private static string GetFileStreamUrl(string fileId)
{
Global.Logger.Debug("GoogleDriveApp: get file stream url " + fileId);
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(ThirdPartyAppHandler.HandlerPath));
if (uriBuilder.Uri.IsLoopback)
{
uriBuilder.Host = Dns.GetHostName();
}
var query = uriBuilder.Query;
query += FilesLinkUtility.Action + "=stream&";
query += FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(fileId) + "&";
query += CommonLinkUtility.ParamName_UserUserID + "=" + HttpUtility.UrlEncode(SecurityContext.CurrentAccount.ID.ToString()) + "&";
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(fileId + SecurityContext.CurrentAccount.ID) + "&";
query += ThirdPartySelector.AppAttr + "=" + AppAttr;
return(uriBuilder.Uri + "?" + query);
}
private void DownloadFile(int attachmentId, HttpContext context)
{
var mailBoxManager = new MailBoxManager();
var auth = context.Request[FilesLinkUtility.AuthKey];
var openTempStream = false;
if (!string.IsNullOrEmpty(auth))
{
var stream = context.Request.QueryString["stream"];
if (!string.IsNullOrEmpty(stream))
{
int validateTimespan;
int.TryParse(WebConfigurationManager.AppSettings["files.stream-url-minute"], out validateTimespan);
if (validateTimespan <= 0)
{
validateTimespan = 5;
}
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(attachmentId + stream, auth, TimeSpan.FromMinutes(validateTimespan));
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
{
var exc = new HttpException((int)HttpStatusCode.Forbidden, "You don't have enough permission to perform the operation");
//Global.Logger.Error(string.Format("{0} {1}: {2}", CommonLinkUtility.AuthKey, validateResult, context.Request.Url), exc);
throw exc;
}
openTempStream = true;
}
}
using (var file = openTempStream
? mailBoxManager.GetAttachmentStream(attachmentId, TenantId)
: mailBoxManager.GetAttachmentStream(attachmentId, TenantId, Username))
{
context.Response.AddHeader("Content-Disposition", ContentDispositionUtil.GetHeaderValue(file.FileName));
file.FileStream.StreamCopyTo(context.Response.OutputStream);
}
}
public DocumentServiceTrackerHelper(
SecurityContext securityContext,
UserManager userManager,
TenantManager tenantManager,
FilesLinkUtility filesLinkUtility,
EmailValidationKeyProvider emailValidationKeyProvider,
BaseCommonLinkUtility baseCommonLinkUtility,
SocketManager socketManager,
GlobalStore globalStore,
DisplayUserSettingsHelper displayUserSettingsHelper,
IDaoFactory daoFactory,
IOptionsMonitor <ILog> options,
DocumentServiceHelper documentServiceHelper,
EntryManager entryManager,
FileShareLink fileShareLink,
FilesMessageService filesMessageService,
DocumentServiceConnector documentServiceConnector,
NotifyClient notifyClient,
MailMergeTaskRunner mailMergeTaskRunner,
FileTrackerHelper fileTracker)
{
SecurityContext = securityContext;
UserManager = userManager;
TenantManager = tenantManager;
FilesLinkUtility = filesLinkUtility;
EmailValidationKeyProvider = emailValidationKeyProvider;
BaseCommonLinkUtility = baseCommonLinkUtility;
SocketManager = socketManager;
GlobalStore = globalStore;
DisplayUserSettingsHelper = displayUserSettingsHelper;
DaoFactory = daoFactory;
DocumentServiceHelper = documentServiceHelper;
EntryManager = entryManager;
FileShareLink = fileShareLink;
FilesMessageService = filesMessageService;
DocumentServiceConnector = documentServiceConnector;
NotifyClient = notifyClient;
MailMergeTaskRunner = mailMergeTaskRunner;
FileTracker = fileTracker;
Logger = options.CurrentValue;
}
public static string GetPreSignedUri(int fileId, int tenant, string user, string stream, int fileNumber, string fileName)
{
//TODO: Move url to config;
const string attachmentPath = "/addons/mail/httphandlers/download.ashx";
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(attachmentPath));
if (uriBuilder.Uri.IsLoopback)
{
uriBuilder.Host = Dns.GetHostName();
}
var query = uriBuilder.Query;
query += "attachid=" + fileId + "&";
query += "stream=" + stream + "&";
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(fileId + stream);
var url = uriBuilder.Uri + "?" + query;
return(url);
}
public StorageSettingsHelper(
BaseStorageSettingsListener baseStorageSettingsListener,
StorageFactoryConfig storageFactoryConfig,
PathUtils pathUtils,
EmailValidationKeyProvider emailValidationKeyProvider,
ICacheNotify <DataStoreCacheItem> cache,
IOptionsMonitor <ILog> options,
TenantManager tenantManager,
SettingsManager settingsManager,
IHttpContextAccessor httpContextAccessor)
{
BaseStorageSettingsListener = baseStorageSettingsListener;
StorageFactoryConfig = storageFactoryConfig;
PathUtils = pathUtils;
EmailValidationKeyProvider = emailValidationKeyProvider;
Cache = cache;
Options = options;
TenantManager = tenantManager;
SettingsManager = settingsManager;
HttpContextAccessor = httpContextAccessor;
}
public string GetFileChangesUrl <T>(File <T> file, string doc = null)
{
if (file == null)
{
throw new ArgumentNullException("file", FilesCommonResource.ErrorMassage_FileNotFound);
}
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(FilesLinkUtility.FileHandlerPath));
var query = uriBuilder.Query;
query += $"{FilesLinkUtility.Action}=diff&";
query += $"{FilesLinkUtility.FileId}={HttpUtility.UrlEncode(file.ID.ToString())}&";
