2020-02-18 13:48:38 +00:00
|
|
|
|
/*
|
|
|
|
|
*
|
|
|
|
|
* (c) Copyright Ascensio System Limited 2010-2018
|
|
|
|
|
*
|
|
|
|
|
* This program is freeware. You can redistribute it and/or modify it under the terms of the GNU
|
|
|
|
|
* General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html).
|
|
|
|
|
* In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that
|
|
|
|
|
* Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
|
|
|
|
|
*
|
|
|
|
|
* THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR
|
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html
|
|
|
|
|
*
|
|
|
|
|
* You can contact Ascensio System SIA by email at sales@onlyoffice.com
|
|
|
|
|
*
|
|
|
|
|
* The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display
|
|
|
|
|
* Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3.
|
|
|
|
|
*
|
|
|
|
|
* Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains
|
|
|
|
|
* relevant author attributions when distributing the software. If the display of the logo in its graphic
|
|
|
|
|
* form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE"
|
|
|
|
|
* in every copy of the program you distribute.
|
|
|
|
|
* Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks.
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
2020-05-19 13:22:47 +00:00
|
|
|
|
using System;
|
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
using System.Linq;
|
|
|
|
|
using System.Net;
|
2021-10-12 10:14:33 +00:00
|
|
|
|
using System.Net.Http;
|
2020-05-19 13:22:47 +00:00
|
|
|
|
using System.Web;
|
|
|
|
|
|
|
|
|
|
using ASC.ApiSystem.Classes;
|
2020-02-18 13:48:38 +00:00
|
|
|
|
using ASC.ApiSystem.Models;
|
2020-05-19 17:41:37 +00:00
|
|
|
|
using ASC.Common;
|
2020-05-19 13:22:47 +00:00
|
|
|
|
using ASC.Common.Logging;
|
|
|
|
|
using ASC.Core;
|
2020-02-18 13:48:38 +00:00
|
|
|
|
using ASC.Core.Tenants;
|
2020-05-19 13:22:47 +00:00
|
|
|
|
using ASC.Security.Cryptography;
|
2020-02-18 13:48:38 +00:00
|
|
|
|
using ASC.Web.Studio.Utility;
|
2020-05-19 13:22:47 +00:00
|
|
|
|
|
2020-02-25 11:43:01 +00:00
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
2020-02-18 13:48:38 +00:00
|
|
|
|
using Microsoft.AspNetCore.Http;
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
2020-05-19 13:22:47 +00:00
|
|
|
|
using Microsoft.Extensions.Options;
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
namespace ASC.ApiSystem.Controllers
|
2020-10-19 15:53:15 +00:00
|
|
|
|
{
|
|
|
|
|
[Scope]
|
2020-02-18 13:48:38 +00:00
|
|
|
|
[ApiController]
|
2020-02-25 08:45:16 +00:00
|
|
|
|
[Route("[controller]")]
|
|
|
|
|
public class CalDavController : ControllerBase
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
private CommonMethods CommonMethods { get; }
|
|
|
|
|
private EmailValidationKeyProvider EmailValidationKeyProvider { get; }
|
|
|
|
|
private CoreSettings CoreSettings { get; }
|
|
|
|
|
private CommonConstants CommonConstants { get; }
|
2020-09-18 07:59:23 +00:00
|
|
|
|
public InstanceCrypto InstanceCrypto { get; }
|
2020-05-19 13:22:47 +00:00
|
|
|
|
private ILog Log { get; }
|
|
|
|
|
|
|
|
|
|
public CalDavController(
|
|
|
|
|
CommonMethods commonMethods,
|
|
|
|
|
EmailValidationKeyProvider emailValidationKeyProvider,
|
|
|
|
|
CoreSettings coreSettings,
|
|
|
|
|
CommonConstants commonConstants,
|
2020-09-18 07:59:23 +00:00
|
|
|
|
InstanceCrypto instanceCrypto,
|
2020-05-19 13:22:47 +00:00
|
|
|
|
IOptionsMonitor<ILog> option)
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
CommonMethods = commonMethods;
|
|
|
|
|
EmailValidationKeyProvider = emailValidationKeyProvider;
|
|
|
|
|
CoreSettings = coreSettings;
|
|
|
|
|
CommonConstants = commonConstants;
|
2020-09-18 07:59:23 +00:00
|
|
|
|
InstanceCrypto = instanceCrypto;
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log = option.Get("ASC.ApiSystem");
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#region For TEST api
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
[HttpGet("test")]
|
|
|
|
|
public IActionResult Check()
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return Ok(new
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
|
|
|
|
value = "CalDav api works"
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
#region API methods
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
[HttpGet("change_to_storage")]
|
|
|
|
|
public IActionResult СhangeOfCalendarStorage(string change)
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-10-12 13:52:31 +00:00
|
|
|
|
if (!GetTenant(change, out var tenant, out var error))
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return BadRequest(error);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, change + ConfirmType.Auth);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
