From 46cf8baa28dd8315ddca4e01d1ecfa064e299a7a Mon Sep 17 00:00:00 2001 From: sshakndr Date: Thu, 30 Jan 2025 12:08:10 +0700 Subject: [PATCH] feat(go): add jwt token lifetime from config --- CHANGELOG.md | 2 ++ web/documentserver-example/go/.golangci.yml | 1 + .../go/config/configuration.json | 1 + web/documentserver-example/go/config/module.go | 2 ++ .../go/server/api/default/config.go | 6 ++++++ .../go/server/api/default/reference.go | 6 ++++++ .../go/server/managers/default/command.go | 13 +++++++++++-- .../go/server/managers/default/conversion.go | 14 +++++++++++++- .../go/server/managers/default/document.go | 9 +++++++-- .../go/server/managers/default/history.go | 10 ++++++++++ .../go/server/models/config.go | 12 ++++++------ .../go/server/models/reference.go | 16 ++++++++-------- 12 files changed, 73 insertions(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index eea88e5e..457648cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ # Change Log +- golang: jwt token lifetime from config + ## 1.13.0 - nodejs: rename in wopi - nodejs: using faviconUrl from WOPI discovery diff --git a/web/documentserver-example/go/.golangci.yml b/web/documentserver-example/go/.golangci.yml index b0fbba21..bdc4c7b1 100644 --- a/web/documentserver-example/go/.golangci.yml +++ b/web/documentserver-example/go/.golangci.yml @@ -4,6 +4,7 @@ linters: - cyclop - depguard - dogsled + - durationcheck - err113 - errchkjson - execinquery diff --git a/web/documentserver-example/go/config/configuration.json b/web/documentserver-example/go/config/configuration.json index 142253b4..c34222b8 100644 --- a/web/documentserver-example/go/config/configuration.json +++ b/web/documentserver-example/go/config/configuration.json @@ -11,6 +11,7 @@ "DOC_SERVER_COMMAND_URL" : "command", "JWT_IS_ENABLED" : false, + "JWT_EXPIRES_IN" : 5, "JWT_SECRET" : "secret", "JWT_HEADER" : "Authorization", diff --git a/web/documentserver-example/go/config/module.go b/web/documentserver-example/go/config/module.go index 969ae03f..8a95566a 100644 --- a/web/documentserver-example/go/config/module.go +++ b/web/documentserver-example/go/config/module.go @@ -20,6 +20,7 @@ package config import ( "path/filepath" "runtime" + "time" "github.com/ONLYOFFICE/document-server-integration/utils" "github.com/spf13/viper" @@ -36,6 +37,7 @@ type ApplicationConfig struct { DocumentServerPreloader string `mapstructure:"DOC_SERVER_PRELOADER_URL"` DocumentServerCommandUrl string `mapstructure:"DOC_SERVER_COMMAND_URL"` JwtEnabled bool `mapstructure:"JWT_IS_ENABLED"` + JwtExpiresIn time.Duration `mapstructure:"JWT_EXPIRES_IN"` JwtHeader string `mapstructure:"JWT_HEADER"` JwtSecret string `mapstructure:"JWT_SECRET"` StoragePath string `mapstructure:"STORAGE_PATH"` diff --git a/web/documentserver-example/go/server/api/default/config.go b/web/documentserver-example/go/server/api/default/config.go index ed662d1e..233a8eb3 100644 --- a/web/documentserver-example/go/server/api/default/config.go +++ b/web/documentserver-example/go/server/api/default/config.go @@ -22,10 +22,12 @@ import ( "fmt" "net/http" "strings" + "time" "github.com/ONLYOFFICE/document-server-integration/server/managers" "github.com/ONLYOFFICE/document-server-integration/server/models" "github.com/ONLYOFFICE/document-server-integration/server/shared" + "github.com/golang-jwt/jwt" ) func (srv *DefaultServerEndpointsHandler) Config(w http.ResponseWriter, r *http.Request) { @@ -71,6 +73,10 @@ func (srv *DefaultServerEndpointsHandler) Config(w http.ResponseWriter, r *http. ), Mode: "edit", }, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * srv.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } secret := strings.TrimSpace(srv.config.JwtSecret) diff --git a/web/documentserver-example/go/server/api/default/reference.go b/web/documentserver-example/go/server/api/default/reference.go index c36ed014..70463205 100644 --- a/web/documentserver-example/go/server/api/default/reference.go +++ b/web/documentserver-example/go/server/api/default/reference.go @@ -23,11 +23,13 @@ import ( "net/http" "net/url" "strings" + "time" "github.com/ONLYOFFICE/document-server-integration/server/managers" "github.com/ONLYOFFICE/document-server-integration/server/models" "github.com/ONLYOFFICE/document-server-integration/server/shared" "github.com/ONLYOFFICE/document-server-integration/utils" + "github.com/golang-jwt/jwt" ) func (srv *DefaultServerEndpointsHandler) Reference(w http.ResponseWriter, r *http.Request) { @@ -99,6 +101,10 @@ func (srv *DefaultServerEndpointsHandler) Reference(w http.ResponseWriter, r *ht }, Link: remoteAddr + "/editor?filename=" + url.QueryEscape(fileName), Path: fileName, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * srv.