mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-31 09:21:18 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4631 from owncloud/wopi-public-shares

Browse Source 
fix wopi access to publicly shared files
This commit is contained in:
David Christofas
2022-09-22 11:13:15 +02:00
committed by GitHub
parent 131988ac6a 20026faac2
commit 91c2dad034
4 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
changelog/unreleased/wopi-public-share.md Normal file
View File

@@ -0,0 +1,6 @@
Bugfix: Fix wopi access to public shares
I've added a request check to the public share authenticator middleware to allow wopi to access public shares.
https://github.com/owncloud/ocis/pull/4631
https://github.com/owncloud/ocis/issues/4382

2
go.mod
View File

@@ -12,7 +12,7 @@ require (
github.com/blevesearch/bleve_index_api v1.0.3
github.com/coreos/go-oidc/v3 v3.4.0
github.com/cs3org/go-cs3apis v0.0.0-20220818202316-e92afdddac6d
github.com/cs3org/reva/v2 v2.10.1-0.20220921105358-a098879574c0
github.com/cs3org/reva/v2 v2.10.1-0.20220921203558-038b633f66ad
github.com/disintegration/imaging v1.6.2
github.com/ggwhite/go-masker v1.0.9
github.com/go-chi/chi/v5 v5.0.7

4
go.sum
View File

@@ -292,8 +292,8 @@ github.com/crewjam/saml v0.4.6 h1:XCUFPkQSJLvzyl4cW9OvpWUbRf0gE7VUpU8ZnilbeM4=
github.com/crewjam/saml v0.4.6/go.mod h1:ZBOXnNPFzB3CgOkRm7Nd6IVdkG+l/wF+0ZXLqD96t1A=
github.com/cs3org/go-cs3apis v0.0.0-20220818202316-e92afdddac6d h1:toyZ7IsXlUdEPZ/IG8fg7hbM8HcLPY0bkX4FKBmgLVI=
github.com/cs3org/go-cs3apis v0.0.0-20220818202316-e92afdddac6d/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
github.com/cs3org/reva/v2 v2.10.1-0.20220921105358-a098879574c0 h1:imOxcw4kha2WlNGOyBN7FbiAL4zQSlrdeqaNh5ZbeJ4=
github.com/cs3org/reva/v2 v2.10.1-0.20220921105358-a098879574c0/go.mod h1:+BYVpRV8g1hL8wF3+3BunL9BKPsXVyJYmH8COxq/V7Y=
github.com/cs3org/reva/v2 v2.10.1-0.20220921203558-038b633f66ad h1:ug56A+3gPrzBaR1hyKj93vJ+CSZjMx80I8WBourC3a0=
github.com/cs3org/reva/v2 v2.10.1-0.20220921203558-038b633f66ad/go.mod h1:+BYVpRV8g1hL8wF3+3BunL9BKPsXVyJYmH8COxq/V7Y=
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI=
github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY=
github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=

11
services/proxy/pkg/middleware/public_share_auth.go
View File

@@ -38,9 +38,18 @@ func isPublicShareArchive(r *http.Request) bool {
return false
}
// The app open requests can be made in public share contexts. For that the PublicShareAuthenticator needs to
// augment the request context.
// The app open requests can also be made in authenticated context. In these cases the PublicShareAuthenticator
// needs to ignore the request.
func isPublicShareAppOpen(r *http.Request) bool {
return strings.HasPrefix(r.URL.Path, "/app/open") &&
(r.URL.Query().Get(headerShareToken) != "" || r.Header.Get(headerShareToken) != "")
}
// Authenticate implements the authenticator interface to authenticate requests via public share auth.
func (a PublicShareAuthenticator) Authenticate(r *http.Request) (*http.Request, bool) {
if !isPublicPath(r.URL.Path) && !isPublicShareArchive(r) {
if !isPublicPath(r.URL.Path) && !isPublicShareArchive(r) && !isPublicShareAppOpen(r) {
return nil, false
}