pengjunjie/document-server-integration
1
0
Fork 1
mirror of https://github.com/ONLYOFFICE/document-server-integration.git synced 2026-02-10 18:05:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #297 from ONLYOFFICE/feature/refactoring-jwt-manager

Browse Source 
Feature/refactoring jwt manager
# Conflicts:
#	CHANGELOG.md
This commit is contained in:
Sergey Linnik
2022-07-29 17:13:08 +03:00
parent 0ef2a4f3fd
commit d1affa2911
30 changed files with 664 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -1,6 +1,7 @@
# Change Log
- anonymous without chat
- changed jwt implementation in csharp, csharp-mvc, php, ruby
## 1.2.0
- ruby v3.0

6
web/documentserver-example/csharp-mvc/3rd-Party.license
View File

@ -24,11 +24,15 @@ jQuery.UI - jQuery UI is an open source library of interface components —
License: MIT
License File: jQuery.UI.license
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
License: MIT
License File: JWT.license
Microsoft.Web.Infrastructure - This package contains the Microsoft.Web.Infrastructure assembly that lets you dynamically register HTTP modules at run time. (https://www.microsoft.com/web/webpi/eula/aspnetmvc3update-eula.htm)
License: MS-EULA License
License File: Microsoft.Web.Infrastructure.license
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://licenses.nuget.org/MIT)
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
License: MIT
License File: Newtonsoft.Json.license

79
web/documentserver-example/csharp-mvc/Helpers/JwtManager.cs
View File

@ -16,12 +16,12 @@
*
*/
using System;
using JWT;
using JWT.Algorithms;
using JWT.Builder;
using JWT.Serializers;
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Text;
using System.Web.Configuration;
using System.Web.Script.Serialization;
namespace OnlineEditorsExampleMVC.Helpers
{
@ -30,31 +30,19 @@ namespace OnlineEditorsExampleMVC.Helpers
private static readonly string Secret;
public static readonly bool Enabled;
private static readonly JavaScriptSerializer Serializer;
static JwtManager()
{
Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? ""; // get token secret from the config parameters
Enabled = !string.IsNullOrEmpty(Secret); // check if the token is enabled
Serializer = new JavaScriptSerializer(); // define java script serializer
}
// encode a payload object into a token using a secret key
public static string Encode(IDictionary<string, object> payload)
{
// define the hashing algorithm and the token type
var header = new Dictionary<string, object>
{
{ "alg", "HS256" },
{ "typ", "JWT" }
};
// three parts of token
var encHeader = Base64UrlEncode(Serializer.Serialize(header)); // header
var encPayload = Base64UrlEncode(Serializer.Serialize(payload)); // payload
var hashSum = Base64UrlEncode(CalculateHash(encHeader, encPayload)); // signature
return string.Format("{0}.{1}.{2}", encHeader, encPayload, hashSum);
var encoder = new JwtEncoder(new HMACSHA256Algorithm(),
new JsonNetSerializer(),
new JwtBase64UrlEncoder());
return encoder.Encode(payload, Secret);
}
// decode a token into a payload object using a secret key
@ -62,52 +50,11 @@ namespace OnlineEditorsExampleMVC.Helpers
{
if (!Enabled || string.IsNullOrEmpty(token)) return "";
var split = token.Split('.');
if (split.Length != 3) return "";
var hashSum = Base64UrlEncode(CalculateHash(split[0], split[1])); // get signature
if (hashSum != split[2]) return ""; // and check if it is equal to the signature from the token
return Base64UrlDecode(split[1]); // decode payload
}
// generate a hash code based on a key using the HMAC method
private static byte[] CalculateHash(string encHeader, string encPayload)
{
using (var hasher = new HMACSHA256(Encoding.UTF8.GetBytes(Secret)))
{
var bytes = Encoding.UTF8.GetBytes(string.Format("{0}.{1}", encHeader, encPayload));
return hasher.ComputeHash(bytes);
}
}
// encode a string into the base64 value
private static string Base64UrlEncode(string str)
{
return Base64UrlEncode(Encoding.UTF8.GetBytes(str));
}
// encode bytes into the base64 value
private static string Base64UrlEncode(byte[] bytes)
{
return Convert.ToBase64String(bytes)
.TrimEnd('=').Replace('+', '-').Replace('/', '_');
}
// decode a base64 value into the string
private static string Base64UrlDecode(string payload)
{
var b64 = payload.Replace('_', '/').Replace('-', '+');
switch (b64.Length%4)
{
case 2:
b64 += "==";
break;
case 3:
b64 += "=";
break;
}
var bytes = Convert.FromBase64String(b64);
return Encoding.UTF8.GetString(bytes);
return JwtBuilder.Create()
.WithAlgorithm(new HMACSHA256Algorithm())
.WithSecret(Secret)
.MustVerifySignature()
.Decode(token);
}
}
}

