From 66d126410c9e17cf598e2088140cae2e172ff9e8 Mon Sep 17 00:00:00 2001 From: pavelbannov Date: Wed, 13 Oct 2021 10:25:19 +0300 Subject: [PATCH] Login: added desktop param --- .../Helpers/OAuth20TokenHelper.cs | 10 ++++++++-- common/ASC.FederatedLogin/Login.cs | 2 +- .../LoginProviders/BaseLoginProvider.cs | 8 ++++---- .../LoginProviders/GoogleLoginProvider.cs | 2 +- .../LoginProviders/GosUslugiLoginProvider.cs | 6 +++--- .../LoginProviders/ILoginProvider.cs | 2 +- .../LoginProviders/MailRuLoginProvider.cs | 4 ++-- .../LoginProviders/OpenIdLoginProvider.cs | 2 +- .../LoginProviders/ProviderManager.cs | 4 ++-- .../LoginProviders/VKLoginProvider.cs | 4 ++-- .../LoginProviders/YahooLoginProvider.cs | 2 +- .../LoginProviders/YandexLoginProvider.cs | 4 ++-- .../Server/Controllers/PeopleController.cs | 11 +++-------- .../Controllers/ThirdPartyController.cs | 14 ++++++++------ 14 files changed, 39 insertions(+), 36 deletions(-) diff --git a/common/ASC.FederatedLogin/Helpers/OAuth20TokenHelper.cs b/common/ASC.FederatedLogin/Helpers/OAuth20TokenHelper.cs index 740e4743790..6219a0414d5 100644 --- a/common/ASC.FederatedLogin/Helpers/OAuth20TokenHelper.cs +++ b/common/ASC.FederatedLogin/Helpers/OAuth20TokenHelper.cs @@ -49,7 +49,7 @@ public OAuth20TokenHelper(IHttpContextAccessor httpContextAccessor, ConsumerFact ConsumerFactory = consumerFactory; } - public string RequestCode(string scope = null, Dictionary additionalArgs = null) where T : Consumer, IOAuthProvider, new() + public string RequestCode(bool desktop, string scope = null, Dictionary additionalArgs = null) where T : Consumer, IOAuthProvider, new() { var loginProvider = ConsumerFactory.Get(); var requestUrl = loginProvider.CodeUrl; @@ -67,7 +67,13 @@ public OAuth20TokenHelper(IHttpContextAccessor httpContextAccessor, ConsumerFact if (!string.IsNullOrEmpty(scope)) query += $"&scope={HttpUtility.UrlEncode(scope)}"; var u = HttpContextAccessor.HttpContext.Request.GetUrlRewriter(); - var state = HttpUtility.UrlEncode(new UriBuilder(u.Scheme, u.Host, u.Port, $"thirdparty/{loginProvider.Name.ToLower()}/code").Uri.AbsoluteUri); + var stateUriBuilder = new UriBuilder(u.Scheme, u.Host, u.Port, $"thirdparty/{loginProvider.Name.ToLower()}/code"); + if (desktop) + { + stateUriBuilder.Query = "desktop=true"; + } + + var state = HttpUtility.UrlEncode(stateUriBuilder.Uri.AbsoluteUri); query += $"&state={state}"; if (additionalArgs != null) diff --git a/common/ASC.FederatedLogin/Login.cs b/common/ASC.FederatedLogin/Login.cs index cb5993ddbe7..d7ae2ecb1b9 100644 --- a/common/ASC.FederatedLogin/Login.cs +++ b/common/ASC.FederatedLogin/Login.cs @@ -104,7 +104,7 @@ public async Task Invoke(HttpContext context) { try { - var profile = ProviderManager.Process(Auth, context, _params); + var profile = ProviderManager.Process(Auth, context, _params.ContainsKey("desktop") && _params["desktop"] == "true", _params); if (profile != null) { await SendClientData(context, profile); diff --git a/common/ASC.FederatedLogin/LoginProviders/BaseLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/BaseLoginProvider.cs index b8a7e7cf639..af1ec3439fa 100644 --- a/common/ASC.FederatedLogin/LoginProviders/BaseLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/BaseLoginProvider.cs @@ -113,11 +113,11 @@ protected BaseLoginProvider( InstanceCrypto = instanceCrypto; } - public virtual LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params) + public virtual LoginProfile ProcessAuthoriztion(HttpContext context, bool desktop, IDictionary @params) { try { - var token = Auth(context, Scopes, out