Merge pull request #167 from pdsinterop/prep-release

Prep release 0.9.1

Author: ylebre

.github/workflows/dependancy-security-check.yml

@@ -20,7 +20,7 @@ jobs:
 
     strategy:
       matrix:
-        php: ['8.1']
+        php: ['8.2']
 
     steps:
       - name: Checkout code

solid/appinfo/info.xml

@@ -11,7 +11,7 @@ It supports the webid-oidc-dpop-pkce login flow to connect to a Solid App with y
 When you do this, the Solid App can store data in your Nextcloud account through the Solid protocol.
 
 ]]></description>
-    <version>0.8.2</version>
+    <version>0.9.1</version>
     <licence>agpl</licence>
     <author mail="auke@muze.nl" >Auke van Slooten</author>
     <namespace>Solid</namespace>

solid/composer.json

@@ -31,7 +31,7 @@
         "lcobucci/jwt": "^4.1",
         "pdsinterop/flysystem-nextcloud": "^0.2",
         "pdsinterop/flysystem-rdf": "^0.5",
-        "pdsinterop/solid-auth": "v0.10.3",
+        "pdsinterop/solid-auth": "v0.11.0",
         "pdsinterop/solid-crud": "^0.7.3",
         "psr/log": "^1.1"
     },

solid/composer.lock

@@ -4,10 +4,10 @@
 	display: block;
 }
 #solid-admin input {
-	width: 480px;
+	width: 500px;
 }
 #solid-admin textarea {
-	width: 480px;
+	width: 500px;
 	height: 240px;
 	font-size: 12px;
 	font-family: monospace;

solid/css/settings-admin.css

@@ -66,4 +66,116 @@ private function generateKeySet() {
 			);
 			return $result;
 		}
+
+		/**
+		 * @param string $clientId
+		 * @return array|null
+		 */
+		public function getClientConfigById($clientId) {
+			$clients = (array)$this->config->getAppValue('solid','clients');
+			if (array_key_exists($clientId, $clients)) {
+				return $clients[$clientId];
+			}
+			return null;
+		}
+
+		/**
+		 * @return array|null
+		 */
+		public function getClients() {
+			$configKeys = (array)$this->config->getAppKeys('solid');
+			$clients = [];
+			foreach ($configKeys as $key) {
+				if (preg_match("/^client-([a-z0-9]+)$/", $key, $matches)) {
+					$clientRegistration = json_decode($this->config->getAppValue('solid', $key, '{}'), true);
+					$clients[] = [
+						"clientId" => $matches[1],
+						"clientName" => $clientRegistration['client_name']
+					];
+				}
+			}
+			return $clients;
+		}
+
+		/**
+		 * @param array $clientConfig
+		 * @return string
+		 */
+		public function saveClientConfig($clientId, $clientConfig) {
+			$clients = (array)$this->config->getAppValue('solid', 'clients');
+			$clients[$clientId] = $clientConfig;
+			$this->config->setAppValue('solid','clients', $clients);
+			return $clientId;
+		}
+
+		/**
+		 * @param string $clientId
+		 * @param array $scopes
+		 */
+		public function addScopesToClient($clientId, $scopes) {
+			$clientScopes = $this->getClientScopes($clientId);
+			$clientScopes = array_unique(array_merge($clientScopes, $scopes));
+			$this->setClientScopes($clientId, $clientScopes);
+		}
+
+		/**
+		 * @param string $clientId
+		 * @param array $scopes
+		 */
+		public function setClientScopes($clientId, $scopes) {
+			$clientScopes = (array)$this->config->getAppValue('solid', 'clientScopes');
+			$clientScopes[$clientId] = $scopes;
+			$this->config->setAppValue('solid', 'clientScopes', $clientScopes);
+		}
+
+		/**
+		 * @param string $clientId
+		 * @return array
+		 */
+		public function getClientScopes($clientId) {
+			$clientScopes = (array)$this->config->getAppValue('solid', 'clientScopes');
+			if (array_key_exists($clientId, $clientScopes)) {
+				return $clientScopes[$clientId];
+			}
+			return [];
+		}
+
+		/**
+		 * @param string $clientId
+		 */
+		public function removeClientConfig($clientId) {
+			$clients = (array)$this->config->getAppValue('solid', 'clients');
+			unset($clients[$clientId]);
+			$this->config->setAppValue('solid','clients', $clients);
+			$scopes = (array)$this->config->getAppValue('solid', 'clientScopes');
+			unset($scopes[$clientId]);
+			$this->config->setAppValue('solid', 'clientScopes', $scopes);
+		}
+		public function saveClientRegistration($origin, $clientData) {
+			$originHash = md5($origin);
+			$existingRegistration = $this->getClientRegistration($originHash);
+			if ($existingRegistration && isset($existingRegistration['redirect_uris'])) {
+				foreach ($existingRegistration['redirect_uris'] as $uri) {
+					$clientData['redirect_uris'][] = $uri;
+				}
+				$clientData['redirect_uris'] = array_unique($clientData['redirect_uris']);
+			}
+
+			$clientData['client_id'] = $originHash;
+			$clientData['client_name'] = $origin;
+			$clientData['client_secret'] = md5(random_bytes(32));
+			$this->config->setAppValue('solid', "client-" . $originHash, json_encode($clientData));
+
+			$this->config->setAppValue('solid', "client-" . $origin, json_encode($clientData));
+			return $clientData;
+		}
+
+		public function removeClientRegistration($clientId) {
+			$this->config->deleteAppValue('solid', "client-" . $clientId);
+		}
+
+		public function getClientRegistration($clientId) {
+			$data = $this->config->getAppValue('solid', "client-" . $clientId, "{}");
+			return json_decode($data, true);
+		}
 	}

