[Libreoffice-commits] online.git: test/Makefile.am test/UnitOAuth.cpp wsd/Storage.cpp

Henry Castro hcastro at collabora.com
Thu Aug 3 21:06:59 UTC 2017


 test/Makefile.am   |    4 +
 test/UnitOAuth.cpp |  149 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 wsd/Storage.cpp    |    3 +
 3 files changed, 155 insertions(+), 1 deletion(-)

New commits:
commit a262b7d7ba4a8ff9832446849662a5516e53db53
Author: Henry Castro <hcastro at collabora.com>
Date:   Thu Aug 3 17:05:48 2017 -0400

    wsd: OAuth token passing
    
    MS-WOPI:
    "The following HTTP header MUST be included in all WOPI requests."
    "Authorization "Bearer" and <token>"
    
    Change-Id: Ie5327286e93b86a49a0248ff5886bf3ea99df768

diff --git a/test/Makefile.am b/test/Makefile.am
index f7f4c090..237c2e1a 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -16,7 +16,7 @@ noinst_LTLIBRARIES = \
         unit-timeout.la unit-prefork.la \
         unit-storage.la unit-client.la \
         unit-admin.la unit-tilecache.la \
-	unit-fuzz.la unit-oob.la
+	unit-fuzz.la unit-oob.la unit-oauth.la
 
 MAGIC_TO_FORCE_SHLIB_CREATION = -rpath /dummy
 AM_LDFLAGS = -pthread -module $(MAGIC_TO_FORCE_SHLIB_CREATION) $(ZLIB_LIBS)
@@ -62,6 +62,8 @@ unit_timeout_la_SOURCES = UnitTimeout.cpp
 unit_prefork_la_SOURCES = UnitPrefork.cpp
 unit_storage_la_SOURCES = UnitStorage.cpp
 unit_tilecache_la_SOURCES = UnitTileCache.cpp
+unit_oauth_la_SOURCES = UnitOAuth.cpp
+unit_oauth_la_LIBADD = $(CPPUNIT_LIBS)
 
