Merge pull request #347 from ONLYOFFICE/bugfix/wopi-language

nodejs: wopi: fix language
nodejs: wopi: refactor wopi params
2026-02-11 10:25:15 +08:00 · 2023-02-17 16:02:16 +05:00 · 2023-02-17 13:26:18 +03:00 · 2023-02-17 11:35:25 +03:00 · 2023-02-10 13:09:09 +03:00 · 2023-02-10 15:07:52 +05:00
40 changed files with 109 additions and 41 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,6 @@
 # Change Log

+- separate setting for checking the token in requests
 - php: linter refactoring

 ## 1.5.0
--- a/web/documentserver-example/csharp-mvc/Helpers/DocumentConverter.cs
+++ b/web/documentserver-example/csharp-mvc/Helpers/DocumentConverter.cs
@ -119,7 +119,7 @@ namespace OnlineEditorsExampleMVC.Helpers
                { "region", lang }
            };

-            if (JwtManager.Enabled)
+            if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
            {
                // create payload object
                var payload = new Dictionary<string, object>
--- a/web/documentserver-example/csharp-mvc/Helpers/JwtManager.cs
+++ b/web/documentserver-example/csharp-mvc/Helpers/JwtManager.cs
@ -29,11 +29,13 @@ namespace OnlineEditorsExampleMVC.Helpers
    {
        private static readonly string Secret;
        public static readonly bool Enabled;
+        public static readonly bool SignatureUseForRequest;

        static JwtManager()
        {
            Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? "";  // get token secret from the config parameters
            Enabled = !string.IsNullOrEmpty(Secret);  // check if the token is enabled
+            SignatureUseForRequest = bool.Parse(WebConfigurationManager.AppSettings["files.docservice.token.useforrequest"]);
        }

        // encode a payload object into a token using a secret key
--- a/web/documentserver-example/csharp-mvc/Helpers/TrackManager.cs
+++ b/web/documentserver-example/csharp-mvc/Helpers/TrackManager.cs
@ -53,7 +53,7 @@ namespace OnlineEditorsExampleMVC.Helpers
            var fileData = jss.Deserialize<Dictionary<string, object>>(body);

            // check if the document token is enabled
-            if (JwtManager.Enabled)
+            if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
            {
                string JWTheader = string.IsNullOrEmpty(WebConfigurationManager.AppSettings["files.docservice.header"]) ? "Authorization" : WebConfigurationManager.AppSettings["files.docservice.header"];

@ -285,7 +285,7 @@ namespace OnlineEditorsExampleMVC.Helpers
            }

            // check if a secret key to generate token exists or not
-            if (JwtManager.Enabled)
+            if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
            {
                var payload = new Dictionary<string, object>
                    {
--- a/web/documentserver-example/csharp-mvc/WebEditor.ashx.cs
+++ b/web/documentserver-example/csharp-mvc/WebEditor.ashx.cs
@ -461,7 +461,7 @@ namespace OnlineEditorsExampleMVC
                var userAddress = context.Request["userAddress"];
                var isEmbedded = context.Request["dmode"];

-                if (JwtManager.Enabled && isEmbedded == null && userAddress != null)
+                if (JwtManager.Enabled && isEmbedded == null && userAddress != null && JwtManager.SignatureUseForRequest)
                {
                    string JWTheader = string.IsNullOrEmpty(WebConfigurationManager.AppSettings["files.docservice.header"]) ? "Authorization" : WebConfigurationManager.AppSettings["files.docservice.header"];

@ -519,7 +519,7 @@ namespace OnlineEditorsExampleMVC
                var version = System.Convert.ToInt32(context.Request["ver"]);
                var file = Path.GetFileName(context.Request["file"]);

-                if (JwtManager.Enabled)
+                if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
                {
                    string JWTheader = string.IsNullOrEmpty(WebConfigurationManager.AppSettings["files.docservice.header"]) ? "Authorization" : WebConfigurationManager.AppSettings["files.docservice.header"];

--- a/web/documentserver-example/csharp-mvc/web.appsettings.config
+++ b/web/documentserver-example/csharp-mvc/web.appsettings.config
@ -14,6 +14,8 @@
  <add key="files.docservice.secret" value="" />
  <add key="files.docservice.header" value="Authorization" />

+  <add key="files.docservice.token.useforrequest" value="true" />
+
  <add key="files.docservice.verify-peer-off" value="true"/>

