IlyaSobolev/DocSpace-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
eb76b43464
DocSpace-client/common/services/ASC.ApiSystem/Controllers/CalDavController.cs
pavelbannov 830c73a134 Scope: refactoring
2020-10-19 18:53:15 +03:00

368 lines
12 KiB
C#
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

/*
*
* (c) Copyright Ascensio System Limited 2010-2018
*
* This program is freeware. You can redistribute it and/or modify it under the terms of the GNU
* General Public License (GPL) version 3 as published by the Free Software Foundation (https://www.gnu.org/copyleft/gpl.html).
* In accordance with Section 7(a) of the GNU GPL its Section 15 shall be amended to the effect that
* Ascensio System SIA expressly excludes the warranty of non-infringement of any third-party rights.
*
* THIS PROGRAM IS DISTRIBUTED WITHOUT ANY WARRANTY; WITHOUT EVEN THE IMPLIED WARRANTY OF MERCHANTABILITY OR
* FITNESS FOR A PARTICULAR PURPOSE. For more details, see GNU GPL at https://www.gnu.org/copyleft/gpl.html
*
* You can contact Ascensio System SIA by email at sales@onlyoffice.com
*
* The interactive user interfaces in modified source and object code versions of ONLYOFFICE must display
* Appropriate Legal Notices, as required under Section 5 of the GNU GPL version 3.
*
* Pursuant to Section 7 § 3(b) of the GNU GPL you must retain the original ONLYOFFICE logo which contains
* relevant author attributions when distributing the software. If the display of the logo in its graphic
* form is not reasonably feasible for technical reasons, you must include the words "Powered by ONLYOFFICE"
* in every copy of the program you distribute.
* Pursuant to Section 7 § 3(e) we decline to grant you any rights under trademark law for use of our trademarks.
*
*/
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Web;
using ASC.ApiSystem.Classes;
using ASC.ApiSystem.Models;
using ASC.Common;
using ASC.Common.Logging;
using ASC.Core;
using ASC.Core.Tenants;
using ASC.Security.Cryptography;
using ASC.Web.Studio.Utility;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
namespace ASC.ApiSystem.Controllers
{
[Scope]
[ApiController]
[Route("[controller]")]
public class CalDavController : ControllerBase
{
private CommonMethods CommonMethods { get; }
private EmailValidationKeyProvider EmailValidationKeyProvider { get; }
private CoreSettings CoreSettings { get; }
private CommonConstants CommonConstants { get; }
public InstanceCrypto InstanceCrypto { get; }
private ILog Log { get; }
public CalDavController(
CommonMethods commonMethods,
EmailValidationKeyProvider emailValidationKeyProvider,
CoreSettings coreSettings,
CommonConstants commonConstants,
InstanceCrypto instanceCrypto,
IOptionsMonitor<ILog> option)
{
CommonMethods = commonMethods;
EmailValidationKeyProvider = emailValidationKeyProvider;
CoreSettings = coreSettings;
CommonConstants = commonConstants;
InstanceCrypto = instanceCrypto;
Log = option.Get("ASC.ApiSystem");
}
#region For TEST api
[HttpGet("test")]
public IActionResult Check()
{
return Ok(new
{
value = "CalDav api works"
});
}
#endregion
#region API methods
[HttpGet("change_to_storage")]
public IActionResult СhangeOfCalendarStorage(string change)
{
if (!GetTenant(change, out var tenant, out var error))
{
return BadRequest(error);
}
try
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, change + ConfirmType.Auth);
SendToApi(Request.Scheme, tenant, "calendar/change_to_storage", new Dictionary<string, string> { { "change", change }, { "key", validationKey } });
}
catch (Exception ex)
{
Log.Error("Error change_to_storage", ex);
return StatusCode(StatusCodes.Status500InternalServerError, new
{
error = "apiError",
message = ex.Message
});
}
return Ok();
}
[HttpGet("caldav_delete_event")]
[Authorize(AuthenticationSchemes = "auth.allowskip")]
public IActionResult CaldavDeleteEvent(string eventInfo)
{
if (!GetTenant(eventInfo, out var tenant, out var error))
{
return BadRequest(error);
}
try
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, eventInfo + ConfirmType.Auth);
SendToApi(Request.Scheme, tenant, "calendar/caldav_delete_event", new Dictionary<string, string> { { "eventInfo", eventInfo }, { "key", validationKey } });
}
catch (Exception ex)
{
Log.Error("Error caldav_delete_event", ex);
return StatusCode(StatusCodes.Status500InternalServerError, new
{
error = "apiError",
message = ex.Message
});
}
return Ok();
}
[HttpPost("is_caldav_authenticated")]
