pengjunjie/server
1
0
Fork 1
mirror of https://github.com/ONLYOFFICE/server.git synced 2026-04-07 14:04:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

break: add inbox.inBody param; docbuilder enter in compatibility mode if query params exist

Browse Source
This commit is contained in:
Sergey Konovalov
2018-02-02 16:50:29 +03:00
parent c3816eb165
commit c5ed6716d7
4 changed files with 83 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Common/config/default.json
View File

@ -132,10 +132,10 @@
"errorcode": 401
},
"secret": {
"browser": {"string": "secret", "file": "", "tenants": {}},
"inbox": {"string": "secret", "file": "", "tenants": {}},
"outbox": {"string": "secret", "file": ""},
"session": {"string": "secret", "file": ""}
"browser": {"string": "secret1", "file": "", "tenants": {}},
"inbox": {"string": "secret2", "file": "", "tenants": {}},
"outbox": {"string": "secret3", "file": ""},
"session": {"string": "secret4", "file": ""}
},
"token": {
"enable": {
@ -146,18 +146,19 @@
}
},
"browser": {
"secretFromInbox": true
"secretFromInbox": false
},
"inbox": {
"header": "Authorization",
"prefix": "Bearer "
"prefix": "Bearer ",
"inBody": true
},
"outbox": {
"header": "Authorization",
"prefix": "Bearer ",
"algorithm": "HS256",
"expires": "5m",
"inBody": false
"inBody": true
},
"session": {
"algorithm": "HS256",

76
DocService/sources/DocsCoServer.js
View File

@ -130,6 +130,7 @@ const cfgTokenSessionAlgorithm = config.get('token.session.algorithm');
const cfgTokenSessionExpires = ms(config.get('token.session.expires'));
const cfgTokenInboxHeader = config.get('token.inbox.header');
const cfgTokenInboxPrefix = config.get('token.inbox.prefix');
const cfgTokenInboxInBody = config.get('token.inbox.inBody');
const cfgTokenOutboxInBody = config.get('token.outbox.inBody');
const cfgTokenBrowserSecretFromInbox = config.get('token.browser.secretFromInbox');
const cfgSecretBrowser = config.get('secret.browser');
@ -1078,6 +1079,48 @@ function checkJwtPayloadHash(docId, hash, body, token) {
}
return res;
}
function getRequestParams(docId, req, opt_isNotInBody, opt_tokenAssign) {
let res = {code: constants.NO_ERROR, params: undefined};
if (req.body && Buffer.isBuffer(req.body) && !opt_isNotInBody) {
res.params = JSON.parse(req.body.toString('utf8'));
} else {
res.params = req.query;
}
if (cfgTokenEnableRequestInbox) {
res.code = constants.VKEY;
let checkJwtRes;
if (cfgTokenInboxInBody && !opt_isNotInBody) {
checkJwtRes = checkJwt(docId, res.params.token, commonDefines.c_oAscSecretType.Inbox);
} else {
//for compatibility
checkJwtRes = checkJwtHeader(docId, req);
