DocSpace-buildtools/web/ASC.Web.Core/Helpers/ApiSystemHelper.cs

/*
 *
 * (c) Copyright Ascensio System Limited 2010-2018
 *
 * This program is freeware. You can redistribute it and/or modify it under the terms of the GNU 
 * General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html). 
 * In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that 
 * Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
 *
 * THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR
 * FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html
 *
 * You can contact Ascensio System SIA by email at sales@onlyoffice.com
 *
 * The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display 
 * Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3.
 *
 * Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains 
 * relevant author attributions when distributing the software. If the display of the logo in its graphic 
 * form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE" 
 * in every copy of the program you distribute. 
 * Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks.
 *
*/


using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Security.Cryptography;
using System.Text;
using System.Web;

using ASC.Common;
using ASC.Core.Tenants;
using ASC.Security.Cryptography;
using ASC.Web.Studio.Utility;

using Microsoft.AspNetCore.WebUtilities;
using Microsoft.Extensions.Configuration;

using Newtonsoft.Json.Linq;

namespace ASC.Web.Core.Helpers
{
    [Scope]
    public class ApiSystemHelper
    {
        public string ApiSystemUrl { get; private set; }

        public string ApiCacheUrl { get; private set; }

        private static byte[] Skey { get; set; }
        private CommonLinkUtility CommonLinkUtility { get; }

        public ApiSystemHelper(IConfiguration configuration, CommonLinkUtility commonLinkUtility, MachinePseudoKeys machinePseudoKeys)
        {
            ApiSystemUrl = configuration["web:api-system"];
            ApiCacheUrl = configuration["web:api-cache"];
            CommonLinkUtility = commonLinkUtility;
            Skey = machinePseudoKeys.GetMachineConstant();
        }


        public string CreateAuthToken(string pkey)
        {
            using var hasher = new HMACSHA1(Skey);
            var now = DateTime.UtcNow.ToString("yyyyMMddHHmmss");
            var hash = WebEncoders.Base64UrlEncode(hasher.ComputeHash(Encoding.UTF8.GetBytes(string.Join("\n", now, pkey))));
            return string.Format("ASC {0}:{1}:{2}", pkey, now, hash);
        }

        #region system

        public void ValidatePortalName(string domain, Guid userId)
        {
            try
            {
                var data = string.Format("portalName={0}", HttpUtility.UrlEncode(domain));
                SendToApi(ApiSystemUrl, "portal/validateportalname", WebRequestMethods.Http.Post, userId, data);
            }
            catch (WebException exception)
            {
                if (exception.Status != WebExceptionStatus.ProtocolError || exception.Response == null) return;

                var response = exception.Response;
                try
                {
                    using var stream = response.GetResponseStream();
                    using var reader = new StreamReader(stream, Encoding.UTF8);
                    var result = reader.ReadToEnd();

                    var resObj = JObject.Parse(result);
                    if (resObj["error"] != null)
                    {
                        if (resObj["error"].ToString() == "portalNameExist")
                        {
                            var varians = resObj.Value<JArray>("variants").Select(jv => jv.Value<string>());
                            throw new TenantAlreadyExistsException("Address busy.", varians);
                        }

                        throw new Exception(resObj["error"].ToString());
                    }
                }
                finally
                {
                    if (response != null)
                    {
                        response.Close();
                    }
                }
            }
        }

        #endregion

        #region cache

        public void AddTenantToCache(string domain, Guid userId)
        {
            var data = string.Format("portalName={0}", HttpUtility.UrlEncode(domain));
            SendToApi(ApiCacheUrl, "portal/add", WebRequestMethods.Http.Post, userId, data);
        }

        public void RemoveTenantFromCache(string domain, Guid userId)
        {
            SendToApi(ApiCacheUrl, "portal/remove?portalname=" + HttpUtility.UrlEncode(domain), "DELETE", userId);
        }

        public IEnumerable<string> FindTenantsInCache(string domain, Guid userId)
        {
            var result = SendToApi(ApiCacheUrl, "portal/find?portalname=" + HttpUtility.UrlEncode(domain), WebRequestMethods.Http.Get, userId);
            var resObj = JObject.Parse(result);

            var variants = resObj.Value<JArray>("variants");
            return variants?.Select(jv => jv.Value<string>()).ToList();
        }