3
web/documentserver-example/csharp-mvc/OnlineEditorsExampleMVC.csproj
View File

@ -43,6 +43,9 @@
<WarningLevel>4</WarningLevel>
</PropertyGroup>
<ItemGroup>
<Reference Include="JWT, Version=9.0.0.0, Culture=neutral, PublicKeyToken=6f98bca0f40f2ecf, processorArchitecture=MSIL">
<HintPath>packages\JWT.9.0.3\lib\net46\JWT.dll</HintPath>
</Reference>
<Reference Include="Microsoft.CSharp" />
<Reference Include="System" />
<Reference Include="System.ComponentModel.DataAnnotations" />

6
web/documentserver-example/csharp-mvc/licenses/3rd-Party.license
View File

@ -24,11 +24,15 @@ jQuery.UI - jQuery UI is an open source library of interface components —
License: MIT
License File: jQuery.UI.license
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
License: MIT
License File: JWT.license
Microsoft.Web.Infrastructure - This package contains the Microsoft.Web.Infrastructure assembly that lets you dynamically register HTTP modules at run time. (https://www.microsoft.com/web/webpi/eula/aspnetmvc3update-eula.htm)
License: MS-EULA License
License File: Microsoft.Web.Infrastructure.license
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://licenses.nuget.org/MIT)
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
License: MIT
License File: Newtonsoft.Json.license

21
web/documentserver-example/csharp-mvc/licenses/JWT.license Normal file
View File

@ -0,0 +1,21 @@
# Public Domain
Written by John Sheehan (http://john-sheehan.com)
This work is public domain.
The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
For more information, please visit: http://creativecommons.org/publicdomain/zero/1.0/
# MIT
Copyright (c) 2019 Jwt.Net Maintainers and Contributors.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
For more information, please visit: https://opensource.org/licenses/MIT

1
web/documentserver-example/csharp-mvc/packages.config
View File

@ -2,6 +2,7 @@
<packages>
<package id="Antlr" version="3.5.0.2" targetFramework="net45" />
<package id="EntityFramework" version="6.4.4" targetFramework="net45" />
<package id="JWT" version="9.0.3" targetFramework="net48" />
<package id="Microsoft.AspNet.Mvc" version="5.2.7" targetFramework="net45" />
<package id="Microsoft.AspNet.Razor" version="3.2.7" targetFramework="net45" />
<package id="Microsoft.AspNet.Web.Optimization" version="1.1.3" targetFramework="net45" />

8
web/documentserver-example/csharp/3rd-Party.license
View File

@ -19,3 +19,11 @@ License File: jQuery.iframe-transport.license
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
License: MIT
License File: jQuery.UI.license
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
License: MIT
License File: JWT.license
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
License: MIT
License File: Newtonsoft.Json.license

79
web/documentserver-example/csharp/JwtManager.cs
View File

@ -16,12 +16,12 @@
*
*/
using System;
using JWT;
using JWT.Algorithms;
using JWT.Builder;
using JWT.Serializers;
using System.Collections.Generic;
using System.Security.Cryptography;
using System.Text;
using System.Web.Configuration;
using System.Web.Script.Serialization;
namespace OnlineEditorsExample
{
@ -30,31 +30,19 @@ namespace OnlineEditorsExample
private static readonly string Secret;
public static readonly bool Enabled;
private static readonly JavaScriptSerializer Serializer;
static JwtManager()
{
Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? ""; // get token secret from the config parameters
Enabled = !string.IsNullOrEmpty(Secret); // check if the token is enabled
Serializer = new JavaScriptSerializer(); // define java script serializer
}
// encode a payload object into a token using a secret key
public static string Encode(IDictionary<string, object> payload)
{
// define the hashing algorithm and the token type
var header = new Dictionary<string, object>
{
{ "alg", "HS256" },
{ "typ", "JWT" }
};
// three parts of token
var encHeader = Base64UrlEncode(Serializer.Serialize(header)); // header
var encPayload = Base64UrlEncode(Serializer.Serialize(payload)); // payload
var hashSum = Base64UrlEncode(CalculateHash(encHeader, encPayload)); // signature
return string.Format("{0}.{1}.{2}", encHeader, encPayload, hashSum);
var encoder = new JwtEncoder(new HMACSHA256Algorithm(),
new JsonNetSerializer(),
new JwtBase64UrlEncoder());
return encoder.Encode(payload, Secret);
}
// decode a token into a payload object using a secret key
@ -62,52 +50,11 @@ namespace OnlineEditorsExample
{
if (!Enabled || string.IsNullOrEmpty(token)) return "";
var split = token.Split('.');
if (split.Length != 3) return "";
var hashSum = Base64UrlEncode(CalculateHash(split[0], split[1])); // get signature
if (hashSum != split[2]) return ""; // and check if it is equal to the signature from the token
return Base64UrlDecode(split[1]); // decode payload
}
// generate a hash code based on a key using the HMAC method
private static byte[] CalculateHash(string encHeader, string encPayload)
{
using (var hasher = new HMACSHA256(Encoding.UTF8.GetBytes(Secret)))
{
var bytes = Encoding.UTF8.GetBytes(string.Format("{0}.{1}", encHeader, encPayload));
return hasher.ComputeHash(bytes);
}
}
// encode a string into the base64 value
private static string Base64UrlEncode(string str)
{
return Base64UrlEncode(Encoding.UTF8.GetBytes(str));
}
// encode bytes into the base64 value
private static string Base64UrlEncode(byte[] bytes)
{
return Convert.ToBase64String(bytes)
.TrimEnd('=').Replace('+', '-').Replace('/', '_');
}
// decode a base64 value into the string
private static string Base64UrlDecode(string payload)
{
var b64 = payload.Replace('_', '/').Replace('-', '+');
switch (b64.Length%4)
{
case 2:
b64 += "==";
break;
case 3:
b64 += "=";
break;
}
var bytes = Convert.FromBase64String(b64);
return Encoding.UTF8.GetString(bytes);
return JwtBuilder.Create()
.WithAlgorithm(new HMACSHA256Algorithm())
.WithSecret(Secret)
.MustVerifySignature()
.Decode(token);
}
}
}