var redirect); + var token = Auth(context, desktop, Scopes, out var redirect); if (redirect) { @@ -136,7 +136,7 @@ public virtual LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary } } - protected virtual OAuth20Token Auth(HttpContext context, string scopes, out bool redirect, Dictionary additionalArgs = null) + protected virtual OAuth20Token Auth(HttpContext context, bool desktop, string scopes, out bool redirect, Dictionary additionalArgs = null) { var error = context.Request.Query["error"]; if (!string.IsNullOrEmpty(error)) @@ -151,7 +151,7 @@ protected virtual OAuth20Token Auth(HttpContext context, string scopes, out bool var code = context.Request.Query["code"]; if (string.IsNullOrEmpty(code)) { - context.Response.Redirect(OAuth20TokenHelper.RequestCode(scopes, additionalArgs)); + context.Response.Redirect(OAuth20TokenHelper.RequestCode(desktop, scopes, additionalArgs)); redirect = true; return null; } diff --git a/common/ASC.FederatedLogin/LoginProviders/GoogleLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/GoogleLoginProvider.cs index d52237aaaf1..f845520ce08 100644 --- a/common/ASC.FederatedLogin/LoginProviders/GoogleLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/GoogleLoginProvider.cs @@ -93,7 +93,7 @@ public override LoginProfile GetLoginProfile(string accessToken) public OAuth20Token Auth(HttpContext context) { - return Auth(context, GoogleScopeContacts, out var _, (context.Request.Query["access_type"].ToString() ?? "") == "offline" + return Auth(context, context.Request.Query["desktop"] == "true", GoogleScopeContacts, out var _, (context.Request.Query["access_type"].ToString() ?? "") == "offline" ? new Dictionary { { "access_type", "offline" }, diff --git a/common/ASC.FederatedLogin/LoginProviders/GosUslugiLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/GosUslugiLoginProvider.cs index f7ea25bd23c..bd27899b90b 100644 --- a/common/ASC.FederatedLogin/LoginProviders/GosUslugiLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/GosUslugiLoginProvider.cs @@ -114,11 +114,11 @@ public GosUslugiLoginProvider( } - public override LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params) + public override LoginProfile ProcessAuthoriztion(HttpContext context, bool desktop, IDictionary @params) { try { - var token = Auth(context, Scopes, out var redirect); + var token = Auth(context, desktop, Scopes, out var redirect); if (redirect) { @@ -142,7 +142,7 @@ public override LoginProfile ProcessAuthoriztion(HttpContext context, IDictionar } } - protected override OAuth20Token Auth(HttpContext context, string scopes, out bool redirect, Dictionary additionalArgs = null) + protected override OAuth20Token Auth(HttpContext context, bool desktop, string scopes, out bool redirect, Dictionary additionalArgs = null) { var error = context.Request.Query["error"]; if (!string.IsNullOrEmpty(error)) diff --git a/common/ASC.FederatedLogin/LoginProviders/ILoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/ILoginProvider.cs index 99cd36eb69c..2c17600df27 100644 --- a/common/ASC.FederatedLogin/LoginProviders/ILoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/ILoginProvider.cs @@ -34,7 +34,7 @@ namespace ASC.FederatedLogin.LoginProviders { public interface ILoginProvider : IOAuthProvider { - LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params); + LoginProfile ProcessAuthoriztion(HttpContext context, bool desktop, IDictionary @params); LoginProfile GetLoginProfile(string accessToken); } diff --git