query += $"{FilesLinkUtility.Version}={file.Version}&";
query += $"{FilesLinkUtility.AuthKey}={EmailValidationKeyProvider.GetEmailKey(file.ID + file.Version.ToString(CultureInfo.InvariantCulture))}";
if (!string.IsNullOrEmpty(doc))
{
query += $"&{FilesLinkUtility.DocShareKey}={HttpUtility.UrlEncode(doc)}";
}
return($"{uriBuilder.Uri}?{query}");
}
public AuthenticationController(
UserManager userManager,
TenantManager tenantManager,
SecurityContext securityContext,
TenantCookieSettingsHelper tenantCookieSettingsHelper,
EmailValidationKeyProvider emailValidationKeyProvider,
AuthContext authContext,
AuthManager authManager,
CookiesManager cookiesManager,
PasswordHasher passwordHasher)
{
UserManager = userManager;
TenantManager = tenantManager;
SecurityContext = securityContext;
TenantCookieSettingsHelper = tenantCookieSettingsHelper;
EmailValidationKeyProvider = emailValidationKeyProvider;
AuthContext = authContext;
AuthManager = authManager;
CookiesManager = cookiesManager;
PasswordHasher = passwordHasher;
}
private void ProcessSmsValidation(UserTransferData uData)
{
var smsAuthSettings = SettingsManager.Instance.LoadSettings <StudioSmsNotificationSettings>(TenantProvider.CurrentTenantID);
if (smsAuthSettings.Enable && SetupInfo.IsVisibleSettings <StudioSmsNotificationSettings>())
{
var confKey = CookiesManager.GetCookies(CookiesType.ConfKey);
var activated = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).MobilePhoneActivationStatus;
if (!String.IsNullOrEmpty(confKey) && EmailValidationKeyProvider.ValidateEmailKey(CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID).Email, confKey, TimeSpan.FromDays(30)) == EmailValidationKeyProvider.ValidationResult.Ok)
{
return;
}
uData.MobilePhoneActivationStatus = activated;
uData.ValidationKey = EmailValidationKeyProvider.GetEmailKey(GetEmailKey(uData, activated));
Session["UserTransferData"] = uData;
ProcessLogout();
Response.Redirect(String.Format("~/Confirm.aspx?type={0}", activated == MobilePhoneActivationStatus.Activated ? ConfirmType.PhoneAuth : ConfirmType.PhoneActivation));
}
}
public static string GetLicenseUrl(File file)
{
if (!CoreContext.Configuration.Standalone)
{
return(string.Empty);
}
if (file == null)
{
return(string.Empty);
}
//NOTE: Always build path to handler!
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(FilesLinkUtility.FileHandlerPath));
var query = uriBuilder.Query;
query += FilesLinkUtility.Action + "=license&";
query += FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(file.ID.ToString()) + "&";
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(file.ID.ToString());
return(uriBuilder.Uri + "?" + query);
}
public static string GetFileChangesUrl(File file, string doc = null)
{
if (file == null)
{
throw new ArgumentNullException("file", FilesCommonResource.ErrorMassage_FileNotFound);
}
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(FilesLinkUtility.FileHandlerPath));
var query = uriBuilder.Query;
query += FilesLinkUtility.Action + "=diff&";
query += FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(file.ID.ToString()) + "&";
query += FilesLinkUtility.Version + "=" + file.Version + "&";
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(file.ID + file.Version.ToString(CultureInfo.InvariantCulture));
if (!string.IsNullOrEmpty(doc))
{
query += "&" + FilesLinkUtility.DocShareKey + "=" + HttpUtility.UrlEncode(doc);
}
return(uriBuilder.Uri + "?" + query);
}
public ConfirmAuthHandler(
IOptionsMonitor <AuthenticationSchemeOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
ISystemClock clock,
SecurityContext securityContext,
EmailValidationKeyProvider emailValidationKeyProvider,
SetupInfo setupInfo,
TenantManager tenantManager,
UserManager userManager,
AuthManager authManager,
AuthContext authContext) :
base(options, logger, encoder, clock)
{
SecurityContext = securityContext;
EmailValidationKeyProvider = emailValidationKeyProvider;
SetupInfo = setupInfo;
TenantManager = tenantManager;
UserManager = userManager;
AuthManager = authManager;
AuthContext = authContext;
}
public static string GetPreSignedUri(int fileId, int tenant, string user, string stream, int fileNumber,
string fileName, IDataStore dataStore)
{
var attachmentPath = GetFileKey(user, stream, fileNumber, fileName);
if (dataStore == null)
{
dataStore = MailDataStore.GetDataStore(tenant);
}
string url;
if (dataStore is S3Storage)
{
var contentDispositionFileName = ContentDispositionUtil.GetHeaderValue(fileName, withoutBase: true);
var headersForUrl = new [] { "Content-Disposition:" + contentDispositionFileName };
url = dataStore.GetPreSignedUri("", attachmentPath, TimeSpan.FromMinutes(10), headersForUrl).ToString();
}
else
{
//TODO: Move url to config;
attachmentPath = "/addons/mail/httphandlers/download.ashx";
var uriBuilder = new UriBuilder(CommonLinkUtility.GetFullAbsolutePath(attachmentPath));
if (uriBuilder.Uri.IsLoopback)
{
uriBuilder.Host = Dns.GetHostName();
}
var query = uriBuilder.Query;
query += "attachid=" + fileId + "&";
query += "stream=" + stream + "&";
query += FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(fileId + stream);
url = uriBuilder.Uri + "?" + query;
}
return(url);
}
[Create("sendcongratulations", false)] //NOTE: this method doesn't requires auth!!!
