Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix flow #6879

Closed
wants to merge 3 commits into from
Closed

Fix flow #6879

wants to merge 3 commits into from

Conversation

mario
Copy link
Contributor

@mario mario commented Oct 19, 2017

This fixes the new authentication flow as in:

  • puts the protocol in the returned server url
  • puts the proper path in the returned server url

@mario
Try
b19f7b3 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
@mario
Fix path generation
276126c 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
nickvergessen
nickvergessen reviewed Oct 19, 2017
View reviewed changes
tests/Core/Controller/ClientFlowLoginControllerTest.php Outdated
@@ -428,7 +428,7 @@ public function testGeneratePasswordWithPassword() {
->method('getServerHost')
->willReturn('example.com');

$expected = new Http\RedirectResponse('nc://login/server:example.com&user:MyLoginName&password:MyGeneratedToken');
$expected = new Http\RedirectResponse('nc://login/http://server:example.com&user:MyLoginName&password:MyGeneratedToken');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'nc://login/server:http:// cough

nickvergessen
nickvergessen reviewed Oct 19, 2017
View reviewed changes
tests/Core/Controller/ClientFlowLoginControllerTest.php Outdated

$expected = new Http\RedirectResponse('nc://login/server:example.com&user:MyLoginName&password:MyGeneratedToken');
$expected = new Http\RedirectResponse('nc://login/http://server:example.com&user:MyLoginName&password:MyGeneratedToken');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here

@mario
Fix bugs
9064166 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
@mario
Copy link
Contributor Author

mario commented Oct 19, 2017

@nickvergessen fixed

@mario
Copy link
Contributor Author

mario commented Oct 19, 2017

I tested, it works, but I don't know if tests work xD

nickvergessen
nickvergessen requested changes Oct 19, 2017
View reviewed changes
tests/Core/Controller/ClientFlowLoginControllerTest.php
@@ -161,7 +161,7 @@ public function testShowAuthPickerPageWithOcsHeader() {
$this->request
->expects($this->once())
->method('getServerHost')
->willReturn('example.com');
->willReturn('http://example.com');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is cheating? make sure it actually calls getServerProtocol ?!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hm actually wouldnt it return example.com? Since it's just getServerHost ... Tests need better thinking xD

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done!

@codecov
Copy link

codecov bot commented Oct 19, 2017
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@989a8a3). Click here to learn what that means.
The diff coverage is 0%.

@@            Coverage Diff            @@
##             master    #6879   +/-   ##
=========================================
  Coverage          ?   34.68%           
  Complexity        ?    24299           
=========================================
  Files             ?     1577           
  Lines             ?    92928           
  Branches          ?     1359           
=========================================
  Hits              ?    32235           
  Misses            ?    60693           
  Partials          ?        0
Impacted Files Coverage Δ Complexity Δ
core/Controller/ClientFlowLoginController.php 0% <0%> (ø) 22 <0> (?)

@mario
Copy link
Contributor Author

mario commented Oct 19, 2017

Can we get this in 12 as well? It's important ...

@mario
Copy link
Contributor Author

mario commented Oct 19, 2017

@nickvergessen all should be fixed.

@rullzer
Copy link
Member

rullzer commented Oct 19, 2017

Why do we need this?

I think we should only allow the new flow with https.

If that can't be then just first try https and if that fails http.

Also. The user already entered an url with protocol to get to this stage. Can't you just fetch the protocol from the url entered?

@mario
Copy link
Contributor Author

mario commented Oct 19, 2017

a) I don't want to guess (possible two network queries instead of one)
b) We could use the initially entered protocol, but I'd still prefer to have it returned (I trust the server more than I do the client)
c) This makes it possible to use subfolders (example.com/nextcloud) whereas it wouldn't work with the original flow

Also, while allowing all this only with HTTPS is a noble idea, reality is different :)

rullzer
rullzer reviewed Oct 23, 2017
View reviewed changes
core/Controller/ClientFlowLoginController.php
@@ -302,7 +302,8 @@ public function generateAppPassword($stateToken,
);
$this->session->remove('oauth.state');
} else {
$redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
$serverPath = $this->request->getServerProtocol() . "://" . $this->request->getServerHost() . substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), "/index.php"));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This won't work if you have pretty urls. Since then you don't have index.php

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you have an alternative suggestion? Even on Android for login flow we always use index.php.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got an idea. Testing.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added support for pretty urls.

nickvergessen
nickvergessen reviewed Nov 1, 2017
View reviewed changes
core/Controller/ClientFlowLoginController.php Outdated
@@ -302,7 +302,16 @@ public function generateAppPassword($stateToken,
);
$this->session->remove('oauth.state');
} else {
$redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
$serverPostfix = "";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use single quotes

nickvergessen
nickvergessen reviewed Nov 1, 2017
View reviewed changes
core/Controller/ClientFlowLoginController.php Outdated
$serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), "/login/flow"));
}

$serverPath = $this->request->getServerProtocol() . "://" . $this->request->getServerHost() . $serverPostfix;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

single quotes

nickvergessen
nickvergessen reviewed Nov 1, 2017
View reviewed changes
core/Controller/ClientFlowLoginController.php Outdated
$serverPostfix = "";

if (strpos($this->request->getRequestUri(), '/index.php') !== false) {
$serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), "/index.php"));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here and below

@nickvergessen nickvergessen added the 3. to review Waiting for reviews label Nov 1, 2017
@nickvergessen
Copy link
Member

Should we merge this then? Or does it break existing stuff etc?

@mario
Copy link
Contributor Author

mario commented Nov 8, 2017

@nickvergessen updated.

@MorrisJobke
Copy link
Member

Conflict :/

@mario mario closed this Nov 8, 2017
@mario mario deleted the fix-flow branch November 8, 2017 23:23
@mario mario restored the fix-flow branch November 8, 2017 23:24
@mario mario reopened this Nov 8, 2017
@mario mario closed this Nov 8, 2017
@mario mario deleted the fix-flow branch November 8, 2017 23:28
@mario mario mentioned this pull request Nov 8, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rullzer rullzer rullzer left review comments

@nickvergessen nickvergessen nickvergessen requested changes

@LukasReschke LukasReschke Awaiting requested review from LukasReschke

Assignees
No one assigned
Labels
3. to review Waiting for reviews
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mario @rullzer @nickvergessen @MorrisJobke