Beispiel #1
0
func getWebrtcToken(sessionId string) (string, *model.AppError) {
	if !*utils.Cfg.WebrtcSettings.Enable {
		return "", model.NewLocAppError("WebRTC.getWebrtcToken", "api.webrtc.disabled.app_error", nil, "")
	}

	token := base64.StdEncoding.EncodeToString([]byte(sessionId))

	data := make(map[string]string)
	data["janus"] = "add_token"
	data["token"] = token
	data["transaction"] = model.NewId()
	data["admin_secret"] = *utils.Cfg.WebrtcSettings.GatewayAdminSecret

	rq, _ := http.NewRequest("POST", *utils.Cfg.WebrtcSettings.GatewayAdminUrl, strings.NewReader(model.MapToJson(data)))
	rq.Header.Set("Content-Type", "application/json")

	tr := &http.Transport{
		TLSClientConfig: &tls.Config{InsecureSkipVerify: *utils.Cfg.ServiceSettings.EnableInsecureOutgoingConnections},
	}
	httpClient := &http.Client{Transport: tr}
	if rp, err := httpClient.Do(rq); err != nil {
		return "", model.NewLocAppError("WebRTC.Token", "model.client.connecting.app_error", nil, err.Error())
	} else if rp.StatusCode >= 300 {
		defer closeBody(rp)
		return "", model.AppErrorFromJson(rp.Body)
	} else {
		janusResponse := model.GatewayResponseFromJson(rp.Body)
		if janusResponse.Status != "success" {
			return "", model.NewLocAppError("getWebrtcToken", "api.webrtc.register_token.app_error", nil, "")
		}
	}

	return token, nil
}
Beispiel #2
0
func authorizeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
	if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider {
		c.Err = model.NewLocAppError("authorizeOAuth", "api.oauth.authorize_oauth.disabled.app_error", nil, "")
		c.Err.StatusCode = http.StatusNotImplemented
		return
	}

	responseType := r.URL.Query().Get("response_type")
	clientId := r.URL.Query().Get("client_id")
	redirect := r.URL.Query().Get("redirect_uri")
	scope := r.URL.Query().Get("scope")
	state := r.URL.Query().Get("state")

	if len(scope) == 0 {
		scope = model.DEFAULT_SCOPE
	}

	if len(responseType) == 0 || len(clientId) == 0 || len(redirect) == 0 {
		c.Err = model.NewLocAppError("authorizeOAuth", "api.oauth.authorize_oauth.missing.app_error", nil, "")
		return
	}

	var app *model.OAuthApp
	if result := <-Srv.Store.OAuth().GetApp(clientId); result.Err != nil {
		c.Err = result.Err
		return
	} else {
		app = result.Data.(*model.OAuthApp)
	}

	// here we should check if the user is logged in
	if len(c.Session.UserId) == 0 {
		http.Redirect(w, r, c.GetSiteURL()+"/login?redirect_to="+url.QueryEscape(r.RequestURI), http.StatusFound)
		return
	}

	isAuthorized := false
	if result := <-Srv.Store.Preference().Get(c.Session.UserId, model.PREFERENCE_CATEGORY_AUTHORIZED_OAUTH_APP, clientId); result.Err == nil {
		// when we support scopes we should check if the scopes match
		isAuthorized = true
	}

	// Automatically allow if the app is trusted
	if app.IsTrusted || isAuthorized {
		closeBody := func(r *http.Response) {
			if r.Body != nil {
				ioutil.ReadAll(r.Body)
				r.Body.Close()
			}
		}

		doAllow := func() (*http.Response, *model.AppError) {
			HttpClient := &http.Client{}
			url := c.GetSiteURL() + "/api/v3/oauth/allow?response_type=" + model.AUTHCODE_RESPONSE_TYPE + "&client_id=" + clientId + "&redirect_uri=" + url.QueryEscape(redirect) + "&scope=" + scope + "&state=" + url.QueryEscape(state)
			rq, _ := http.NewRequest("GET", url, strings.NewReader(""))

			rq.Header.Set(model.HEADER_AUTH, model.HEADER_BEARER+" "+c.Session.Token)

			if rp, err := HttpClient.Do(rq); err != nil {
				return nil, model.NewLocAppError(url, "model.client.connecting.app_error", nil, err.Error())
			} else if rp.StatusCode == 304 {
				return rp, nil
			} else if rp.StatusCode >= 300 {
				defer closeBody(rp)
				return rp, model.AppErrorFromJson(rp.Body)
			} else {
				return rp, nil
			}
		}

		if result, err := doAllow(); err != nil {
			c.Err = err
			return
		} else {
			//defer closeBody(result)
			data := model.MapFromJson(result.Body)
			redirectTo := data["redirect"]
			http.Redirect(w, r, redirectTo, http.StatusFound)
			return
		}
	}

	w.Header().Set("Content-Type", "text/html")

	w.Header().Set("Cache-Control", "no-cache, max-age=31556926, public")
	http.ServeFile(w, r, utils.FindDir(model.CLIENT_DIR)+"root.html")
}