public void SendCongratulations(Guid userid, string key)
{
var authInterval = TimeSpan.FromHours(1);
var checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(userid.ToString() + ConfirmType.Auth, key, authInterval);
switch (checkKeyResult)
{
case EmailValidationKeyProvider.ValidationResult.Ok:
var currentUser = CoreContext.UserManager.GetUsers(userid);
StudioNotifyService.Instance.SendCongratulations(currentUser);
FirstTimeTenantSettings.SendInstallInfo(currentUser);
if (SetupInfo.SmsRegistration && !SetupInfo.IsSecretEmail(currentUser.Email))
{
StudioSmsNotificationSettings.Enable = true;
}
break;
default:
throw new SecurityException("Access Denied.");
}
}
public void UserPasswordChange(UserInfo userInfo)
{
var email = userInfo.Email.ToLower();
var validationKey = EmailValidationKeyProvider.GetEmailKey(email + ConfirmType.PasswordChange.ToString().ToLower());
var inviteUrl = CommonLinkUtility.GetFullAbsolutePath(String.Format("~/confirm.aspx?type={2}&email={0}&key={1}",
HttpUtility.UrlEncode(email), validationKey,
ConfirmType.PasswordChange.ToString().ToLower()));
client.SendNoticeToAsync(
Constants.ActionPasswordChange,
null,
RecipientFromEmail(new[] { email }, false),
new[] { EMailSenderName },
null,
new TagValue(Constants.TagUserName, SecurityContext.IsAuthenticated ? DisplayUserSettings.GetFullUserName(SecurityContext.CurrentAccount.ID) : ((HttpContext.Current != null) ? HttpContext.Current.Request.UserHostAddress : null)),
new TagValue(Constants.TagInviteLink, inviteUrl),
new TagValue(Constants.TagBody, ""),
//User name tag
new TagValue(new Tag("UserDisplayName"), userInfo.DisplayUserName())
);
}
public StorageFactory(
StorageFactoryListener storageFactoryListener,
StorageFactoryConfig storageFactoryConfig,
SettingsManager settingsManager,
StorageSettingsHelper storageSettingsHelper,
TenantManager tenantManager,
CoreBaseSettings coreBaseSettings,
PathUtils pathUtils,
EmailValidationKeyProvider emailValidationKeyProvider,
IOptionsMonitor <ILog> options,
IHttpContextAccessor httpContextAccessor)
{
StorageFactoryListener = storageFactoryListener;
StorageFactoryConfig = storageFactoryConfig;
SettingsManager = settingsManager;
StorageSettingsHelper = storageSettingsHelper;
TenantManager = tenantManager;
CoreBaseSettings = coreBaseSettings;
PathUtils = pathUtils;
EmailValidationKeyProvider = emailValidationKeyProvider;
Options = options;
HttpContextAccessor = httpContextAccessor;
}
public static string GetConfirmationUrlRelative(int tenantId, string email, ConfirmType confirmType, object postfix = null, Guid userId = default)
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenantId, email + confirmType + (postfix ?? ""));
var link = $"confirm/{confirmType}?key={validationKey}";
if (!string.IsNullOrEmpty(email))
{
link += $"&email={HttpUtility.UrlEncode(email)}";
}
if (userId != default)
{
link += $"&uid={userId}";
}
if (postfix != null)
{
link += "&p=1";
}
return(link);
}
public static string GetConfirmationUrlRelative(int tenantId, string email, ConfirmType confirmType, object postfix = null, Guid userId = default(Guid))
{
var validationKey = EmailValidationKeyProvider.GetEmailKey(tenantId, email + confirmType + (postfix ?? ""));
var link = string.Format("confirm.aspx?type={0}&key={1}", confirmType, validationKey);
if (!string.IsNullOrEmpty(email))
{
link += "&email=" + HttpUtility.UrlEncode(email);
}
if (userId != default(Guid))
{
link += "&uid=" + userId;
}
if (postfix != null)
{
link += "&p=1";
}
return(link);
}
private static void StreamFile(HttpContext context)
{
try
{
var id = context.Request[UrlConstant.FileId];
var ver = context.Request[UrlConstant.Version];
var auth = context.Request[UrlConstant.AuthKey];
if (EmailValidationKeyProvider.ValidateEmailKey(id + ver, auth, TimeSpan.FromMinutes(1)) != EmailValidationKeyProvider.ValidationResult.Ok)
{
throw new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException);
}
