2020-01-27 11:15:18 +00:00
|
|
|
/*
|
|
|
|
*
|
|
|
|
* (c) Copyright Ascensio System Limited 2010-2018
|
|
|
|
*
|
|
|
|
* This program is freeware. You can redistribute it and/or modify it under the terms of the GNU
|
|
|
|
* General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html).
|
|
|
|
* In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that
|
|
|
|
* Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
|
|
|
|
*
|
|
|
|
* THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html
|
|
|
|
*
|
|
|
|
* You can contact Ascensio System SIA by email at sales@onlyoffice.com
|
|
|
|
*
|
|
|
|
* The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display
|
|
|
|
* Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3.
|
|
|
|
*
|
|
|
|
* Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains
|
|
|
|
* relevant author attributions when distributing the software. If the display of the logo in its graphic
|
|
|
|
* form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE"
|
|
|
|
* in every copy of the program you distribute.
|
|
|
|
* Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
using System;
|
|
|
|
using System.Collections.Generic;
|
|
|
|
using System.IO;
|
|
|
|
using System.Linq;
|
|
|
|
using System.Net;
|
|
|
|
using System.Security;
|
|
|
|
using System.Text;
|
|
|
|
using System.Threading;
|
|
|
|
using System.Web;
|
2020-02-03 10:41:24 +00:00
|
|
|
|
|
|
|
using ASC.Common.Caching;
|
|
|
|
using ASC.Common.Logging;
|
|
|
|
using ASC.Common.Web;
|
|
|
|
using ASC.Core;
|
|
|
|
using ASC.Core.Common;
|
2020-01-27 11:15:18 +00:00
|
|
|
using ASC.Core.Common.Configuration;
|
2020-02-03 10:41:24 +00:00
|
|
|
using ASC.Core.Common.Settings;
|
2020-01-27 11:15:18 +00:00
|
|
|
using ASC.Core.Tenants;
|
|
|
|
using ASC.Core.Users;
|
|
|
|
using ASC.FederatedLogin;
|
|
|
|
using ASC.FederatedLogin.Helpers;
|
|
|
|
using ASC.FederatedLogin.LoginProviders;
|
|
|
|
using ASC.MessagingSystem;
|
|
|
|
using ASC.Security.Cryptography;
|
|
|
|
using ASC.Web.Core;
|
|
|
|
using ASC.Web.Core.Files;
|
|
|
|
using ASC.Web.Core.Users;
|
|
|
|
using ASC.Web.Files.Classes;
|
|
|
|
using ASC.Web.Files.Core;
|
|
|
|
using ASC.Web.Files.HttpHandlers;
|
|
|
|
using ASC.Web.Files.Resources;
|
|
|
|
using ASC.Web.Files.Services.DocumentService;
|
|
|
|
using ASC.Web.Studio.Core;
|
|
|
|
using ASC.Web.Studio.Utility;
|
2020-02-03 10:41:24 +00:00
|
|
|
|
|
|
|
using Microsoft.AspNetCore.Http;
|
|
|
|
using Microsoft.Extensions.Configuration;
|
|
|
|
using Microsoft.Extensions.Options;
|
|
|
|
|
2020-01-27 11:15:18 +00:00
|
|
|
using Newtonsoft.Json.Linq;
|
2020-02-03 10:41:24 +00:00
|
|
|
|
2020-01-27 11:15:18 +00:00
|
|
|
using File = ASC.Files.Core.File;
|
|
|
|
using SecurityContext = ASC.Core.SecurityContext;
|
|
|
|
|
|
|
|
namespace ASC.Web.Files.ThirdPartyApp
|
|
|
|
{
|
|
|
|
public class BoxApp : Consumer, IThirdPartyApp, IOAuthProvider
|
|
|
|
{
|
|
|
|
public const string AppAttr = "box";
|
|
|
|
|
|
|
|
private const string BoxUrlUserInfo = "https://api.box.com/2.0/users/me";
|
|
|
|
private const string BoxUrlFile = "https://api.box.com/2.0/files/{fileId}";
|
|
|
|
private const string BoxUrlUpload = "https://upload.box.com/api/2.0/files/{fileId}/content";
|
|
|
|
|
|
|
|
public string Scopes { get { return ""; } }
|
|
|
|
public string CodeUrl { get { return ""; } }
|
|
|
|
public string AccessTokenUrl { get { return "https://www.box.com/api/oauth2/token"; } }
|
|
|
|
public string RedirectUri { get { return ""; } }
|
|
|
|
public string ClientID { get { return this["boxAppClientId"]; } }
|
|
|
|
public string ClientSecret { get { return this["boxAppSecretKey"]; } }
|
|
|
|
|
|
|
|
public bool IsEnabled
|
|
|
|
{
|
|
|
|