        #endregion

        private string SendToApi(string absoluteApiUrl, string apiPath, string httpMethod, Guid userId, string data = null)
        {
            if (!Uri.TryCreate(absoluteApiUrl, UriKind.Absolute, out var uri))
            {
                var appUrl = CommonLinkUtility.GetFullAbsolutePath("/");
                absoluteApiUrl = string.Format("{0}/{1}", appUrl.TrimEnd('/'), absoluteApiUrl.TrimStart('/')).TrimEnd('/');
            }

            var url = string.Format("{0}/{1}", absoluteApiUrl, apiPath);

            var webRequest = (HttpWebRequest)WebRequest.Create(url);
            webRequest.Method = httpMethod;
            webRequest.Accept = "application/json";
            webRequest.Headers.Add(HttpRequestHeader.Authorization, CreateAuthToken(userId.ToString()));
            webRequest.ContentType = "application/x-www-form-urlencoded";
            webRequest.ContentLength = 0;

            if (data != null)
            {
                webRequest.ContentLength = data.Length;

                using var writer = new StreamWriter(webRequest.GetRequestStream());
                writer.Write(data);
            }

            using var response = webRequest.GetResponse();
            using var stream = response.GetResponseStream();
            using var reader = new StreamReader(stream, Encoding.UTF8);
            return reader.ReadToEnd();
        }
    }
}
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`/*`
			`*`
			`* (c) Copyright Ascensio System Limited 2010-2018`
			`*`
			`* This program is freeware. You can redistribute it and/or modify it under the terms of the GNU`
			`* General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html).`
			`* In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that`
			`* Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.`
			`*`
			`* THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR`
			`* FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html`
			`*`
			`* You can contact Ascensio System SIA by email at sales@onlyoffice.com`
			`*`
			`* The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display`
			`* Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3.`
			`*`
			`* Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains`
			`* relevant author attributions when distributing the software. If the display of the logo in its graphic`
			`* form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE"`
			`* in every copy of the program you distribute.`
			`* Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks.`
			`*`
			`*/`


			`using System;`
			`using System.Collections.Generic;`
			`using System.IO;`
			`using System.Linq;`
			`using System.Net;`
			`using System.Security.Cryptography;`
			`using System.Text;`
Added DIHelper 2020-02-17 08:58:14 +00:00			`using System.Web;`

			`using ASC.Common;`
Code Cleanup 2019-08-15 12:04:42 +00:00			`using ASC.Core.Tenants;`
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`using ASC.Security.Cryptography;`
Added DIHelper 2020-02-17 08:58:14 +00:00			`using ASC.Web.Studio.Utility;`

			`using Microsoft.AspNetCore.WebUtilities;`
			`using Microsoft.Extensions.Configuration;`

Code Cleanup 2019-08-15 12:04:42 +00:00			`using Newtonsoft.Json.Linq;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
			`namespace ASC.Web.Core.Helpers`
Scope: refactoring 2020-10-19 15:53:15 +00:00			`{`
			`[Scope]`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`public class ApiSystemHelper`
			`{`
DI: configuration 2019-09-23 12:20:08 +00:00			`public string ApiSystemUrl { get; private set; }`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
DI: configuration 2019-09-23 12:20:08 +00:00			`public string ApiCacheUrl { get; private set; }`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`private static byte[] Skey { get; set; }`
private: firtst version 2020-08-12 09:58:08 +00:00			`private CommonLinkUtility CommonLinkUtility { get; }`
Added DIHelper 2020-02-17 08:58:14 +00:00
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`public ApiSystemHelper(IConfiguration configuration, CommonLinkUtility commonLinkUtility, MachinePseudoKeys machinePseudoKeys)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: configuration 2019-09-23 12:20:08 +00:00			`ApiSystemUrl = configuration["web:api-system"];`
			`ApiCacheUrl = configuration["web:api-cache"];`
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`CommonLinkUtility = commonLinkUtility;`
			`Skey = machinePseudoKeys.GetMachineConstant();`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`


DI: configuration 2019-09-23 12:20:08 +00:00			`public string CreateAuthToken(string pkey)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
moved from release/11 4414f77b 2020-09-18 07:59:23 +00:00			`using var hasher = new HMACSHA1(Skey);`
Added DIHelper 2020-02-17 08:58:14 +00:00			`var now = DateTime.UtcNow.ToString("yyyyMMddHHmmss");`
			`var hash = WebEncoders.Base64UrlEncode(hasher.ComputeHash(Encoding.UTF8.GetBytes(string.Join("\n", now, pkey))));`
IDE0063 2019-08-15 15:08:40 +00:00			`return string.Format("ASC {0}:{1}:{2}", pkey, now, hash);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