using (var dao = Global.DaoFactory.GetFileDao())
{
var file = dao.GetFile(id, Convert.ToInt32(ver));
using (var stream = dao.GetFileStream(file))
{
context.Response.AddHeader("Content-Length", stream.Length.ToString(CultureInfo.InvariantCulture));
stream.StreamCopyTo(context.Response.OutputStream);
}
}
}
catch (Exception ex)
{
context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
context.Response.Write(ex.Message);
}
try
{
context.Response.Flush();
context.Response.End();
}
catch (HttpException)
{
}
}
void SendInvite(UserInfo user, string inviteMessage, bool join, bool withFullAccessPrivileges)
{
var email = user.Email.ToLower();
var validationKey = EmailValidationKeyProvider.GetEmailKey(
email + ConfirmType.EmpInvite.ToString().ToLower() + (withFullAccessPrivileges ? "allrights" : ""));
string inviteUrl = String.Format("~/confirm.aspx?type={2}&email={0}&firstname={4}&lastname={5}&key={1}{3}{6}&uid={7}",
HttpUtility.UrlEncode(email), //0
validationKey, //1
ConfirmType.EmpInvite.ToString().ToLower(), //2
withFullAccessPrivileges ? "&fap=1" : "", //3
HttpUtility.UrlEncode(user.FirstName), //4
HttpUtility.UrlEncode(user.LastName), //5
String.IsNullOrEmpty(user.Department) ? "" : "&deptID=" + user.Department, //6
SecurityContext.CurrentAccount.ID);
client.SendNoticeToAsync(
join ? Constants.ActionJoinUsers : Constants.ActionInviteUsers,
null,
RecipientFromEmail(new string[] { email }, join), /*if it's invite - don't check activation status*/
new[] { EMailSenderName },
null,
new TagValue(Constants.TagUserName,
SecurityContext.IsAuthenticated ? DisplayUserSettings.GetFullUserName(SecurityContext.CurrentAccount.ID) : ((HttpContext.Current != null) ? HttpContext.Current.Request.UserHostAddress : null)
),
new TagValue(Constants.TagInviteLink, CommonLinkUtility.GetFullAbsolutePath(inviteUrl)),
new TagValue(Constants.TagBody, inviteMessage ?? ""),
//User name tag
new TagValue(new Tag("UserDisplayName"), (user.DisplayUserName() ?? "").Trim()),
CreateSendFromTag()
);
}
private static void StreamFile(HttpContext context)
{
var id = context.Request[FilesLinkUtility.FileId];
var auth = context.Request[FilesLinkUtility.AuthKey];
int version;
int.TryParse(context.Request[FilesLinkUtility.Version] ?? "", out version);
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(id + version, auth ?? "", Global.StreamUrlExpire);
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
{
var exc = new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException);
Global.Logger.Error(string.Format("{0} {1}: {2}", FilesLinkUtility.AuthKey, validateResult, context.Request.Url), exc);
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Write(FilesCommonResource.ErrorMassage_SecurityException);
return;
}
if (!string.IsNullOrEmpty(FileUtility.SignatureSecret))
{
try
{
var header = context.Request.Headers[FileUtility.SignatureHeader];
if (string.IsNullOrEmpty(header) || !header.StartsWith("Bearer "))
{
throw new Exception("header is null");
}
header = header.Substring("Bearer ".Length);
JsonWebToken.JsonSerializer = new DocumentService.JwtSerializer();
JsonWebToken.Decode(header, FileUtility.SignatureSecret);
}
catch (Exception ex)
{
Global.Logger.Error("Download stream header", ex);
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
context.Response.Write(FilesCommonResource.ErrorMassage_SecurityException);
return;
}
}
try
{
using (var fileDao = Global.DaoFactory.GetFileDao())
{
fileDao.InvalidateCache(id);
var file = version > 0
? fileDao.GetFile(id, version)
: fileDao.GetFile(id);
if (!string.IsNullOrEmpty(file.Error))
{
throw new Exception(file.Error);
}
using (var stream = fileDao.GetFileStream(file))
{
context.Response.AddHeader("Content-Length",
stream.CanSeek
? stream.Length.ToString(CultureInfo.InvariantCulture)
: file.ContentLength.ToString(CultureInfo.InvariantCulture));
stream.StreamCopyTo(context.Response.OutputStream);
}
}
}
catch (Exception ex)
{