  <add key="files.docservice.languages" value="en:English|hy:Armenian|az:Azerbaijani|eu:Basque|be:Belarusian|bg:Bulgarian|ca:Catalan|zh:Chinese (People's Republic of China)|zh-TW:Chinese (Traditional, Taiwan)|cs:Czech|da:Danish|nl:Dutch|fi:Finnish|fr:French|gl:Galego|de:German|el:Greek|hu:Hungarian|id:Indonesian|it:Italian|ja:Japanese|ko:Korean|lv:Latvian|lo:Lao|ms:Malay (Malaysia)|nb:Norwegian|pl:Polish|pt:Portuguese (Brazil)|pt-PT:Portuguese (Portugal)|ro:Romanian|ru:Russian|sk:Slovak|sl:Slovenian|es:Spanish|sv:Swedish|tr:Turkish|uk:Ukrainian|vi:Vietnamese|aa-AA: Test Language"/>
--- a/web/documentserver-example/csharp/DocumentConverter.cs
+++ b/web/documentserver-example/csharp/DocumentConverter.cs
@ -121,7 +121,7 @@ namespace ASC.Api.DocumentConverter
                { "region", lang }
            };

-            if (JwtManager.Enabled)
+            if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
            {
                // create payload object
                var payload = new Dictionary<string, object>
--- a/web/documentserver-example/csharp/JwtManager.cs
+++ b/web/documentserver-example/csharp/JwtManager.cs
@ -29,11 +29,13 @@ namespace OnlineEditorsExample
    {
        private static readonly string Secret;
        public static readonly bool Enabled;
+        public static readonly bool SignatureUseForRequest;

        static JwtManager()
        {
            Secret = WebConfigurationManager.AppSettings["files.docservice.secret"] ?? "";  // get token secret from the config parameters
            Enabled = !string.IsNullOrEmpty(Secret);  // check if the token is enabled
+            SignatureUseForRequest = bool.Parse(WebConfigurationManager.AppSettings["files.docservice.token.useforrequest"]);
        }

        // encode a payload object into a token using a secret key
--- a/web/documentserver-example/csharp/TrackManager.cs
+++ b/web/documentserver-example/csharp/TrackManager.cs
@ -55,7 +55,7 @@ namespace OnlineEditorsExample
            var fileData = jss.Deserialize<Dictionary<string, object>>(body);

            // check if the document token is enabled
-            if (JwtManager.Enabled)
+            if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
            {
                string JWTheader = string.IsNullOrEmpty(WebConfigurationManager.AppSettings["files.docservice.header"]) ? "Authorization" : WebConfigurationManager.AppSettings["files.docservice.header"];

@ -288,7 +288,7 @@ namespace OnlineEditorsExample
            }

            // check if a secret key to generate token exists or not
-            if (JwtManager.Enabled)
+            if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
            {
                var payload = new Dictionary<string, object>
                {
--- a/web/documentserver-example/csharp/WebEditor.ashx.cs
+++ b/web/documentserver-example/csharp/WebEditor.ashx.cs
@ -281,7 +281,7 @@ namespace OnlineEditorsExample
                var userAddress = Path.GetFileName(context.Request["userAddress"]);
                var isEmbedded = context.Request["dmode"];

-                if (JwtManager.Enabled && isEmbedded == null && userAddress != null)
+                if (JwtManager.Enabled && isEmbedded == null && userAddress != null && JwtManager.SignatureUseForRequest)
                {
                    string JWTheader = string.IsNullOrEmpty(WebConfigurationManager.AppSettings["files.docservice.header"]) ? "Authorization" : WebConfigurationManager.AppSettings["files.docservice.header"];

@ -338,7 +338,7 @@ namespace OnlineEditorsExample
                var version = Path.GetFileName(context.Request["ver"]);
                var file = Path.GetFileName(context.Request["file"]);

-                if (JwtManager.Enabled)
+                if (JwtManager.Enabled && JwtManager.SignatureUseForRequest)
                {
                    string JWTheader = string.IsNullOrEmpty(WebConfigurationManager.AppSettings["files.docservice.header"]) ? "Authorization" : WebConfigurationManager.AppSettings["files.docservice.header"];

--- a/web/documentserver-example/csharp/settings.config
+++ b/web/documentserver-example/csharp/settings.config
@ -15,6 +15,8 @@
  <add key="files.docservice.header" value="Authorization" />
  <add key="files.docservice.verify-peer-off" value="true"/>

+  <add key="files.docservice.token.useforrequest" value="true" />
+
  <add key="files.docservice.languages" value="en:English|hy:Armenian|az:Azerbaijani|eu:Basque|be:Belarusian|bg:Bulgarian|ca:Catalan|zh:Chinese (People's Republic of China)|zh-TW:Chinese (Traditional, Taiwan)|cs:Czech|da:Danish|nl:Dutch|fi:Finnish|fr:French|gl:Galego|de:German|el:Greek|hu:Hungarian|id:Indonesian|it:Italian|ja:Japanese|ko:Korean|lv:Latvian|lo:Lao|ms:Malay (Malaysia)|nb:Norwegian|pl:Polish|pt:Portuguese (Brazil)|pt-PT:Portuguese (Portugal)|ro:Romanian|ru:Russian|sk:Slovak|sl:Slovenian|es:Spanish|sv:Swedish|tr:Turkish|uk:Ukrainian|vi:Vietnamese|aa-AA: Test Language"/>

