mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-06 04:09:40 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix wopi access to publicly shared files

Browse Source
This commit is contained in:
David Christofas
2022-09-21 17:11:26 +02:00
parent 131988ac6a
commit 20026faac2
4 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
services/proxy/pkg/middleware/public_share_auth.go
View File

@@ -38,9 +38,18 @@ func isPublicShareArchive(r *http.Request) bool {
return false
}
// The app open requests can be made in public share contexts. For that the PublicShareAuthenticator needs to
// augment the request context.
// The app open requests can also be made in authenticated context. In these cases the PublicShareAuthenticator
// needs to ignore the request.
func isPublicShareAppOpen(r *http.Request) bool {
return strings.HasPrefix(r.URL.Path, "/app/open") &&
(r.URL.Query().Get(headerShareToken) != "" || r.Header.Get(headerShareToken) != "")
}
// Authenticate implements the authenticator interface to authenticate requests via public share auth.
func (a PublicShareAuthenticator) Authenticate(r *http.Request) (*http.Request, bool) {
if !isPublicPath(r.URL.Path) && !isPublicShareArchive(r) {
if !isPublicPath(r.URL.Path) && !isPublicShareArchive(r) && !isPublicShareAppOpen(r) {
return nil, false
}