From 2accdeac3bc7eaf5addc7a48ef2c7386acb552b2 Mon Sep 17 00:00:00 2001 From: Andrey Yumatov Date: Thu, 16 Dec 2021 17:43:01 +0300 Subject: [PATCH] jwt signature for prev.* files. Java (via handler) + README.md (Build point) --- web/documentserver-example/java/README.md | 12 +++-- .../main/java/controllers/IndexServlet.java | 47 ++++++++++++++++++- .../main/java/helpers/DocumentManager.java | 17 +++++++ 3 files changed, 71 insertions(+), 5 deletions(-) diff --git a/web/documentserver-example/java/README.md b/web/documentserver-example/java/README.md index 03a5f2e6..73f5a54f 100644 --- a/web/documentserver-example/java/README.md +++ b/web/documentserver-example/java/README.md @@ -106,18 +106,22 @@ To run the Java example code, install the Java version appropriate for your OS a ``` - -3. Upload the Java project in Tomcat Web Application Manager. For that click **Choose File** in the **WAR file to deploy** section and find the *.war* file in the Java project folder, then click **Deploy**. +3. Build the project using the following commands + ``` + mvn clean + mvn package + ``` +4. Upload the Java project in Tomcat Web Application Manager. For that click **Choose File** in the **WAR file to deploy** section and find the *.war* file in the Java project folder, then click **Deploy**. ![upload-app](screenshots/upload-app.jpg) ![war-file](screenshots/war-file.jpg) -4. You will see the project in the **Application List**: +5. You will see the project in the **Application List**: ![manager-app](screenshots/manager-app.jpg) -5. Click the link with the application name to run it. +6. Click the link with the application name to run it. ### Step 6. Check accessibility diff --git a/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java b/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java index 6e7eeb02..f4ab8596 100644 --- a/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java +++ b/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java @@ -71,7 +71,14 @@ public class IndexServlet extends HttpServlet Upload(request, response, writer); break; case "download": - Download(request, response, writer); + String ver = request.getParameter("ver"); + + if (ver == null | ver == "") { + Download(request, response, writer); + } else { + DownloadHistory(request, response, writer); + } + break; case "convert": Convert(request, response, writer); break; @@ -430,6 +437,44 @@ public class IndexServlet extends HttpServlet download(filePath.toString(), response, writer); } + // download a file from history + private static void DownloadHistory(HttpServletRequest request, HttpServletResponse response, PrintWriter writer) + { + try { + if (DocumentManager.TokenEnabled()) { + + String DocumentJwtHeader = ConfigManager.GetProperty("files.docservice.header"); + + String header = (String) request.getHeader(DocumentJwtHeader == null || DocumentJwtHeader.isEmpty() ? "Authorization" : DocumentJwtHeader); + if (header != null && !header.isEmpty()) { + String token = header.startsWith("Bearer ") ? header.substring(7) : header; + try { + Verifier verifier = HMACVerifier.newVerifier(DocumentManager.GetTokenSecret()); + JWT jwt = JWT.getDecoder().decode(token, verifier); + } catch (Exception e) { + response.sendError(403, "JWT validation failed"); + return; + } + } else { + response.sendError(403, "JWT validation failed"); + return; + } + } + + String fileName = FileUtility.GetFileName(request.getParameter("fileName")); + String userAddress = request.getParameter("userAddress"); + + String ver = request.getParameter("ver"); // Document version + String file = request.getParameter("file"); // File. If not defined, then Prev.* + + String filePath = DocumentManager.HistoryPath(fileName, userAddress, ver, file); + + download(filePath, response, writer); + } catch (Exception e) { + writer.write("{ \"error\": \"File not found\"}"); + } + } + // download a file private static void Download(HttpServletRequest request, HttpServletResponse response, PrintWriter writer) { diff --git a/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java b/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java index b4665c1a..deaa1a33 100644 --- a/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java +++ b/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java @@ -150,6 +150,23 @@ public class DocumentManager String directory = FilesRootPath(userAddress); return directory + FileUtility.GetFileName(fileName); } + // get the path to history file + public static String HistoryPath(String fileName, String userAddress, String version, String file) + { + String hostAddress = CurUserHostAddress(userAddress); + String serverPath = request.getSession().getServletContext().getRealPath(""); + String storagePath = ConfigManager.GetProperty("storage-folder"); + + String directory = serverPath + storagePath + File.separator + hostAddress + File.separator; + + if (file == null | file == "") { + file = "prev"+fileName.substring(fileName.lastIndexOf(".")); + } + + directory = directory + fileName + "-hist" + File.separator + version + File.separator + file; + + return directory; + } // get the path to the forcesaved file version public static String ForcesavePath(String fileName, String userAddress, Boolean create)