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } secret := strings.TrimSpace(srv.config.JwtSecret) diff --git a/web/documentserver-example/go/server/managers/default/command.go b/web/documentserver-example/go/server/managers/default/command.go index b701f3eb..0b6b568b 100644 --- a/web/documentserver-example/go/server/managers/default/command.go +++ b/web/documentserver-example/go/server/managers/default/command.go @@ -23,6 +23,7 @@ import ( "net/http" "net/url" "strings" + "time" "github.com/ONLYOFFICE/document-server-integration/config" "github.com/ONLYOFFICE/document-server-integration/server/managers" @@ -59,6 +60,10 @@ func (cm DefaultCommandManager) CommandRequest(method string, docKey string, met payload := CommandPayload{ C: method, Key: docKey, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * cm.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } if meta != nil { payload.Meta = meta @@ -68,7 +73,7 @@ func (cm DefaultCommandManager) CommandRequest(method string, docKey string, met var headerToken string secret := strings.TrimSpace(cm.config.JwtSecret) if secret != "" && cm.config.JwtEnabled { - headerPayload := fillJwtByUrl(uri, payload) + headerPayload := fillJwtByUrl(uri, payload, cm.config) headerToken, err = cm.JwtManager.JwtSign(headerPayload, []byte(secret)) if err != nil { return nil, err @@ -103,7 +108,7 @@ func (cm DefaultCommandManager) CommandRequest(method string, docKey string, met return response, nil } -func fillJwtByUrl(uri string, payload CommandPayload) CommandRequestHeaderPayload { +func fillJwtByUrl(uri string, payload CommandPayload, config config.ApplicationConfig) CommandRequestHeaderPayload { urlObj, _ := url.Parse(uri) query, _ := url.ParseQuery(urlObj.RawQuery) queryMap := make(map[string]string) @@ -114,5 +119,9 @@ func fillJwtByUrl(uri string, payload CommandPayload) CommandRequestHeaderPayloa return CommandRequestHeaderPayload{ Query: queryMap, Payload: payload, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } } diff --git a/web/documentserver-example/go/server/managers/default/conversion.go b/web/documentserver-example/go/server/managers/default/conversion.go index d59d2f0b..42ed0031 100644 --- a/web/documentserver-example/go/server/managers/default/conversion.go +++ b/web/documentserver-example/go/server/managers/default/conversion.go @@ -24,11 +24,13 @@ import ( "io" "net/http" "strings" + "time" "github.com/ONLYOFFICE/document-server-integration/config" "github.com/ONLYOFFICE/document-server-integration/server/managers" "github.com/ONLYOFFICE/document-server-integration/server/shared" "github.com/ONLYOFFICE/document-server-integration/utils" + "github.com/golang-jwt/jwt" "go.uber.org/zap" ) @@ -109,6 +111,10 @@ func (cm DefaultConversionManager) GetConverterUri( Title: utils.GetFileName(docUri), Key: docKey, Async: isAsync, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * cm.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } var headerToken string @@ -116,7 +122,13 @@ func (cm DefaultConversionManager) GetConverterUri( secret := strings.TrimSpace(cm.config.JwtSecret) if secret != "" && cm.config.JwtEnabled { - headerPayload := managers.ConvertRequestHeaderPayload{Payload: payload} + headerPayload := managers.ConvertRequestHeaderPayload{ + Payload: payload, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * cm.