide resolved
lib/private/Security/SignedUrl/Verifier.php Show resolved Hide resolved
lib/private/Security/SignedUrl/Verifier.php Show resolved Hide resolved
tests/lib/Security/SignedUrl/VerifierTest.php Outdated
}
}

public function providesUrls() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add cases where some of the required attrs are missing

lib/private/Security/SignedUrl/Verifier.php Show resolved Hide resolved
lib/private/Security/SignedUrl/Verifier.php Outdated
return $this->request->getQueryParameters();
}

public function getUserId(): string {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename to getUrlCredential for consistency ? everywhere you used it you always stored it in a var getUrlCredential. or alternatively rename those vars to $userId ?

@DeepDiver1975
Copy link
Member Author

codecov is nuts .... most likly because of the rebase .....

C0rby
C0rby approved these changes Jul 6, 2020
View reviewed changes
Copy link
Contributor

@C0rby C0rby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Looks good to me.

PVince81
PVince81 approved these changes Jul 8, 2020
View reviewed changes
Copy link
Contributor

@PVince81 PVince81 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All fine, just some minor text change 👍

core/Command/Security/CreateSignKey.php Outdated
protected function configure() {
$this
->setName('security:sign-key:create')
->setDescription('Create and recreate a users sign key for signed urls')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Create or recreate a users signing key"

"sign key" doesn't sound good, I believe it should be "signing key" as it's used for signing

core/Command/Security/CreateSignKey.php Outdated
}
$signingKey = $this->config->getUserValue($uid, 'core', 'signing-key', null);
if ($signingKey !== null) {
$output->writeln('This user already has a sign key. Recreating the key will invalidate all existing signed urls.');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"signing key"

lib/private/Security/SignedUrl/Verifier.php Show resolved Hide resolved
lib/private/Security/SignedUrl/Verifier.php Show resolved Hide resolved
@DeepDiver1975 DeepDiver1975 merged commit 4a68319 into master Jul 9, 2020
@delete-merged-branch delete-merged-branch bot deleted the feature/pre-signed-url branch July 9, 2020 15:09
DeepDiver1975 added a commit to owncloud/owncloud-sdk that referenced this pull request Jul 9, 2020
@DeepDiver1975
Test with core master after merging PR: owncloud/core#37634
d2bf099
@butonic butonic mentioned this pull request Jul 16, 2020
Closed
@dpakach dpakach mentioned this pull request Jul 24, 2020
Merged
5 tasks
@micbar
Copy link
Contributor

micbar commented Aug 5, 2020

@DeepDiver1975 Why was this merged without a changelog?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@butonic butonic butonic left review comments

@C0rby C0rby C0rby approved these changes

@PVince81 PVince81 PVince81 approved these changes

Assignees

@DeepDiver1975 DeepDiver1975

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@DeepDiver1975 @micbar @PVince81 @butonic @C0rby