ILIAS  trunk Revision v11.0_alpha-1702-gfd3ecb7f852
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
RequestHandler.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 namespace ILIAS\components\WOPI\Handler;
22 
23 use ILIAS\HTTP\Services;
24 use ILIAS\ResourceStorage\Identification\ResourceIdentification;
25 use ILIAS\Filesystem\Stream\Streams;
26 use ILIAS\FileDelivery\Token\DataSigner;
27 use ILIAS\ResourceStorage\Stakeholder\ResourceStakeholder;
28 
32 final class RequestHandler
33 {
37  public const WOPI_BASE_URL = '/wopi/index.php/';
41  public const NAMESPACE_FILES = 'files';
42 
43  // WOPI Header
47  private const HEADER_X_REQUEST_ID = 'X-Request-ID';
51  private const HEADER_AUTHORIZATION = 'Authorization';
55  private const HEADER_AUTHORIZATION_BEARER = 'Bearer';
59  public const HEADER_X_WOPI_OVERRIDE = 'X-WOPI-Override';
63  public const HEADER_X_WOPI_LOCK = 'X-WOPI-Lock';
67  public const HEADER_X_WOPI_FILE_CONVERSION = 'X-WOPI-FileConversion';
68 
69  private Services $http;
70  private \ILIAS\ResourceStorage\Services $irss;
71  private DataSigner $data_signer;
72  private ?int $token_user_id = null;
73  private ?string $token_resource_id = null;
74  private ResourceStakeholder $stakeholder;
75  private int $saving_interval = 0;
76  private bool $editable = false;
77 
78  public function __construct()
79  {
80  global $DIC;
81  $this->http = $DIC->http();
82  $this->data_signer = $DIC['file_delivery.data_signer'];
83  $this->irss = $DIC->resourceStorage();
84  $this->saving_interval = (int) $DIC->settings()->get('saving_interval');
85  }
86 
87  protected function checkAuth(): void
88  {
89  $auth = $this->http->request()->getHeader(self::HEADER_AUTHORIZATION)[0] ?? '';
90  // spit and check bearer token
91  $bearer = explode(' ', $auth);
92  if ($auth !== '' && ($bearer[0] ?? '') !== self::HEADER_AUTHORIZATION_BEARER) {
93  throw new \InvalidArgumentException();
94  }
95  $bearer_token = $bearer[1] ?? '';
96  if ($auth === '' && $bearer_token === '') {
97  // we try to get the token from GET
98  $bearer_token = $this->http->request()->getQueryParams()['access_token'] ?? '';
99  }
100  if ($bearer_token === '') {
101  throw new \InvalidArgumentException();
102  }
103  if (($token_data = $this->data_signer->verify($bearer_token, 'wopi')) === null) {
104  throw new \InvalidArgumentException();
105  }
106 
107  $this->token_user_id = (int) ($token_data['user_id'] ?? 0);
108  $this->token_resource_id = (string) ($token_data['resource_id'] ?? '');
109  $this->editable = (bool) ($token_data['editable'] ?? '');
110  $stakeholder = $token_data['stakeholder'] ?? null;
111  if ($stakeholder !== null) {
112  try {
113  $this->stakeholder = new WOPIStakeholderWrapper();
114  $this->stakeholder->init($stakeholder, $this->token_user_id);
115  } catch (\Throwable) {
116  $this->stakeholder = new WOPIUnknownStakeholder($this->token_user_id);
117  }
118  }
119  }
120 
124  public function handleRequest(): void
125  {
126  try {
127  $this->checkAuth();
128 
129  $uri = $this->http->request()->getUri()->getPath();
130  $request = substr($uri, strpos($uri, self::WOPI_BASE_URL) + strlen(self::WOPI_BASE_URL));
131  $request = explode('/', $request);
132  $method = $this->http->request()->getMethod();
133 
134  $resource_id = $request[1];
135  $action = $request[2] ?? '';
136 
137  // check resource_id
138  if ($this->token_resource_id !== $resource_id) {
139  $this->http->close();
140  }
141 
142  $resource_id = $this->irss->manage()->find($resource_id);
143  if (!$resource_id instanceof ResourceIdentification) {
144  $this->http->close();
145  }
146  $resource = $this->irss->manage()->getResource($resource_id);
147  $current_revision = $this->editable ? $resource->getCurrentRevisionIncludingDraft() : $resource->getCurrentRevision();
148 