  <add key="files.docservice.url.site" value="http://documentserver/"/>
--- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/controllers/FileController.java
+++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/controllers/FileController.java
@ -266,7 +266,7 @@ public class FileController {
                                             @RequestParam("file") final String file) { // history file
        try {
            // check if a token is enabled or not
-            if (jwtManager.tokenEnabled()) {
+            if (jwtManager.tokenEnabled() && jwtManager.tokenUseForRequest()) {
                String header = request.getHeader(documentJwtHeader == null  // get the document JWT header
                        || documentJwtHeader.isEmpty() ? "Authorization" : documentJwtHeader);
                if (header != null && !header.isEmpty()) {
@ -289,7 +289,7 @@ public class FileController {
                                             @RequestParam(value = "userAddress", required = false) final String userAddress){
        try {
            // check if a token is enabled or not
-            if (jwtManager.tokenEnabled() && userAddress != null) {
+            if (jwtManager.tokenEnabled() && userAddress != null && jwtManager.tokenUseForRequest()) {
                String header = request.getHeader(documentJwtHeader == null // get the document JWT header
                        || documentJwtHeader.isEmpty() ? "Authorization" : documentJwtHeader);
                if (header != null && !header.isEmpty()) {
--- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/managers/callback/DefaultCallbackManager.java
+++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/managers/callback/DefaultCallbackManager.java
@ -211,7 +211,8 @@ public class DefaultCallbackManager implements CallbackManager {
        }

        String headerToken;
-        if (jwtManager.tokenEnabled()) {  // check if a secret key to generate token exists or not
+        // check if a secret key to generate token exists or not
+        if (jwtManager.tokenEnabled() && jwtManager.tokenUseForRequest()) {
            Map<String, Object> payloadMap = new HashMap<>();
            payloadMap.put("payload", params);
            headerToken = jwtManager.createToken(payloadMap);  // encode a payload object into a header token
--- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/managers/jwt/DefaultJwtManager.java
+++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/managers/jwt/DefaultJwtManager.java
@ -37,6 +37,8 @@ import java.util.Map;
 public class DefaultJwtManager implements JwtManager {
    @Value("${files.docservice.secret}")
    private String tokenSecret;
+    @Value("${files.docservice.token-use-for-request}")
+    private String tokenUseForRequest;
    @Autowired
    private ObjectMapper objectMapper;
    @Autowired
@ -62,6 +64,10 @@ public class DefaultJwtManager implements JwtManager {
        return tokenSecret != null && !tokenSecret.isEmpty();
    }

+    public boolean tokenUseForRequest() {
+        return Boolean.parseBoolean(tokenUseForRequest) && !tokenUseForRequest.isEmpty();
+    }
+
    // read document token
    public JWT readToken(final String token) {
        try {
@ -84,7 +90,7 @@ public class DefaultJwtManager implements JwtManager {
        } catch (Exception ex) {
            throw new RuntimeException("{\"error\":1,\"message\":\"JSON Parsing error\"}");
        }
-        if (tokenEnabled()) {  // check if the token is enabled
+        if (tokenEnabled() && tokenUseForRequest()) {  // check if the token is enabled
            String token = (String) body.get("token");  // get token from the body
            if (token == null) {  // if token is empty
                if (header != null && !header.isBlank()) {  // and the header is defined
--- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/managers/jwt/JwtManager.java
+++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/managers/jwt/JwtManager.java
@ -26,6 +26,7 @@ import java.util.Map;
 // specify the jwt manager functions
 public interface JwtManager {
    boolean tokenEnabled();  // check if the token is enabled
+    boolean tokenUseForRequest();  // check if the token is enabled
    String createToken(Map<String, Object> payloadClaims);  // create document token
    JWT readToken(String token);  // read document token
    JSONObject parseBody(String payload, String header);  // parse the body
--- a/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/util/service/DefaultServiceConverter.java
+++ b/web/documentserver-example/java-spring/src/main/java/com/onlyoffice/integration/documentserver/util/service/DefaultServiceConverter.java
@ -155,7 +155,7 @@ public class DefaultServiceConverter implements ServiceConverter {
        }

        String headerToken = "";
-        if (jwtManager.tokenEnabled()) {
+        if (jwtManager.tokenEnabled() && jwtManager.tokenUseForRequest()) {
            HashMap<String, Object> map = new HashMap<String, Object>();
            map.put("region", lang);
            map.put("url", body.getUrl());
--- a/web/documentserver-example/java-spring/src/main/resources/application.properties
+++ b/web/documentserver-example/java-spring/src/main/resources/application.properties
@ -24,6 +24,7 @@ files.docservice.url.example=

 files.docservice.secret=
 files.docservice.header=Authorization
+files.docservice.token-use-for-request=true

 files.docservice.verify-peer-off=true

--- a/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java
+++ b/web/documentserver-example/java/src/main/java/controllers/IndexServlet.java
@ -472,7 +472,7 @@ public class IndexServlet extends HttpServlet {
                                        final HttpServletResponse response,
                                        final PrintWriter writer) {
        try {
-            if (DocumentManager.tokenEnabled()) {
+            if (DocumentManager.tokenEnabled() && DocumentManager.tokenUseForRequest()) {