solid/lib/BaseServerConfig.php

@@ -343,10 +343,18 @@ public function register() {
 			$origin .= ":" . $parsedOrigin['port'];
 		}
 
-		$clientId = $this->config->saveClientRegistration($origin, $clientData);
+		$clientData = $this->config->saveClientRegistration($origin, $clientData);
 		$registration = array(
-			'client_id' => $clientId,
-			'registration_client_uri' => $this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkToRoute("solid.server.registeredClient", array("clientId" => $clientId))),
+			'client_id' => $clientData['client_id'],
+			/*
+				 FIXME: returning client_secret will trigger calls with basic auth to us. To get this to work, we need this patch:
+				// File /var/www/vhosts/solid-nextcloud/site/www/lib/base.php not changed so no update needed
+				//	($request->getRawPathInfo() !== '/apps/oauth2/api/v1/token') &&
+				//	($request->getRawPathInfo() !== '/apps/solid/token')
+			*/
+			// 'client_secret' => $clientData['client_secret'], // FIXME: Returning this means we need to patch Nextcloud to accept tokens on calls to
+
+			'registration_client_uri' => $this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkToRoute("solid.server.registeredClient", array("clientId" => $clientData['client_id']))),
 			'client_id_issued_at' => $clientData['client_id_issued_at'],
 			'redirect_uris' => $clientData['redirect_uris'],
 		);
@@ -413,7 +421,7 @@ private function getClient($clientId) {
 		if ($clientId && count($clientRegistration)) {
 			return new \Pdsinterop\Solid\Auth\Config\Client(
 				$clientId,
-				$clientRegistration['client_secret'],
+				$clientRegistration['client_secret'] ?? '',
 				$clientRegistration['redirect_uris'],
 				$clientRegistration['client_name']
 			);

solid/lib/Controller/ServerController.php

@@ -26,81 +26,6 @@ public function __construct(IConfig $config, IUrlGenerator $urlGenerator, IUserM
 			parent::__construct($config);
 		}
 