Global.Logger.Error("Error for: " + context.Request.Url, ex);
context.Response.StatusCode = (int)HttpStatusCode.InternalServerError;
context.Response.Write(ex.Message);
return;
}
try
{
context.Response.Flush();
context.Response.End();
}
catch (HttpException)
{
}
}
private static void StreamFile(HttpContext context)
{
try
{
var fileId = context.Request[FilesLinkUtility.FileId];
var auth = context.Request[FilesLinkUtility.AuthKey];
var userId = context.Request[CommonLinkUtility.ParamName_UserUserID];
Global.Logger.Debug("GoogleDriveApp: get file stream " + fileId);
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(fileId + userId, auth, Global.StreamUrlExpire);
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
{
var exc = new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException);
Global.Logger.Error(string.Format("GoogleDriveApp: validate error {0} {1}: {2}", FilesLinkUtility.AuthKey, validateResult, context.Request.Url), exc);
throw exc;
}
var token = Token.GetToken(AppAttr, userId);
var driveFile = GetDriveFile(fileId, token);
var jsonFile = JObject.Parse(driveFile);
var downloadUrl = GoogleLoginProvider.GoogleUrlFile + fileId + "?alt=media";
if (string.IsNullOrEmpty(downloadUrl))
{
Global.Logger.Error("GoogleDriveApp: downloadUrl is null");
throw new Exception("downloadUrl is null");
}
Global.Logger.Debug("GoogleDriveApp: get file stream downloadUrl - " + downloadUrl);
var request = (HttpWebRequest)WebRequest.Create(downloadUrl);
request.Method = "GET";
request.Headers.Add("Authorization", "Bearer " + token);
using (var response = request.GetResponse())
using (var stream = new ResponseStream(response))
{
stream.StreamCopyTo(context.Response.OutputStream);
var contentLength = jsonFile.Value <string>("size");
Global.Logger.Debug("GoogleDriveApp: get file stream contentLength - " + contentLength);
context.Response.AddHeader("Content-Length", contentLength);
}
}
catch (Exception ex)
{
context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
context.Response.Write(ex.Message);
Global.Logger.Error("GoogleDriveApp: Error request " + context.Request.Url, ex);
}
try
{
context.Response.Flush();
context.Response.End();
}
catch (HttpException)
{
}
}
public Uri GetPreSignedUri(string domain, string path, TimeSpan expire, IEnumerable <string> headers)
{
if (path == null)
{
throw new ArgumentNullException("path");
}
if (string.IsNullOrEmpty(_tenant) && IsSupportInternalUri)
{
return(GetInternalUri(domain, path, expire, headers));
}
var headerAttr = string.Empty;
if (headers != null)
{
headerAttr = string.Join("&", headers);
}
if (expire == TimeSpan.Zero || expire == TimeSpan.MinValue || expire == TimeSpan.MaxValue)
{
expire = GetExpire(domain);
}
var query = string.Empty;
if (expire != TimeSpan.Zero && expire != TimeSpan.MinValue && expire != TimeSpan.MaxValue)
{
var expireString = expire.TotalMinutes.ToString(CultureInfo.InvariantCulture);
int currentTenantId;
var currentTenant = CoreContext.TenantManager.GetCurrentTenant(false);
if (currentTenant != null)
{
currentTenantId = currentTenant.TenantId;
}
else if (!TennantPath.TryGetTenant(_tenant, out currentTenantId))
{
currentTenantId = 0;
}
var auth = EmailValidationKeyProvider.GetEmailKey(currentTenantId, path.Replace('/', Path.DirectorySeparatorChar) + "." + headerAttr + "." + expireString);
query = string.Format("{0}{1}={2}&{3}={4}",
path.Contains("?") ? "&" : "?",
Constants.QUERY_EXPIRE,
expireString,
Constants.QUERY_AUTH,
auth);
}
if (!string.IsNullOrEmpty(headerAttr))
{
query += string.Format("{0}{1}={2}",
query.Contains("?") ? "&" : "?",
Constants.QUERY_HEADER,
HttpUtility.UrlEncode(headerAttr));
}
var tenant = _tenant.Trim('/');
var vpath = PathUtils.ResolveVirtualPath(_modulename, domain);
vpath = PathUtils.ResolveVirtualPath(vpath, false);
vpath = string.Format(vpath, tenant);
var virtualPath = new Uri(vpath + "/", UriKind.RelativeOrAbsolute);
var uri = virtualPath.IsAbsoluteUri ?