a/common/ASC.FederatedLogin/LoginProviders/MailRuLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/MailRuLoginProvider.cs index 438677a5ae2..4c7329fe902 100644 --- a/common/ASC.FederatedLogin/LoginProviders/MailRuLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/MailRuLoginProvider.cs @@ -97,11 +97,11 @@ public MailRuLoginProvider( { } - public override LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params) + public override LoginProfile ProcessAuthoriztion(HttpContext context, bool desktop, IDictionary @params) { try { - var token = Auth(context, Scopes, out var redirect); + var token = Auth(context, desktop, Scopes, out var redirect); if (redirect) { diff --git a/common/ASC.FederatedLogin/LoginProviders/OpenIdLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/OpenIdLoginProvider.cs index 90d82882d8b..b4b9b2ac1e5 100644 --- a/common/ASC.FederatedLogin/LoginProviders/OpenIdLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/OpenIdLoginProvider.cs @@ -53,7 +53,7 @@ public OpenIdLoginProvider(Signature signature, InstanceCrypto instanceCrypto, C ConsumerFactory = consumerFactory; } - public LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params) + public LoginProfile ProcessAuthoriztion(HttpContext context, bool desktop, IDictionary @params) { var response = Openid.GetResponse(); if (response == null) diff --git a/common/ASC.FederatedLogin/LoginProviders/ProviderManager.cs b/common/ASC.FederatedLogin/LoginProviders/ProviderManager.cs index b7abd411b1d..09c1c7f426e 100644 --- a/common/ASC.FederatedLogin/LoginProviders/ProviderManager.cs +++ b/common/ASC.FederatedLogin/LoginProviders/ProviderManager.cs @@ -71,9 +71,9 @@ public ILoginProvider GetLoginProvider(string providerType) : ConsumerFactory.GetByKey(providerType) as ILoginProvider; } - public LoginProfile Process(string providerType, HttpContext context, IDictionary @params) + public LoginProfile Process(string providerType, HttpContext context, bool desktop, IDictionary @params) { - return GetLoginProvider(providerType).ProcessAuthoriztion(context, @params); + return GetLoginProvider(providerType).ProcessAuthoriztion(context, desktop, @params); } public LoginProfile GetLoginProfile(string providerType, string accessToken) diff --git a/common/ASC.FederatedLogin/LoginProviders/VKLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/VKLoginProvider.cs index a14708cbec1..c9c31539635 100644 --- a/common/ASC.FederatedLogin/LoginProviders/VKLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/VKLoginProvider.cs @@ -102,11 +102,11 @@ public VKLoginProvider( } - public override LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params) + public override LoginProfile ProcessAuthoriztion(HttpContext context, bool desktop, IDictionary @params) { try { - var token = Auth(context, Scopes, out var redirect, context.Request.Query["access_type"] == "offline" + var token = Auth(context, desktop, Scopes, out var redirect, context.Request.Query["access_type"] == "offline" ? new Dictionary { { "revoke", "1" } diff --git a/common/ASC.FederatedLogin/LoginProviders/YahooLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/YahooLoginProvider.cs index b670abb4bd7..92697a08b50 100644 --- a/common/ASC.FederatedLogin/LoginProviders/YahooLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/YahooLoginProvider.cs @@ -70,7 +70,7 @@ public YahooLoginProvider( public OAuth20Token Auth(HttpContext context) { - return Auth(context, Scopes, out var _); + return Auth(context, context.Request.Query["desktop"] == "true", Scopes, out var _); } public override LoginProfile GetLoginProfile(string