Move OC.requestToken to the bundle, deprecate oc_requesttoken

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

7 files changed, 101 insertions, 15 deletions

diff --git a/core/src/OC/eventsource.js b/core/src/OC/eventsource.js
index 4851aa3816d..ec70e665014 100644
--- a/core/src/OC/eventsource.js
+++ b/core/src/OC/eventsource.js
@@ -32,6 +32,8 @@
 
 import $ from 'jquery'
 
+import {getToken} from './requesttoken'
+
 /**
  * Create a new event source
  * @param {string} src
@@ -51,7 +53,7 @@ const OCEventSource = function (src, data) {
 			dataStr += name + '=' + encodeURIComponent(data[name]) + '&';
 		}
 	}
-	dataStr += 'requesttoken=' + encodeURIComponent(oc_requesttoken);
+	dataStr += 'requesttoken=' + encodeURIComponent(getToken());
 	if (!this.useFallBack && typeof EventSource !== 'undefined') {
 		joinChar = '&';
 		if (src.indexOf('?') === -1) {
diff --git a/core/src/OC/index.js b/core/src/OC/index.js
index 81cf002e47f..6a9fea3c7b7 100644
--- a/core/src/OC/index.js
+++ b/core/src/OC/index.js
@@ -43,6 +43,10 @@ import Dialogs from './dialogs'
 import EventSource from './eventsource'
 import {get, set} from './get_set'
 import {
+	getToken as getRequestToken,
+	subscribe as subscribeToRequestTokenChange,
+} from './requesttoken'
+import {
 	hideMenus,
 	registerMenu,
 	showMenu,
@@ -135,6 +139,7 @@ export default {
 	filePath,
 	redirect,
 	reload,
+	requestToken: getRequestToken(),
 	linkTo,
 	linkToOCS,
 	linkToRemote,
@@ -150,3 +155,6 @@ export default {
 	 */
 	webroot,
 }
+
+// Keep the request token prop in sync
+subscribeToRequestTokenChange(token => OC.requestToken = token)
diff --git a/core/src/OC/requesttoken.js b/core/src/OC/requesttoken.js
new file mode 100644
index 00000000000..3c4a185f1c0
--- /dev/null
+++ b/core/src/OC/requesttoken.js
@@ -0,0 +1,43 @@
+/*
+ * @copyright 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+let token = document.getElementsByTagName('head')[0].getAttribute('data-requesttoken');
+const observers = []
+
+/**
+ * @return {string}
+ */
+export const getToken = () => token
+
+/**
+ * @param {Function} observer
+ * @return {number}
+ */
+export const subscribe = observer => observers.push(observer)
+
+/**
+ * @param {String} newToken
+ */
+export const setToken = newToken => {
+	token = newToken
+
+	observers.forEach(o => o(token))
+}
diff --git a/core/src/globals.js b/core/src/globals.js
index 65ad3148ec6..48955f11d3a 100644
--- a/core/src/globals.js
+++ b/core/src/globals.js
@@ -42,7 +42,7 @@ const deprecate = (func, funcName) => {
 	return newFunc
 }
 
-const setDeprecatedProp = (global, val, msg) => {
+const setDeprecatedProp = (global, cb, msg) => {
 	if (window[global] !== undefined) {
 		delete window[global]
 	}
@@ -53,7 +53,8 @@ const setDeprecatedProp = (global, val, msg) => {
 			} else {
 				warnIfNotTesting(`${global} is deprecated`)
 			}
-			return val
+
+			return cb()
 		}
 	})
 }
@@ -93,6 +94,7 @@ import OCP from './OCP/index'
 import OCA from './OCA/index'
 import escapeHTML from './Util/escapeHTML'
 import formatDate from './Util/format-date'
+import {getToken as getRequestToken} from './OC/requesttoken'
 import getURLParameter from './Util/get-url-parameter'
 import humanFileSize from './Util/human-file-size'
 import relative_modified_date from './Util/relative-modified-date'
@@ -115,14 +117,15 @@ window['md5'] = md5
 window['moment'] = moment
 