                String documentJwtHeader = ConfigManager.getProperty("files.docservice.header");

@ -517,7 +517,8 @@ public class IndexServlet extends HttpServlet {
            String userAddress = request.getParameter("userAddress");
            String isEmbedded = request.getParameter("dmode");

-            if (DocumentManager.tokenEnabled() && isEmbedded == null && userAddress != null) {
+            if (DocumentManager.tokenEnabled() && isEmbedded == null && userAddress != null
+                    && DocumentManager.tokenUseForRequest()) {

                String documentJwtHeader = ConfigManager.getProperty("files.docservice.header");

--- a/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java
+++ b/web/documentserver-example/java/src/main/java/helpers/DocumentManager.java
@ -565,11 +565,22 @@ public final class DocumentManager {
        return secret != null && !secret.isEmpty();
    }

+    // check if the token is enabled for request
+    public static Boolean tokenUseForRequest() {
+        String tokenUseForRequest = getTokenUseForRequest();
+        return Boolean.parseBoolean(tokenUseForRequest) && !tokenUseForRequest.isEmpty();
+    }
+
    // get token secret from the config parameters
    public static String getTokenSecret() {
        return ConfigManager.getProperty("files.docservice.secret");
    }

+    // get config request jwt
+    public static String getTokenUseForRequest() {
+        return ConfigManager.getProperty("files.docservice.token-use-for-request");
+    }
+
    // get languages
    public static Map<String, String> getLanguages() {
        String langs = ConfigManager.getProperty("files.docservice.languages");
--- a/web/documentserver-example/java/src/main/java/helpers/ServiceConverter.java
+++ b/web/documentserver-example/java/src/main/java/helpers/ServiceConverter.java
@ -168,7 +168,7 @@ public final class ServiceConverter {
        }

        String headerToken = "";
-        if (DocumentManager.tokenEnabled()) {
+        if (DocumentManager.tokenEnabled() && DocumentManager.tokenUseForRequest()) {
            HashMap<String, Object> map = new HashMap<String, Object>();
            map.put("region", lang);
            map.put("url", body.getUrl());
--- a/web/documentserver-example/java/src/main/java/helpers/TrackManager.java
+++ b/web/documentserver-example/java/src/main/java/helpers/TrackManager.java
@ -87,7 +87,7 @@ public final class TrackManager {
        }

        // if the secret key to generate token exists
-        if (DocumentManager.tokenEnabled()) {
+        if (DocumentManager.tokenEnabled() && DocumentManager.tokenUseForRequest()) {
            String token = (String) body.get("token");  // get the document token

            if (token == null) {  // if JSON web token is not received
@ -388,7 +388,8 @@ public final class TrackManager {
        }

        String headerToken = "";
-        if (DocumentManager.tokenEnabled()) {  // check if a secret key to generate token exists or not
+        // check if a secret key to generate token exists or not
+        if (DocumentManager.tokenEnabled() && DocumentManager.tokenUseForRequest()) {
            Map<String, Object> payloadMap = new HashMap<String, Object>();
            payloadMap.put("payload", params);
            headerToken = DocumentManager.createToken(payloadMap);  // encode a payload object into a header token
--- a/web/documentserver-example/java/src/main/resources/settings.properties
+++ b/web/documentserver-example/java/src/main/resources/settings.properties
@ -20,5 +20,6 @@ files.docservice.languages=en:English|hy:Armenian|az:Azerbaijani|eu:Basque|be:Be

 files.docservice.secret=
 files.docservice.header=Authorization
+files.docservice.token-use-for-request=TRUE

 files.docservice.verify-peer-off=TRUE
--- a/web/documentserver-example/nodejs/helpers/wopi/wopiRouting.js
+++ b/web/documentserver-example/nodejs/helpers/wopi/wopiRouting.js
@ -26,6 +26,19 @@ const configServer = config.get('server');
 const siteUrl = configServer.get("siteUrl");  // the path to the editors installation
 const users = require("../users");

+getCustomWopiParams = function (query) {
+    let tokenParams = "";
+    let actionParams = "";
+
+    const userid = query.userid;  // user id
+    tokenParams += (userid ? "&userid=" + userid : "");
+
+    const lang = query.lang;  // language
+    actionParams += (lang ? "&ui=" + lang : "");
+
+    return { "tokenParams": tokenParams, "actionParams": actionParams };
+};
+
 exports.registerRoutes = function(app) {

    // define a handler for the default wopi page
@ -115,7 +128,7 @@ exports.registerRoutes = function(app) {
                actionUrl: utils.getActionUrl(req.docManager.getServerUrl(true), req.docManager.curUserHostAddress(), action, req.params['id']),
                token: "test",
                tokenTtl: Date.now() + 1000 * 60 * 60 * 10,
-                params: req.docManager.getCustomParams(),
+                params: getCustomWopiParams(req.query),
            });

