Added support for openproject as exx app through proxy

Signed-off-by: Sagar <[email protected]>
nextcloud · Sep 16, 2024 · 16a36ef · 16a36ef
1 parent 6ffe669
commit 16a36ef
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 13 deletions.
diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php
@@ -53,6 +53,7 @@
 class Application extends App implements IBootstrap {
 	public const APP_ID = 'integration_openproject';
 	public const  OPEN_PROJECT_ENTITIES_NAME = 'OpenProject';
+	public const  APP_ID_PROXY_OPENPROJECT = 'openproject-nextcloud-app';
 	/**
 	 * @var mixed
 	 */

diff --git a/lib/Controller/ConfigController.php b/lib/Controller/ConfigController.php
@@ -485,14 +485,18 @@ public function oauthRedirect(string $code = '', string $state = ''): RedirectRe
 
 		if ($clientID && $validClientSecret && $validCodeVerifier && $configState !== '' && $configState === $state) {
 			$openprojectUrl = $this->config->getAppValue(Application::APP_ID, 'openproject_instance_url');
+			$options = [];
+			if($this->openprojectAPIService->isOpenProjectRunningAsExApp($openprojectUrl)) {
+				$options = $this->openprojectAPIService->setHeadersForProxy($this->userId, $options);
+			}
 			$result = $this->openprojectAPIService->requestOAuthAccessToken($openprojectUrl, [
 				'client_id' => $clientID,
 				'client_secret' => $clientSecret,
 				'code' => $code,
 				'redirect_uri' => openprojectAPIService::getOauthRedirectUrl($this->urlGenerator),
 				'grant_type' => 'authorization_code',
 				'code_verifier' => $codeVerifier
-			], 'POST');
+			], 'POST', $options);
 			if (isset($result['access_token']) && isset($result['refresh_token'])) {
 				$accessToken = $result['access_token'];
 				$this->config->setUserValue($this->userId, Application::APP_ID, 'token', $accessToken);

diff --git a/lib/Controller/DirectUploadController.php b/lib/Controller/DirectUploadController.php
@@ -165,7 +165,6 @@ public function prepareDirectUpload(int $folder_id): DataResponse {
 	/**
 	 * direct upload
 	 *
-	 * @CORS
 	 * @NoCSRFRequired
 	 * @NoAdminRequired
 	 * @PublicPage

diff --git a/lib/Controller/OpenProjectAPIController.php b/lib/Controller/OpenProjectAPIController.php
@@ -32,6 +32,7 @@
 use OCP\IConfig;
 use OCP\IRequest;
 use OCP\IURLGenerator;
+use phpDocumentor\Reflection\Types\This;
 use Psr\Log\LoggerInterface;
 
 class OpenProjectAPIController extends Controller {
@@ -549,10 +550,15 @@ public function isValidOpenProjectInstance(string $url): DataResponse {
 			);
 			return new DataResponse(['result' => 'invalid']);
 		}
+		$options = [];
+		if($this->openprojectAPIService->isOpenProjectRunningAsExApp($url)) {
+			$options = $this->openprojectAPIService->setHeadersForProxy($this->userId, $options);
+		}
+		$options['allow_redirects'] = false;
 		try {
 			$response = $this->openprojectAPIService->rawRequest(
 				'', $url, '', [], 'GET',
-				['allow_redirects' => false]
+				$options
 			);
 			$statusCode = $response->getStatusCode();
 			if ($statusCode >= 300 && $statusCode <= 399) {

diff --git a/lib/Service/OpenProjectAPIService.php b/lib/Service/OpenProjectAPIService.php
@@ -55,7 +55,9 @@
 use OCP\PreConditionNotMetException;
 use OCP\Security\ISecureRandom;
 use OCP\Server;
+use phpDocumentor\Reflection\Types\Self_;
 use Psr\Log\LoggerInterface;
+use OCA\AppAPI\Service\ExAppService;
 
 define('CACHE_TTL', 3600);
 
@@ -130,6 +132,7 @@ class OpenProjectAPIService {
 	private ISecureRandom $random;
 	private IEventDispatcher $eventDispatcher;
 	private AuditLogger $auditLogger;
+	private ExAppService $exAppService;
 
 	public function __construct(
 		string $appName,
@@ -150,6 +153,7 @@ public function __construct(
 		ISubAdmin $subAdminManager,
 		IDBConnection $db,
 		ILogFactory $logFactory,
+		ExAppService $exAppService,
 	) {
 		$this->appName = $appName;
 		$this->avatarManager = $avatarManager;
@@ -169,6 +173,7 @@ public function __construct(
 		$this->eventDispatcher = $eventDispatcher;
 		$this->db = $db;
 		$this->logFactory = $logFactory;
+		$this->exAppService = $exAppService;
 	}
 