accessToken) diff --git a/common/ASC.FederatedLogin/LoginProviders/YandexLoginProvider.cs b/common/ASC.FederatedLogin/LoginProviders/YandexLoginProvider.cs index 363d05969ab..7d079ed46c1 100644 --- a/common/ASC.FederatedLogin/LoginProviders/YandexLoginProvider.cs +++ b/common/ASC.FederatedLogin/LoginProviders/YandexLoginProvider.cs @@ -94,11 +94,11 @@ public YandexLoginProvider( { } - public override LoginProfile ProcessAuthoriztion(HttpContext context, IDictionary @params) + public override LoginProfile ProcessAuthoriztion(HttpContext context, bool desktop, IDictionary @params) { try { - var token = Auth(context, Scopes, out var redirect, context.Request.Query["access_type"] == "offline" + var token = Auth(context, desktop, Scopes, out var redirect, context.Request.Query["access_type"] == "offline" ? new Dictionary { { "force_confirm", "true" } diff --git a/products/ASC.People/Server/Controllers/PeopleController.cs b/products/ASC.People/Server/Controllers/PeopleController.cs index e8e984d9429..5790d51ad3f 100644 --- a/products/ASC.People/Server/Controllers/PeopleController.cs +++ b/products/ASC.People/Server/Controllers/PeopleController.cs @@ -1611,14 +1611,9 @@ public ICollection GetAuthProviders(bool inviteView, bool settingsV { var url = VirtualPathUtility.ToAbsolute("~/login.ashx") + $"?auth={provider}"; - var mode = (settingsView || inviteView || (!MobileDetector.IsMobile() && !Request.DesktopApp()) - ? ("&mode=popup&callback=" + clientCallback) - : ("&mode=Redirect&returnurl=" - + HttpUtility.UrlEncode(new Uri(Request.GetUrlRewriter(), - "Auth.aspx" - + (Request.DesktopApp() ? "?desktop=true" : "") - ).ToString()) - )); + var mode = settingsView || inviteView || (!MobileDetector.IsMobile() && !Request.DesktopApp()) + ? $"&mode=popup&callback={clientCallback}" + : "&mode=Redirect&desktop=true"; infos.Add(new AccountInfo { diff --git a/web/ASC.Web.Api/Controllers/ThirdPartyController.cs b/web/ASC.Web.Api/Controllers/ThirdPartyController.cs index f3d5f3a8e68..0ac1f93e616 100644 --- a/web/ASC.Web.Api/Controllers/ThirdPartyController.cs +++ b/web/ASC.Web.Api/Controllers/ThirdPartyController.cs @@ -52,10 +52,11 @@ public ThirdPartyController(OAuth20TokenHelper oAuth20TokenHelper) [Read("{provider}")] public object Get(LoginProviderEnum provider) { + var desktop = HttpContext.Request.Query["desktop"] == "true"; switch (provider) { case LoginProviderEnum.Google: - return OAuth20TokenHelper.RequestCode( + return OAuth20TokenHelper.RequestCode(desktop, GoogleLoginProvider.GoogleScopeDrive, new Dictionary { @@ -64,26 +65,27 @@ public object Get(LoginProviderEnum provider) }); case LoginProviderEnum.Dropbox: - return OAuth20TokenHelper.RequestCode( + return OAuth20TokenHelper.RequestCode(desktop, additionalArgs: new Dictionary { { "force_reauthentication", "true" } }); case LoginProviderEnum.Docusign: - return OAuth20TokenHelper.RequestCode(DocuSignLoginProvider.DocuSignLoginProviderScopes, + return OAuth20TokenHelper.RequestCode(desktop, + DocuSignLoginProvider.DocuSignLoginProviderScopes, new Dictionary { { "prompt", "login" } }); case LoginProviderEnum.Box: - return OAuth20TokenHelper.RequestCode(); + return OAuth20TokenHelper.RequestCode(desktop); case LoginProviderEnum.OneDrive: - return OAuth20TokenHelper.RequestCode(OneDriveLoginProvider.OneDriveLoginProviderScopes); + return OAuth20TokenHelper.RequestCode(desktop, OneDriveLoginProvider.OneDriveLoginProviderScopes); case LoginProviderEnum.Wordpress: - return OAuth20TokenHelper.RequestCode(); + return OAuth20TokenHelper.RequestCode(desktop); }