			`#region system`

DI: configuration 2019-09-23 12:20:08 +00:00			`public void ValidatePortalName(string domain, Guid userId)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
			`try`
			`{`
			`var data = string.Format("portalName={0}", HttpUtility.UrlEncode(domain));`
DI: configuration 2019-09-23 12:20:08 +00:00			`SendToApi(ApiSystemUrl, "portal/validateportalname", WebRequestMethods.Http.Post, userId, data);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
			`catch (WebException exception)`
			`{`
			`if (exception.Status != WebExceptionStatus.ProtocolError \|\| exception.Response == null) return;`

			`var response = exception.Response;`
			`try`
			`{`
Added DIHelper 2020-02-17 08:58:14 +00:00			`using var stream = response.GetResponseStream();`
			`using var reader = new StreamReader(stream, Encoding.UTF8);`
			`var result = reader.ReadToEnd();`

			`var resObj = JObject.Parse(result);`
			`if (resObj["error"] != null)`
			`{`
			`if (resObj["error"].ToString() == "portalNameExist")`
			`{`
			`var varians = resObj.Value<JArray>("variants").Select(jv => jv.Value<string>());`
			`throw new TenantAlreadyExistsException("Address busy.", varians);`
			`}`

			`throw new Exception(resObj["error"].ToString());`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
			`}`
			`finally`
			`{`
			`if (response != null)`
			`{`
			`response.Close();`
			`}`
			`}`
			`}`
			`}`

			`#endregion`

			`#region cache`

DI: configuration 2019-09-23 12:20:08 +00:00			`public void AddTenantToCache(string domain, Guid userId)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
			`var data = string.Format("portalName={0}", HttpUtility.UrlEncode(domain));`
DI: configuration 2019-09-23 12:20:08 +00:00			`SendToApi(ApiCacheUrl, "portal/add", WebRequestMethods.Http.Post, userId, data);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

DI: configuration 2019-09-23 12:20:08 +00:00			`public void RemoveTenantFromCache(string domain, Guid userId)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: configuration 2019-09-23 12:20:08 +00:00			`SendToApi(ApiCacheUrl, "portal/remove?portalname=" + HttpUtility.UrlEncode(domain), "DELETE", userId);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

DI: configuration 2019-09-23 12:20:08 +00:00			`public IEnumerable<string> FindTenantsInCache(string domain, Guid userId)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: configuration 2019-09-23 12:20:08 +00:00			`var result = SendToApi(ApiCacheUrl, "portal/find?portalname=" + HttpUtility.UrlEncode(domain), WebRequestMethods.Http.Get, userId);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`var resObj = JObject.Parse(result);`

			`var variants = resObj.Value<JArray>("variants");`
IDE0031 2019-08-15 13:28:29 +00:00			`return variants?.Select(jv => jv.Value<string>()).ToList();`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

			`#endregion`

DI: configuration 2019-09-23 12:20:08 +00:00			`private string SendToApi(string absoluteApiUrl, string apiPath, string httpMethod, Guid userId, string data = null)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE0018 2019-08-15 13:05:50 +00:00			`if (!Uri.TryCreate(absoluteApiUrl, UriKind.Absolute, out var uri))`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: configuration 2019-09-23 12:20:08 +00:00			`var appUrl = CommonLinkUtility.GetFullAbsolutePath("/");`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`absoluteApiUrl = string.Format("{0}/{1}", appUrl.TrimEnd('/'), absoluteApiUrl.TrimStart('/')).TrimEnd('/');`
			`}`

IDE0049 2019-08-15 13:16:39 +00:00			`var url = string.Format("{0}/{1}", absoluteApiUrl, apiPath);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Code Cleanup 2019-08-15 12:04:42 +00:00			`var webRequest = (HttpWebRequest)WebRequest.Create(url);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`webRequest.Method = httpMethod;`
			`webRequest.Accept = "application/json";`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`webRequest.Headers.Add(HttpRequestHeader.Authorization, CreateAuthToken(userId.ToString()));`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`webRequest.ContentType = "application/x-www-form-urlencoded";`
			`webRequest.ContentLength = 0;`

			`if (data != null)`
			`{`
			`webRequest.ContentLength = data.Length;`

Added DIHelper 2020-02-17 08:58:14 +00:00			`using var writer = new StreamWriter(webRequest.GetRequestStream());`
IDE0063 2019-08-15 15:08:40 +00:00			`writer.Write(data);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Added DIHelper 2020-02-17 08:58:14 +00:00			`using var response = webRequest.GetResponse();`
			`using var stream = response.GetResponseStream();`
			`using var reader = new StreamReader(stream, Encoding.UTF8);`
IDE0063 2019-08-15 15:08:40 +00:00			`return reader.ReadToEnd();`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
Added DIHelper 2020-02-17 08:58:14 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`