Micke/roundcubemail-plugins-kolab
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Files: Fix token refresh (when using SSO and Kolab4 files API)

Browse source 
Summary: Fixes order of registering hook handlers. Properly propagates the refreshed token to the client-side

Reviewers: #roundcube_kolab_plugins_developers, mollekopf

Reviewed By: #roundcube_kolab_plugins_developers, mollekopf

Subscribers: #roundcube_kolab_plugins_developers

Differential Revision: https://git.kolab.org/D5139
This commit is contained in:
Aleksander Machniak 2025-03-24 10:58:10 +01:00
parent f72d48940e
commit 9f5a0da9d9
2 changed files with 30 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
plugins/kolab_files/kolab_files.js
View file

@ -127,6 +127,9 @@ window.rcmail && window.files_api && rcmail.addEventListener('init', function()
} }
kolab_files_init(); kolab_files_init();
rcmail.addEventListener('responsebeforerefresh', kolab_files_token_refresh);
rcmail.addEventListener('responsebeforekeep-alive', kolab_files_token_refresh);
}); });
@ -274,6 +277,28 @@ function kolab_files_token()
return rcmail.is_framed() && parent.rcmail.env.files_token ? parent.rcmail.env.files_token : rcmail.env.files_token; return rcmail.is_framed() && parent.rcmail.env.files_token ? parent.rcmail.env.files_token : rcmail.env.files_token;
}; };
// Event handler for refresh/keep-alive action that can bring a refreshed access token
function kolab_files_token_refresh(data)
{
var i, win, env = data && data.response ? data.response.env : {};
if (!env.files_token || rcmail.env.files_token == env.files_token) {
return;
}
file_api.set_env({ token: env.files_token });
// Propagate the change to all iframes
for (i = 0; i < window.frames.length; i++) {
win = window.frames[i];
try {
win.file_api.set_env({ token: env.files_token });
} catch (e) {
// ignore
}
}
};
function kolab_files_from_cloud_widget(elem) function kolab_files_from_cloud_widget(elem)
{ {
$('<a class="button btn btn-secondary fromcloud">') $('<a class="button btn btn-secondary fromcloud">')

18
plugins/kolab_files/kolab_files.php
View file

@ -39,22 +39,14 @@ class kolab_files extends rcube_plugin
// we use libkolab::http_request() from libkolab with its configuration // we use libkolab::http_request() from libkolab with its configuration
$this->require_plugin('libkolab'); $this->require_plugin('libkolab');
if (isset($this->rc->oauth)) { // Register hooks related to token refresh (must be before is_token_valid() below)
$this->rc->oauth->is_token_valid();
// This is excessive, but we have no good way of detecting when chwala no longer has a valid token,
// and we have to make sure kolab_files_engine::get_api_token triggers the chwala_authenticate hook,
// to update the credentials it uses to retrieve a new token.
$_SESSION['kolab_files_token'] = null;
if ($engine = $this->engine()) {
$this->rc->output->set_env('files_token', $engine->get_api_token());
}
}
// Register hooks
$this->add_hook('refresh', [$this, 'refresh']); $this->add_hook('refresh', [$this, 'refresh']);
$this->add_hook('oauth_refresh_token', [$this, 'oauth_refresh_token']); $this->add_hook('oauth_refresh_token', [$this, 'oauth_refresh_token']);
if (isset($this->rc->oauth)) {
$this->rc->oauth->is_token_valid();
}
// Plugin actions for other tasks // Plugin actions for other tasks
$this->register_action('plugin.kolab_files', [$this, 'actions']); $this->register_action('plugin.kolab_files', [$this, 'actions']);