6
web/documentserver-example/csharp/OnlineEditorsExample.csproj
View File

@ -44,10 +44,16 @@
<Prefer32Bit>false</Prefer32Bit>
</PropertyGroup>
<ItemGroup>
<Reference Include="JWT, Version=9.0.0.0, Culture=neutral, PublicKeyToken=6f98bca0f40f2ecf, processorArchitecture=MSIL">
<HintPath>packages\JWT.9.0.3\lib\net46\JWT.dll</HintPath>
</Reference>
<Reference Include="Microsoft.CSharp" />
<Reference Include="Microsoft.Web.Infrastructure">
<HintPath>packages\Microsoft.Web.Infrastructure.1.0.0.0\lib\net40\Microsoft.Web.Infrastructure.dll</HintPath>
</Reference>
<Reference Include="Newtonsoft.Json, Version=10.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed, processorArchitecture=MSIL">
<HintPath>packages\Newtonsoft.Json.10.0.3\lib\net45\Newtonsoft.Json.dll</HintPath>
</Reference>
<Reference Include="System" />
<Reference Include="System.Web.Extensions" />
<Reference Include="System.Web" />

8
web/documentserver-example/csharp/licenses/3rd-Party.license
View File

@ -19,3 +19,11 @@ License File: jQuery.iframe-transport.license
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
License: MIT
License File: jQuery.UI.license
JWT - JWT (JSON Web Token) Implementation for .NET (Public Domain) (https://github.com/jwt-dotnet/jwt/)
License: MIT
License File: JWT.license
Newtonsoft.Json - Json.NET is a popular high-performance JSON framework for .NET (https://github.com/JamesNK/Newtonsoft.Json)
License: MIT
License File: Newtonsoft.Json.license

21
web/documentserver-example/csharp/licenses/JWT.license Normal file
View File

@ -0,0 +1,21 @@
# Public Domain
Written by John Sheehan (http://john-sheehan.com)
This work is public domain.
The person who associated a work with this deed has dedicated the work to the public domain by waiving all of his or her rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law.
For more information, please visit: http://creativecommons.org/publicdomain/zero/1.0/
# MIT
Copyright (c) 2019 Jwt.Net Maintainers and Contributors.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
For more information, please visit: https://opensource.org/licenses/MIT

20
web/documentserver-example/csharp/licenses/Newtonsoft.Json.license Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2007 James Newton-King
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

2
web/documentserver-example/csharp/packages.config
View File

@ -1,6 +1,8 @@
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="JWT" version="9.0.3" targetFramework="net48" />
<package id="Microsoft.AspNet.Razor" version="3.2.7" targetFramework="net45" />
<package id="Microsoft.AspNet.WebPages" version="3.2.7" targetFramework="net45" />
<package id="Microsoft.Web.Infrastructure" version="1.0.0.0" targetFramework="net45" />
<package id="Newtonsoft.Json" version="10.0.3" targetFramework="net48" />
</packages>

4
web/documentserver-example/php/3rd-Party.license
View File

@ -19,3 +19,7 @@ License File: jQuery.iframe-transport.license
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
License: MIT
License File: jQuery.UI.license
JWT - JSON Web Token implementation (https://github.com/firebase/php-jwt/blob/master/LICENSE)
License: BSD
License File: jwt.license

