kosmos/akkounts
kosmos/akkounts
8
1
Fork 0
Code Issues 19 Pull Requests 1 Actions Packages Releases 12 Activity

Respect "start_url" from manifest when launching web apps
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details

Browse Source
This commit is contained in:
Râu Cao 2023-11-20 13:30:23 +01:00
parent bdf5a18ad4
commit 9a9947f9ad
Signed by: raucao
GPG Key ID: 15E65F399D084BA9
3 changed files with 91 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/services/rs_auths_controller.rb
View File

@ -22,7 +22,7 @@ class Services::RsAuthsController < Services::BaseController
def launch_app def launch_app
auth = current_user.remote_storage_authorizations.find(params[:id]) auth = current_user.remote_storage_authorizations.find(params[:id])
launch_url = "#{auth.url}#remotestorage=#{current_user.address}&access_token=#{auth.token}" launch_url = "#{auth.launch_url}#remotestorage=#{current_user.address}&access_token=#{auth.token}"
redirect_to launch_url, allow_other_host: true redirect_to launch_url, allow_other_host: true
end end

14
app/models/remote_storage_authorization.rb
View File

@ -23,11 +23,23 @@ class RemoteStorageAuthorization < ApplicationRecord
after_destroy :remove_token_expiry_job after_destroy :remove_token_expiry_job
def url def url
# TODO use web app scope in addition to host/client_id
uri = URI.parse self.redirect_uri uri = URI.parse self.redirect_uri
"#{uri.scheme}://#{client_id}" "#{uri.scheme}://#{client_id}"
end end
def launch_url
return url unless web_app && web_app.metadata[:start_url].present?
start_url = web_app.metadata[:start_url]
if start_url.match("^https?:\/\/")
return start_url.start_with?(url) ? start_url : url
else
path = start_url.gsub(/^\.\.\//, "").gsub(/^\.\//, "").gsub(/^\//, "")
"#{url}/#{path}"
end
end
def delete_token_from_redis def delete_token_from_redis
key = "authorizations:#{user.cn}:#{token}" key = "authorizations:#{user.cn}:#{token}"
redis.srem? key, redis.smembers(key) redis.srem? key, redis.smembers(key)

83
spec/models/remote_storage_authorization_spec.rb
View File

@ -84,8 +84,7 @@ RSpec.describe RemoteStorageAuthorization, type: :model do
user.remote_storage_authorizations.create!( user.remote_storage_authorizations.create!(
permissions: %w(documents:rw), permissions: %w(documents:rw),
client_id: "example.com", client_id: "example.com",
redirect_uri: "https://example.com", redirect_uri: "https://example.com"
expire_at: 1.month.from_now
) )
end end
@ -101,8 +100,7 @@ RSpec.describe RemoteStorageAuthorization, type: :model do
user.remote_storage_authorizations.create!( user.remote_storage_authorizations.create!(
permissions: %w(documents photos contacts:rw videos:r tasks/work:r), permissions: %w(documents photos contacts:rw videos:r tasks/work:r),
client_id: "example.com", client_id: "example.com",
redirect_uri: "https://example.com", redirect_uri: "https://example.com"
expire_at: 1.month.from_now
) )
end end
@ -110,8 +108,7 @@ RSpec.describe RemoteStorageAuthorization, type: :model do
user_2.remote_storage_authorizations.create!( user_2.remote_storage_authorizations.create!(
permissions: %w(documents photos contacts:rw videos:r tasks/work:r), permissions: %w(documents photos contacts:rw videos:r tasks/work:r),
client_id: "example.com", client_id: "example.com",
redirect_uri: "https://example.com", redirect_uri: "https://example.com"
expire_at: 1.month.from_now
) )
end end
@ -174,6 +171,80 @@ RSpec.describe RemoteStorageAuthorization, type: :model do
end end
end end
describe "#launch_url" do
after(:all) { redis_rs_delete_keys("authorizations:*") }
context "without start URL" do
before do
AppCatalog::WebApp.create!(
url: "https://webmarks.5apps.com", name: "Webmarks",
metadata: { name: "Webmarks", start_url: nil, scope: nil }
)
end
let(:auth) do
user.remote_storage_authorizations.create!(
permissions: %w(bookmarks:rw), client_id: "webmarks.5apps.com",
redirect_uri: "https://webmarks.5apps.com/connect"
)
end
it "uses the base URL (from client ID)" do
expect(auth.launch_url).to eq("https://webmarks.5apps.com")
end
end
context "with start URL" do
before do
AppCatalog::WebApp.create!(
url: "https://hyperdraft.rosano.ca", name: "Hyperdraft",
metadata: {
name: "Hyperdraft", scope: nil,
start_url: "https://hyperdraft.rosano.ca/start"
}
)
end
let(:auth) do
user.remote_storage_authorizations.create!(
permissions: %w(notes:rw), client_id: "hyperdraft.rosano.ca",
redirect_uri: "https://hyperdraft.rosano.ca/write/foo"
)
end
describe "full URL" do
it "respects the start URL" do
expect(auth.launch_url).to eq("https://hyperdraft.rosano.ca/start")
end
it "does not respect URLs outside of the client ID scope" do
auth.web_app.metadata[:start_url] = "https://uberdraft.rosano.ca/write"
expect(auth.launch_url).to eq("https://hyperdraft.rosano.ca")
end
end
describe "relative paths" do
it "includes the path relative from the base URL" do
auth.web_app.metadata[:start_url] = "start.html"
expect(auth.launch_url).to eq("https://hyperdraft.rosano.ca/start.html")
auth.web_app.metadata[:start_url] = "./start.html"
expect(auth.launch_url).to eq("https://hyperdraft.rosano.ca/start.html")
auth.web_app.metadata[:start_url] = "../start.html"
expect(auth.launch_url).to eq("https://hyperdraft.rosano.ca/start.html")
end
end
describe "absolute path" do
it "includes the path relative from the base URL" do
auth.web_app.metadata[:start_url] = "/write"
expect(auth.launch_url).to eq("https://hyperdraft.rosano.ca/write")
end
end
end
end
# describe "auth notifications" do # describe "auth notifications" do
# context "with auth notifications enabled" do # context "with auth notifications enabled" do
# before do # before do