get { return !string.IsNullOrEmpty(ClientID) && !string.IsNullOrEmpty(ClientSecret); }
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
public TenantUtil TenantUtil { get; }
|
|
|
|
public AuthContext AuthContext { get; }
|
|
|
|
public SecurityContext SecurityContext { get; }
|
|
|
|
public UserManager UserManager { get; }
|
|
|
|
public UserManagerWrapper UserManagerWrapper { get; }
|
|
|
|
public CookiesManager CookiesManager { get; }
|
|
|
|
public MessageService MessageService { get; }
|
|
|
|
public Global Global { get; }
|
|
|
|
public EmailValidationKeyProvider EmailValidationKeyProvider { get; }
|
|
|
|
public FilesLinkUtility FilesLinkUtility { get; }
|
|
|
|
public SettingsManager SettingsManager { get; }
|
|
|
|
public PersonalSettingsHelper PersonalSettingsHelper { get; }
|
|
|
|
public BaseCommonLinkUtility BaseCommonLinkUtility { get; }
|
|
|
|
public IOptionsSnapshot<AccountLinker> Snapshot { get; }
|
|
|
|
public SetupInfo SetupInfo { get; }
|
2020-02-03 15:31:53 +00:00
|
|
|
public TokenHelper TokenHelper { get; }
|
2020-02-03 10:41:24 +00:00
|
|
|
public ILog Logger { get; }
|
|
|
|
|
2020-02-03 13:31:42 +00:00
|
|
|
public BoxApp()
|
|
|
|
{
|
|
|
|
}
|
2020-01-27 11:15:18 +00:00
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
public BoxApp(
|
|
|
|
TenantUtil tenantUtil,
|
|
|
|
IOptionsMonitor<ILog> option,
|
|
|
|
AuthContext authContext,
|
|
|
|
SecurityContext securityContext,
|
|
|
|
UserManager userManager,
|
|
|
|
UserManagerWrapper userManagerWrapper,
|
|
|
|
CookiesManager cookiesManager,
|
|
|
|
MessageService messageService,
|
|
|
|
Global global,
|
|
|
|
EmailValidationKeyProvider emailValidationKeyProvider,
|
|
|
|
FilesLinkUtility filesLinkUtility,
|
|
|
|
SettingsManager settingsManager,
|
|
|
|
PersonalSettingsHelper personalSettingsHelper,
|
|
|
|
BaseCommonLinkUtility baseCommonLinkUtility,
|
|
|
|
IOptionsSnapshot<AccountLinker> snapshot,
|
2020-02-03 13:31:42 +00:00
|
|
|
SetupInfo setupInfo,
|
2020-02-03 15:31:53 +00:00
|
|
|
TokenHelper tokenHelper,
|
2020-02-03 10:41:24 +00:00
|
|
|
TenantManager tenantManager,
|
|
|
|
CoreBaseSettings coreBaseSettings,
|
|
|
|
CoreSettings coreSettings,
|
|
|
|
ConsumerFactory consumerFactory,
|
|
|
|
IConfiguration configuration,
|
|
|
|
ICacheNotify<ConsumerCacheItem> cache,
|
|
|
|
string name, int order, Dictionary<string, string> additional)
|
|
|
|
: base(tenantManager, coreBaseSettings, coreSettings, consumerFactory, configuration, cache, name, order, additional)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
TenantUtil = tenantUtil;
|
|
|
|
AuthContext = authContext;
|
|
|
|
SecurityContext = securityContext;
|
|
|
|
UserManager = userManager;
|
|
|
|
UserManagerWrapper = userManagerWrapper;
|
|
|
|
CookiesManager = cookiesManager;
|
|
|
|
MessageService = messageService;
|
|
|
|
Global = global;
|
|
|
|
EmailValidationKeyProvider = emailValidationKeyProvider;
|
|
|
|
FilesLinkUtility = filesLinkUtility;
|
|
|
|
SettingsManager = settingsManager;
|
|
|
|
PersonalSettingsHelper = personalSettingsHelper;
|
|
|
|
BaseCommonLinkUtility = baseCommonLinkUtility;
|
|
|
|
Snapshot = snapshot;
|
|
|
|
SetupInfo = setupInfo;
|
2020-02-03 15:31:53 +00:00
|
|
|
TokenHelper = tokenHelper;
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger = option.CurrentValue;
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public bool Request(HttpContext context)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
if ((context.Request.Query[FilesLinkUtility.Action].FirstOrDefault() ?? "").Equals("stream", StringComparison.InvariantCultureIgnoreCase))
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
|
|
|
StreamFile(context);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
if (!string.IsNullOrEmpty(context.Request.Query["code"]))