new MonoUri(virtualPath, virtualPath.LocalPath.TrimEnd('/') + EnsureLeadingSlash(path.Replace('\\', '/')) + query) :
new MonoUri(virtualPath.ToString().TrimEnd('/') + EnsureLeadingSlash(path.Replace('\\', '/')) + query, UriKind.Relative);
return(uri);
}
public static string GetCallbackUrl(string fileId)
{
var callbackUrl = CommonLinkUtility.GetFullAbsolutePath(FilesLinkUtility.FileHandlerPath
+ "?" + FilesLinkUtility.Action + "=track"
+ "&" + FilesLinkUtility.FileId + "=" + HttpUtility.UrlEncode(fileId)
+ "&" + FilesLinkUtility.AuthKey + "=" + EmailValidationKeyProvider.GetEmailKey(fileId));
callbackUrl = DocumentServiceConnector.ReplaceCommunityAdress(callbackUrl);
return(callbackUrl);
}
private bool CheckValidationKey()
{
var key = Request["key"] ?? "";
var emplType = Request["emplType"] ?? "";
var validInterval = SetupInfo.ValidEamilKeyInterval;
var authInterval = TimeSpan.FromHours(1);
EmailValidationKeyProvider.ValidationResult checkKeyResult;
switch (_type)
{
case ConfirmType.PortalContinue:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key);
break;
case ConfirmType.PhoneActivation:
case ConfirmType.PhoneAuth:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, authInterval);
break;
case ConfirmType.Auth:
{
var first = Request["first"] ?? "";
var module = Request["module"];
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + first + module, key, authInterval);
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Ok)
{
var user = _email.Contains("@")
? CoreContext.UserManager.GetUserByEmail(_email)
: CoreContext.UserManager.GetUsers(new Guid(_email));
if (SecurityContext.IsAuthenticated && SecurityContext.CurrentAccount.ID != user.ID)
{
Auth.ProcessLogout();
}
if (!SecurityContext.IsAuthenticated)
{
if (StudioSmsNotificationSettings.IsVisibleSettings && StudioSmsNotificationSettings.Enable)
{
Response.Redirect(SmsConfirmUrl(user), true);
}
var authCookie = SecurityContext.AuthenticateMe(user.ID);
CookiesManager.SetCookies(CookiesType.AuthKey, authCookie);
MessageService.Send(HttpContext.Current.Request, MessageAction.LoginSuccess, user.DisplayUserName(false));
}
AuthRedirect(user, first.ToLower() == "true", module, Request[FilesLinkUtility.FileUri]);
}
}
break;
case ConfirmType.DnsChange:
{
var dnsChangeKey = string.Join(string.Empty, new[] { _email, _type.ToString(), Request["dns"], Request["alias"] });
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(dnsChangeKey, key, validInterval);
}
break;
case ConfirmType.PortalOwnerChange:
{
Guid uid;
try
{
uid = new Guid(Request["uid"]);
}
catch
{
uid = Guid.Empty;
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + uid, key, validInterval);
}
break;
case ConfirmType.EmpInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + emplType, key, validInterval);
break;
case ConfirmType.LinkInvite:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_type + emplType, key, validInterval);
break;
case ConfirmType.PasswordChange:
var userHash = !String.IsNullOrEmpty(Request["p"]) && Request["p"] == "1";
String hash = String.Empty;
if (userHash)
{
hash = CoreContext.Authentication.GetUserPasswordHash(CoreContext.UserManager.GetUserByEmail(_email).ID);
}
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)), key, validInterval);
break;
default:
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval);
break;
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Expired)
{
ShowError(Resource.ErrorExpiredActivationLink);
return(false);
}
if (checkKeyResult == EmailValidationKeyProvider.ValidationResult.Invalid)
{
ShowError(_type == ConfirmType.LinkInvite
? Resource.ErrorInvalidActivationLink
: Resource.ErrorConfirmURLError);
return(false);
}
if (!string.IsNullOrEmpty(_email) && !_email.TestEmailRegex())
{
ShowError(Resource.ErrorNotCorrectEmail);
return(false);
}
return(true);
}
public void ProcessRequest(HttpContext context)
{
if (_checkAuth && !SecurityContext.IsAuthenticated)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
var storage = StorageFactory.GetStorage(CoreContext.TenantManager.GetCurrentTenant().TenantId.ToString(CultureInfo.InvariantCulture), _module);
var path = _path;
var header = context.Request[Constants.QUERY_HEADER] ?? "";
var auth = context.Request[Constants.QUERY_AUTH];
var storageExpire = storage.GetExpire(_domain);
if (storageExpire != TimeSpan.Zero && storageExpire != TimeSpan.MinValue && storageExpire != TimeSpan.MaxValue || !string.IsNullOrEmpty(auth))
{
var expire = context.Request[Constants.QUERY_EXPIRE];
if (string.IsNullOrEmpty(expire))
{
expire = storageExpire.TotalMinutes.ToString(CultureInfo.InvariantCulture);
}
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(path + "." + header + "." + expire, auth ?? "", TimeSpan.FromMinutes(Convert.ToDouble(expire)));
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
}
if (!storage.IsFile(_domain, path))
{
context.Response.StatusCode = (int)HttpStatusCode.NotFound;