SendToApi(Request.Scheme, tenant, "calendar/change_to_storage", new Dictionary<string, string> { { "change", change }, { "key", validationKey } });
|
|
|
|
|
}
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("Error change_to_storage", ex);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return StatusCode(StatusCodes.Status500InternalServerError, new
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
|
|
|
|
error = "apiError",
|
|
|
|
|
message = ex.Message
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return Ok();
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
[HttpGet("caldav_delete_event")]
|
2020-02-25 11:43:01 +00:00
|
|
|
|
[Authorize(AuthenticationSchemes = "auth.allowskip")]
|
2020-02-25 08:45:16 +00:00
|
|
|
|
public IActionResult CaldavDeleteEvent(string eventInfo)
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-10-12 13:52:31 +00:00
|
|
|
|
if (!GetTenant(eventInfo, out var tenant, out var error))
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return BadRequest(error);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, eventInfo + ConfirmType.Auth);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
SendToApi(Request.Scheme, tenant, "calendar/caldav_delete_event", new Dictionary<string, string> { { "eventInfo", eventInfo }, { "key", validationKey } });
|
|
|
|
|
}
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("Error caldav_delete_event", ex);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return StatusCode(StatusCodes.Status500InternalServerError, new
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
|
|
|
|
error = "apiError",
|
|
|
|
|
message = ex.Message
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return Ok();
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
[HttpPost("is_caldav_authenticated")]
|
2020-02-25 11:43:01 +00:00
|
|
|
|
[Authorize(AuthenticationSchemes = "auth.allowskip")]
|
2020-09-18 07:59:23 +00:00
|
|
|
|
public IActionResult IsCaldavAuthenticated(UserPassword userPassword)
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-09-18 07:59:23 +00:00
|
|
|
|
if (userPassword == null || string.IsNullOrEmpty(userPassword.User) || string.IsNullOrEmpty(userPassword.Password))
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("CalDav authenticated data is null");
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return BadRequest(new
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
|
|
|
|
value = "false",
|
|
|
|
|
error = "portalNameEmpty",
|
|
|
|
|
message = "Argument is required"
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-18 07:59:23 +00:00
|
|
|
|
if (!GetUserData(userPassword.User, out var email, out var tenant, out var error))
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return BadRequest(error);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Info(string.Format("Caldav auth user: {0}, tenant: {1}", email, tenant.TenantId));
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
2020-09-18 07:59:23 +00:00
|
|
|
|
if (InstanceCrypto.Encrypt(email) == userPassword.Password)
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return Ok(new
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
|
|
|
|
value = "true"
|
|
|
|
|
});
|
2020-09-18 07:59:23 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, email + userPassword.Password + ConfirmType.Auth);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
var authData = string.Format("userName={0}&password={1}&key={2}",
|
|
|
|
|
HttpUtility.UrlEncode(email),
|
2020-09-18 07:59:23 +00:00
|
|
|
|
HttpUtility.UrlEncode(userPassword.Password),
|
2020-02-18 13:48:38 +00:00
|
|
|
|
HttpUtility.UrlEncode(validationKey));
|
|
|
|
|
|
|
|
|
|
SendToApi(Request.Scheme, tenant, "authentication/login", null, WebRequestMethods.Http.Post, authData);
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return Ok(new
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
|
|
|
|
value = "true"
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("Caldav authenticated", ex);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
return StatusCode(StatusCodes.Status500InternalServerError, new
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
|
|
|
|
value = "false",
|
|
|
|
|
message = ex.Message
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
#region private methods
|
|
|
|
|
|
|
|
|
|
private bool GetTenant(string calendarParam, out Tenant tenant, out object error)
|
|
|
|
|
{
|
|
|
|
|
tenant = null;
|
|
|
|
|
|
|
|
|
|
if (string.IsNullOrEmpty(calendarParam))
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("calendarParam is empty");
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
error = new
|
|
|
|
|
{
|
|
|
|
|
value = "false",
|
|
|
|
|
