amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-02-17 07:33:57 +00:00
Code Issues Projects Releases Wiki Activity

add openid auth bearer

Browse Source
This commit is contained in:
Hivert Quentin
2025-06-11 12:52:26 +02:00
parent b5deb663ad
commit 1a8273ead5
3 changed files with 82 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
API/SOGoAPIDispatcher.m
View File

@@ -31,48 +31,21 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#include "SOGoAPIDispatcher.h" #include "SOGoAPIDispatcher.h"
#import <Foundation/NSAutoreleasePool.h> #import <Foundation/NSAutoreleasePool.h>
#import <Foundation/NSProcessInfo.h>
#import <Foundation/NSTimeZone.h>
#import <Foundation/NSURL.h>
#import <Foundation/NSValue.h>
#import <NGObjWeb/NSException+HTTP.h> #import <NGObjWeb/NSException+HTTP.h>
#import <NGObjWeb/SoPermissions.h>
#import <NGObjWeb/SoSecurityManager.h>
#import <NGObjWeb/WOContext+SoObjects.h> #import <NGObjWeb/WOContext+SoObjects.h>
#import <NGObjWeb/WOCoreApplication.h> #import <NGObjWeb/WOCoreApplication.h>
#import <NGObjWeb/SoHTTPAuthenticator.h>
#import <NGCards/iCalCalendar.h>
#import <NGCards/iCalEvent.h>
#import <NGCards/iCalAlarm.h>
#import <NGCards/iCalPerson.h>
#import <NGExtensions/NGBase64Coding.h>
#import <NGExtensions/NSCalendarDate+misc.h>
#import <NGExtensions/NGCalendarDateRange.h>
#import <NGExtensions/NGHashMap.h>
#import <NGExtensions/NSObject+Logs.h> #import <NGExtensions/NSObject+Logs.h>
#import <NGExtensions/NSString+misc.h> #import <NGExtensions/NSString+misc.h>
#import <NGExtensions/NSString+Encoding.h> #import <NGExtensions/NSString+Encoding.h>
#import <SOGo/NSArray+DAV.h>
#import <SOGo/NSDictionary+DAV.h>
#import <SOGo/SOGoCache.h>
#import <SOGo/SOGoCacheGCSObject.h>
#import <SOGo/SOGoMailer.h>
#import <SOGo/SOGoSystemDefaults.h> #import <SOGo/SOGoSystemDefaults.h>
#import <SOGo/SOGoUser.h> #import <SOGo/SOGoUser.h>
#import <SOGo/SOGoUserFolder.h>
#import <SOGo/SOGoUserManager.h> #import <SOGo/SOGoUserManager.h>
#import <SOGo/GCSSpecialQueries+SOGoCacheObject.h>
#import <SOGo/NSString+Utilities.h> #import <SOGo/NSString+Utilities.h>
#import <SOGo/WORequest+SOGo.h> #import <SOGo/WORequest+SOGo.h>
#import <SOGo/WOResponse+SOGo.h> #import <SOGo/WOResponse+SOGo.h>
#import <SOGo/NSArray+Utilities.h> #import <SOGo/NSArray+Utilities.h>
#import <SOGo/NSString+Utilities.h> #import <SOGo/NSString+Utilities.h>
#import <SOGo/SOGoPermissions.h> #import <SOGo/SOGoOpenIdSession.h>
void handle_api_terminate(int signum) void handle_api_terminate(int signum)
@@ -206,6 +179,39 @@ void handle_api_terminate(int signum)
return user; return user;
} }
- (NSDictionary *) _authOpenId: (NSString *) auth withDomain: (NSString *) domain
{
NSDictionary *user;
NSString *token, *login;
SOGoOpenIdSession *openIdSession;
SOGoUserManager *lm;
user = nil;
token = [[auth substringFromIndex:6] stringByTrimmingLeadWhiteSpaces];
openIdSession = [SOGoOpenIdSession OpenIdSession: domain];
if(![openIdSession sessionIsOk])
{
[self errorWithFormat: @"API - OpenId server not found or has unexpected behavior, contact your admin."];
return nil;
}
[openIdSession setAccessToken: token];
login = [openIdSession login: @""];
if(login && ![login isEqualToString: @"anonymous"])
{
//Fecth user info
lm = [SOGoUserManager sharedUserManager];
user = [lm contactInfosForUserWithUIDorEmail: login];
}
else
user = nil;
return user;
}
- (NSException *) dispatchRequest: (WORequest*) theRequest - (NSException *) dispatchRequest: (WORequest*) theRequest
inResponse: (WOResponse*) theResponse inResponse: (WOResponse*) theResponse
context: (id) theContext context: (id) theContext
@@ -323,8 +329,9 @@ void handle_api_terminate(int signum)
} }
else if([[auth lowercaseString] hasPrefix: @"bearer"]) else if([[auth lowercaseString] hasPrefix: @"bearer"])
{ {
//openid auth //openid auth, we may need to know the user-domain to know which openid server to fetch
NSString *domain = [theRequest headerForKey: @"user-domain"];
user = [self _authOpenId: auth withDomain: domain];
} }
else else
{ {