        } catch (ex) {
--- a/web/documentserver-example/nodejs/views/wopiAction.ejs
+++ b/web/documentserver-example/nodejs/views/wopiAction.ejs
@ -50,8 +50,8 @@

 <body>

-    <form id="office_form" name="office_form" target="office_frame" action="<%= actionUrl %>" method="post">
-        <input name="access_token" value="<%= token %><%= params %>" type="hidden" />
+    <form id="office_form" name="office_form" target="office_frame" action="<%= actionUrl %><%= params.actionParams %>" method="post">
+        <input name="access_token" value="<%= token %><%= params.tokenParams %>" type="hidden" />
        <input name="access_token_ttl" value="<%= tokenTtl %>" type="hidden" />
    </form>

--- a/web/documentserver-example/php/config.php
+++ b/web/documentserver-example/php/config.php
@ -40,6 +40,7 @@ $GLOBALS['DOC_SERV_COMMAND_URL'] = "coauthoring/CommandService.ashx";

 $GLOBALS['DOC_SERV_JWT_SECRET'] = "";
 $GLOBALS['DOC_SERV_JWT_HEADER'] = "Authorization";
+$GLOBALS['DOC_SERV_JWT_USE_FOR_REQUEST'] = true;

 $GLOBALS['DOC_SERV_VERIFY_PEER_OFF'] = true;

--- a/web/documentserver-example/php/doceditor.php
+++ b/web/documentserver-example/php/doceditor.php
@ -698,4 +698,4 @@ function getHistory($filename, $filetype, $docKey, $fileuri, $isEnableDirectUrl)
        </div>
    </form>
 </body>
-</html>
+</html>
--- a/web/documentserver-example/php/functions.php
+++ b/web/documentserver-example/php/functions.php
@ -171,7 +171,7 @@ function sendRequestToConvertService(
    $headerToken = "";
    $jwtHeader = $GLOBALS['DOC_SERV_JWT_HEADER'] == "" ? "Authorization" : $GLOBALS['DOC_SERV_JWT_HEADER'];

-    if (isJwtEnabled()) {
+    if (isJwtEnabled() && tokenUseForRequest()) {
        $headerToken = jwtEncode(["payload" => $arr]);
        $arr["token"] = jwtEncode($arr);
    }
--- a/web/documentserver-example/php/jwtmanager.php
+++ b/web/documentserver-example/php/jwtmanager.php
@ -31,6 +31,16 @@ function isJwtEnabled()
    return !empty($GLOBALS['DOC_SERV_JWT_SECRET']);
 }

+/**
+ * Check if a secret key use for request
+ *
+ * @return bool
+ */
+function tokenUseForRequest()
+{
+    return $GLOBALS['DOC_SERV_JWT_USE_FOR_REQUEST'] ?: false;
+}
+
 /**
 * Encode a payload object into a token using a secret key
 *
@ -40,7 +50,7 @@ function isJwtEnabled()
 */
 function jwtEncode($payload)
 {
-    return \Firebase\JWT\JWT::encode($payload, $GLOBALS["DOC_SERV_JWT_SECRET"]);
+    return \Firebase\JWT\JWT::encode($payload, $GLOBALS['DOC_SERV_JWT_SECRET']);
 }

 /**
@ -53,7 +63,7 @@ function jwtEncode($payload)
 function jwtDecode($token)
 {
    try {
-        $payload = \Firebase\JWT\JWT::decode($token, $GLOBALS["DOC_SERV_JWT_SECRET"], ["HS256"]);
+        $payload = \Firebase\JWT\JWT::decode($token, $GLOBALS['DOC_SERV_JWT_SECRET'], ['HS256']);
    } catch (\UnexpectedValueException $e) {
        $payload = "";
    }
--- a/web/documentserver-example/php/trackmanager.php
+++ b/web/documentserver-example/php/trackmanager.php
@ -45,7 +45,7 @@ function readBody()
    sendlog("   InputStream data: " . serialize($data), "webedior-ajax.log");

    // check if the document token is enabled
-    if (isJwtEnabled()) {
+    if (isJwtEnabled() && tokenUseForRequest()) {
        sendlog("   jwt enabled, checking tokens", "webedior-ajax.log");

        $inHeader = false;
@ -300,7 +300,7 @@ function commandRequest($method, $key, $meta = null)
    $headerToken = "";
    $jwtHeader = $GLOBALS['DOC_SERV_JWT_HEADER'] == "" ? "Authorization" : $GLOBALS['DOC_SERV_JWT_HEADER'];

