From 840d84d22c23cbdf4d882e6d6e917183fb84bbea Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 6 Aug 2020 12:05:46 +0200 Subject: [PATCH] Use the ocis-proxy URL to make sure auth works correctly Since a recent change in ocis-accounts that makes a distinction between user id and user name, the thumbnails cannot properly authenticate against the Reva API endpoint (port 9140) using the provided Bearer token. Since the ocis-proxy is handling authentication correctly, the default setting has been changed here to connect to ocis-proxy. --- docs/getting-started.md | 4 ++-- pkg/flagset/flagset.go | 2 +- pkg/thumbnail/imgsource/webdav.go | 6 ++++++ 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/docs/getting-started.md b/docs/getting-started.md index fc8988afc8..0efc461b48 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -85,7 +85,7 @@ THUMBNAILS_FILESYSTEMSTORAGE_ROOT : Root path of the filesystem storage directory, defaults to `/ocis-thumbnails/` THUMBNAILS_WEBDAVSOURCE_BASEURL -: Base url for a webdav api, defaults to `htp://localhost:9140/remote.php/webdav/` +: Base url for a webdav api, defaults to `https://localhost:9200/remote.php/webdav/` THUMBNAILS_RESOLUTIONS : List of resolutions supported by the service, defaults to `["16x16", "32x32", "64x64", "128x128"] @@ -155,7 +155,7 @@ If you prefer to configure the service with commandline flags you can see the av : Root path of the filesystem storage directory, defaults to `/ocis-thumbnails/` --webdavsource-baseurl -: Base url for a webdav api, defaults to `htp://localhost:9140/remote.php/webdav/` +: Base url for a webdav api, defaults to `https://localhost:9200/remote.php/webdav/` --thumbnail-resolution : List of resolutions supported by the service, defaults to `["16x16", "32x32", "64x64", "128x128"] diff --git a/pkg/flagset/flagset.go b/pkg/flagset/flagset.go index d5566b45c5..706b30d22f 100644 --- a/pkg/flagset/flagset.go +++ b/pkg/flagset/flagset.go @@ -148,7 +148,7 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag { }, &cli.StringFlag{ Name: "webdavsource-baseurl", - Value: "http://localhost:9140/remote.php/webdav/", + Value: "https://localhost:9200/remote.php/webdav/", Usage: "Base url for a webdav api", EnvVars: []string{"THUMBNAILS_WEBDAVSOURCE_BASEURL"}, Destination: &cfg.Thumbnail.WebDavSource.BaseURL, diff --git a/pkg/thumbnail/imgsource/webdav.go b/pkg/thumbnail/imgsource/webdav.go index 65ccca89a3..e5c9da6182 100644 --- a/pkg/thumbnail/imgsource/webdav.go +++ b/pkg/thumbnail/imgsource/webdav.go @@ -2,6 +2,7 @@ package imgsource import ( "context" + "crypto/tls" "fmt" "image" "net/http" @@ -27,12 +28,17 @@ type WebDav struct { func (s WebDav) Get(ctx context.Context, file string) (image.Image, error) { u, _ := url.Parse(s.baseURL) u.Path = path.Join(u.Path, file) + fmt.Printf("url: %s", u.String()) req, err := http.NewRequest(http.MethodGet, u.String(), nil) if err != nil { return nil, fmt.Errorf("could not get the image \"%s\" error: %s", file, err.Error()) } + // FIXME: make this configurable!! + http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} + auth := authorization(ctx) + fmt.Printf("auth: %s", auth) if auth == "" { return nil, fmt.Errorf("could not get image \"%s\" error: authorization is missing", file) }