Activated platform authentication of clients
This commit is contained in:
eldadfux
parent
4bc32d4a15
commit
272a27b44c
29
app/app.php
29
app/app.php
|
|
@ -32,7 +32,16 @@ $webhook = new Event('v1-webhooks', 'WebhooksV1');
|
|||
$audit = new Event('v1-audits', 'AuditsV1');
|
||||
$usage = new Event('v1-usage', 'UsageV1');
|
||||
|
||||
$utopia->init(function() use ($utopia, $request, $response, $register, &$user, $project, $consoleDB, $roles, $webhook, $audit, $usage, $domain) {
|
||||
$clients = array_map(function($node) {
|
||||
return $node['url'];
|
||||
}, array_filter($project->getAttribute('platforms', []), function($node) {
|
||||
if(isset($node['type']) && $node['type'] === 'web' && isset($node['url']) && !empty($node['url'])) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}));
|
||||
|
||||
$utopia->init(function() use ($utopia, $request, $response, $register, &$user, $project, $roles, $webhook, $audit, $usage, $domain, $clients) {
|
||||
|
||||
$route = $utopia->match($request);
|
||||
|
||||
|
|
@ -49,15 +58,7 @@ $utopia->init(function() use ($utopia, $request, $response, $register, &$user, $
|
|||
$referrer = $request->getServer('HTTP_REFERER', '');
|
||||
$origin = $request->getServer('HTTP_ORIGIN', parse_url($referrer, PHP_URL_SCHEME) . '://' . parse_url($referrer, PHP_URL_HOST));
|
||||
|
||||
// //var_dump($project->getAttribute('clients', []), $project);
|
||||
// print_r(array_map(function($node) {
|
||||
// var_dump($node);
|
||||
// if(isset($node['type']) && $node['type'] === 'web') {
|
||||
// return $node['domains'];
|
||||
// }
|
||||
// }, $project->getAttribute('platforms', [])));
|
||||
// exit();
|
||||
$refDomain = (in_array($origin, array_merge($project->getAttribute('clients', []))))
|
||||
$refDomain = (in_array($origin, $clients))
|
||||
? $origin : 'http://localhost';
|
||||
|
||||
/**
|
||||
|
|
@ -82,7 +83,7 @@ $utopia->init(function() use ($utopia, $request, $response, $register, &$user, $
|
|||
* Validate Client Domain - Check to avoid CSRF attack
|
||||
* Adding appwrite api domains to allow XDOMAIN communication
|
||||
*/
|
||||
$hostValidator = new Host(array_merge($project->getAttribute('clients', []), ['http://localhost', 'https://localhost', 'https://appwrite.test', 'https://appwrite.io']));
|
||||
$hostValidator = new Host(array_merge($clients, ['http://localhost', 'https://localhost', 'https://appwrite.test', 'https://appwrite.io']));
|
||||
|
||||
if(!$hostValidator->isValid($request->getServer('HTTP_ORIGIN', $request->getServer('HTTP_REFERER', '')))
|
||||
&& in_array($request->getMethod(), [Request::METHOD_POST, Request::METHOD_PUT, Request::METHOD_PATCH, Request::METHOD_DELETE])
|
||||
|
|
@ -425,7 +426,7 @@ $utopia->get('/v1/xss')
|
|||
->label('scope', 'public')
|
||||
->label('docs', false)
|
||||
->action(
|
||||
function() use ($response, $project) {
|
||||
function() {
|
||||
throw new Exception('XSS detected and reported by a browser client', 500);
|
||||
}
|
||||
);
|
||||
|
|
@ -434,11 +435,11 @@ $utopia->get('/v1/proxy')
|
|||
->label('scope', 'public')
|
||||
->label('docs', false)
|
||||
->action(
|
||||
function() use ($response, $project, $console) {
|
||||
function() use ($response, $console, $clients) {
|
||||
$view = new View(__DIR__ . '/views/proxy.phtml');
|
||||
$view
|
||||
->setParam('routes', '')
|
||||
->setParam('clients', array_merge($project->getAttribute('clients', []), $console->getAttribute('clients', [])))
|
||||
->setParam('clients', array_merge($clients, $console->getAttribute('clients', [])))
|
||||
;
|
||||
|
||||
$response
|
||||
|
|
|
|||
|
|
@ -84,12 +84,12 @@ $graph = $this->getParam('graph', false);
|
|||
<ul data-ls-loop="console-project.platforms" data-ls-as="platform" class="list">
|
||||
<li class="clear">
|
||||
|
||||
<div data-ui-modal class="modal close" data-button-text="Update" data-button-class="pull-end">
|
||||
<div data-ui-modal class="modal box close" data-button-text="Update" data-button-class="pull-end">
|
||||
<button type="button" class="close pull-end" data-ui-modal-close=""><i class="icon-cancel"></i></button>
|
||||
|
||||
<h1>Update Platform</h1>
|
||||
|
||||
<div xdata-ls-template="template-{{platform.type}}-update" data-type="script"></div>
|
||||
<div data-ls-template="template-{{platform.type}}-update" data-type="script"></div>
|
||||
</div>
|
||||
|
||||
<form class="pull-end margin-end"
|
||||
|
|
@ -119,7 +119,7 @@ $graph = $this->getParam('graph', false);
|
|||
</ul>
|
||||
</div>
|
||||
|
||||
<div data-ls-if="({{console-project.platforms.length}} === undefined)" class="box dashboard margin-bottom" style="display: none;">
|
||||
<div data-ls-if="(!{{console-project.platforms.length}})" class="box dashboard margin-bottom" style="display: none;">
|