-    if (isJwtEnabled()) {  // check if a secret key to generate token exists or not
+    if (isJwtEnabled() && tokenUseForRequest()) {  // check if a secret key to generate token exists or not
        $headerToken = jwtEncode(["payload" => $arr]);  // encode a payload object into a header token
        $arr["token"] = jwtEncode($arr);  // encode a payload object into a body token
    }
--- a/web/documentserver-example/php/webeditor-ajax.php
+++ b/web/documentserver-example/php/webeditor-ajax.php
@ -435,7 +435,7 @@ function historyDownload()
        $ver = $_GET["ver"];
        $file = $_GET["file"];

-        if (isJwtEnabled()) {
+        if (isJwtEnabled() && tokenUseForRequest()) {
            $jwtHeader = $GLOBALS['DOC_SERV_JWT_HEADER'] == "" ? "Authorization" : $GLOBALS['DOC_SERV_JWT_HEADER'];
            if (!empty(apache_request_headers()[$jwtHeader])) {
                $token = jwtDecode(mb_substr(apache_request_headers()[$jwtHeader], mb_strlen("Bearer ")));
@ -475,7 +475,7 @@ function download()
        $userAddress = $_GET["userAddress"];
        $isEmbedded = $_GET["&dmode"];

-        if (isJwtEnabled() && $isEmbedded == null && $userAddress) {
+        if (isJwtEnabled() && $isEmbedded == null && $userAddress && tokenUseForRequest()) {
            $jwtHeader = $GLOBALS['DOC_SERV_JWT_HEADER'] == "" ? "Authorization" : $GLOBALS['DOC_SERV_JWT_HEADER'];
            if (!empty(apache_request_headers()[$jwtHeader])) {
                $token = jwtDecode(mb_substr(apache_request_headers()[$jwtHeader], mb_strlen("Bearer ")));
--- a/web/documentserver-example/python/config.py
+++ b/web/documentserver-example/python/config.py
@ -29,6 +29,7 @@ EXAMPLE_DOMAIN = None

 DOC_SERV_JWT_SECRET = ''  # the secret key for generating token
 DOC_SERV_JWT_HEADER = 'Authorization'
+DOC_SERV_JWT_USE_FOR_REQUEST = True

 DOC_SERV_VERIFY_PEER = False

--- a/web/documentserver-example/python/src/utils/jwtManager.py
+++ b/web/documentserver-example/python/src/utils/jwtManager.py
@ -23,6 +23,10 @@ import jwt
 def isEnabled():
    return bool(config.DOC_SERV_JWT_SECRET)

+# check if a secret key to generate token exists or not
+def useForRequest():
+    return bool(config.DOC_SERV_JWT_USE_FOR_REQUEST)
+
 # encode a payload object into a token using a secret key and decodes it into the utf-8 format
 def encode(payload):
    return jwt.encode(payload, config.DOC_SERV_JWT_SECRET, algorithm='HS256')
--- a/web/documentserver-example/python/src/utils/serviceConverter.py
+++ b/web/documentserver-example/python/src/utils/serviceConverter.py
@ -44,7 +44,7 @@ def getConverterUri(docUri, fromExt, toExt, docKey, isAsync, filePass = None, la
    if (isAsync): # check if the operation is asynchronous
        payload.setdefault('async', True) # and write this information to the payload object

-    if jwtManager.isEnabled(): # check if a secret key to generate token exists or not
+    if (jwtManager.isEnabled() and jwtManager.useForRequest()): # check if a secret key to generate token exists or not
        jwtHeader = 'Authorization' if config.DOC_SERV_JWT_HEADER is None or config.DOC_SERV_JWT_HEADER == '' else config.DOC_SERV_JWT_HEADER # get jwt header
        headerToken = jwtManager.encode({'payload': payload}) # encode a payload object into a header token
        payload['token'] = jwtManager.encode(payload) # encode a payload object into a body token
--- a/web/documentserver-example/python/src/utils/trackManager.py
+++ b/web/documentserver-example/python/src/utils/trackManager.py
@ -26,7 +26,7 @@ from . import jwtManager, docManager, historyManager, fileUtils, serviceConverte
 # read request body
 def readBody(request):
    body = json.loads(request.body)
-    if (jwtManager.isEnabled()): # if the secret key to generate token exists
+    if (jwtManager.isEnabled() and jwtManager.useForRequest()): # if the secret key to generate token exists
        token = body.get('token') # get the document token

        if (not token): # if JSON web token is not received
@ -165,7 +165,7 @@ def commandRequest(method, key, meta = None):

    headers={'accept': 'application/json'}

-    if jwtManager.isEnabled(): # check if a secret key to generate token exists or not
+    if (jwtManager.isEnabled() and jwtManager.useForRequest()): # check if a secret key to generate token exists or not
        jwtHeader = 'Authorization' if config.DOC_SERV_JWT_HEADER is None or config.DOC_SERV_JWT_HEADER == '' else config.DOC_SERV_JWT_HEADER # get jwt header
        headerToken = jwtManager.encode({'payload': payload}) # encode a payload object into a header token
        headers[jwtHeader] = f'Bearer {headerToken}' # add a header Authorization with a header token with Authorization prefix in it
--- a/web/documentserver-example/python/src/views/actions.py
+++ b/web/documentserver-example/python/src/views/actions.py
@ -400,7 +400,7 @@ def download(request):
        userAddress = request.GET.get('userAddress')
        isEmbedded = request.GET.get('dmode')

