/**
* try http post first with https and then with http as a fallback
*
* @param string $remoteDomain
* @param string $urlSuffix
* @param array $fields post parameters
* @return array
* @throws \Exception
*/
protected function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields)
{
$client = $this->httpClientService->newClient();
$protocol = 'https://';
$result = ['success' => false, 'result' => ''];
$try = 0;
while ($result['success'] === false && $try < 2) {
$endpoint = $this->discoveryManager->getShareEndpoint($protocol . $remoteDomain);
try {
$response = $client->post($protocol . $remoteDomain . $endpoint . $urlSuffix . '?format=' . self::RESPONSE_FORMAT, ['body' => $fields, 'timeout' => 10, 'connect_timeout' => 10]);
$result['result'] = $response->getBody();
$result['success'] = true;
break;
} catch (\Exception $e) {
// if flat re-sharing is not supported by the remote server
// we re-throw the exception and fall back to the old behaviour.
// (flat re-shares has been introduced in ownCloud 9.1)
if ($e->getCode() === Http::STATUS_INTERNAL_SERVER_ERROR) {
throw $e;
}
$try++;
$protocol = 'http://';
}
}
return $result;
}
/**
* inform remote server whether server-to-server share was accepted/declined
*
* @param string $remote
* @param string $token
* @param int $remoteId Share id on the remote host
* @param string $feedback
* @return boolean
*/
private function sendFeedbackToRemote($remote, $token, $remoteId, $feedback)
{
$url = rtrim($remote, '/') . $this->discoveryManager->getShareEndpoint($remote) . '/' . $remoteId . '/' . $feedback . '?format=' . \OCP\Share::RESPONSE_FORMAT;
$fields = array('token' => $token);
$result = $this->httpHelper->post($url, $fields);
$status = json_decode($result['result'], true);
return $result['success'] && ($status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200);
}
public function testWithMaliciousEndpointCached()
{
$response = $this->getMock('\\OCP\\Http\\Client\\IResponse');
$response->expects($this->once())->method('getStatusCode')->willReturn(200);
$response->expects($this->once())->method('getBody')->willReturn('{"version":2,"services":{"PRIVATE_DATA":{"version":1,"endpoints":{"store":"\\/ocs\\/v2.php\\/privatedata\\/setattribute","read":"\\/ocs\\/v2.php\\/privatedata\\/getattribute","delete":"\\/ocs\\/v2.php\\/privatedata\\/deleteattribute"}},"SHARING":{"version":1,"endpoints":{"share":"\\/ocs\\/v2.php\\/apps\\/files_sharing\\/api\\/v1\\/shares"}},"FEDERATED_SHARING":{"version":1,"endpoints":{"share":"\\/ocs\\/v2.php\\/cl@oud\\/MyCustomShareEndpoint","webdav":"\\/public.php\\/MyC:ustomEndpoint\\/"}},"ACTIVITY":{"version":1,"endpoints":{"list":"\\/ocs\\/v2.php\\/cloud\\/activity"}},"PROVISIONING":{"version":1,"endpoints":{"user":"******","groups":"\\/ocs\\/v2.php\\/cloud\\/groups","apps":"\\/ocs\\/v2.php\\/cloud\\/apps"}}}}');
$this->client->expects($this->once())->method('get')->with('https://myhost.com/ocs-provider/', [])->willReturn($response);
$this->cache->expects($this->at(0))->method('get')->with('https://myhost.com')->willReturn(null);
$this->cache->expects($this->at(1))->method('set')->with('https://myhost.com', '{"webdav":"\\/public.php\\/webdav","share":"\\/ocs\\/v1.php\\/cloud\\/shares"}');
$this->cache->expects($this->at(2))->method('get')->with('https://myhost.com')->willReturn('{"webdav":"\\/public.php\\/webdav","share":"\\/ocs\\/v1.php\\/cloud\\/shares"}');
$this->assertSame('/public.php/webdav', $this->discoveryManager->getWebDavEndpoint('https://myhost.com'));
$this->assertSame('/ocs/v1.php/cloud/shares', $this->discoveryManager->getShareEndpoint('https://myhost.com'));
}
public function __construct($options)
{
$this->memcacheFactory = \OC::$server->getMemCacheFactory();
$this->httpClient = \OC::$server->getHTTPClientService();
$discoveryManager = new DiscoveryManager($this->memcacheFactory, \OC::$server->getHTTPClientService());
$this->manager = $options['manager'];
$this->certificateManager = $options['certificateManager'];
$this->remote = $options['remote'];
$this->remoteUser = $options['owner'];
list($protocol, $remote) = explode('://', $this->remote);
if (strpos($remote, '/')) {
list($host, $root) = explode('/', $remote, 2);
} else {
$host = $remote;
$root = '';
}
$secure = $protocol === 'https';
$root = rtrim($root, '/') . $discoveryManager->getWebDavEndpoint($this->remote);
$this->mountPoint = $options['mountpoint'];
$this->token = $options['token'];
parent::__construct(array('secure' => $secure, 'host' => $host, 'root' => $root, 'user' => $options['token'], 'password' => (string) $options['password']));
}
/**
* try http post first with https and then with http as a fallback
*
* @param string $remoteDomain
* @param string $urlSuffix
* @param array $fields post parameters
* @return array
*/
private function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields)
{
$client = $this->httpClientService->newClient();
$protocol = 'https://';
$result = ['success' => false, 'result' => ''];
$try = 0;
while ($result['success'] === false && $try < 2) {
$endpoint = $this->discoveryManager->getShareEndpoint($protocol . $remoteDomain);
try {
$response = $client->post($protocol . $remoteDomain . $endpoint . $urlSuffix . '?format=' . self::RESPONSE_FORMAT, ['body' => $fields]);
$result['result'] = $response->getBody();
$result['success'] = true;
break;
} catch (\Exception $e) {
$try++;
$protocol = 'http://';
}
}
return $result;
}
/**
* try http post first with https and then with http as a fallback
*
* @param string $remoteDomain
* @param string $urlSuffix
* @param array $fields post parameters
* @return array
*/
private static function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields)
{
$protocol = 'https://';
$result = ['success' => false, 'result' => ''];
$try = 0;
$discoveryManager = new DiscoveryManager(\OC::$server->getMemCacheFactory(), \OC::$server->getHTTPClientService());
while ($result['success'] === false && $try < 2) {
$endpoint = $discoveryManager->getShareEndpoint($protocol . $remoteDomain);
$result = \OC::$server->getHTTPHelper()->post($protocol . $remoteDomain . $endpoint . $urlSuffix . '?format=' . self::RESPONSE_FORMAT, $fields);
$try++;
$protocol = 'http://';
}
return $result;
}