 window['OC'] = OC
-setDeprecatedProp('initCore', initCore, 'this is an internal function')
-setDeprecatedProp('oc_appswebroots', OC.appswebroots, 'use OC.appswebroots instead')
-setDeprecatedProp('oc_config', OC.config, 'use OC.config instead')
-setDeprecatedProp('oc_current_user', OC.getCurrentUser().uid, 'use OC.getCurrentUser().uid instead')
-setDeprecatedProp('oc_debug', OC.debug, 'use OC.debug instead')
-setDeprecatedProp('oc_isadmin', OC.isUserAdmin(), 'use OC.isUserAdmin() instead')
-setDeprecatedProp('oc_webroot', OC.webroot, 'use OC.getRootPath() instead')
-setDeprecatedProp('OCDialogs', OC.dialogs, 'use OC.dialogs instead')
+setDeprecatedProp('initCore', () => initCore, 'this is an internal function')
+setDeprecatedProp('oc_appswebroots', ()  => OC.appswebroots, 'use OC.appswebroots instead')
+setDeprecatedProp('oc_config', () => OC.config, 'use OC.config instead')
+setDeprecatedProp('oc_current_user', () => OC.getCurrentUser().uid, 'use OC.getCurrentUser().uid instead')
+setDeprecatedProp('oc_debug', () => OC.debug, 'use OC.debug instead')
+setDeprecatedProp('oc_isadmin', OC.isUserAdmin, 'use OC.isUserAdmin() instead')
+setDeprecatedProp('oc_requesttoken', () => getRequestToken(), 'use OC.requestToken instead')
+setDeprecatedProp('oc_webroot', () => OC.webroot, 'use OC.getRootPath() instead')
+setDeprecatedProp('OCDialogs', () => OC.dialogs, 'use OC.dialogs instead')
 window['OCP'] = OCP
 window['OCA'] = OCA
 window['escapeHTML'] = deprecate(escapeHTML, 'escapeHTML')
diff --git a/core/src/jquery/index.js b/core/src/jquery/index.js
index 43b379fd2e5..e2efc76bdf1 100644
--- a/core/src/jquery/index.js
+++ b/core/src/jquery/index.js
@@ -28,6 +28,7 @@ import './filterattr'
 import './ocdialog'
 import './octemplate'
 import './placeholder'
+import './requesttoken'
 import './selectrange'
 import './showpassword'
 import './tipsy'
diff --git a/core/src/jquery/requesttoken.js b/core/src/jquery/requesttoken.js
new file mode 100644
index 00000000000..a8fb024d04a
--- /dev/null
+++ b/core/src/jquery/requesttoken.js
@@ -0,0 +1,31 @@
+/*
+ * @copyright 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2019 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+import $ from 'jquery'
+
+import {getToken} from '../OC/requesttoken'
+
+$(document).on('ajaxSend',function(elm, xhr, settings) {
+	if(settings.crossDomain === false) {
+		xhr.setRequestHeader('requesttoken', getToken());
+		xhr.setRequestHeader('OCS-APIREQUEST', 'true');
+	}
+});
diff --git a/core/src/session-heartbeat.js b/core/src/session-heartbeat.js
index 5d1f7177cf7..9a4981e4bb7 100644
--- a/core/src/session-heartbeat.js
+++ b/core/src/session-heartbeat.js
@@ -23,6 +23,7 @@ import $ from 'jquery'
 
 import {generateUrl} from './OC/routing'
 import OC from './OC'
+import {setToken as setRequestToken} from './OC/requesttoken'
 
 /**
  * session heartbeat (defaults to enabled)
@@ -65,10 +66,7 @@ export const initSessionHeartBeat = () => {
 
 	setInterval(() => {
 		$.ajax(generateUrl('/csrftoken'))
-			.then(resp => {
-				oc_requesttoken = resp.token
-				OC.requestToken = resp.token
-			})
+			.then(resp => setRequestToken(resp.token))
 			.fail(e => {
 				console.error('session heartbeat failed', e)
 			})