-        if (jwtManager.isEnabled() and isEmbedded == None and userAddress):
+        if (jwtManager.isEnabled() and isEmbedded == None and userAddress and jwtManager.useForRequest()):
            jwtHeader = 'Authorization' if config.DOC_SERV_JWT_HEADER is None or config.DOC_SERV_JWT_HEADER == '' else config.DOC_SERV_JWT_HEADER
            token = request.headers.get(jwtHeader)
            if token:
@ -433,7 +433,7 @@ def downloadhistory(request):
        version = fileUtils.getFileName(request.GET['ver'])
        isEmbedded = request.GET.get('dmode')

-        if (jwtManager.isEnabled() and isEmbedded == None):
+        if (jwtManager.isEnabled() and isEmbedded == None and jwtManager.useForRequest()):
            jwtHeader = 'Authorization' if config.DOC_SERV_JWT_HEADER is None or config.DOC_SERV_JWT_HEADER == '' else config.DOC_SERV_JWT_HEADER
            token = request.headers.get(jwtHeader)
            if token:
--- a/web/documentserver-example/ruby/app/controllers/home_controller.rb
+++ b/web/documentserver-example/ruby/app/controllers/home_controller.rb
@ -153,7 +153,7 @@ class HomeController < ApplicationController
      file = params[:file]
      isEmbedded = params[:dmode]

-      if JwtHelper.is_enabled
+      if JwtHelper.is_enabled && JwtHelper.use_for_request
        jwtHeader = Rails.configuration.header.empty? ? "Authorization" : Rails.configuration.header;
        if request.headers[jwtHeader]
          hdr = request.headers[jwtHeader]
@ -272,7 +272,7 @@ class HomeController < ApplicationController
      user_address = params[:userAddress]
      isEmbedded = params[:dmode]

-      if JwtHelper.is_enabled && isEmbedded == nil && user_address != nil
+      if JwtHelper.is_enabled && isEmbedded == nil && user_address != nil && JwtHelper.use_for_request
        jwtHeader = Rails.configuration.header.empty? ? "Authorization" : Rails.configuration.header;
        if request.headers[jwtHeader]
            hdr = request.headers[jwtHeader]
--- a/web/documentserver-example/ruby/app/models/jwt_helper.rb
+++ b/web/documentserver-example/ruby/app/models/jwt_helper.rb
@ -19,6 +19,7 @@ require 'jwt'
 class JwtHelper

    @jwt_secret = Rails.configuration.jwtSecret
+    @token_use_for_request = Rails.configuration.token_use_for_request
  
    class << self
        # check if a secret key to generate token exists or not
@ -26,6 +27,11 @@ class JwtHelper
            return @jwt_secret && !@jwt_secret.empty? ? true : false
        end

+        # check if a secret key used for request
+        def use_for_request
+            return @token_use_for_request
+        end
+
        # encode a payload object into a token using a secret key
        def encode(payload)
            return JWT.encode payload, @jwt_secret, 'HS256' # define the hashing algorithm and get token
--- a/web/documentserver-example/ruby/app/models/service_converter.rb
+++ b/web/documentserver-example/ruby/app/models/service_converter.rb
@ -59,7 +59,7 @@ class ServiceConverter
        req.add_field("Accept", "application/json")  # set headers
        req.add_field("Content-Type", "application/json")

-        if JwtHelper.is_enabled  # if the signature is enabled
+        if JwtHelper.is_enabled && JwtHelper.use_for_request  # if the signature is enabled
          payload["token"] = JwtHelper.encode(payload)  # get token and save it to the payload
          jwtHeader = Rails.configuration.header.empty? ? "Authorization" : Rails.configuration.header;  # get signature authorization header
          req.add_field(jwtHeader, "Bearer #{JwtHelper.encode({ :payload => payload })}")  # set it to the request with the Bearer prefix
--- a/web/documentserver-example/ruby/app/models/track_helper.rb
+++ b/web/documentserver-example/ruby/app/models/track_helper.rb
@ -31,7 +31,7 @@ class TrackHelper
            file_data = JSON.parse(body)  # parse file data

            # check if a secret key to generate token exists or not
-            if JwtHelper.is_enabled
+            if JwtHelper.is_enabled && JwtHelper.use_for_request
                inHeader = false
                token = nil
                jwtHeader = Rails.configuration.header.empty? ? "Authorization" : Rails.configuration.header;  # get the authorization header from the config
@ -234,7 +234,7 @@ class TrackHelper
                req = Net::HTTP::Post.new(uri.request_uri)  # create the post request
                req.add_field("Content-Type", "application/json")  # set headers