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, + } headerToken, err = cm.JwtManager.JwtSign(headerPayload, []byte(secret)) if err != nil { return "", "", err diff --git a/web/documentserver-example/go/server/managers/default/document.go b/web/documentserver-example/go/server/managers/default/document.go index 897627e5..d3a78e04 100644 --- a/web/documentserver-example/go/server/managers/default/document.go +++ b/web/documentserver-example/go/server/managers/default/document.go @@ -28,6 +28,7 @@ import ( "github.com/ONLYOFFICE/document-server-integration/server/managers" "github.com/ONLYOFFICE/document-server-integration/server/models" "github.com/ONLYOFFICE/document-server-integration/utils" + "github.com/golang-jwt/jwt" "go.uber.org/zap" ) @@ -152,7 +153,7 @@ func (dm DefaultDocumentManager) BuildDocumentConfig( return nil, err } - config := models.Config{ + config := &models.Config{ Type: parameters.Type, DocumentType: dm.ConversionManager.GetFileType(parameters.Filename), Document: models.Document{ @@ -223,6 +224,10 @@ func (dm DefaultDocumentManager) BuildDocumentConfig( }, }, }, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * dm.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } secret := strings.TrimSpace(dm.config.JwtSecret) @@ -231,7 +236,7 @@ func (dm DefaultDocumentManager) BuildDocumentConfig( config.Token = token } - return &config, nil + return config, nil } func (dm DefaultDocumentManager) IsDocumentConvertable(filename string) bool { diff --git a/web/documentserver-example/go/server/managers/default/history.go b/web/documentserver-example/go/server/managers/default/history.go index 14b3e310..1a0bd53f 100644 --- a/web/documentserver-example/go/server/managers/default/history.go +++ b/web/documentserver-example/go/server/managers/default/history.go @@ -23,12 +23,14 @@ import ( "fmt" "net/http" "path" + "time" "github.com/ONLYOFFICE/document-server-integration/config" "github.com/ONLYOFFICE/document-server-integration/server/managers" "github.com/ONLYOFFICE/document-server-integration/server/models" "github.com/ONLYOFFICE/document-server-integration/server/shared" "github.com/ONLYOFFICE/document-server-integration/utils" + "github.com/golang-jwt/jwt" "go.uber.org/zap" ) @@ -195,6 +197,10 @@ func (hm DefaultHistoryManager) fetchNextHistoryEntry( Key: key, Url: url, Version: version, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * hm.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } } @@ -261,6 +267,10 @@ func (hm DefaultHistoryManager) GetHistory( Url: hm.StorageManager.GeneratePublicFileUri(filename, remoteAddress, managers.FileMeta{}), Version: version, ChangesUrl: changesUrl, + StandardClaims: jwt.StandardClaims{ + ExpiresAt: time.Now().Add(time.Minute * hm.config.JwtExpiresIn).Unix(), + IssuedAt: time.Now().Unix(), + }, } rhist.History = append(rhist.History, models.History{ diff --git a/web/documentserver-example/go/server/models/config.go b/web/documentserver-example/go/server/models/config.go index fa3df04b..176e86b3 100644 --- a/web/documentserver-example/go/server/models/config.go +++ b/web/documentserver-example/go/server/models/config.go @@ -20,10 +20,10 @@ package models import "github.com/golang-jwt/jwt" type Config struct { - Type string `json:"type"` - Document Document `json:"document"` - DocumentType string `json:"documentType"` - EditorConfig EditorConfig `json:"editorConfig"` - Token string `json:"token,omitempty"` - jwt.StandardClaims `json:"-"` + Type string `json:"type"` + Document Document `json:"document"` + DocumentType string `json:"documentType"` + EditorConfig EditorConfig `json:"editorConfig"` + Token string `json:"token,omitempty"` + jwt.StandardClaims } diff --git a/web/documentserver-example/go/server/models/reference.go b/web/documentserver-example/go/server/models/reference.go index af8ddc29..e12f95db 100644 --- a/web/documentserver-example/go/server/models/reference.go +++ b/web/documentserver-example/go/server/models/reference.go @@ -25,12 +25,12 @@ type ReferenceData struct { } type Reference struct { - ReferenceData ReferenceData `json:"referenceData"` - Link string `json:"link"` - Path string `json:"path"` - FileType string `json:"fileType"` - Key string `json:"key"` - Url string `json:"url"` - Token string `json:"token,omitempty"` - jwt.StandardClaims `json:"-"` + ReferenceData ReferenceData `json:"referenceData"` + Link string `json:"link"` + Path string `json:"path"` + FileType string `json:"fileType"` + Key string `json:"key"` + Url string `json:"url"` + Token string `json:"token,omitempty"` + jwt.StandardClaims }