52
web/documentserver-example/php/jwtmanager.php
View File

@ -17,6 +17,10 @@
*
*/
require_once( dirname(__FILE__) . '/lib/jwt/BeforeValidException.php' );
require_once( dirname(__FILE__) . '/lib/jwt/ExpiredException.php' );
require_once( dirname(__FILE__) . '/lib/jwt/SignatureInvalidException.php' );
require_once( dirname(__FILE__) . '/lib/jwt/JWT.php' );
require_once( dirname(__FILE__) . '/config.php' );
// check if a secret key to generate token exists or not
@ -26,51 +30,17 @@ function isJwtEnabled() {
// encode a payload object into a token using a secret key
function jwtEncode($payload) {
$header = [
"alg" => "HS256", // the hashing algorithm
"typ" => "JWT" // the token type
];
// three parts of token
$encHeader = base64UrlEncode(json_encode($header)); // header
$encPayload = base64UrlEncode(json_encode($payload)); // payload
$hash = base64UrlEncode(calculateHash($encHeader, $encPayload)); // signature
return "$encHeader.$encPayload.$hash";
return \Firebase\JWT\JWT::encode($payload, $GLOBALS["DOC_SERV_JWT_SECRET"]);
}
// decode a token into a payload object using a secret key
function jwtDecode($token) {
if (!isJwtEnabled()) return "";
$split = explode(".", $token);
if (count($split) != 3) return "";
$hash = base64UrlEncode(calculateHash($split[0], $split[1]));
if (strcmp($hash, $split[2]) != 0) return "";
return base64UrlDecode($split[1]);
}
// generate a hash code based on a key using the HMAC method
function calculateHash($encHeader, $encPayload) {
return hash_hmac("sha256", "$encHeader.$encPayload", $GLOBALS['DOC_SERV_JWT_SECRET'], true);
}
// encode a string into the base64 value
function base64UrlEncode($str) {
return str_replace("/", "_", str_replace("+", "-", trim(base64_encode($str), "=")));
}
// decode a base64 value into the string
function base64UrlDecode($payload) {
$b64 = str_replace("_", "/", str_replace("-", "+", $payload));
switch (strlen($b64) % 4) {
case 2:
$b64 = $b64 . "=="; break;
case 3:
$b64 = $b64 . "="; break;
try {
$payload = \Firebase\JWT\JWT::decode($token, $GLOBALS["DOC_SERV_JWT_SECRET"], array("HS256"));
} catch (\UnexpectedValueException $e) {
$payload = "";
}
return base64_decode($b64);
}
return $payload;
}
?>

7
web/documentserver-example/php/lib/jwt/BeforeValidException.php Normal file
View File

@ -0,0 +1,7 @@
<?php
namespace Firebase\JWT;
class BeforeValidException extends \UnexpectedValueException
{
}

7
web/documentserver-example/php/lib/jwt/ExpiredException.php Normal file
View File

@ -0,0 +1,7 @@
<?php
namespace Firebase\JWT;
class ExpiredException extends \UnexpectedValueException
{
}

