[Libreoffice-commits] online.git: wsd/ProofKey.cpp wsd/ProofKey.hpp wsd/Storage.cpp
Mike Kaganski (via logerrit)
logerrit at kemper.freedesktop.org
Tue Feb 18 16:30:37 UTC 2020
wsd/ProofKey.cpp | 22 ++++++++++++----------
wsd/ProofKey.hpp | 1 +
wsd/Storage.cpp | 14 ++++++++------
3 files changed, 21 insertions(+), 16 deletions(-)
New commits:
commit 99f04804600f2153ce245b3937c9fcaddc3d9a9a
Author: Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Fri Feb 14 21:01:06 2020 +0300
Commit: Mike Kaganski <mike.kaganski at collabora.com>
CommitDate: Tue Feb 18 17:30:19 2020 +0100
Proof: URI must be absolute and converted to uppercase
Also access token is already passes decoded to GetProofHeaders,
so don't decode it second time.
Change-Id: I7c4404462a9dd9f53e4e82684b1fcae1aeecee73
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88736
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice at gmail.com>
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
diff --git a/wsd/ProofKey.cpp b/wsd/ProofKey.cpp
index 649427f38..fa6dd6bd0 100644
--- a/wsd/ProofKey.cpp
+++ b/wsd/ProofKey.cpp
@@ -204,22 +204,24 @@ int64_t Proof::DotNetTicks(const std::chrono::system_clock::time_point& utc)
std::vector<unsigned char> Proof::GetProof(const std::string& access_token, const std::string& uri,
int64_t ticks)
{
- std::string decoded_access_token;
- Poco::URI::decode(access_token, decoded_access_token);
- assert(decoded_access_token.size() <= static_cast<size_t>(std::numeric_limits<int32_t>::max()));
- assert(uri.size() <= static_cast<size_t>(std::numeric_limits<int32_t>::max()));
- const auto access_token_size = ToNetworkOrderBytes<int32_t>(decoded_access_token.size());
- const auto uri_size = ToNetworkOrderBytes<int32_t>(uri.size());
+ assert(access_token.size() <= static_cast<size_t>(std::numeric_limits<int32_t>::max()));
+ std::string uri_upper = uri;
+ for (auto& c : uri_upper)
+ if (c >= 'a' && c <= 'z')
+ c -= 'a' - 'A';
+ assert(uri_upper.size() <= static_cast<size_t>(std::numeric_limits<int32_t>::max()));
+ const auto access_token_size = ToNetworkOrderBytes<int32_t>(access_token.size());
+ const auto uri_size = ToNetworkOrderBytes<int32_t>(uri_upper.size());
const auto ticks_bytes = ToNetworkOrderBytes(ticks);
const auto ticks_size = ToNetworkOrderBytes<int32_t>(ticks_bytes.size());
- const size_t size = access_token_size.size() + decoded_access_token.size()
- + uri_size.size() + uri.size() + ticks_size.size()
+ const size_t size = access_token_size.size() + access_token.size()
+ + uri_size.size() + uri_upper.size() + ticks_size.size()
+ ticks_bytes.size();
std::vector<unsigned char> buf(size);
auto pos = std::copy(access_token_size.begin(), access_token_size.end(), buf.begin());
- pos = std::copy(decoded_access_token.begin(), decoded_access_token.end(), pos);
+ pos = std::copy(access_token.begin(), access_token.end(), pos);
pos = std::copy(uri_size.begin(), uri_size.end(), pos);
- pos = std::copy(uri.begin(), uri.end(), pos);
+ pos = std::copy(uri_upper.begin(), uri_upper.end(), pos);
pos = std::copy(ticks_size.begin(), ticks_size.end(), pos);
std::copy(ticks_bytes.begin(), ticks_bytes.end(), pos);
return buf;
diff --git a/wsd/ProofKey.hpp b/wsd/ProofKey.hpp
index e1d4b63a3..f02403db1 100644
--- a/wsd/ProofKey.hpp
+++ b/wsd/ProofKey.hpp
@@ -21,6 +21,7 @@ typedef std::vector<std::pair<std::string, std::string>> VecOfStringPairs;
// The headers returned are X-WOPI-TimeStamp, X-WOPI-Proof
// If no proof key, returns empty vector
// Both parameters are utf-8-encoded strings
+// access_token must not be URI-encoded
VecOfStringPairs GetProofHeaders(const std::string& access_token, const std::string& uri);
// Returns pairs <attribute, value> to set in proof-key element in discovery xml.
diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp
index f465e0a01..b470ba433 100644
--- a/wsd/Storage.cpp
+++ b/wsd/Storage.cpp
@@ -451,9 +451,11 @@ static void addStorageReuseCookie(Poco::Net::HTTPRequest& request, const std::st
}
}
-void addWopiProof(Poco::Net::HTTPRequest& request, const std::string& access_token)
+// access_token must be decoded
+void addWopiProof(Poco::Net::HTTPRequest& request, const std::string& uri,
+ const std::string& access_token)
{
- for (const auto& header : GetProofHeaders(access_token, request.getURI()))
+ for (const auto& header : GetProofHeaders(access_token, uri))
request.set(header.first, header.second);
}
@@ -525,7 +527,7 @@ std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const Au
addStorageDebugCookie(request);
if (_reuseCookies)
addStorageReuseCookie(request, cookies);
- addWopiProof(request, params["access_token"]);
+ addWopiProof(request, uriObject.toString(), params["access_token"]);
const auto startTime = std::chrono::steady_clock::now();
std::unique_ptr<Poco::Net::HTTPClientSession> psession(getHTTPClientSession(uriObject));
@@ -756,7 +758,7 @@ bool WopiStorage::updateLockState(const Authorization& auth, const std::string&
addStorageDebugCookie(request);
if (_reuseCookies)
addStorageReuseCookie(request, cookies);
- addWopiProof(request, params["access_token"]);
+ addWopiProof(request, uriObject.toString(), params["access_token"]);
psession->sendRequest(request);
Poco::Net::HTTPResponse response;
@@ -835,7 +837,7 @@ std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth,
addStorageDebugCookie(request);
if (_reuseCookies)
addStorageReuseCookie(request, cookies);
- addWopiProof(request, params["access_token"]);
+ addWopiProof(request, uriObject.toString(), params["access_token"]);
psession->sendRequest(request);
Poco::Net::HTTPResponse response;
@@ -994,7 +996,7 @@ WopiStorage::saveLocalFileToStorage(const Authorization& auth, const std::string
addStorageDebugCookie(request);
if (_reuseCookies)
addStorageReuseCookie(request, cookies);
- addWopiProof(request, params["access_token"]);
+ addWopiProof(request, uriObject.toString(), params["access_token"]);
std::ostream& os = psession->sendRequest(request);
std::ifstream ifs(filePath);
More information about the Libreoffice-commits
mailing list