}
if (checkJwtRes) {
if (checkJwtRes.decoded) {
res.code = constants.NO_ERROR;
if (cfgTokenInboxInBody && !opt_tokenAssign) {
res.params = checkJwtRes.decoded.payload || {};
} else {
//for compatibility
if (!utils.isEmptyObject(checkJwtRes.decoded.payload)) {
Object.assign(res.params, checkJwtRes.decoded.payload);
} else if (checkJwtRes.decoded.payloadhash) {
if (!checkJwtPayloadHash(docId, checkJwtRes.decoded.payloadhash, req.body, checkJwtRes.token)) {
res.code = constants.VKEY;
}
} else if (!utils.isEmptyObject(checkJwtRes.decoded.query)) {
Object.assign(res.params, checkJwtRes.decoded.query);
}
}
} else {
if (constants.JWT_EXPIRED_CODE == checkJwtRes.code) {
res.code = constants.VKEY_KEY_EXPIRE;
}
}
}
}
return res;
}
exports.c_oAscServerStatus = c_oAscServerStatus;
exports.sendData = sendData;
@ -1100,6 +1143,7 @@ exports.getLastSave = getLastSave;
exports.getLastForceSave = getLastForceSave;
exports.startForceSavePromise = co.wrap(startForceSave);
exports.checkJwt = checkJwt;
exports.getRequestParams = getRequestParams;
exports.checkJwtHeader = checkJwtHeader;
exports.checkJwtPayloadHash = checkJwtPayloadHash;
exports.install = function(server, callbackFunction) {
@ -2980,34 +3024,12 @@ exports.commandFromServer = function (req, res) {
let docId = 'commandFromServer';
let version = undefined;
try {
let params;
if (req.body && Buffer.isBuffer(req.body)) {
params = JSON.parse(req.body.toString('utf8'));
} else {
params = req.query;
}
if (cfgTokenEnableRequestInbox) {
let authRes = getRequestParams(docId, req);
let params = authRes.params;
if(authRes.code === constants.VKEY_KEY_EXPIRE){
result = commonDefines.c_oAscServerCommandErrors.TokenExpire;
} else if(authRes.code !== constants.NO_ERROR){
result = commonDefines.c_oAscServerCommandErrors.Token;
const checkJwtRes = checkJwtHeader(docId, req);
if (checkJwtRes) {
if (checkJwtRes.decoded) {
if (!utils.isEmptyObject(checkJwtRes.decoded.payload)) {
Object.assign(params, checkJwtRes.decoded.payload);
result = commonDefines.c_oAscServerCommandErrors.NoError;
} else if (checkJwtRes.decoded.payloadhash) {
if (checkJwtPayloadHash(docId, checkJwtRes.decoded.payloadhash, req.body, checkJwtRes.token)) {
result = commonDefines.c_oAscServerCommandErrors.NoError;
}
} else if (!utils.isEmptyObject(checkJwtRes.decoded.query)) {
Object.assign(params, checkJwtRes.decoded.query);
result = commonDefines.c_oAscServerCommandErrors.NoError;
}
} else {
if (constants.JWT_EXPIRED_CODE == checkJwtRes.code) {
result = commonDefines.c_oAscServerCommandErrors.TokenExpire;
}
}
}
}
// Ключ id-документа
docId = params.key;

