fix(ocm): switching to IdentityProof

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

1 files changed, 45 insertions, 64 deletions

diff --git a/lib/private/Federation/CloudFederationProviderManager.php b/lib/private/Federation/CloudFederationProviderManager.php
index eeb161c3b25..74935ead401 100644
--- a/lib/private/Federation/CloudFederationProviderManager.php
+++ b/lib/private/Federation/CloudFederationProviderManager.php
@@ -18,6 +18,7 @@ use OCP\Federation\ICloudFederationProvider;
 use OCP\Federation\ICloudFederationProviderManager;
 use OCP\Federation\ICloudFederationShare;
 use OCP\Federation\ICloudIdManager;
+use OCP\Http\Client\IClient;
 use OCP\Http\Client\IClientService;
 use OCP\Http\Client\IResponse;
 use OCP\IAppConfig;
@@ -105,25 +106,11 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
 	public function sendShare(ICloudFederationShare $share) {
 		$cloudID = $this->cloudIdManager->resolveCloudId($share->getShareWith());
 		try {
-			$ocmProvider = $this->discoveryService->discover($cloudID->getRemote());
-		} catch (OCMProviderException $e) {
-			return false;
-		}
-
-		$client = $this->httpClientService->newClient();
-		try {
-			// signing the payload using OCMSignatoryManager before initializing the request
-			$uri = $ocmProvider->getEndPoint() . '/shares';
-			$payload = array_merge($this->getDefaultRequestOptions(), ['body' => json_encode($share->getShare())]);
-			if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {
-				$signedPayload = $this->signatureManager->signOutgoingRequestIClientPayload(
-					$this->signatoryManager,
-					$payload,
-					'post', $uri
-				);
+			try {
+				$response = $this->postOcmPayload($cloudID->getRemote(), '/shares', json_encode($share->getShare()));
+			} catch (OCMProviderException) {
+				return false;
 			}
-			$response = $client->post($uri, $signedPayload ?? $payload);
-
 			if ($response->getStatusCode() === Http::STATUS_CREATED) {
 				$result = json_decode($response->getBody(), true);
 				return (is_array($result)) ? $result : [];
@@ -149,22 +136,9 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
 	 */
 	public function sendCloudShare(ICloudFederationShare $share): IResponse {
 		$cloudID = $this->cloudIdManager->resolveCloudId($share->getShareWith());
-		$ocmProvider = $this->discoveryService->discover($cloudID->getRemote());
-
 		$client = $this->httpClientService->newClient();
 		try {
-			// signing the payload using OCMSignatoryManager before initializing the request
-			$uri = $ocmProvider->getEndPoint() . '/shares';
-			$payload = array_merge($this->getDefaultRequestOptions(), ['body' => json_encode($share->getShare())]);
-			if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {
-				$signedPayload = $this->signatureManager->signOutgoingRequestIClientPayload(
-					$this->signatoryManager,
-					$payload,
-					'post', $uri
-				);
-			}
-
-			return $client->post($uri, $signedPayload ?? $payload);
+			return $this->postOcmPayload($cloudID->getRemote(), '/shares', json_encode($share->getShare()), $client);
 		} catch (\Throwable $e) {
 			$this->logger->error('Error while sending share to federation server: ' . $e->getMessage(), ['exception' => $e]);
 			try {
@@ -183,26 +157,11 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
 	 */
 	public function sendNotification($url, ICloudFederationNotification $notification) {
 		try {
-			$ocmProvider = $this->discoveryService->discover($url);
-		} catch (OCMProviderException $e) {
-			return false;
-		}
-
-		$client = $this->httpClientService->newClient();
-		try {
-
-			// signing the payload using OCMSignatoryManager before initializing the request
-			$uri = $ocmProvider->getEndPoint() . '/notifications';
-			$payload = array_merge($this->getDefaultRequestOptions(), ['body' => json_encode($notification->getMessage())]);
-			if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {
-				$signedPayload = $this->signatureManager->signOutgoingRequestIClientPayload(
-					$this->signatoryManager,
-					$payload,
-					'post', $uri
-				);
+			try {
+				$response = $this->postOcmPayload($url, '/notifications', json_encode($notification->getMessage()));
+			} catch (OCMProviderException) {
+				return false;
 			}
-			$response = $client->post($uri, $signedPayload ?? $payload);
-
 			if ($response->getStatusCode() === Http::STATUS_CREATED) {
 				$result = json_decode($response->getBody(), true);
 				return (is_array($result)) ? $result : [];
@@ -222,21 +181,9 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
 	 * @throws OCMProviderException
 	 */
 	public function sendCloudNotification(string $url, ICloudFederationNotification $notification): IResponse {
-		$ocmProvider = $this->discoveryService->discover($url);
-
 		$client = $this->httpClientService->newClient();
 		try {
-			// signing the payload using OCMSignatoryManager before initializing the request
-			$uri = $ocmProvider->getEndPoint() . '/notifications';
-			$payload = array_merge($this->getDefaultRequestOptions(), ['body' => json_encode($notification->getMessage())]);
-			if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {
-				$signedPayload = $this->signatureManager->signOutgoingRequestIClientPayload(
-					$this->signatoryManager,
-					$payload,
-					'post', $uri
-				);
-			}
-			return $client->post($uri, $signedPayload ?? $payload);
+			return $this->postOcmPayload($url, '/notifications', json_encode($notification->getMessage()), $client);
 		} catch (\Throwable $e) {
 			$this->logger->error('Error while sending notification to federation server: ' . $e->getMessage(), ['exception' => $e]);
 			try {
@@ -256,6 +203,40 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
 		return $this->appManager->isEnabledForUser('cloud_federation_api');
 	}
 
+	/**
+	 * @param string $cloudId
+	 * @param string $uri
+	 * @param string $payload
+	 *
+	 * @return IResponse
+	 * @throws OCMProviderException
+	 */
+	private function postOcmPayload(string $cloudId, string $uri, string $payload, ?IClient $client = null): IResponse {
+		$ocmProvider = $this->discoveryService->discover($cloudId);
+		$uri = $ocmProvider->getEndPoint() . '/' . ltrim($uri, '/');
+		$client = $client ?? $this->httpClientService->newClient();
+		return $client->post($uri, $this->prepareOcmPayload($uri, $payload));
+	}
+
+	/**
+	 * @param string $uri
+	 * @param string $payload
+	 *
+	 * @return array
+	 */
+	private function prepareOcmPayload(string $uri, string $payload): array {
+		$payload = array_merge($this->getDefaultRequestOptions(), ['body' => $payload]);
+		if (!$this->appConfig->getValueBool('core', OCMSignatoryManager::APPCONFIG_SIGN_DISABLED, lazy: true)) {
+			$signedPayload = $this->signatureManager->signOutgoingRequestIClientPayload(
+				$this->signatoryManager,
+				$payload,
+				'post', $uri
+			);
+		}
+
+		return $signedPayload ?? $payload;
+	}
+
 	private function getDefaultRequestOptions(): array {
 		return [
 			'headers' => ['content-type' => 'application/json'],