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
|
|
|
RequestCode(context);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
public string GetRefreshUrl()
|
|
|
|
{
|
|
|
|
return AccessTokenUrl;
|
|
|
|
}
|
|
|
|
|
|
|
|
public File GetFile(string fileId, out bool editable)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: get file " + fileId);
|
2020-01-27 11:15:18 +00:00
|
|
|
fileId = ThirdPartySelector.GetFileId(fileId);
|
|
|
|
|
2020-02-03 15:31:53 +00:00
|
|
|
var token = TokenHelper.GetToken(AppAttr);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
var boxFile = GetBoxFile(fileId, token);
|
|
|
|
editable = true;
|
|
|
|
|
|
|
|
if (boxFile == null) return null;
|
|
|
|
|
|
|
|
var jsonFile = JObject.Parse(boxFile);
|
|
|
|
|
|
|
|
var file = new File
|
2020-02-03 10:41:24 +00:00
|
|
|
{
|
|
|
|
ID = ThirdPartySelector.BuildAppFileId(AppAttr, jsonFile.Value<string>("id")),
|
|
|
|
Title = Global.ReplaceInvalidCharsAndTruncate(jsonFile.Value<string>("name")),
|
|
|
|
CreateOn = TenantUtil.DateTimeFromUtc(jsonFile.Value<DateTime>("created_at")),
|
|
|
|
ModifiedOn = TenantUtil.DateTimeFromUtc(jsonFile.Value<DateTime>("modified_at")),
|
|
|
|
ContentLength = Convert.ToInt64(jsonFile.Value<string>("size")),
|
|
|
|
ProviderKey = "Box"
|
|
|
|
};
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
var modifiedBy = jsonFile.Value<JObject>("modified_by");
|
|
|
|
if (modifiedBy != null)
|
|
|
|
{
|
|
|
|
file.ModifiedByString = modifiedBy.Value<string>("name");
|
|
|
|
}
|
|
|
|
|
|
|
|
var createdBy = jsonFile.Value<JObject>("created_by");
|
|
|
|
if (createdBy != null)
|
|
|
|
{
|
|
|
|
file.CreateByString = createdBy.Value<string>("name");
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
var locked = jsonFile.Value<JObject>("lock");
|
|
|
|
if (locked != null)
|
|
|
|
{
|
|
|
|
var lockedBy = locked.Value<JObject>("created_by");
|
|
|
|
if (lockedBy != null)
|
|
|
|
{
|
|
|
|
var lockedUserId = lockedBy.Value<string>("id");
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: locked by " + lockedUserId);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
editable = CurrentUser(lockedUserId);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return file;
|
|
|
|
}
|
|
|
|
|
|
|
|
public string GetFileStreamUrl(File file)
|
|
|
|
{
|
|
|
|
if (file == null) return string.Empty;
|
|
|
|
|
|
|
|
var fileId = ThirdPartySelector.GetFileId(file.ID.ToString());
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: get file stream url " + fileId);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
var uriBuilder = new UriBuilder(BaseCommonLinkUtility.GetFullAbsolutePath(ThirdPartyAppHandler.HandlerPath));
|
2020-01-27 11:15:18 +00:00
|
|
|
if (uriBuilder.Uri.IsLoopback)
|
|
|
|
{
|
|
|
|
uriBuilder.Host = Dns.GetHostName();
|
|
|
|
}
|
|
|
|
var query = uriBuilder.Query;
|
|
|
|
query += FilesLinkUtility.Action + "=stream&";
|
|
|
|
query += FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(fileId) + "&";
|
2020-02-03 10:41:24 +00:00
|
|
|
query += CommonLinkUtility.ParamName_UserUserID + "=" + HttpUtility.UrlEncode(AuthContext.CurrentAccount.ID.ToString()) + "&";
|
|
|
|
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(fileId + AuthContext.CurrentAccount.ID) + "&";
|
2020-01-27 11:15:18 +00:00
|
|
|
query += ThirdPartySelector.AppAttr + "=" + AppAttr;
|
|
|
|
|
|
|
|
return uriBuilder.Uri + "?" + query;
|
|
|
|
}
|
|
|
|
|
|
|
|
public void SaveFile(string fileId, string fileType, string downloadUrl, Stream stream)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: save file stream " + fileId +
|
2020-01-27 11:15:18 +00:00
|
|
|
(stream == null
|
|
|
|
? " from - " + downloadUrl
|
|
|
|
: " from stream"));
|
|
|
|
