Issue #75: WOPI proof #79
Conversation
donquixote
force-pushed
the
issue-75-wopi-proof
branch
from
d3465fa to
c5b5dea
Compare
This will allow to use the regular route access layer for proofing and authorization.
…f the custom response.
donquixote
force-pushed
the
issue-75-wopi-proof
branch
6 times, most recently
from
f37d4ff to
9789290
Compare
donquixote
force-pushed
the
issue-75-wopi-proof
branch
3 times, most recently
from
a58c0f4 to
6fa5037
Compare
donquixote
force-pushed
the
issue-75-wopi-proof
branch
from
6fa5037 to
7ead437
Compare
| * | ||
| * Note that the X-WOPI-Timestamp is in DotNet ticks. | ||
| */ | ||
| class WopiTimeoutAccessCheck implements AccessInterface { |
There was a problem hiding this comment.
In the end, the timestamp is used also in the other class, and we basically need one single method from here, while we need to duplicate quite a bit of code. Let's merge all into a single class.
There was a problem hiding this comment.
One motivation for the split was the distinct service dependencies.
We can fully keep out the crypto stuff from the timeout checker, and we can fully keep out the dotnet time conversion from the proof checker. We get two independent buckets of control flow.
The shared code is the config check and the timestamp header value.
| $assert_session->fieldValueEquals('Disable TLS certificate check for COOL.', ''); | ||
| $assert_session->fieldValueEquals('Verify proof header and timestamp in incoming WOPI requests.', '1'); | ||
| $assert_session->fieldValueEquals('Allow COOL to use fullscreen mode.', '1'); |
There was a problem hiding this comment.
Let's convert this to checkboxChecked/checkboxNotChecked.
src/Cool/CollaboraDiscovery.php
Outdated
|
|
||
| /** | ||
| * Service to get a WOPI client url for a given MIME type. | ||
| * Service to get a WOPI client URL for a given MIME type. |
There was a problem hiding this comment.
This is not true now. This service is now a representation of the Collabora discovery file.
|
|
||
| /** | ||
| * Service to get a WOPI client url for a given MIME type. | ||
| * Service to get a WOPI client URL for a given MIME type. | ||
| */ | ||
| class CollaboraDiscovery implements CollaboraDiscoveryInterface { |
There was a problem hiding this comment.
We need to rethink a bit how this service works. Probably we should gather once per initialization the file from the fetcher?
I would like a class that completely wraps the XML, and the single methods return the parsed information from it, like a sort of value object.
There was a problem hiding this comment.
I was thinking that too. But, once we have a value object, we can't have it respond to config changes etc.
Perhaps this is all ok, but I would like a separate issue to think about this.
There was a problem hiding this comment.
One idea I had was a proxy object that deals with the config etc and which then creates the value object to delegate calls to.
When the config changes, we could drop the value object and create a new one.
Or, do we actually need that? Do we care if config changes at runtime, or only between requests?
As a compromise we can have a property that has the cached parsed xml, and then a persistent cache for the xml string. TBD.
donquixote
force-pushed
the
issue-75-wopi-proof
branch
from
b81f05a to
46608d6
Compare
Fixes #75
This also contains some refactoring of WopiController, moving access checks to the routing layer.
I could split this out but I would prefer not to..