||||
<div class="margin-bottom margin-top-small margin-end margin-start">
|
||||
<h3 class="margin-bottom">No Platforms Added to Your Project</h3>
|
||||
|
||||
|
|
@ -147,7 +147,7 @@ $graph = $this->getParam('graph', false);
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div data-ui-modal class="modal close" data-button-alias=".web-new">
|
||||
<div data-ui-modal class="modal box close" data-button-alias=".web-new">
|
||||
<button type="button" class="close pull-end" data-ui-modal-close=""><i class="icon-cancel"></i></button>
|
||||
|
||||
<h1>New Website</h1>
|
||||
|
|
@ -182,9 +182,9 @@ $graph = $this->getParam('graph', false);
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="margin-top">
|
||||
<button type="submit">Register</button> <button data-ui-modal-close="" type="button" class="reverse">Cancel</button>
|
||||
</div>
|
||||
<hr />
|
||||
|
||||
<button type="submit">Register</button> <button data-ui-modal-close="" type="button" class="reverse">Cancel</button>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
|
|
@ -209,8 +209,8 @@ $graph = $this->getParam('graph', false);
|
|||
<label for="url">URL <span class="tooltip large" data-tooltip="The URL that your website will use to interact with the <?php echo APP_NAME; ?> APIs in production or development environments."><i class="icon-question"></i></span></label>
|
||||
<input name="url" type="url" class="margin-bottom" autocomplete="off" placeholder="example.com" data-ls-bind="{{platform.url}}" required>
|
||||
|
||||
<div class="margin-top">
|
||||
<button type="submit">Update</button> <button data-ui-modal-close="" type="button" class="reverse">Cancel</button>
|
||||
</div>
|
||||
<hr />
|
||||
|
||||
<button type="submit">Update</button> <button data-ui-modal-close="" type="button" class="reverse">Cancel</button>
|
||||
</form>
|
||||
</script>
|
||||
|
|
@ -56,39 +56,7 @@ use Utopia\Locale\Locale;
|
|||
<input name="url" id="url" type="url" class="full-width" autocomplete="off" placeholder="https://acme-corp.com" data-ls-bind="{{console-project.url}}">
|
||||
|
||||
<hr />
|
||||
|
||||
<h3>Clients</h3>
|
||||
|
||||
<input name="clients" type="hidden" data-cast-to="array-empty">
|
||||
|
||||
<div data-ls-loop="console-project.clients" data-ls-as="client" style="overflow: hidden">
|
||||
<div class="margin-bottom-small">
|
||||
<div data-forms-remove class="row thin">
|
||||
<div class="col span-9">
|
||||
<input name="clients" type="url" class="full-width" autocomplete="off" placeholder="https://acme-corp.com" data-ls-bind="{{client}}" data-cast-to="array">
|
||||
</div>
|
||||
<div class="col span-3">
|
||||
<button type="button" data-remove class="reverse danger pull-end"><i class="icon-cancel"></i></button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div data-forms-clone="" data-first="0">
|
||||
<div class="margin-bottom-small">
|
||||
<div data-forms-remove class="row thin">
|
||||
<div class="col span-9">
|
||||
<input name="clients" type="url" class="full-width" autocomplete="off" placeholder="https://acme-corp.com" data-cast-to="array">
|
||||
</div>
|
||||
<div class="col span-3">
|
||||
<button type="button" data-remove class="reverse danger pull-end"><i class="icon-cancel"></i></button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<hr />
|
||||
|
||||
|
||||
<button class="" type="submit">Save</button>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
10
public/dist/scripts/app-all.js
vendored
10
public/dist/scripts/app-all.js
vendored
|
|
@ -4,7 +4,7 @@
|
|||
{http.addGlobalHeader('X-Appwrite-Key',value);config.key=value;return this;};let setLocale=function(value)
|
||||
{http.addGlobalHeader('X-Appwrite-Locale',value);config.locale=value;return this;};let setMode=function(value)
|
||||
{http.addGlobalHeader('X-Appwrite-Mode',value);config.mode=value;return this;};let http=function(document){let globalParams=[],globalHeaders=[];let addParam=function(url,param,value){let a=document.createElement('a'),regex=/(?:\?|&|&)+([^=]+)(?:=([^&]*))*/g;let match,str=[];a.href=url;param=encodeURIComponent(param);while(match=regex.exec(a.search))if(param!==match[1])str.push(match[1]+(match[2]?"="+match[2]:""));str.push(param+(value?"="+encodeURIComponent(value):""));a.search=str.join("&");return a.href;};let buildQuery=function(params){let str=[];for(let p in params){if(params.hasOwnProperty(p)){str.push(encodeURIComponent(p)+"="+encodeURIComponent(params[p]));}}
|
||||
return str.join("&");};let addGlobalHeader=function(key,value){globalHeaders[key]={key:key.toLowerCase(),value:value.toLowerCase()};};let addGlobalParam=function(key,value){globalParams.push({key:key,value:value});};addGlobalHeader('x-sdk-version','appwrite:javascript:v1.0.9');addGlobalHeader('content-type','');let call=function(method,path,headers={},params={},progress=null){let i;path=config.endpoint+path;if(-1===['GET','POST','PUT','DELETE','TRACE','HEAD','OPTIONS','CONNECT','PATCH'].indexOf(method)){throw new Error('var method must contain a valid HTTP method name');}