fileId = ThirdPartySelector.GetFileId(fileId);
|
|
|
|
|
2020-02-03 15:31:53 +00:00
|
|
|
var token = TokenHelper.GetToken(AppAttr);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
var boxFile = GetBoxFile(fileId, token);
|
|
|
|
if (boxFile == null)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: file is null");
|
2020-01-27 11:15:18 +00:00
|
|
|
throw new Exception("File not found");
|
|
|
|
}
|
|
|
|
|
|
|
|
var jsonFile = JObject.Parse(boxFile);
|
|
|
|
var title = Global.ReplaceInvalidCharsAndTruncate(jsonFile.Value<string>("name"));
|
|
|
|
var currentType = FileUtility.GetFileExtension(title);
|
|
|
|
if (!fileType.Equals(currentType))
|
|
|
|
{
|
|
|
|
try
|
|
|
|
{
|
|
|
|
if (stream != null)
|
|
|
|
{
|
|
|
|
downloadUrl = PathProvider.GetTempUrl(stream, fileType);
|
|
|
|
downloadUrl = DocumentServiceConnector.ReplaceCommunityAdress(downloadUrl);
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: GetConvertedUri from " + fileType + " to " + currentType + " - " + downloadUrl);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
var key = DocumentServiceConnector.GenerateRevisionId(downloadUrl);
|
|
|
|
DocumentServiceConnector.GetConvertedUri(downloadUrl, fileType, currentType, key, null, false, out downloadUrl);
|
|
|
|
stream = null;
|
|
|
|
}
|
|
|
|
catch (Exception e)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: Error convert", e);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
var request = (HttpWebRequest)WebRequest.Create(BoxUrlUpload.Replace("{fileId}", fileId));
|
|
|
|
|
|
|
|
using (var tmpStream = new MemoryStream())
|
|
|
|
{
|
|
|
|
var boundary = DateTime.UtcNow.Ticks.ToString("x");
|
|
|
|
|
|
|
|
var metadata = string.Format("Content-Disposition: form-data; name=\"filename\"; filename=\"{0}\"\r\nContent-Type: application/octet-stream\r\n\r\n", title);
|
|
|
|
var metadataPart = string.Format("--{0}\r\n{1}", boundary, metadata);
|
|
|
|
var bytes = Encoding.UTF8.GetBytes(metadataPart);
|
|
|
|
tmpStream.Write(bytes, 0, bytes.Length);
|
|
|
|
|
|
|
|
if (stream != null)
|
|
|
|
{
|
|
|
|
stream.CopyTo(tmpStream);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
var downloadRequest = (HttpWebRequest)WebRequest.Create(downloadUrl);
|
2020-01-27 11:15:18 +00:00
|
|
|
using (var downloadStream = new ResponseStream(downloadRequest.GetResponse()))
|
|
|
|
{
|
|
|
|
downloadStream.CopyTo(tmpStream);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
var mediaPartEnd = string.Format("\r\n--{0}--\r\n", boundary);
|
|
|
|
bytes = Encoding.UTF8.GetBytes(mediaPartEnd);
|
|
|
|
tmpStream.Write(bytes, 0, bytes.Length);
|
|
|
|
|
|
|
|
request.Method = "POST";
|
|
|
|
request.Headers.Add("Authorization", "Bearer " + token);
|
|
|
|
request.ContentType = "multipart/form-data; boundary=" + boundary;
|
|
|
|
request.ContentLength = tmpStream.Length;
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: save file totalSize - " + tmpStream.Length);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
const int bufferSize = 2048;
|
|
|
|
var buffer = new byte[bufferSize];
|
|
|
|
int readed;
|
|
|
|
tmpStream.Seek(0, SeekOrigin.Begin);
|
|
|
|
while ((readed = tmpStream.Read(buffer, 0, bufferSize)) > 0)
|
|
|
|
{
|
|
|
|
request.GetRequestStream().Write(buffer, 0, readed);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
try
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
using var response = request.GetResponse();
|
|
|
|
using var responseStream = response.GetResponseStream();
|
|
|
|
string result = null;
|
|
|
|
if (responseStream != null)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
using var readStream = new StreamReader(responseStream);
|
|
|
|
result = readStream.ReadToEnd();
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