370
web/documentserver-example/php/lib/jwt/JWT.php Normal file
View File

@ -0,0 +1,370 @@
<?php
namespace Firebase\JWT;
use \DomainException;
use \InvalidArgumentException;
use \UnexpectedValueException;
use \DateTime;
/**
* JSON Web Token implementation, based on this spec:
* http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-06
*
* PHP version 5
*
* @category Authentication
* @package Authentication_JWT
* @author Neuman Vong <neuman@twilio.com>
* @author Anant Narayanan <anant@php.net>
* @license http://opensource.org/licenses/BSD-3-Clause 3-clause BSD
* @link https://github.com/firebase/php-jwt
*/
class JWT
{
/**
* When checking nbf, iat or expiration times,
* we want to provide some extra leeway time to
* account for clock skew.
*/
public static $leeway = 0;
/**
* Allow the current timestamp to be specified.
* Useful for fixing a value within unit testing.
*
* Will default to PHP time() value if null.
*/
public static $timestamp = null;
public static $supported_algs = array(
'HS256' => array('hash_hmac', 'SHA256'),
'HS512' => array('hash_hmac', 'SHA512'),
'HS384' => array('hash_hmac', 'SHA384'),
'RS256' => array('openssl', 'SHA256'),
);
/**
* Decodes a JWT string into a PHP object.
*
* @param string $jwt The JWT
* @param string|array $key The key, or map of keys.
* If the algorithm used is asymmetric, this is the public key
* @param array $allowed_algs List of supported verification algorithms
* Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
*
* @return object The JWT's payload as a PHP object
*
* @throws UnexpectedValueException Provided JWT was invalid
* @throws SignatureInvalidException Provided JWT was invalid because the signature verification failed
* @throws BeforeValidException Provided JWT is trying to be used before it's eligible as defined by 'nbf'
* @throws BeforeValidException Provided JWT is trying to be used before it's been created as defined by 'iat'
* @throws ExpiredException Provided JWT has since expired, as defined by the 'exp' claim
*
* @uses jsonDecode
* @uses urlsafeB64Decode
*/
public static function decode($jwt, $key, $allowed_algs = array())
{
$timestamp = is_null(static::$timestamp) ? time() : static::$timestamp;
if (empty($key)) {
throw new InvalidArgumentException('Key may not be empty');
}
if (!is_array($allowed_algs)) {
throw new InvalidArgumentException('Algorithm not allowed');
}
$tks = explode('.', $jwt);
if (count($tks) != 3) {
throw new UnexpectedValueException('Wrong number of segments');
}
list($headb64, $bodyb64, $cryptob64) = $tks;
if (null === ($header = static::jsonDecode(static::urlsafeB64Decode($headb64)))) {
throw new UnexpectedValueException('Invalid header encoding');
}
if (null === $payload = static::jsonDecode(static::urlsafeB64Decode($bodyb64))) {
throw new UnexpectedValueException('Invalid claims encoding');
}
$sig = static::urlsafeB64Decode($cryptob64);
if (empty($header->alg)) {
throw new UnexpectedValueException('Empty algorithm');
}
if (empty(static::$supported_algs[$header->alg])) {
throw new UnexpectedValueException('Algorithm not supported');
}
if (!in_array($header->alg, $allowed_algs)) {
throw new UnexpectedValueException('Algorithm not allowed');
}
if (is_array($key) || $key instanceof \ArrayAccess) {
if (isset($header->kid)) {
$key = $key[$header->kid];
} else {
throw new UnexpectedValueException('"kid" empty, unable to lookup correct key');
}
}
// Check the signature
if (!static::verify("$headb64.$bodyb64", $sig, $key, $header->alg)) {
throw new SignatureInvalidException('Signature verification failed');
}
// Check if the nbf if it is defined. This is the time that the
// token can actually be used. If it's not yet that time, abort.
if (isset($payload->nbf) && $payload->nbf > ($timestamp + static::$leeway)) {
throw new BeforeValidException(
'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->nbf)
);
}
// Check that this token has been created before 'now'. This prevents
// using tokens that have been created for later use (and haven't
// correctly used the nbf claim).
if (isset($payload->iat) && $payload->iat > ($timestamp + static::$leeway)) {
throw new BeforeValidException(
'Cannot handle token prior to ' . date(DateTime::ISO8601, $payload->iat)
);
}
// Check if this token has expired.
if (isset($payload->exp) && ($timestamp - static::$leeway) >= $payload->exp) {
throw new ExpiredException('Expired token');
}
return $payload;
}
/**
* Converts and signs a PHP object or array into a JWT string.
*
* @param object|array $payload PHP object or array
* @param string $key The secret key.
* If the algorithm used is asymmetric, this is the private key
* @param string $alg The signing algorithm.
* Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
* @param mixed $keyId
* @param array $head An array with header elements to attach
*
* @return string A signed JWT
*
* @uses jsonEncode
* @uses urlsafeB64Encode
*/
public static function encode($payload, $key, $alg = 'HS256', $keyId = null, $head = null)
{
$header = array('typ' => 'JWT', 'alg' => $alg);
if ($keyId !== null) {
$header['kid'] = $keyId;
}
if ( isset($head) && is_array($head) ) {
$header = array_merge($head, $header);
}
$segments = array();
$segments[] = static::urlsafeB64Encode(static::jsonEncode($header));
$segments[] = static::urlsafeB64Encode(static::jsonEncode($payload));
$signing_input = implode('.', $segments);
$signature = static::sign($signing_input, $key, $alg);
$segments[] = static::urlsafeB64Encode($signature);
return implode('.', $segments);
}
/**
* Sign a string with a given key and algorithm.
*
* @param string $msg The message to sign
* @param string|resource $key The secret key
* @param string $alg The signing algorithm.
* Supported algorithms are 'HS256', 'HS384', 'HS512' and 'RS256'
*
* @return string An encrypted message
*
* @throws DomainException Unsupported algorithm was specified
*/
public static function sign($msg, $key, $alg = 'HS256')
{
if (empty(static::$supported_algs[$alg])) {
throw new DomainException('Algorithm not supported');
}
list($function, $algorithm) = static::$supported_algs[$alg];
switch($function) {
case 'hash_hmac':
return hash_hmac($algorithm, $msg, $key, true);
case 'openssl':
$signature = '';
$success = openssl_sign($msg, $signature, $key, $algorithm);
if (!$success) {
throw new DomainException("OpenSSL unable to sign data");
} else {
return $signature;
}
}
}
/**
* Verify a signature with the message, key and method. Not all methods
* are symmetric, so we must have a separate verify and sign method.
*
* @param string $msg The original message (header and body)
* @param string $signature The original signature
* @param string|resource $key For HS*, a string key works. for RS*, must be a resource of an openssl public key
* @param string $alg The algorithm
*
* @return bool
*
* @throws DomainException Invalid Algorithm or OpenSSL failure
*/
private static function verify($msg, $signature, $key, $alg)
{
if (empty(static::$supported_algs[$alg])) {
throw new DomainException('Algorithm not supported');
}
list($function, $algorithm) = static::$supported_algs[$alg];
switch($function) {
case 'openssl':
$success = openssl_verify($msg, $signature, $key, $algorithm);
if (!$success) {
throw new DomainException("OpenSSL unable to verify data: " . openssl_error_string());
} else {
return $signature;
}
case 'hash_hmac':
default:
$hash = hash_hmac($algorithm, $msg, $key, true);
if (function_exists('hash_equals')) {
return hash_equals($signature, $hash);
}
$len = min(static::safeStrlen($signature), static::safeStrlen($hash));
$status = 0;
for ($i = 0; $i < $len; $i++) {
$status |= (ord($signature[$i]) ^ ord($hash[$i]));
}
$status |= (static::safeStrlen($signature) ^ static::safeStrlen($hash));
return ($status === 0);
}
}
/**
* Decode a JSON string into a PHP object.
*
* @param string $input JSON string
*
* @return object Object representation of JSON string
*
* @throws DomainException Provided string was invalid JSON
*/
public static function jsonDecode($input)
{
if (version_compare(PHP_VERSION, '5.4.0', '>=') && !(defined('JSON_C_VERSION') && PHP_INT_SIZE > 4)) {
/** In PHP >=5.4.0, json_decode() accepts an options parameter, that allows you
* to specify that large ints (like Steam Transaction IDs) should be treated as
* strings, rather than the PHP default behaviour of converting them to floats.
*/
$obj = json_decode($input, false, 512, JSON_BIGINT_AS_STRING);
} else {
/** Not all servers will support that, however, so for older versions we must
* manually detect large ints in the JSON string and quote them (thus converting
*them to strings) before decoding, hence the preg_replace() call.
*/
$max_int_length = strlen((string) PHP_INT_MAX) - 1;
$json_without_bigints = preg_replace('/:\s*(-?\d{'.$max_int_length.',})/', ': "$1"', $input);
$obj = json_decode($json_without_bigints);
}
if (function_exists('json_last_error') && $errno = json_last_error()) {
static::handleJsonError($errno);
} elseif ($obj === null && $input !== 'null') {
throw new DomainException('Null result with non-null input');
}
return $obj;
}
/**
* Encode a PHP object into a JSON string.
*
* @param object|array $input A PHP object or array
*
* @return string JSON representation of the PHP object or array
*
* @throws DomainException Provided object could not be encoded to valid JSON
*/
public static function jsonEncode($input)
{
$json = json_encode($input);
if (function_exists('json_last_error') && $errno = json_last_error()) {
static::handleJsonError($errno);
} elseif ($json === 'null' && $input !== null) {
throw new DomainException('Null result with non-null input');
}
return $json;
}
/**
* Decode a string with URL-safe Base64.
*
* @param string $input A Base64 encoded string
*
* @return string A decoded string
*/
public static function urlsafeB64Decode($input)
{
$remainder = strlen($input) % 4;
if ($remainder) {
$padlen = 4 - $remainder;
$input .= str_repeat('=', $padlen);
}
return base64_decode(strtr($input, '-_', '+/'));
}
/**
* Encode a string with URL-safe Base64.
*
* @param string $input The string you want encoded
*
* @return string The base64 encode of what you passed in
*/
public static function urlsafeB64Encode($input)
{
return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
}
/**
* Helper method to create a JSON error.
*
* @param int $errno An error number from json_last_error()
*
* @return void
*/
private static function handleJsonError($errno)
{
$messages = array(
JSON_ERROR_DEPTH => 'Maximum stack depth exceeded',
JSON_ERROR_CTRL_CHAR => 'Unexpected control character found',
JSON_ERROR_SYNTAX => 'Syntax error, malformed JSON'
);
throw new DomainException(
isset($messages[$errno])
? $messages[$errno]
: 'Unknown JSON error: ' . $errno
);
}
/**
* Get the number of bytes in cryptographic strings.
*
* @param string
*
* @return int
*/
private static function safeStrlen($str)
{
if (function_exists('mb_strlen')) {
return mb_strlen($str, '8bit');
}
return strlen($str);
}
}

