fix: check for more errors, remove obsolete code and encode user ids

2026-01-06 20:29:54 -06:00 · 2024-03-12 18:08:29 +01:00
parent 1714eacbf0
commit 14f76519b0
4 changed files with 21 additions and 15 deletions
--- a/services/collaboration/pkg/command/server.go
+++ b/services/collaboration/pkg/command/server.go
@@ -65,8 +65,7 @@ func Server(cfg *config.Config) *cli.Command {
 				if err != nil {
 					return err
 				}
-				grpcServer.Serve(l)
-				return nil
+				return grpcServer.Serve(l)
 			},
 				func(_ error) {
 					logger.Error().
--- a/services/collaboration/pkg/internal/app/app.go
+++ b/services/collaboration/pkg/internal/app/app.go
@@ -15,12 +15,10 @@ import (
 	"github.com/gofrs/uuid"
 	"github.com/owncloud/ocis/v2/ocis-pkg/config/envdecode"
 	"github.com/owncloud/ocis/v2/ocis-pkg/registry"
-	"google.golang.org/grpc"
 )

 type DemoApp struct {
-	gwc        gatewayv1beta1.GatewayAPIClient
-	grpcServer *grpc.Server
+	gwc gatewayv1beta1.GatewayAPIClient

 	AppURLs map[string]map[string]string

--- a/services/collaboration/pkg/internal/app/wopicontext.go
+++ b/services/collaboration/pkg/internal/app/wopicontext.go
@@ -33,7 +33,6 @@ func WopiContextAuthMiddleware(app *DemoApp, next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		accessToken := r.URL.Query().Get("access_token")
 		if accessToken == "" {
-			fmt.Println("wopicontext", "accesstoken empty")
 			http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
 			return
 		}
@@ -49,13 +48,11 @@ func WopiContextAuthMiddleware(app *DemoApp, next http.Handler) http.Handler {
 		})

 		if err != nil {
-			fmt.Println("wopicontext", err)
 			http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
 			return
 		}

 		if err := claims.Valid(); err != nil {
-			fmt.Println("wopicontext", err)
 			http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
 			return
 		}
@@ -64,7 +61,6 @@ func WopiContextAuthMiddleware(app *DemoApp, next http.Handler) http.Handler {

 		wopiContextAccessToken, err := DecryptAES([]byte(app.Config.JWTSecret), claims.WopiContext.AccessToken)
 		if err != nil {
-			fmt.Println("wopicontext", err)
 			http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
 			return
 		}
--- a/services/collaboration/pkg/internal/app/wopiinfo.go
+++ b/services/collaboration/pkg/internal/app/wopiinfo.go
@@ -1,6 +1,7 @@
 package app

 import (
+	"encoding/hex"
 	"encoding/json"
 	"net/http"
 	"path"
@@ -51,7 +52,8 @@ func CheckFileInfo(app *DemoApp, w http.ResponseWriter, r *http.Request) {
 	}

 	fileInfo := FileInfo{
-		OwnerID:           statRes.Info.Owner.OpaqueId + "@" + statRes.Info.Owner.Idp,
+		// OwnerID must use only alphanumeric chars (https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/rest/files/checkfileinfo/checkfileinfo-response#requirements-for-user-identity-properties)
+		OwnerID:           hex.EncodeToString([]byte(statRes.Info.Owner.OpaqueId + "@" + statRes.Info.Owner.Idp)),
 		Size:              int64(statRes.Info.Size),
 		Version:           statRes.Info.Mtime.String(),
 		BaseFileName:      path.Base(statRes.Info.Path),
@@ -90,10 +92,11 @@ func CheckFileInfo(app *DemoApp, w http.ResponseWriter, r *http.Request) {
 	// user logic from reva wopi driver #TODO: refactor
 	var isPublicShare bool = false
 	if wopiContext.User != nil {
+		// UserID must use only alphanumeric chars (https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/rest/files/checkfileinfo/checkfileinfo-response#requirements-for-user-identity-properties)
 		if wopiContext.User.Id.Type == userv1beta1.UserType_USER_TYPE_LIGHTWEIGHT {
-			fileInfo.UserID = statRes.Info.Owner.OpaqueId + "@" + statRes.Info.Owner.Idp
+			fileInfo.UserID = hex.EncodeToString([]byte(statRes.Info.Owner.OpaqueId + "@" + statRes.Info.Owner.Idp))
 		} else {
-			fileInfo.UserID = wopiContext.User.Id.OpaqueId + "@" + wopiContext.User.Id.Idp
+			fileInfo.UserID = hex.EncodeToString([]byte(wopiContext.User.Id.OpaqueId + "@" + wopiContext.User.Id.Idp))
 		}

 		if wopiContext.User.Opaque != nil {
@@ -103,12 +106,12 @@ func CheckFileInfo(app *DemoApp, w http.ResponseWriter, r *http.Request) {
 		}
 		if !isPublicShare {
 			fileInfo.UserFriendlyName = wopiContext.User.Username
-			fileInfo.UserID = wopiContext.User.Id.OpaqueId + "@" + wopiContext.User.Id.Idp
+			fileInfo.UserID = hex.EncodeToString([]byte(wopiContext.User.Id.OpaqueId + "@" + wopiContext.User.Id.Idp))
 		}
 	}
 	if wopiContext.User == nil || isPublicShare {
 		randomID, _ := uuid.NewUUID()
-		fileInfo.UserID = "guest-" + randomID.String()
+		fileInfo.UserID = hex.EncodeToString([]byte("guest-" + randomID.String()))
 		fileInfo.UserFriendlyName = "Guest " + randomID.String()
 		fileInfo.IsAnonymousUser = true
 	}
@@ -132,6 +135,16 @@ func CheckFileInfo(app *DemoApp, w http.ResponseWriter, r *http.Request) {
 		Msg("CheckFileInfo: success")

 	w.Header().Set("Content-Type", "application/json")
-	w.Write(jsonFileInfo)
 	w.WriteHeader(http.StatusOK)
+	bytes, err := w.Write(jsonFileInfo)
+	if err != nil {
+		app.Logger.Error().
+			Err(err).
+			Str("FileReference", wopiContext.FileReference.String()).
+			Str("ViewMode", wopiContext.ViewMode.String()).
+			Str("Requester", wopiContext.User.GetId().String()).
+			Int("TotalBytes", len(jsonFileInfo)).
+			Int("WrittenBytes", bytes).
+			Msg("CheckFileInfo: failed to write contents in the HTTP response")
+	}
 }