2020-02-03 10:41:24 +00:00
|
|
|
|
|
|
|
Logger.Debug("BoxApp: save file response - " + result);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
catch (WebException e)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: Error save file", e);
|
2020-01-27 11:15:18 +00:00
|
|
|
request.Abort();
|
|
|
|
var httpResponse = (HttpWebResponse)e.Response;
|
|
|
|
if (httpResponse.StatusCode == HttpStatusCode.Forbidden || httpResponse.StatusCode == HttpStatusCode.Unauthorized)
|
|
|
|
{
|
|
|
|
throw new SecurityException(FilesCommonResource.ErrorMassage_SecurityException, e);
|
|
|
|
}
|
|
|
|
throw;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private void RequestCode(HttpContext context)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
var token = GetToken(context.Request.Query["code"]);
|
2020-01-27 11:15:18 +00:00
|
|
|
if (token == null)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: token is null");
|
2020-01-27 11:15:18 +00:00
|
|
|
throw new SecurityException("Access token is null");
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
var boxUserId = context.Request.Query["userId"];
|
2020-01-27 11:15:18 +00:00
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
if (AuthContext.IsAuthenticated)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
|
|
|
if (!CurrentUser(boxUserId))
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: logout for " + boxUserId);
|
2020-01-27 11:15:18 +00:00
|
|
|
CookiesManager.ClearCookies(CookiesType.AuthKey);
|
2020-02-03 10:41:24 +00:00
|
|
|
AuthContext.Logout();
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
if (!AuthContext.IsAuthenticated)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
var userInfo = GetUserInfo(token, out var isNew);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
if (userInfo == null)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: UserInfo is null");
|
2020-01-27 11:15:18 +00:00
|
|
|
throw new Exception("Profile is null");
|
|
|
|
}
|
|
|
|
|
|
|
|
var cookiesKey = SecurityContext.AuthenticateMe(userInfo.ID);
|
|
|
|
CookiesManager.SetCookies(CookiesType.AuthKey, cookiesKey);
|
2020-02-03 10:41:24 +00:00
|
|
|
MessageService.Send(MessageAction.LoginSuccessViaSocialApp);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
if (isNew)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
var userHelpTourSettings = SettingsManager.LoadForCurrentUser<UserHelpTourSettings>();
|
|
|
|
userHelpTourSettings.IsNewUser = true;
|
|
|
|
SettingsManager.SaveForCurrentUser(userHelpTourSettings);
|
|
|
|
|
|
|
|
PersonalSettingsHelper.IsNewUser = true;
|
|
|
|
PersonalSettingsHelper.IsNotActivated = true;
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (!string.IsNullOrEmpty(boxUserId) && !CurrentUser(boxUserId))
|
|
|
|
{
|
|
|
|
AddLinker(boxUserId);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-02-03 15:31:53 +00:00
|
|
|
TokenHelper.SaveToken(token);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
var fileId = context.Request.Query["id"];
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
context.Response.Redirect(FilesLinkUtility.GetFileWebEditorUrl(ThirdPartySelector.BuildAppFileId(AppAttr, fileId)), true);
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
private void StreamFile(HttpContext context)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
|
|
|
try
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
var fileId = context.Request.Query[FilesLinkUtility.FileId];
|
|
|
|
var auth = context.Request.Query[FilesLinkUtility.AuthKey];
|
|
|
|
var userId = context.Request.Query[CommonLinkUtility.ParamName_UserUserID];
|
2020-01-27 11:15:18 +00:00