30
web/documentserver-example/php/lib/jwt/LICENSE Normal file
View File

@ -0,0 +1,30 @@
Copyright (c) 2011, Neuman Vong
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided
with the distribution.
* Neither the name of Neuman Vong nor the names of other
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

7
web/documentserver-example/php/lib/jwt/SignatureInvalidException.php Normal file
View File

@ -0,0 +1,7 @@
<?php
namespace Firebase\JWT;
class SignatureInvalidException extends \UnexpectedValueException
{
}

4
web/documentserver-example/php/licenses/3rd-Party.license
View File

@ -19,3 +19,7 @@ License File: jQuery.iframe-transport.license
jQuery.UI - jQuery UI is an open source library of interface components — interactions, full-featured widgets, and animation effects — based on the stellar jQuery javascript library . Each component is built according to jQuery's event-driven architecture (find something, manipulate it) and is themeable, making it easy for developers of any skill level to integrate and extend into their own code. (https://jquery.org/license/)
License: MIT
License File: jQuery.UI.license
JWT - JSON Web Token implementation (https://github.com/firebase/php-jwt/blob/master/LICENSE)
License: BSD
License File: jwt.license

30
web/documentserver-example/php/licenses/jwt.license Normal file
View File

@ -0,0 +1,30 @@
Copyright (c) 2011, Neuman Vong
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided
with the distribution.
* Neither the name of Neuman Vong nor the names of other
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

