-
Notifications
You must be signed in to change notification settings - Fork 113
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
- Loading branch information
Showing
7 changed files
with
131 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
Bugfix: fix OCM userid encoding | ||
|
||
We now base64 encode the remote userid and provider as the local federated user id. This allows us to always differentiate them from local users and unpack the encoded user id and provider when making requests to the remote ocm provider. | ||
|
||
https://github.com/cs3org/reva/pull/4833 | ||
https://github.com/owncloud/ocis/issues/9927 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,6 +21,7 @@ package grpc_test | |
import ( | ||
"bytes" | ||
"context" | ||
"encoding/base64" | ||
"io" | ||
"net/http" | ||
"path/filepath" | ||
|
@@ -116,27 +117,32 @@ var _ = Describe("ocm share", func() { | |
einstein = &userpb.User{ | ||
Id: &userpb.UserId{ | ||
OpaqueId: "4c510ada-c86b-4815-8820-42cdf82c3d51", | ||
Idp: "cernbox.cern.ch", | ||
Idp: "https://cernbox.cern.ch", | ||
Type: userpb.UserType_USER_TYPE_PRIMARY, | ||
}, | ||
Username: "einstein", | ||
Mail: "[email protected]", | ||
DisplayName: "Albert Einstein", | ||
} | ||
federatedEinsteinID = &userpb.UserId{ | ||
Type: userpb.UserType_USER_TYPE_FEDERATED, | ||
Idp: "cernbox.cern.ch", | ||
OpaqueId: base64.URLEncoding.EncodeToString([]byte("[email protected]")), | ||
} | ||
marie = &userpb.User{ | ||
Id: &userpb.UserId{ | ||
OpaqueId: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", | ||
Idp: "cesnet.cz", | ||
Idp: "https://cesnet.cz", | ||
Type: userpb.UserType_USER_TYPE_PRIMARY, | ||
}, | ||
Username: "marie", | ||
Mail: "[email protected]", | ||
DisplayName: "Marie Curie", | ||
} | ||
federatedMarieID = &userpb.UserId{ | ||
OpaqueId: marie.Id.OpaqueId, | ||
Idp: marie.Id.Idp, | ||
Type: userpb.UserType_USER_TYPE_FEDERATED, | ||
Idp: "cesnet.cz", | ||
OpaqueId: base64.URLEncoding.EncodeToString([]byte("[email protected]")), | ||
} | ||
) | ||
|
||
|
@@ -192,16 +198,25 @@ var _ = Describe("ocm share", func() { | |
|
||
Describe("marie has already accepted the invitation workflow", func() { | ||
JustBeforeEach(func() { | ||
// einstein generates an invite token | ||
tknRes, err := cernboxgw.GenerateInviteToken(ctxEinstein, &invitev1beta1.GenerateInviteTokenRequest{}) | ||
Expect(err).ToNot(HaveOccurred()) | ||
Expect(tknRes.Status.Code).To(Equal(rpcv1beta1.Code_CODE_OK)) | ||
|
||
// marie accepts it and her provider forwards the invite back to the instance of einstein | ||
invRes, err := cesnetgw.ForwardInvite(ctxMarie, &invitev1beta1.ForwardInviteRequest{ | ||
InviteToken: tknRes.InviteToken, | ||
OriginSystemProvider: cernbox, | ||
}) | ||
Expect(err).ToNot(HaveOccurred()) | ||
Expect(invRes.Status.Code).To(Equal(rpcv1beta1.Code_CODE_OK)) | ||
// Make sure the user is a federated user | ||
// The user type must be a federated user | ||
Expect(invRes.UserId.Type).To(Equal(userpb.UserType_USER_TYPE_FEDERATED)) | ||
// Federated users use the OCM provider id which MUST NOT contain the protocol | ||
Expect(invRes.UserId.Idp).To(Equal("cernbox.cern.ch")) | ||
// The OpaqueId is the base64 encoded user id and the provider id to provent collisions with other users on the graph API | ||
Expect(invRes.UserId.OpaqueId).To(Equal(federatedEinsteinID.OpaqueId)) | ||
}) | ||
|
||
Context("einstein shares a file with view permissions", func() { | ||
|