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: get file stream " + fileId);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(fileId + userId, auth, Global.StreamUrlExpire);
|
|
|
|
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
|
|
|
|
{
|
|
|
|
var exc = new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException);
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error(string.Format("BoxApp: validate error {0} {1}: {2}", FilesLinkUtility.AuthKey, validateResult, context.Request.Url()), exc);
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
throw exc;
|
|
|
|
}
|
|
|
|
|
2020-02-03 15:31:53 +00:00
|
|
|
Token token = null;
|
|
|
|
|
|
|
|
if (Guid.TryParse(userId, out var userIdGuid))
|
|
|
|
{
|
|
|
|
token = TokenHelper.GetToken(AppAttr, userIdGuid);
|
|
|
|
}
|
|
|
|
|
2020-01-27 11:15:18 +00:00
|
|
|
if (token == null)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: token is null");
|
2020-01-27 11:15:18 +00:00
|
|
|
throw new SecurityException("Access token is null");
|
|
|
|
}
|
|
|
|
|
|
|
|
var request = (HttpWebRequest)WebRequest.Create(BoxUrlFile.Replace("{fileId}", fileId) + "/content");
|
|
|
|
request.Method = "GET";
|
|
|
|
request.Headers.Add("Authorization", "Bearer " + token);
|
|
|
|
|
|
|
|
using (var stream = new ResponseStream(request.GetResponse()))
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
stream.StreamCopyTo(context.Response.Body);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
catch (Exception ex)
|
|
|
|
{
|
|
|
|
context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
|
2020-02-03 10:41:24 +00:00
|
|
|
context.Response.WriteAsync(ex.Message).Wait();
|
|
|
|
Logger.Error("BoxApp: Error request " + context.Request.Url(), ex);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
try
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
context.Response.Body.Flush();
|
|
|
|
//TODO
|
|
|
|
//context.Response.Body.SuppressContent = true;
|
|
|
|
//context.ApplicationInstance.CompleteRequest();
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
catch (HttpException ex)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp StreamFile", ex);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
private bool CurrentUser(string boxUserId)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
var linkedProfiles = Snapshot.Get("webstudio")
|
2020-01-27 11:15:18 +00:00
|
|
|
.GetLinkedObjectsByHashId(HashHelper.MD5(string.Format("{0}/{1}", ProviderConstants.Box, boxUserId)));
|
2020-02-03 10:41:24 +00:00
|
|
|
return linkedProfiles.Any(profileId => Guid.TryParse(profileId, out var tmp) && tmp == AuthContext.CurrentAccount.ID);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
private void AddLinker(string boxUserId)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: AddLinker " + boxUserId);
|
|
|
|
var linker = Snapshot.Get("webstudio");
|
|
|
|
linker.AddLink(AuthContext.CurrentAccount.ID.ToString(), boxUserId, ProviderConstants.Box);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
private UserInfo GetUserInfo(Token token, out bool isNew)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
|
|
|
isNew = false;
|
|
|
|
if (token == null)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: token is null");
|
2020-01-27 11:15:18 +00:00
|
|
|
throw new SecurityException("Access token is null");
|
|
|
|
}
|
|
|
|
|
|
|
|
var resultResponse = string.Empty;
|
|
|
|
try
|
|
|
|
{
|
|
|
|
resultResponse = RequestHelper.PerformRequest(BoxUrlUserInfo,
|
2020-02-03 10:41:24 +00:00
|
|
|
headers: new Dictionary<string, string> { { "Authorization", "Bearer " + token } });
|
|
|
|
Logger.Debug("BoxApp: userinfo response - " + resultResponse);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
catch (Exception ex)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: userinfo request", ex);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
