/* * * (c) Copyright Ascensio System Limited 2010-2018 * * This program is freeware. You can redistribute it and/or modify it under the terms of the GNU * General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html). * In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that * Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights. * * THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR * FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html * * You can contact Ascensio System SIA by email at sales@onlyoffice.com * * The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display * Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3. * * Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains * relevant author attributions when distributing the software. If the display of the logo in its graphic * form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE" * in every copy of the program you distribute. * Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks. * */ using System; using System.Collections.Generic; using System.Linq; using System.Security.Cryptography; using System.Text; using System.Threading; using System.Web; using ASC.Common.Caching; using ASC.Common.Utils; using ASC.Core; using ASC.Core.Common.Configuration; using ASC.FederatedLogin.Helpers; using ASC.FederatedLogin.Profile; using ASC.Security.Cryptography; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Configuration; using Newtonsoft.Json.Linq; namespace ASC.FederatedLogin.LoginProviders { public class MailRuLoginProvider : BaseLoginProvider { public override string CodeUrl { get { return "https://connect.mail.ru/oauth/authorize"; } } public override string AccessTokenUrl { get { return "https://connect.mail.ru/oauth/token"; } } public override string ClientID { get { return this["mailRuClientId"]; } } public override string ClientSecret { get { return this["mailRuClientSecret"]; } } public override string RedirectUri { get { return this["mailRuRedirectUrl"]; } } private const string MailRuApiUrl = "http://www.appsmail.ru/platform/api"; public MailRuLoginProvider() { } public MailRuLoginProvider(TenantManager tenantManager, CoreBaseSettings coreBaseSettings, CoreSettings coreSettings, IConfiguration configuration, ICacheNotify cache, ConsumerFactory consumerFactory, Signature signature, InstanceCrypto instanceCrypto, string name, int order, Dictionary props, Dictionary additional = null) : base(tenantManager, coreBaseSettings, coreSettings, configuration, cache, consumerFactory, signature, instanceCrypto, name, order, props, additional) { } public override LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params) { try { var token = Auth(context, Scopes, out var redirect); if (redirect) { return null; } if (token == null) { throw new Exception("Login failed"); } var uid = GetUid(token); return RequestProfile(token.AccessToken, uid); } catch (ThreadAbortException) { throw; } catch (Exception ex) { return LoginProfile.FromError(Signature, InstanceCrypto, ex); } } public override LoginProfile GetLoginProfile(string accessToken) { throw new NotImplementedException(); } private LoginProfile RequestProfile(string accessToken, string uid) { var queryDictionary = new Dictionary { { "app_id", ClientID }, { "method", "users.getInfo" }, { "secure", "1" }, { "session_key", accessToken }, { "uids", uid }, }; var sortedKeys = queryDictionary.Keys.ToList(); sortedKeys.Sort(); using var md5 = MD5.Create(); var mailruParams = string.Join("", sortedKeys.Select(key => key + "=" + queryDictionary[key]).ToList()); var sig = string.Join("", md5.ComputeHash(Encoding.ASCII.GetBytes(mailruParams + ClientSecret)).Select(b => b.ToString("x2"))); var mailRuProfile = RequestHelper.PerformRequest( MailRuApiUrl + "?" + string.Join("&", queryDictionary.Select(pair => pair.Key + "=" + HttpUtility.UrlEncode(pair.Value))) + "&sig=" + HttpUtility.UrlEncode(sig)); var loginProfile = ProfileFromMailRu(mailRuProfile); return loginProfile; } private LoginProfile ProfileFromMailRu(string strProfile) { var jProfile = JArray.Parse(strProfile); if (jProfile == null) throw new Exception("Failed to correctly process the response"); var mailRuProfiles = jProfile.ToObject>(); if (mailRuProfiles.Count == 0) throw new Exception("Failed to correctly process the response"); var profile = new LoginProfile(Signature, InstanceCrypto) { EMail = mailRuProfiles[0].email, Id = mailRuProfiles[0].uid, FirstName = mailRuProfiles[0].first_name, LastName = mailRuProfiles[0].last_name, Provider = ProviderConstants.MailRu, }; return profile; } private class MailRuProfile { public string uid = null; public string first_name = null; public string last_name = null; public string email = null; } private static string GetUid(OAuth20Token token) { if (string.IsNullOrEmpty(token.OriginJson)) return null; var parser = JObject.Parse(token.OriginJson); return parser?.Value("x_mailru_vid"); } } }