36
web/documentserver-example/php/trackmanager.php
View File

@ -32,7 +32,7 @@ function readBody() {
return $result;
}
$data = json_decode($body_stream, TRUE); // json_decode - PHP 5 >= 5.2.0
$data = json_decode($body_stream, false);
// check if the response is correct
if ($data === NULL) {
@ -47,27 +47,29 @@ function readBody() {
sendlog(" jwt enabled, checking tokens", "webedior-ajax.log");
$inHeader = false;
$token = "";
$data = "";
$jwtHeader = $GLOBALS['DOC_SERV_JWT_HEADER'] == "" ? "Authorization" : $GLOBALS['DOC_SERV_JWT_HEADER'];
if (!empty($data["token"])) { // if the document token is in the data
$token = jwtDecode($data["token"]); // decode it
$data = jwtDecode($data["token"]); // decode it
sendlog(" jwt in body", "webedior-ajax.log");
} elseif (!empty(apache_request_headers()[$jwtHeader])) { // if the Authorization header exists
$token = jwtDecode(substr(apache_request_headers()[$jwtHeader], strlen("Bearer "))); // decode its part after Authorization prefix
$data = jwtDecode(substr(apache_request_headers()[$jwtHeader], strlen("Bearer "))); // decode its part after Authorization prefix
$inHeader = true;
sendlog(" jwt in header", "webedior-ajax.log");
} else { // otherwise, an error occurs
sendlog(" jwt token wasn't found in body or headers", "webedior-ajax.log");
$result["error"] = "Expected JWT";
return $result;
}
if (empty($token)) { // invalid signature error
if ($data === "") { // invalid signature error
sendlog(" token was found but signature is invalid", "webedior-ajax.log");
$result["error"] = "Invalid JWT signature";
return $result;
}
$data = json_decode($token, true);
if ($inHeader) $data = $data["payload"];
if ($inHeader) $data = $data->payload;
}
return $data;
@ -75,14 +77,14 @@ function readBody() {
// file saving process
function processSave($data, $fileName, $userAddress) {
$downloadUri = $data["url"];
$downloadUri = $data->url;
if ($downloadUri === null) {
$result["error"] = 1;
return $result;
}
$curExt = strtolower('.' . pathinfo($fileName, PATHINFO_EXTENSION)); // get current file extension
$downloadExt = strtolower('.' . $data["filetype"]); // get the extension of the downloaded file
$downloadExt = strtolower('.' . $data->filetype); // get the extension of the downloaded file
// TODO [Delete in version 7.0 or higher]
if (!$downloadExt) $downloadExt = strtolower('.' . pathinfo($downloadUri, PATHINFO_EXTENSION)); // Support for versions below 7.0
@ -123,18 +125,18 @@ function processSave($data, $fileName, $userAddress) {
rename(getStoragePath($fileName, $userAddress), $verDir . DIRECTORY_SEPARATOR . "prev" . $curExt); // get the path to the previous file version and rename the storage path with it
file_put_contents($storagePath, $new_data, LOCK_EX); // save file to the storage directory
if ($changesData = file_get_contents($data["changesurl"])) {
if ($changesData = file_get_contents($data->changesurl)) {
file_put_contents($verDir . DIRECTORY_SEPARATOR . "diff.zip", $changesData, LOCK_EX); // save file changes to the diff.zip archive
}
$histData = empty($data["changeshistory"]) ? null : $data["changeshistory"];
$histData = empty($data->changeshistory) ? null : $data->changeshistory;
if (empty($histData)) {
$histData = json_encode($data["history"], JSON_PRETTY_PRINT);
$histData = json_encode($data->history, JSON_PRETTY_PRINT);
}
if (!empty($histData)) {
file_put_contents($verDir . DIRECTORY_SEPARATOR . "changes.json", $histData, LOCK_EX); // write the history changes to the changes.json file
}
file_put_contents($verDir . DIRECTORY_SEPARATOR . "key.txt", $data["key"], LOCK_EX); // write the key value to the key.txt file
file_put_contents($verDir . DIRECTORY_SEPARATOR . "key.txt", $data->key, LOCK_EX); // write the key value to the key.txt file
$forcesavePath = getForcesavePath($newFileName, $userAddress, false); // get the path to the forcesaved file version
if ($forcesavePath != "") { // if the forcesaved file version exists
@ -151,14 +153,14 @@ function processSave($data, $fileName, $userAddress) {
// file force saving process
function processForceSave($data, $fileName, $userAddress) {
$downloadUri = $data["url"];
$downloadUri = $data->url;
if ($downloadUri === null) {
$result["error"] = 1;
return $result;
}
$curExt = strtolower('.' . pathinfo($fileName, PATHINFO_EXTENSION)); // get current file extension
$downloadExt = strtolower('.' . $data["filetype"]); // get the extension of the downloaded file
$downloadExt = strtolower('.' . $data->filetype); // get the extension of the downloaded file
// TODO [Delete in version 7.0 or higher]
if (!$downloadExt) $downloadExt = strtolower('.' . pathinfo($downloadUri, PATHINFO_EXTENSION)); // Support for versions below 7.0
@ -190,7 +192,7 @@ function processForceSave($data, $fileName, $userAddress) {
if (!(($new_data = file_get_contents($downloadUri)) === FALSE)) {
$baseNameWithoutExt = substr($fileName, 0, strlen($fileName) - strlen($curExt));
$isSubmitForm = $data["forcesavetype"] == 3; // SubmitForm
$isSubmitForm = $data->forcesavetype == 3; // SubmitForm
if ($isSubmitForm) {
if ($newFileName){
@ -213,7 +215,7 @@ function processForceSave($data, $fileName, $userAddress) {
file_put_contents($forcesavePath, $new_data, LOCK_EX);
if ($isSubmitForm) {
$uid = $data["actions"][0]["userid"]; // get the user id
$uid = $data->actions[0]->userid; // get the user id
createMeta($fileName, $uid, "Filling Form", $userAddress); // create meta data for the forcesaved file
}