77
API/SOGoAPIUserFolder.m
View File

@@ -23,54 +23,51 @@
- (NSDictionary *) action: (WOContext*) ctx withParam: (NSDictionary *) param - (NSDictionary *) action: (WOContext*) ctx withParam: (NSDictionary *) param
{ {
/* NSDictionary* result;
Coté sogo, il faudrait un endpoint API qui retourne tous les liens caldav/cardav + leur nom lisible de lutilisateur. NSArray *folders;
*/ NSMutableArray *cardavLinks, *caldavLinks;
NSDictionary* result; NSString *serverUrl, *basePath, *c_uid, *url;
NSArray *folders; GCSFolderManager *fm;
NSMutableArray *cardavLinks, *caldavLinks; int max, i;
NSString *serverUrl, *basePath, *c_uid, *url;
GCSFolderManager *fm;
int max, i;
//Should be a user //Should be a user
c_uid = [[[param objectForKey: @"user"] objectForKey: @"emails"] objectAtIndex: 0]; c_uid = [[[param objectForKey: @"user"] objectForKey: @"emails"] objectAtIndex: 0];
//fetch folders //fetch folders
fm = [GCSFolderManager defaultFolderManager]; fm = [GCSFolderManager defaultFolderManager];
basePath = [NSString stringWithFormat: @"/Users/%@", c_uid]; basePath = [NSString stringWithFormat: @"/Users/%@", c_uid];
folders = [fm listSubFoldersAtPath: basePath recursive: YES]; folders = [fm listSubFoldersAtPath: basePath recursive: YES];
//Generate dav link //Generate dav link
max = [folders count]; max = [folders count];
serverUrl = [[ctx serverURL] absoluteString]; serverUrl = [[ctx serverURL] absoluteString];
cardavLinks = [NSMutableArray array]; cardavLinks = [NSMutableArray array];
caldavLinks = [NSMutableArray array]; caldavLinks = [NSMutableArray array];
serverUrl = [[ctx serverURL] absoluteString]; serverUrl = [[ctx serverURL] absoluteString];
for (i = 0; i < max; i++) for (i = 0; i < max; i++)
{
url = [NSString stringWithFormat: @"%@/SOGo/dav/%@/%@", serverUrl, c_uid, [folders objectAtIndex: i]];
if([url rangeOfString:@"/Calendar/"].location == NSNotFound)
{ {
//Contacts url = [NSString stringWithFormat: @"%@/SOGo/dav/%@/%@", serverUrl, c_uid, [folders objectAtIndex: i]];
[cardavLinks addObject: url]; if([url rangeOfString:@"/Calendar/"].location == NSNotFound)
{
//Contacts
[cardavLinks addObject: url];
}
else
{
//Calendar
[caldavLinks addObject: url];
}
} }
else
{
//Calendar
[caldavLinks addObject: url];
}
}
result = [[NSDictionary alloc] initWithObjectsAndKeys: result = [[NSDictionary alloc] initWithObjectsAndKeys:
c_uid, @"username", c_uid, @"username",
cardavLinks, @"contact", cardavLinks, @"contact",
caldavLinks, @"calendar", caldavLinks, @"calendar",
nil]; nil];
[result autorelease]; [result autorelease];
return result; return result;
} }

9
SoObjects/SOGo/SOGoOpenIdSession.m
View File

@@ -54,6 +54,13 @@ static BOOL SOGoOpenIDDebugEnabled = YES;
return NO; return NO;
} }
sd = [SOGoSystemDefaults sharedSystemDefaults]; sd = [SOGoSystemDefaults sharedSystemDefaults];
if(![[sd authenticationType] isEqualToString: @"openid"])
{
[self errorWithFormat: @"Sogo SOGoAuthenticationType is not openid"];
return NO;
}
return ([sd openIdConfigUrl] && [sd openIdScope] && [sd openIdClient] && [sd openIdClientSecret]); return ([sd openIdConfigUrl] && [sd openIdScope] && [sd openIdClient] && [sd openIdClientSecret]);
} }
@@ -120,7 +127,7 @@ static BOOL SOGoOpenIDDebugEnabled = YES;
} }
else else
{ {
[self errorWithFormat: @"Missing parameters from sogo.conf"]; [self errorWithFormat: @"LoginTypebyDOmain - Openid not found or missing parameters for domain", _domain];
} }
} }
else if ([[self class] checkUserConfig]) else if ([[self class] checkUserConfig])