 	/**
@@ -316,9 +321,13 @@ public function getOpenProjectAvatar(
 		$this->config->getAppValue(Application::APP_ID, 'openproject_client_id');
 		$this->config->getAppValue(Application::APP_ID, 'openproject_client_secret');
 		$openprojectUrl = $this->config->getAppValue(Application::APP_ID, 'openproject_instance_url');
+		$options = [];
+		if($this->isOpenProjectRunningAsExApp($openprojectUrl)) {
+			$options = $this->setHeadersForProxy($nextcloudUserId, $options);
+		}
 		try {
 			$response = $this->rawRequest(
-				$accessToken, $openprojectUrl, 'users/'.$openprojectUserId.'/avatar'
+				$accessToken, $openprojectUrl, 'users/'.$openprojectUserId.'/avatar', [], 'GET', $options
 			);
 			$imageMimeType = $response->getHeader('Content-Type');
 			$imageData = $response->getBody();
@@ -362,6 +371,21 @@ public function getOpenProjectAvatar(
 		}
 	}
 
+	public function isOpenProjectRunningAsExApp(string $openprojectUrl) : bool {
+		return str_ends_with($openprojectUrl, '/proxy/openproject-nextcloud-app');
+	}
+
+	public function setHeadersForProxy(string $nextcloudUser, array $options): array {
+		$options = [];
+		$exAppconfigInformation = $this->exAppService->getExApp(Application::APP_ID_PROXY_OPENPROJECT);
+		$authorizationAppAPI = base64_encode($nextcloudUser . ":" . $exAppconfigInformation->getSecret());
+		$options['headers']['host'] = $exAppconfigInformation->getHost() . ":" . $exAppconfigInformation->getPort();
+		$options['headers']['ex-app-id'] = $exAppconfigInformation->getAppid();
+		$options['headers']['authorization-app-api'] = $authorizationAppAPI;
+		$options['headers']['ex-app-version'] = $exAppconfigInformation->getVersion();
+		return $options;
+	}
+
 	/**
 	 * @param string $accessToken
 	 * @param string $openprojectUrl
@@ -443,8 +467,12 @@ public function request(string $userId,
 		if (!$openprojectUrl || !OpenProjectAPIService::validateURL($openprojectUrl)) {
 			return ['error' => 'OpenProject URL is invalid', 'statusCode' => 500];
 		}
+		$options = [];
+		if($this->isOpenProjectRunningAsExApp($openprojectUrl)) {
+			$options = $this->setHeadersForProxy($userId, $options);
+		}
 		try {
-			$response = $this->rawRequest($accessToken, $openprojectUrl, $endPoint, $params, $method);
+			$response = $this->rawRequest($accessToken, $openprojectUrl, $endPoint, $params, $method, $options);
 			if (($method === 'DELETE' || $method === 'POST') &&
 				$response->getStatusCode() === Http::STATUS_NO_CONTENT
 			) {
@@ -464,7 +492,7 @@ public function request(string $userId,
 					'client_secret' => $clientSecret,
 					'grant_type' => 'refresh_token',
 					'refresh_token' => $refreshToken,
-				], 'POST');
+				], 'POST', $options);
 				if (isset($result['refresh_token'])) {
 					$refreshToken = $result['refresh_token'];
 					$this->config->setUserValue(
@@ -517,17 +545,13 @@ public function request(string $userId,
 	 * @param string $url
 	 * @param array<mixed> $params passed to `http_build_query` for GET requests, else send as body
 	 * @param string $method
+	 * @param array<mixed> $options
 	 * @return array<mixed>
 	 */
-	public function requestOAuthAccessToken(string $url, array $params = [], string $method = 'GET'): array {
+	public function requestOAuthAccessToken(string $url, array $params = [], string $method = 'GET', array $options = []): array {
 		try {
 			$url = $url . '/oauth/token';
-			$options = [
-				'headers' => [
-					'User-Agent' => 'Nextcloud OpenProject integration',
-				]
-			];
-
+			$options ['headers']['User-Agent'] = 'Nextcloud OpenProject integration';
 			if (count($params) > 0) {
 				if ($method === 'GET') {
 					$paramsContent = http_build_query($params);