[Authorize(AuthenticationSchemes = "auth.allowskip")]
public IActionResult IsCaldavAuthenticated(UserPassword userPassword)
{
if (userPassword == null || string.IsNullOrEmpty(userPassword.User) || string.IsNullOrEmpty(userPassword.Password))
{
Log.Error("CalDav authenticated data is null");
return BadRequest(new
{
value = "false",
error = "portalNameEmpty",
message = "Argument is required"
});
}
if (!GetUserData(userPassword.User, out var email, out var tenant, out var error))
{
return BadRequest(error);
}
try
{
Log.Info(string.Format("Caldav auth user: {0}, tenant: {1}", email, tenant.TenantId));
if (InstanceCrypto.Encrypt(email) == userPassword.Password)
{
return Ok(new
{
value = "true"
});
}
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenant.TenantId, email + userPassword.Password + ConfirmType.Auth);
var authData = string.Format("userName={0}&password={1}&key={2}",
HttpUtility.UrlEncode(email),
HttpUtility.UrlEncode(userPassword.Password),
HttpUtility.UrlEncode(validationKey));
SendToApi(Request.Scheme, tenant, "authentication/login", null, WebRequestMethods.Http.Post, authData);
return Ok(new
{
value = "true"
});
}
catch (Exception ex)
{
Log.Error("Caldav authenticated", ex);
return StatusCode(StatusCodes.Status500InternalServerError, new
{
value = "false",
message = ex.Message
});
}
}
#endregion
#region private methods
private bool GetTenant(string calendarParam, out Tenant tenant, out object error)
{
tenant = null;
if (string.IsNullOrEmpty(calendarParam))
{
Log.Error("calendarParam is empty");
error = new
{
value = "false",
error = "portalNameEmpty",
message = "Argument is required"
};
return false;
}
Log.Info(string.Format("CalDav calendarParam: {0}", calendarParam));
var userParam = calendarParam.Split('/')[0];
return GetUserData(userParam, out _, out tenant, out error);
}
private bool GetUserData(string userParam, out string email, out Tenant tenant, out object error)
{
email = null;
tenant = null;
error = null;
if (string.IsNullOrEmpty(userParam))
{
Log.Error("userParam is empty");
error = new
{
value = "false",
error = "portalNameEmpty",
message = "Argument is required"
};
return false;
}
var userData = userParam.Split('@');
if (userData.Length < 3)
{
Log.Error(string.Format("Error Caldav username: {0}", userParam));
error = new
{
value = "false",
error = "portalNameEmpty",
message = "PortalName is required"
};
return false;
}
email = string.Join("@", userData[0], userData[1]);
var tenantName = userData[2];
var baseUrl = CoreSettings.BaseDomain;
if (!string.IsNullOrEmpty(baseUrl) && tenantName.EndsWith("." + baseUrl, StringComparison.InvariantCultureIgnoreCase))
{
tenantName = tenantName.Replace("." + baseUrl, "");
}
Log.Info(string.Format("CalDav: user:{0} tenantName:{1}", userParam, tenantName));
var tenantModel = new TenantModel { PortalName = tenantName };
if (!CommonMethods.GetTenant(tenantModel, out tenant))
{
Log.Error("Model without tenant");
error = new
{
value = "false",
error = "portalNameEmpty",
message = "PortalName is required"
};
return false;
}
if (tenant == null)
{
Log.Error("Tenant not found " + tenantName);
error = new
{
value = "false",
error = "portalNameNotFound",
message = "Portal not found"
};
return false;
}
return true;
}
private void SendToApi(string requestUriScheme,
Tenant tenant,
string path,
IEnumerable<KeyValuePair<string, string>> args = null,
string httpMethod = WebRequestMethods.Http.Get,
string data = null)
{
var query = args == null
? null
: string.Join("&", args.Select(arg => HttpUtility.UrlEncode(arg.Key) + "=" + HttpUtility.UrlEncode(arg.Value)).ToArray());
var url = string.Format("{0}{1}{2}{3}{4}{5}",
requestUriScheme,
Uri.SchemeDelimiter,
tenant.GetTenantDomain(CoreSettings),
CommonConstants.WebApiBaseUrl,
path,
string.IsNullOrEmpty(query) ? "" : "?" + query);
Log.Info(string.Format("CalDav: SendToApi: {0}", url));
var webRequest = (HttpWebRequest)WebRequest.Create(url);
webRequest.Method = httpMethod;
webRequest.Accept = "application/json";
webRequest.ContentType = "application/x-www-form-urlencoded";
webRequest.ContentLength = 0;
if (data != null)
{
webRequest.ContentLength = data.Length;
using var writer = new StreamWriter(webRequest.GetRequestStream());
writer.Write(data);
}
using (webRequest.GetResponse())
{
}
}
#endregion
public class UserPassword
{
public string User { get; set; }
public string Password { get; set; }
}
}
}
Reference in New Issue View Git Blame Copy Permalink