var boxUserInfo = JObject.Parse(resultResponse);
|
|
|
|
if (boxUserInfo == null)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("Error in userinfo request");
|
2020-01-27 11:15:18 +00:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
var email = boxUserInfo.Value<string>("login");
|
2020-02-03 10:41:24 +00:00
|
|
|
var userInfo = UserManager.GetUserByEmail(email);
|
2020-01-27 11:15:18 +00:00
|
|
|
if (Equals(userInfo, Constants.LostUser))
|
|
|
|
{
|
|
|
|
userInfo = new UserInfo
|
2020-02-03 10:41:24 +00:00
|
|
|
{
|
|
|
|
FirstName = boxUserInfo.Value<string>("name"),
|
|
|
|
Email = email,
|
|
|
|
MobilePhone = boxUserInfo.Value<string>("phone"),
|
|
|
|
};
|
2020-01-27 11:15:18 +00:00
|
|
|
|
|
|
|
var cultureName = boxUserInfo.Value<string>("language");
|
2020-02-03 10:41:24 +00:00
|
|
|
if (string.IsNullOrEmpty(cultureName))
|
2020-01-27 11:15:18 +00:00
|
|
|
cultureName = Thread.CurrentThread.CurrentUICulture.TwoLetterISOLanguageName;
|
2020-01-27 14:58:33 +00:00
|
|
|
var cultureInfo = SetupInfo.EnabledCultures.Find(c => string.Equals(c.TwoLetterISOLanguageName, cultureName, StringComparison.InvariantCultureIgnoreCase));
|
2020-01-27 11:15:18 +00:00
|
|
|
if (cultureInfo != null)
|
|
|
|
{
|
|
|
|
userInfo.CultureName = cultureInfo.Name;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.DebugFormat("From box app new personal user '{0}' without culture {1}", userInfo.Email, cultureName);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (string.IsNullOrEmpty(userInfo.FirstName))
|
|
|
|
{
|
|
|
|
userInfo.FirstName = FilesCommonResource.UnknownFirstName;
|
|
|
|
}
|
|
|
|
if (string.IsNullOrEmpty(userInfo.LastName))
|
|
|
|
{
|
|
|
|
userInfo.LastName = FilesCommonResource.UnknownLastName;
|
|
|
|
}
|
|
|
|
|
|
|
|
try
|
|
|
|
{
|
|
|
|
SecurityContext.AuthenticateMe(ASC.Core.Configuration.Constants.CoreSystem);
|
|
|
|
userInfo = UserManagerWrapper.AddUser(userInfo, UserManagerWrapper.GeneratePassword());
|
|
|
|
}
|
|
|
|
finally
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
AuthContext.Logout();
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
isNew = true;
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: new user " + userInfo.ID);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return userInfo;
|
|
|
|
}
|
|
|
|
|
2020-02-03 10:41:24 +00:00
|
|
|
private string GetBoxFile(string boxFileId, Token token)
|
2020-01-27 11:15:18 +00:00
|
|
|
{
|
|
|
|
if (token == null)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: token is null");
|
2020-01-27 11:15:18 +00:00
|
|
|
throw new SecurityException("Access token is null");
|
|
|
|
}
|
|
|
|
|
|
|
|
try
|
|
|
|
{
|
|
|
|
var resultResponse = RequestHelper.PerformRequest(BoxUrlFile.Replace("{fileId}", boxFileId),
|
2020-02-03 10:41:24 +00:00
|
|
|
headers: new Dictionary<string, string> { { "Authorization", "Bearer " + token } });
|
|
|
|
Logger.Debug("BoxApp: file response - " + resultResponse);
|
2020-01-27 11:15:18 +00:00
|
|
|
return resultResponse;
|
|
|
|
}
|
|
|
|
catch (Exception ex)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error("BoxApp: file request", ex);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
private Token GetToken(string code)
|
|
|
|
{
|
|
|
|
try
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Debug("BoxApp: GetAccessToken by code " + code);
|
|
|
|
var token = OAuth20TokenHelper.GetAccessToken<BoxApp>(ConsumerFactory, code);
|
2020-01-27 11:15:18 +00:00
|
|
|
return new Token(token, AppAttr);
|
|
|
|
}
|
|
|
|
catch (Exception ex)
|
|
|
|
{
|
2020-02-03 10:41:24 +00:00
|
|
|
Logger.Error(ex);
|
2020-01-27 11:15:18 +00:00
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|