|
||||
return str.join("&");};let addGlobalHeader=function(key,value){globalHeaders[key]={key:key.toLowerCase(),value:value.toLowerCase()};};let addGlobalParam=function(key,value){globalParams.push({key:key,value:value});};addGlobalHeader('x-sdk-version','appwrite:javascript:v1.0.10');addGlobalHeader('content-type','');let call=function(method,path,headers={},params={},progress=null){let i;path=config.endpoint+path;if(-1===['GET','POST','PUT','DELETE','TRACE','HEAD','OPTIONS','CONNECT','PATCH'].indexOf(method)){throw new Error('var method must contain a valid HTTP method name');}
|
||||
if(typeof path!=='string'){throw new Error('var path must be of type string');}
|
||||
if(typeof headers!=='object'){throw new Error('var headers must be of type object');}
|
||||
for(i=0;i<globalParams.length;i++){path=addParam(path,globalParams[i].key,globalParams[i].value);}
|
||||
|
|
@ -83,15 +83,15 @@ if(keyId===undefined){throw new Error('Missing required parameter: "keyId"');}
|
|||
let path='/projects/{projectId}/keys/{keyId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{keyId}','g'),keyId);return http.delete(path,{'content-type':'application/json'},{});},updateProjectOAuth:function(projectId,provider,appId='',secret=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
if(provider===undefined){throw new Error('Missing required parameter: "provider"');}
|
||||
let path='/projects/{projectId}/oauth'.replace(new RegExp('{projectId}','g'),projectId);return http.patch(path,{'content-type':'application/json'},{'provider':provider,'appId':appId,'secret':secret});},listPlatforms:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);return http.get(path,{'content-type':'application/json'},{});},createPlatform:function(projectId,type,name,key='',store='',domains=[]){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);return http.get(path,{'content-type':'application/json'},{});},createPlatform:function(projectId,type,name,key='',store='',url=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
if(type===undefined){throw new Error('Missing required parameter: "type"');}
|
||||
if(name===undefined){throw new Error('Missing required parameter: "name"');}
|
||||
let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);return http.post(path,{'content-type':'application/json'},{'type':type,'name':name,'key':key,'store':store,'domains':domains});},getPlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
let path='/projects/{projectId}/platforms'.replace(new RegExp('{projectId}','g'),projectId);return http.post(path,{'content-type':'application/json'},{'type':type,'name':name,'key':key,'store':store,'url':url});},getPlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
|
||||
let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);return http.get(path,{'content-type':'application/json'},{});},updatePlatform:function(projectId,platformId,name,key='',store='',domains=[]){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);return http.get(path,{'content-type':'application/json'},{});},updatePlatform:function(projectId,platformId,name,key='',store='',url='[]'){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
|
||||
if(name===undefined){throw new Error('Missing required parameter: "name"');}
|
||||
let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);return http.put(path,{'content-type':'application/json'},{'name':name,'key':key,'store':store,'domains':domains});},deletePlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);return http.put(path,{'content-type':'application/json'},{'name':name,'key':key,'store':store,'url':url});},deletePlatform:function(projectId,platformId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
if(platformId===undefined){throw new Error('Missing required parameter: "platformId"');}
|
||||
let path='/projects/{projectId}/platforms/{platformId}'.replace(new RegExp('{projectId}','g'),projectId).replace(new RegExp('{platformId}','g'),platformId);return http.delete(path,{'content-type':'application/json'},{});},listTasks:function(projectId){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
let path='/projects/{projectId}/tasks'.replace(new RegExp('{projectId}','g'),projectId);return http.get(path,{'content-type':'application/json'},{});},createTask:function(projectId,name,status,schedule,security,httpMethod,httpUrl,httpHeaders=[],httpUser='',httpPass=''){if(projectId===undefined){throw new Error('Missing required parameter: "projectId"');}
|
||||
|
|
|
|||
Loading…
Reference in a new issue