 if HAVE_LO_PATH
 SYSTEM_STAMP = @SYSTEMPLATE_PATH@/system_stamp
diff --git a/test/UnitOAuth.cpp b/test/UnitOAuth.cpp
new file mode 100644
index 00000000..2a24ed9b
--- /dev/null
+++ b/test/UnitOAuth.cpp
@@ -0,0 +1,149 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include "config.h"
+
+//#include "Exceptions.hpp"
+#include "Log.hpp"
+#include "Unit.hpp"
+#include "helpers.hpp"
+#include <Poco/JSON/Object.h>
+#include <Poco/LocalDateTime.h>
+#include <Poco/DateTimeFormat.h>
+#include <Poco/DateTimeFormatter.h>
+#include <Poco/Net/HTTPRequest.h>
+#include <Poco/Net/HTTPResponse.h>
+#include <Poco/Net/HTTPServer.h>
+#include <Poco/Net/HTTPRequestHandlerFactory.h>
+#include <Poco/Net/HTTPRequestHandler.h>
+#include <Poco/Net/HTTPServerRequest.h>
+#include <Poco/Net/HTTPServerResponse.h>
+#include <Poco/Net/HTTPServerParams.h>
+#include <Poco/Net/ServerSocket.h>
+#include <Poco/Net/OAuth20Credentials.h>
+
+using Poco::DateTimeFormatter;
+using Poco::DateTimeFormat;
+using Poco::JSON::Object;
+using Poco::Net::HTTPServer;
+using Poco::Net::HTTPRequest;
+using Poco::Net::HTTPResponse;
+using Poco::Net::HTTPRequestHandlerFactory;
+using Poco::Net::HTTPRequestHandler;
+using Poco::Net::HTTPServerRequest;
+using Poco::Net::HTTPServerResponse;
+using Poco::Net::HTTPServerParams;
+using Poco::Net::OAuth20Credentials;
+using Poco::Net::ServerSocket;
+
+class WopiHostRequestHandler: public HTTPRequestHandler
+{
+public:
+    void handleRequest(HTTPServerRequest& request, HTTPServerResponse& response)
+    {
+        Poco::URI uriReq(request.getURI());
+
+        // The resource server MUST validate the access token
+        // and ensure that it has not expired and that its scope
+        // covers the requested resource.
+        OAuth20Credentials creds(request);
+        assert (creds.getBearerToken() == "s3hn3ct0k3v");
+
+        // CheckFileInfo
+        if (uriReq.getPath() == "/wopi/files/0")
+        {
+            Poco::LocalDateTime now;
+            Object::Ptr fileInfo = new Object();
+            fileInfo->set("BaseFileName", "empty.odt");
+            fileInfo->set("Size", "1024");
+            fileInfo->set("Version", "1.0");
+            fileInfo->set("OwnerId", "test");
+            fileInfo->set("UserId", "test");
+            fileInfo->set("UserFriendlyName", "test");
+            fileInfo->set("UserCanWrite", "true");
+            fileInfo->set("PostMessageOrigin", "localhost");
+            fileInfo->set("LastModifiedTime", DateTimeFormatter::format(now, DateTimeFormat::ISO8601_FORMAT));
+
+            std::ostringstream oss;
+            fileInfo->stringify(oss);
+            response.setContentType("application/json; charset=utf-8");
+            std::ostream& ostr = response.send();
+            ostr << oss.str();
+        }
+        // GetFile
+        else if (uriReq.getPath() == "/wopi/files/0/contents")
+        {
+            response.sendFile(Poco::Path(TDOC, "empty.odt").toString(), "application/vnd.oasis.opendocument.text");
+            response.setStatusAndReason(HTTPResponse::HTTP_OK);
+        }
+    }
+
+};
+
+class WopiHostRequestHandlerFactory: public HTTPRequestHandlerFactory
+{
+public:
+    HTTPRequestHandler* createRequestHandler(const HTTPServerRequest& /*request*/)
+    {
+        return new WopiHostRequestHandler();
+    }
+};
+
+
+class UnitOAuth : public UnitWSD
+{
+public:
+    UnitOAuth()
+    {
+    }
+
+    virtual void configure(Poco::Util::LayeredConfiguration& /*config*/) override
+    {
+    }
+
+    void invokeTest() override
+    {
+        HTTPResponse response;
+        ServerSocket wopiSocket(0);
+        HTTPServerParams* wopiParams = new HTTPServerParams();
+        wopiParams->setKeepAlive(false);
+        HTTPServer fakeWopiHost(new WopiHostRequestHandlerFactory, wopiSocket, wopiParams);
+        fakeWopiHost.start();
+
+        std::string WopiSrc;
+        const std::string testName = "UnitOAuth ";
+
+        // RFC 6749
+        // 7. Accessing Protected Resources
+        // The client accesses protected resources by presenting the access
+        // token (access_token) to the resource server.
+        Poco::URI wopiURL("http://localhost/wopi/files/0?access_token=s3hn3ct0k3v");
+        wopiURL.setPort(wopiSocket.address().port());
+        Poco::URI::encode(wopiURL.toString(), ":/?", WopiSrc);
+        Poco::URI loolUri(helpers::getTestServerURI());
+        HTTPRequest request(HTTPRequest::HTTP_GET, "lool/" + WopiSrc + "/ws");
+
+        auto socket = helpers::connectLOKit(loolUri, request, response);
+        helpers::sendTextFrame(socket, "load url=" + WopiSrc, testName);
+
+        const auto status = helpers::assertResponseString(socket, "status:", testName);
+
+        Poco::Thread::sleep(1000);
+        fakeWopiHost.stop();
+
+        exitTest(TestResult::Ok);
+    }
+};
+
+UnitBase *unit_create_wsd(void)
+{
+    return new UnitOAuth();
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp
index 23a2dfdf..b64b6431 100644
--- a/wsd/Storage.cpp
+++ b/wsd/Storage.cpp
@@ -501,6 +501,7 @@ std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const st
 
         Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_GET, uriObject.getPathAndQuery(), Poco::Net::HTTPMessage::HTTP_1_1);
         request.set("User-Agent", WOPI_AGENT_STRING);
+        request.set("Authorization", "Bearer " + accessToken);
         addStorageDebugCookie(request);
         psession->sendRequest(request);
 
@@ -603,6 +604,7 @@ std::string WopiStorage::loadStorageFileToLocal(const std::string& accessToken)
 
         Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_GET, uriObject.getPathAndQuery(), Poco::Net::HTTPMessage::HTTP_1_1);
         request.set("User-Agent", WOPI_AGENT_STRING);
+        request.set("Authorization", "Bearer " + accessToken);
         addStorageDebugCookie(request);
         psession->sendRequest(request);
 
@@ -672,6 +674,7 @@ StorageBase::SaveResult WopiStorage::saveLocalFileToStorage(const std::string& a
 
         Poco::Net::HTTPRequest request(Poco::Net::HTTPRequest::HTTP_POST, uriObject.getPathAndQuery(), Poco::Net::HTTPMessage::HTTP_1_1);
         request.set("X-WOPI-Override", "PUT");
+        request.set("Authorization", "Bearer " + accessToken);
         if (!_forceSave)
         {
             // Request WOPI host to not overwrite if timestamps mismatch


More information about the Libreoffice-commits mailing list