error = "portalNameEmpty",
|
|
|
|
|
message = "Argument is required"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Info(string.Format("CalDav calendarParam: {0}", calendarParam));
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
2020-10-12 13:52:31 +00:00
|
|
|
|
var userParam = calendarParam.Split('/')[0];
|
|
|
|
|
return GetUserData(userParam, out _, out tenant, out error);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private bool GetUserData(string userParam, out string email, out Tenant tenant, out object error)
|
|
|
|
|
{
|
|
|
|
|
email = null;
|
|
|
|
|
tenant = null;
|
|
|
|
|
error = null;
|
|
|
|
|
|
|
|
|
|
if (string.IsNullOrEmpty(userParam))
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("userParam is empty");
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
error = new
|
|
|
|
|
{
|
|
|
|
|
value = "false",
|
|
|
|
|
error = "portalNameEmpty",
|
|
|
|
|
message = "Argument is required"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var userData = userParam.Split('@');
|
|
|
|
|
|
|
|
|
|
if (userData.Length < 3)
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error(string.Format("Error Caldav username: {0}", userParam));
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
error = new
|
|
|
|
|
{
|
|
|
|
|
value = "false",
|
|
|
|
|
error = "portalNameEmpty",
|
|
|
|
|
message = "PortalName is required"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
email = string.Join("@", userData[0], userData[1]);
|
|
|
|
|
|
|
|
|
|
var tenantName = userData[2];
|
|
|
|
|
|
2020-05-19 13:22:47 +00:00
|
|
|
|
var baseUrl = CoreSettings.BaseDomain;
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
if (!string.IsNullOrEmpty(baseUrl) && tenantName.EndsWith("." + baseUrl, StringComparison.InvariantCultureIgnoreCase))
|
|
|
|
|
{
|
|
|
|
|
tenantName = tenantName.Replace("." + baseUrl, "");
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Info(string.Format("CalDav: user:{0} tenantName:{1}", userParam, tenantName));
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
var tenantModel = new TenantModel { PortalName = tenantName };
|
|
|
|
|
|
2020-02-25 08:45:16 +00:00
|
|
|
|
if (!CommonMethods.GetTenant(tenantModel, out tenant))
|
2020-02-18 13:48:38 +00:00
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("Model without tenant");
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
error = new
|
|
|
|
|
{
|
|
|
|
|
value = "false",
|
|
|
|
|
error = "portalNameEmpty",
|
|
|
|
|
message = "PortalName is required"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (tenant == null)
|
|
|
|
|
{
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Error("Tenant not found " + tenantName);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
error = new
|
|
|
|
|
{
|
|
|
|
|
value = "false",
|
|
|
|
|
error = "portalNameNotFound",
|
|
|
|
|
message = "Portal not found"
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void SendToApi(string requestUriScheme,
|
|
|
|
|
Tenant tenant,
|
|
|
|
|
string path,
|
|
|
|
|
IEnumerable<KeyValuePair<string, string>> args = null,
|
|
|
|
|
string httpMethod = WebRequestMethods.Http.Get,
|
|
|
|
|
string data = null)
|
|
|
|
|
{
|
|
|
|
|
var query = args == null
|
|
|
|
|
? null
|
|
|
|
|
: string.Join("&", args.Select(arg => HttpUtility.UrlEncode(arg.Key) + "=" + HttpUtility.UrlEncode(arg.Value)).ToArray());
|
|
|
|
|
|
|
|
|
|
var url = string.Format("{0}{1}{2}{3}{4}{5}",
|
|
|
|
|
requestUriScheme,
|
|
|
|
|
Uri.SchemeDelimiter,
|
2020-05-19 13:22:47 +00:00
|
|
|
|
tenant.GetTenantDomain(CoreSettings),
|
|
|
|
|
CommonConstants.WebApiBaseUrl,
|
2020-02-18 13:48:38 +00:00
|
|
|
|
path,
|
|
|
|
|
string.IsNullOrEmpty(query) ? "" : "?" + query);
|
|
|
|
|
|
2020-05-19 13:22:47 +00:00
|
|
|
|
Log.Info(string.Format("CalDav: SendToApi: {0}", url));
|
2021-10-12 10:14:33 +00:00
|
|
|
|
|
|
|
|
|
var request = new HttpRequestMessage();
|
|
|
|
|
request.RequestUri = new Uri(url);
|
|
|
|
|
request.Method = new HttpMethod(httpMethod);
|
|
|
|
|
request.Headers.Add("accept", "application/json");
|
|
|
|
|
request.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
2021-10-12 10:14:33 +00:00
|
|
|
|
var httpClient = new HttpClient();
|
2020-02-18 13:48:38 +00:00
|
|
|
|
|
|
|
|
|
if (data != null)
|
|
|
|
|
{
|
2021-10-12 10:14:33 +00:00
|
|
|
|
request.Content = new StringContent(data);
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
|
2021-10-12 10:14:33 +00:00
|
|
|
|
httpClient.Send(request);
|
2020-09-18 07:59:23 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
public class UserPassword
|
|
|
|
|
{
|
|
|
|
|
public string User { get; set; }
|
|
|
|
|
public string Password { get; set; }
|
2020-02-18 13:48:38 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|