149  $method_override = $this->http->request()->getHeader(self::HEADER_X_WOPI_OVERRIDE)[0] ?? null;
150  $is_file_convertion = (bool) ($this->http->request()->getHeader(
151  self::HEADER_X_WOPI_FILE_CONVERSION
152  )[0] ?? false);
153 
154  // GET
155  switch ($method_override ?? $method) {
156  case 'GET':
157  switch ($action) {
158  case '':
159  // CheckFileInfo
160  $response = new GetFileInfoResponse(
161  $current_revision,
162  $this->token_user_id,
163  $this->editable
164  );
165  $this->http->saveResponse(
166  $this->http->response()->withBody(
167  Streams::ofString(json_encode($response, JSON_THROW_ON_ERROR))
168  )
169  );
170 
171  break;
172  case 'contents':
173  // GetFile
174  $stream = $this->irss->consume()->stream($resource_id)->setRevisionNumber(
175  $current_revision->getVersionNumber()
176  )->getStream();
177  $this->http->saveResponse(
178  $this->http->response()->withBody($stream)
179  );
180 
181  break;
182  }
183  break;
184  case 'PUT_RELATIVE':
185  if (!$is_file_convertion) {
186  throw new \InvalidArgumentException();
187  }
188  // no break
189  case 'PUT':
190  switch ($action) {
191  case 'contents':
192  // PutFile
193  $body_stream = $this->http->request()->getBody();
194  $body = $body_stream->getContents();
195  $file_stream = Streams::ofString($body);
196 
197  $draft = true;
198 
199  if ($this->saving_interval > 0) {
200  $latest_revision = $resource->getCurrentRevision();
201  $creation_time = $latest_revision->getInformation()->getCreationDate()->getTimestamp();
202  $current_time = time();
203  $time_diff = $current_time - $creation_time;
204  if ($time_diff > $this->saving_interval) {
205  $this->irss->manage()->publish($resource_id);
206  }
207  }
208 
209  $new_revision = $this->irss->manage()->appendNewRevisionFromStream(
210  $resource_id,
211  $file_stream,
212  $this->stakeholder,
213  $current_revision->getTitle(),
214  $draft
215  );
216 
217  // CheckFileInfo
218  $response = new GetFileInfoResponse(
219  $new_revision,
220  $this->token_user_id
221  );
222  $this->http->saveResponse(
223  $this->http->response()->withBody(
224  Streams::ofString(json_encode($response, JSON_THROW_ON_ERROR))
225  )
226  );
227 
228  break;
229  case '': // if we want to create new files in the future, this will be a separate case
230  break;
231  }
232  break;
233  case 'POST':
234  switch ($action) {
235  case 'contents':
236  $this->http->saveResponse(
237  $this->http->response()->withBody(
238  Streams::ofString('')
239  )
240  );
241 
242  break;
243  case '':
244  // Lock
245  $lock = $this->http->request()->getHeader(self::HEADER_X_WOPI_LOCK)[0] ?? null;
246  $this->http->saveResponse(
247  $this->http->response()->withBody(
248  Streams::ofString('')
249  )
250  );
251  }
252  break;
253  }
254  } catch (\Throwable $t) {
255  $message = $t->getMessage();
256  // append simple stacktrace
257  $trace = array_map(
258  static fn(array $trace): string => $trace['file'] . ':' . $trace['line'],
259  $t->getTrace()
260  );
261 
262  $message .= "\n" . implode("\n", $trace);
263 
264  $this->http->saveResponse(
265  $this->http->response()
266  ->withBody(Streams::ofString($message))
267  ->withStatus(500)
268  ->withHeader('X-WOPI-ServerError', $t->getMessage())
269  );
270  }
271  $this->http->sendResponse();
272  $this->http->close();
273  }
274 }
array_map
$response
$response
Definition: xapitoken.php:93
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:55
$DIC
global $DIC
Definition: shib_login.php:22
ILIAS\Filesystem\Stream\Streams\ofString
static ofString(string $string)
Creates a new stream with an initial value.
Definition: Streams.php:41
$message
$message
Definition: xapiexit.php:31
ILIAS\components\WOPI\Handler\RequestHandler\$irss
ILIAS ResourceStorage Services $irss
Definition: RequestHandler.php:70