14
web/documentserver-example/php/webeditor-ajax.php
View File

@ -215,22 +215,24 @@ function track() {
// get the body of the post request and check if it is correct
$data = readBody();
if (!empty($data["error"])){
if (!empty($data->error)){
return $data;
}
global $_trackerStatus;
$status = $_trackerStatus[$data["status"]]; // get status from the request body
$status = $_trackerStatus[$data->status]; // get status from the request body
$userAddress = $_GET["userAddress"];
$fileName = basename($_GET["fileName"]);
sendlog(" CommandRequest status: " . $data->status, "webedior-ajax.log");
switch ($status) {
case "Editing": // status == 1
if ($data["actions"] && $data["actions"][0]["type"] == 0) { // finished edit
$user = $data["actions"][0]["userid"]; // the user who finished editing
if (array_search($user, $data["users"]) === FALSE) {
$commandRequest = commandRequest("forcesave", $data["key"]); // create a command request with the forcasave method
if ($data->actions && $data->actions[0]->type == 0) { // finished edit
$user = $data->actions[0]->userid; // the user who finished editing
if (array_search($user, $data->users) === FALSE) {
$commandRequest = commandRequest("forcesave", $data->key); // create a command request with the forcasave method
sendlog(" CommandRequest forcesave: " . serialize($commandRequest), "webedior-ajax.log");
}
}

5
web/documentserver-example/ruby/Gemfile
View File

@ -47,4 +47,7 @@ gem 'uuid'
gem 'rack-cors'
gem 'webrick'
gem 'webrick'
# A ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT) standard.
gem 'jwt', '~> 2.4.1'

4
web/documentserver-example/ruby/Gemfile.lock
View File

@ -96,6 +96,7 @@ GEM
railties (>= 4.2.0)
thor (>= 0.14, < 2.0)
json (1.8.6)
jwt (2.4.1)
loofah (2.13.0)
crass (~> 1.0.2)
nokogiri (>= 1.5.9)
@ -108,6 +109,8 @@ GEM
mini_mime (1.1.2)
minitest (5.15.0)
nio4r (2.5.8)
nokogiri (1.13.6-x64-mingw32)
racc (~> 1.4)
nokogiri (1.13.6-x86_64-linux)
racc (~> 1.4)
racc (1.6.0)
@ -201,6 +204,7 @@ DEPENDENCIES
coffee-rails (~> 5.0.0)
jbuilder (~> 2.9.1)
jquery-rails
jwt (~> 2.4.1)
mimemagic!
rack-cors
rails (= 6.1.4.1)

34
web/documentserver-example/ruby/app/models/jwt_helper.rb
View File

@ -14,6 +14,8 @@
# limitations under the License.
#
require 'jwt'
class JwtHelper
@jwt_secret = Rails.configuration.jwtSecret
@ -26,37 +28,19 @@ class JwtHelper
# encode a payload object into a token using a secret key
def encode(payload)
header = { :alg => "HS256", :typ => "JWT" } # define the hashing algorithm and the token type
# three parts of token
enc_header = Base64.urlsafe_encode64(header.to_json).remove("=") # header
enc_payload = Base64.urlsafe_encode64(payload.to_json).remove("=") # payload
hash = Base64.urlsafe_encode64(calc_hash(enc_header, enc_payload)).remove("=") # signature
return "#{enc_header}.#{enc_payload}.#{hash}"
return JWT.encode payload, @jwt_secret, 'HS256' # define the hashing algorithm and get token
end
# decode a token into a payload object using a secret key
def decode(token)
if !is_enabled
begin
decoded = JWT.decode token, @jwt_secret, true, { algorithm: 'HS256' }
rescue
return ""
end
split = token.split(".")
hash = Base64.urlsafe_encode64(calc_hash(split[0], split[1])).remove("=")
if !hash.eql?(split[2])
return ""
end
return Base64.urlsafe_decode64(split[1])
end
private
# generate a hash code based on a key using the HMAC method
def calc_hash(header, payload)
return OpenSSL::HMAC.digest("SHA256", @jwt_secret, "#{header}.#{payload}")
# decoded = Array [ {"data"=>"test"}, # payload
# {"alg"=>"HS256"} # header ]
return decoded[0].to_json # get json payload
end
end
end

4
web/documentserver-example/ruby/licenses/3rd-Party.license
View File

@ -36,6 +36,10 @@ jquery-rails - This gem provides jQuery and the jQuery-ujs driver for your Rail
License: MIT
License File: jquery-rails.license
mimemagic - А library to detect the mime type of a file by extension or by content. (https://github.com/mimemagicrb/mimemagic/blob/master/LICENSE)
License: MIT
License File: mimemagic.license
rails - Rails is a web-application framework that includes everything needed to create database-backed web applications according to the Model-View-Controller (MVC) pattern. (https://github.com/rails/rails/blob/v6.0.3.2/MIT-LICENSE)
License: MIT
License File: rails.license

19
web/documentserver-example/ruby/licenses/jwt.license Normal file
View File

@ -0,0 +1,19 @@
Copyright (c) 2011 Jeff Lindsay
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
urnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
OR OTHER DEALINGS IN THE SOFTWARE.