71
DocService/sources/converterservice.js
View File

@ -46,8 +46,6 @@ var formatChecker = require('./../../Common/sources/formatchecker');
var statsDClient = require('./../../Common/sources/statsdclient');
var storageBase = require('./../../Common/sources/storage-base');
var cfgTokenEnableRequestInbox = config.get('services.CoAuthoring.token.enable.request.inbox');
var CONVERT_ASYNC_DELAY = 1000;
var clientStatsD = statsDClient.getClient();
@ -180,38 +178,13 @@ function convertRequest(req, res) {
return co(function* () {
var docId = 'convertRequest';
try {
var params;
if (req.body && Buffer.isBuffer(req.body)) {
params = JSON.parse(req.body.toString('utf8'));
let params;
let authRes = docsCoServer.getRequestParams(docId, req);
if(authRes.code === constants.NO_ERROR){
params = authRes.params;
} else {
params = req.query;
}
if (cfgTokenEnableRequestInbox) {
var authError = constants.VKEY;
var checkJwtRes = docsCoServer.checkJwtHeader(docId, req);
if (checkJwtRes) {
if (checkJwtRes.decoded) {
if (!utils.isEmptyObject(checkJwtRes.decoded.payload)) {
Object.assign(params, checkJwtRes.decoded.payload);
authError = constants.NO_ERROR;
} else if (checkJwtRes.decoded.payloadhash) {
if (docsCoServer.checkJwtPayloadHash(docId, checkJwtRes.decoded.payloadhash, req.body, checkJwtRes.token)) {
authError = constants.NO_ERROR;
}
} else if (!utils.isEmptyObject(checkJwtRes.decoded.query)) {
Object.assign(params, checkJwtRes.decoded.query);
authError = constants.NO_ERROR;
}
} else {
if (constants.JWT_EXPIRED_CODE == checkJwtRes.code) {
authError = constants.VKEY_KEY_EXPIRE;
}
}
}
if (authError !== constants.NO_ERROR) {
utils.fillResponse(req, res, undefined, authError);
return;
}
utils.fillResponse(req, res, undefined, authRes.code);
return;
}
var cmd = new commonDefines.InputCommand();
@ -279,30 +252,18 @@ function builderRequest(req, res) {
return co(function* () {
let docId = 'builderRequest';
try {
let params = req.query;
let authRes;
if (!utils.isEmptyObject(req.query)) {
//todo this is a stub for compatibility. remove in future version
authRes = docsCoServer.getRequestParams(docId, req, true, true);
} else {
authRes = docsCoServer.getRequestParams(docId, req);
}
let params = authRes.params;
let error = authRes.code;
let urls;
let end = false;
let error = constants.NO_ERROR;
if (cfgTokenEnableRequestInbox) {
error = constants.VKEY;
let checkJwtRes = docsCoServer.checkJwtHeader(docId, req);
if (checkJwtRes) {
if (checkJwtRes.decoded) {
error = constants.NO_ERROR;
if (!utils.isEmptyObject(checkJwtRes.decoded.query)) {
Object.assign(params, checkJwtRes.decoded.query);
}
if (checkJwtRes.decoded.payloadhash &&
!docsCoServer.checkJwtPayloadHash(docId, checkJwtRes.decoded.payloadhash, req.body, checkJwtRes.token)) {
error = constants.VKEY;
}
} else {
if (constants.JWT_EXPIRED_CODE === checkJwtRes.code) {
error = constants.VKEY_KEY_EXPIRE;
}
}
}
}
if (error === constants.NO_ERROR &&
(params.key || params.url || (req.body && Buffer.isBuffer(req.body) && req.body.length > 0))) {
docId = params.key;

38
DocService/sources/fileuploaderservice.js
View File

@ -51,39 +51,21 @@ var configUtils = config.get('services.CoAuthoring.utils');
var cfgImageSize = configServer.get('limits_image_size');
var cfgTypesUpload = configUtils.get('limits_image_types_upload');
var cfgTokenEnableBrowser = config.get('services.CoAuthoring.token.enable.browser');
var cfgTokenEnableRequestInbox = config.get('services.CoAuthoring.token.enable.request.inbox');
exports.uploadTempFile = function(req, res) {
return co(function* () {
var docId = 'null';
var docId = 'uploadTempFile';
try {
docId = req.query.key;
logger.debug('Start uploadTempFile: docId = %s', docId);
if (cfgTokenEnableRequestInbox) {
var authError = constants.VKEY;
var checkJwtRes = docsCoServer.checkJwtHeader(docId, req);
if (checkJwtRes) {
if (checkJwtRes.decoded) {
authError = constants.NO_ERROR;
if (checkJwtRes.decoded.query && checkJwtRes.decoded.query.key) {
docId = checkJwtRes.decoded.query.key;
}
if (checkJwtRes.decoded.payloadhash &&
!docsCoServer.checkJwtPayloadHash(docId, checkJwtRes.decoded.payloadhash, req.body, checkJwtRes.token)) {
authError = constants.VKEY;
}
} else {
if (constants.JWT_EXPIRED_CODE == checkJwtRes.code) {
authError = constants.VKEY_KEY_EXPIRE;
}
}
}
if (authError !== constants.NO_ERROR) {
utils.fillResponse(req, res, undefined, authError);
return;
}
let params;
let authRes = docsCoServer.getRequestParams(docId, req, true);
if(authRes.code === constants.NO_ERROR){
params = authRes.params;
} else {
utils.fillResponse(req, res, undefined, authRes.code);
return;
}
docId = params.key;
logger.debug('Start uploadTempFile: docId = %s', docId);
if (docId && req.body && Buffer.isBuffer(req.body)) {
var task = yield* taskResult.addRandomKeyTask(docId);
var strPath = task.key + '/' + docId + '.tmp';