return;
}
var headers = header.Length > 0 ? header.Split('&').Select(HttpUtility.UrlDecode) : new string[] { };
const int bigSize = 5 * 1024 * 1024;
if (storage.IsSupportInternalUri && bigSize < storage.GetFileSize(_domain, path))
{
var uri = storage.GetInternalUri(_domain, path, TimeSpan.FromMinutes(15), headers);
context.Response.Cache.SetAllowResponseInBrowserHistory(false);
context.Response.Cache.SetCacheability(HttpCacheability.NoCache);
context.Response.Redirect(uri.ToString());
return;
}
string encoding = null;
if (storage is DiscDataStore && storage.IsFile(_domain, path + ".gz"))
{
path += ".gz";
encoding = "gzip";
}
var headersToCopy = new List <string> {
"Content-Disposition", "Cache-Control", "Content-Encoding", "Content-Language", "Content-Type", "Expires"
};
foreach (var h in headers)
{
var toCopy = headersToCopy.Find(x => h.StartsWith(x));
if (string.IsNullOrEmpty(toCopy))
{
continue;
}
context.Response.Headers[toCopy] = h.Substring(toCopy.Length + 1);
}
context.Response.ContentType = MimeMapping.GetMimeMapping(path);
if (encoding != null)
{
context.Response.Headers["Content-Encoding"] = encoding;
}
if (!context.Response.IsClientConnected)
{
context.Response.End();
return;
}
using (var stream = storage.GetReadStream(_domain, path))
{
context.Response.Buffer = false;
long offset = 0;
var length = stream.Length;
if (stream.CanSeek)
{
length = ProcessRangeHeader(context, stream.Length, ref offset);
stream.Seek(offset, SeekOrigin.Begin);
}
context.Response.AddHeader("Connection", "Keep-Alive");
context.Response.AddHeader("Content-Length", length.ToString(CultureInfo.InvariantCulture));
try
{
stream.CopyTo(context.Response.OutputStream);
context.Response.Flush();
}
catch (Exception e)
{
LogManager.GetLogger("ASC").Debug("StorageHandler.ProcessRequest", e);
context.Response.End();
}
}
}
private static void DownloadFile(int attachmentId, HttpContext context)
{
var auth = context.Request[FilesLinkUtility.AuthKey];
var openTempStream = false;
if (!string.IsNullOrEmpty(auth))
{
var stream = context.Request.QueryString["stream"];
if (!string.IsNullOrEmpty(stream))
{
int validateTimespan;
int.TryParse(ConfigurationManagerExtension.AppSettings["files.stream-url-minute"], out validateTimespan);
if (validateTimespan <= 0)
{
validateTimespan = 5;
}
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(attachmentId + stream, auth, TimeSpan.FromMinutes(validateTimespan));
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
{
var exc = new HttpException((int)HttpStatusCode.Forbidden, "You don't have enough permission to perform the operation");
//Global.Logger.Error(string.Format("{0} {1}: {2}", CommonLinkUtility.AuthKey, validateResult, context.Request.Url), exc);
throw exc;
}
openTempStream = true;
}
}
else
{
if (!SecurityContext.IsAuthenticated)
{
throw new HttpException(403, "Access denied.");
}
}
var engine = new EngineFactory(TenantId, Username);
var attachment = engine.AttachmentEngine.GetAttachment(
openTempStream
? (IAttachmentExp) new ConcreteTenantAttachmentExp(attachmentId, TenantId)
: new ConcreteUserAttachmentExp(attachmentId, TenantId, Username));
long offset = 0;
long endOffset = -1;
long length = attachment.size;
if (context.Request.Headers["Range"] != null)
{
var range = context.Request.Headers["Range"].Split('=', '-');
offset = Convert.ToInt64(range[1]);
if (range.Count() > 2 && !string.IsNullOrEmpty(range[2]))
{
endOffset = Convert.ToInt64(range[2]);
}
if (endOffset < 0 || endOffset >= attachment.size)
{
endOffset = attachment.size - 1;
}
length = endOffset - offset + 1;
if (length <= 0)
{
throw new HttpException("Wrong Range header");
}
context.Response.StatusCode = 206;
context.Response.AddHeader("Content-Range", String.Format(" bytes {0}-{1}/{2}", offset, endOffset, attachment.size));
}
using (var file = attachment.ToAttachmentStream((int)offset))
{
context.Response.AddHeader("Accept-Ranges", "bytes");
context.Response.AddHeader("Content-Length", length.ToString(CultureInfo.InvariantCulture));
context.Response.AddHeader("Content-Disposition", ContentDispositionUtil.GetHeaderValue(file.FileName));
context.Response.ContentType = MimeMapping.GetMimeMapping(file.FileName);
if (endOffset != attachment.size - 1)
{
file.FileStream.CopyTo(context.Response.OutputStream);
}
else
{
file.FileStream.StreamCopyTo(context.Response.OutputStream, (int)length);
}
}
}
private void StreamFile(HttpContext context)
{
try
{
var fileId = context.Request.Query[FilesLinkUtility.FileId];
var auth = context.Request.Query[FilesLinkUtility.AuthKey];
var userId = context.Request.Query[CommonLinkUtility.ParamName_UserUserID];
Logger.Debug("GoogleDriveApp: get file stream " + fileId);
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(fileId + userId, auth, Global.StreamUrlExpire);
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
{
var exc = new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException);