-		/**
-		 * @param string $clientId
-		 * @return array|null
-		 */
-		public function getClientConfigById($clientId) {
-			$clients = (array)$this->config->getAppValue('solid','clients');
-			if (array_key_exists($clientId, $clients)) {
-				return $clients[$clientId];
-			}
-			return null;
-		}
-
-		/**
-		 * @return array|null
-		 */
-		public function getClients() {
-			$clients = (array)$this->config->getAppKeys('solid');
-			return $clients;
-		}
-
-		/**
-		 * @param array $clientConfig
-		 * @return string
-		 */
-		public function saveClientConfig($clientConfig) {
-			$clients = (array)$this->config->getAppValue('solid', 'clients');
-			$clientId = uuidv4();
-			$clients[$clientId] = $clientConfig;
-			$this->config->setAppValue('solid','clients', $clients);
-			return $clientId;
-		}
-
-		/**
-		 * @param string $clientId
-		 * @param array $scopes
-		 */
-		public function addScopesToClient($clientId, $scopes) {
-			$clientScopes = $this->getClientScopes($clientId);
-			$clientScopes = array_unique(array_merge($clientScopes, $scopes));
-			$this->setClientScopes($clientId, $clientScopes);
-		}
-
-		/**
-		 * @param string $clientId
-		 * @param array $scopes
-		 */
-		public function setClientScopes($clientId, $scopes) {
-			$clientScopes = (array)$this->config->getAppValue('solid', 'clientScopes');
-			$clientScopes[$clientId] = $scopes;
-			$this->config->setAppValue('solid', 'clientScopes', $clientScopes);
-		}
-
-		/**
-		 * @param string $clientId
-		 * @return array
-		 */
-		public function getClientScopes($clientId) {
-			$clientScopes = (array)$this->config->getAppValue('solid', 'clientScopes');
-			if (array_key_exists($clientId, $clientScopes)) {
-				return $clientScopes[$clientId];
-			}
-			return [];
-		}
-
-		/**
-		 * @param string $clientId
-		 */
-		public function removeClientConfig($clientId) {
-			$clients = (array)$this->config->getAppValue('solid', 'clients');
-			unset($clients[$clientId]);
-			$this->config->setAppValue('solid','clients', $clients);
-			$scopes = (array)$this->config->getAppValue('solid', 'clientScopes');
-			unset($scopes[$clientId]);
-			$this->config->setAppValue('solid', 'clientScopes', $scopes);
-		}
 		public function getAllowedClients($userId) {
 			return json_decode($this->config->getUserValue($userId, 'solid', "allowedClients", "[]"), true);
 		}
@@ -116,33 +41,6 @@ public function removeAllowedClient($userId, $clientId) {
 			$this->config->setUserValue($userId, "solid", "allowedClients", json_encode($allowedClients));
 		}
 
-		public function saveClientRegistration($origin, $clientData) {
-			$originHash = md5($origin);
-			$existingRegistration = $this->getClientRegistration($originHash);
-			if ($existingRegistration && isset($existingRegistration['redirect_uris'])) {
-				foreach ($existingRegistration['redirect_uris'] as $uri) {
-					$clientData['redirect_uris'][] = $uri;
-				}
-				$clientData['redirect_uris'] = array_unique($clientData['redirect_uris']);
-			}
-
-			$clientData['client_name'] = $origin;
-			$clientData['client_secret'] = md5(random_bytes(32));
-			$this->config->setAppValue('solid', "client-" . $originHash, json_encode($clientData));
-
-			$this->config->setAppValue('solid', "client-" . $origin, json_encode($clientData));
-			return $originHash;
-		}
-
-		public function removeClientRegistration($clientId) {
-			$this->config->deleteAppValue('solid', "client-" . $clientId);
-		}
-
-		public function getClientRegistration($clientId) {
-			$data = $this->config->getAppValue('solid', "client-" . $clientId, "{}");
-			return json_decode($data, true);
-		}
-
 		public function getProfileData($userId) {
 			return $this->config->getUserValue($userId, "solid", "profileData", "");
 		}

solid/lib/ServerConfig.php

@@ -22,9 +22,12 @@ public function __construct(IConfig $config, IL10N $l) {
      * @return TemplateResponse
      */
     public function getForm() {
+        $allClients = $this->serverConfig->getClients();
+
         $parameters = [
             'privateKey'    => $this->serverConfig->getPrivateKey(),
-	    'encryptionKey' => $this->serverConfig->getEncryptionKey()
+	    'encryptionKey' => $this->serverConfig->getEncryptionKey(),
+	    'clients' => $allClients
         ];
 
         return new TemplateResponse('solid', 'admin', $parameters, '');

solid/lib/Settings/SolidAdmin.php

@@ -16,4 +16,21 @@
 			<textarea id="solid-encryption-key" type="text"><?php p($_['encryptionKey']); ?></textarea>
 		</label>
 	</p>
+	<h2 class="inlineblock"><?php p($l->t('Solid Client Registrations')); ?></h2>
+	<table class="grid">
+		<thead>
+			<tr>
+				<th>Client ID</th>
+				<th>Client name</th>
+			</tr>
+		</thead>
+		<tbody>
+			<?php foreach ($_['clients'] as $client => $registration) { ?>
+				<tr>
+					<td><?php p($registration['clientId']); ?></td>
+					<td><?php p($registration['clientName']); ?></td>
+				</tr>
+			<?php } ?>
+		</tbody>
+	</table>
 </div>