-                if JwtHelper.is_enabled  # if the signature is enabled
+                if JwtHelper.is_enabled && JwtHelper.use_for_request  # if the signature is enabled
                    payload["token"] = JwtHelper.encode(payload)  # get token and save it to the payload
                    jwtHeader = Rails.configuration.header.empty? ? "Authorization" : Rails.configuration.header;  # get signature authorization header
                    req.add_field(jwtHeader, "Bearer #{JwtHelper.encode({ :payload => payload })}")  # set it to the request with the Bearer prefix
--- a/web/documentserver-example/ruby/config/application.rb
+++ b/web/documentserver-example/ruby/config/application.rb
@ -47,6 +47,7 @@ module OnlineEditorsExampleRuby

    Rails.configuration.jwtSecret = ""
    Rails.configuration.header="Authorization"
+    Rails.configuration.token_use_for_request=true

    Rails.configuration.verify_peer_off = "true"
Author	SHA1	Message	Date
Sergey Linnik	66ab02199b	Merge pull request #347 from ONLYOFFICE/bugfix/wopi-language nodejs: wopi: fix language	2023-02-17 16:02:16 +05:00
Andrei Panov	d77be1fcbd	nodejs: wopi: refactor wopi params	2023-02-17 13:26:18 +03:00
Andrei Panov	c291b1059c	nodejs: wopi: fix language	2023-02-17 11:35:25 +03:00
Sergey Linnik	2aaa32449a	Merge pull request #341 from ONLYOFFICE/feature/config-request-jwt Feature/config request jwt	2023-02-10 13:09:09 +03:00
Sergey Linnik	1a44d6d415	token.useforrequest to changelog	2023-02-10 15:07:52 +05:00
rivexe	e4439bfc3e	php: "\r\n" replaced with "\n"	2023-02-09 11:05:06 +03:00
Sergey Linnik	5ad77a855b	Merge remote-tracking branch 'remotes/origin/develop' into feature/config-request-jwt # Conflicts: # web/documentserver-example/php/config.php # web/documentserver-example/php/functions.php # web/documentserver-example/php/jwtmanager.php # web/documentserver-example/php/trackmanager.php	2023-02-09 12:32:06 +05:00
rivexe	9db426ffe5	php: tokenUseForRequest() function used instead of $GLOBALS array value	2023-02-06 16:33:26 +03:00
rivexe	a6ee7d28d0	php: added tokenUseForRequest() method into jwtmanager	2023-02-06 16:25:41 +03:00
rivexe	7a50b8fda2	ruby: config request JWT used in functions	2023-02-06 16:14:53 +03:00
rivexe	5f7f8d66d5	ruby: added use_for_request method into jwt_helper	2023-02-06 16:11:41 +03:00
rivexe	d514acf32e	python: config request JWT used in functions	2023-02-06 15:44:59 +03:00
rivexe	d3df1499d2	python: added useForRequest() method into jwtManager	2023-02-06 15:37:29 +03:00
rivexe	f7682b12ae	java-spring: config request JWT used in functions	2023-02-06 15:22:06 +03:00
rivexe	8c2d62d917	java-spring: added tokenUseForRequest method and field into DefaultJwtManager class and JwtManager interface	2023-02-06 15:10:47 +03:00
rivexe	f0d9c54038	java: config request JWT used in functions	2023-02-06 14:52:33 +03:00
rivexe	fbe5b1de37	java: added tokenUseForRequest methods into DocumentManager	2023-02-06 14:24:02 +03:00
rivexe	dccfbb2edf	csharp-mvc: config request JWT used in functions	2023-02-06 12:46:11 +03:00
rivexe	0f2b5305e3	csharp-mvc: added SignatureUseForRequest field into JwtManager	2023-02-06 12:39:38 +03:00
rivexe	c69a7c92a5	csharp: config request JWT used in functions	2023-02-06 12:30:43 +03:00
rivexe	6fa3aab99c	csharp: added SignatureUseForRequest field into JwtManager	2023-02-06 12:13:49 +03:00
rivexe	02f4777058	php: config request JWT used in functions	2023-02-06 11:12:14 +03:00
Sergey Linnik	66cbb64039	php: require user address on download nodejs: require token on download	2023-02-01 15:00:10 +05:00
rivexe	879ee1f750	java-spring: token and user address required on download	2023-02-01 15:00:10 +05:00
rivexe	90449fff3a	java: token and address required on download	2023-02-01 15:00:09 +05:00
rivexe	893c6306f2	csharp-mvc: user address required on download	2023-02-01 15:00:09 +05:00
rivexe	aa3806f1dd	c-sharp: user address required on download	2023-02-01 15:00:09 +05:00
rivexe	4000117811	ruby: user address required on download	2023-02-01 15:00:09 +05:00
rivexe	3319e6428a	python: user address required on download	2023-02-01 15:00:08 +05:00