Logger.Error(string.Format("GoogleDriveApp: validate error {0} {1}: {2}", FilesLinkUtility.AuthKey, validateResult, context.Request.Url()), exc);
throw exc;
}
Token token = null;
if (Guid.TryParse(userId, out var userIdGuid))
{
token = TokenHelper.GetToken(AppAttr, userIdGuid);
}
if (token == null)
{
Logger.Error("BoxApp: token is null");
throw new SecurityException("Access token is null");
}
var driveFile = GetDriveFile(fileId, token);
var jsonFile = JObject.Parse(driveFile);
var downloadUrl = GoogleLoginProvider.GoogleUrlFile + fileId + "?alt=media";
if (string.IsNullOrEmpty(downloadUrl))
{
Logger.Error("GoogleDriveApp: downloadUrl is null");
throw new Exception("downloadUrl is null");
}
Logger.Debug("GoogleDriveApp: get file stream downloadUrl - " + downloadUrl);
var request = (HttpWebRequest)WebRequest.Create(downloadUrl);
request.Method = "GET";
request.Headers.Add("Authorization", "Bearer " + token);
using (var response = request.GetResponse())
using (var stream = new ResponseStream(response))
{
stream.CopyTo(context.Response.Body);
var contentLength = jsonFile.Value <string>("size");
Logger.Debug("GoogleDriveApp: get file stream contentLength - " + contentLength);
context.Response.Headers.Add("Content-Length", contentLength);
}
}
catch (Exception ex)
{
context.Response.StatusCode = (int)HttpStatusCode.BadRequest;
context.Response.WriteAsync(ex.Message).Wait();
Logger.Error("GoogleDriveApp: Error request " + context.Request.Url(), ex);
}
try
{
context.Response.Body.Flush();
//TODO
//context.Response.SuppressContent = true;
//context.ApplicationInstance.CompleteRequest();
}
catch (HttpException ex)
{
Logger.Error("GoogleDriveApp StreamFile", ex);
}
}
public void Deconstruct(out TenantManager tenantManager, out SecurityContext securityContext, out StorageFactory storageFactory, out EmailValidationKeyProvider emailValidationKeyProvider)
{
tenantManager = TenantManager;
securityContext = SecurityContext;
storageFactory = StorageFactory;
emailValidationKeyProvider = EmailValidationKeyProvider;
}
public StorageHandlerScope(TenantManager tenantManager, SecurityContext securityContext, StorageFactory storageFactory, EmailValidationKeyProvider emailValidationKeyProvider)
{
TenantManager = tenantManager;
SecurityContext = securityContext;
StorageFactory = storageFactory;
EmailValidationKeyProvider = emailValidationKeyProvider;
}
private static void TrackFile(HttpContext context)
{
var auth = context.Request[FilesLinkUtility.AuthKey];
var fileId = context.Request[FilesLinkUtility.FileId];
Global.Logger.Debug("DocService track fileid: " + fileId);
var callbackSpan = TimeSpan.FromDays(128);
var validateResult = EmailValidationKeyProvider.ValidateEmailKey(fileId, auth ?? "", callbackSpan);
if (validateResult != EmailValidationKeyProvider.ValidationResult.Ok)
{
Global.Logger.ErrorFormat("DocService track auth error: {0}, {1}: {2}", validateResult.ToString(), FilesLinkUtility.AuthKey, auth);
throw new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException);
}
JToken data;
if (!string.IsNullOrEmpty(FileUtility.SignatureSecret))
{
var header = context.Request.Headers[FileUtility.SignatureHeader];
if (string.IsNullOrEmpty(header) || !header.StartsWith("Bearer "))
{
Global.Logger.Error("DocService track header is null");
throw new HttpException((int)HttpStatusCode.Forbidden, FilesCommonResource.ErrorMassage_SecurityException);
}
header = header.Substring("Bearer ".Length);
try
{
JsonWebToken.JsonSerializer = new DocumentService.JwtSerializer();
var stringPayload = JsonWebToken.Decode(header, FileUtility.SignatureSecret);
Global.Logger.Debug("DocService track payload: " + stringPayload);
var jsonPayload = JObject.Parse(stringPayload);
data = jsonPayload["payload"];
}
catch (SignatureVerificationException ex)
{
Global.Logger.Error("DocService track header", ex);
throw new HttpException((int)HttpStatusCode.Forbidden, ex.Message);
}
}
else
{
try
{
string body;
using (var receiveStream = context.Request.InputStream)
using (var readStream = new StreamReader(receiveStream))
{
body = readStream.ReadToEnd();
}
Global.Logger.Debug("DocService track body: " + body);
if (string.IsNullOrEmpty(body))
{
throw new ArgumentException("DocService return null");
}
data = JToken.Parse(body);
}
catch (Exception e)
{
Global.Logger.Error("DocService track error read body", e);
throw new HttpException((int)HttpStatusCode.BadRequest, e.Message);
}
}
string error;
try
{
if (data == null)
{
throw new ArgumentException("DocService response is incorrect");
}
var fileData = data.ToObject <DocumentServiceTracker.TrackerData>();
error = DocumentServiceTracker.ProcessData(fileId, fileData);
}
catch (Exception e)
{
Global.Logger.Error("DocService track:", e);
throw new HttpException((int)HttpStatusCode.BadRequest, e.Message);
}
context.Response.Write(string.Format("{{\"error\":{0}}}", (error ?? "0")));
}
