Comparison

mod_http_upload_external/mod_http_upload_external.lua @ 2978:ac99a04231b1

mod_http_upload_external: Add newer 'v2' protocol (and share_v2.php) which supports content-type preservation
author Matthew Wild <mwild1@gmail.com>
date Mon, 02 Apr 2018 10:57:17 +0100
parent 2939:280305c043b0
child 3165:7af4776a5dea
comparison
equal deleted inserted replaced
2977:7036e82f83f5 2978:ac99a04231b1
12 local dataform = require "util.dataforms".new; 12 local dataform = require "util.dataforms".new;
13 local HMAC = require "util.hashes".hmac_sha256; 13 local HMAC = require "util.hashes".hmac_sha256;
14 14
15 -- config 15 -- config
16 local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 100 * 1024 * 1024); -- 100 MB 16 local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 100 * 1024 * 1024); -- 100 MB
17 local base_url = assert(module:get_option_string(module.name .. "_base_url"), module.name .. "_base_url is a required option"); 17 local base_url = assert(module:get_option_string(module.name .. "_base_url"),
18 local secret = assert(module:get_option_string(module.name .. "_secret"), module.name .. "_secret is a required option"); 18 module.name .. "_base_url is a required option");
19 local secret = assert(module:get_option_string(module.name .. "_secret"),
20 module.name .. "_secret is a required option");
21
22 local token_protocol = module:get_option_string(module.name .. "_protocol", "v1");
19 23
20 -- depends 24 -- depends
21 module:depends("disco"); 25 module:depends("disco");
22 26
23 -- namespace 27 -- namespace
37 module:add_extension(dataform { 41 module:add_extension(dataform {
38 { name = "FORM_TYPE", type = "hidden", value = legacy_namespace }, 42 { name = "FORM_TYPE", type = "hidden", value = legacy_namespace },
39 { name = "max-file-size", type = "text-single" }, 43 { name = "max-file-size", type = "text-single" },
40 }:form({ ["max-file-size"] = tostring(file_size_limit) }, "result")); 44 }:form({ ["max-file-size"] = tostring(file_size_limit) }, "result"));
41 45
42 local function magic_crypto_dust(random, filename, filesize) 46 local function magic_crypto_dust(random, filename, filesize, filetype)
43 local message = string.format("%s/%s %d", random, filename, filesize); 47 local param, message;
48 if token_protocol == "v1" then
49 param, message = "v", string.format("%s/%s %d", random, filename, filesize);
50 else
51 param, message = "v2", string.format("%s/%s\0%d\0%s", random, filename, filesize, filetype);
52 end
44 local digest = HMAC(secret, message, true); 53 local digest = HMAC(secret, message, true);
45 random, filename = http.urlencode(random), http.urlencode(filename); 54 random, filename = http.urlencode(random), http.urlencode(filename);
46 return base_url .. random .. "/" .. filename, "?v=" .. digest; 55 return base_url .. random .. "/" .. filename, "?"..param.."=" .. digest;
47 end 56 end
48 57
49 local function handle_request(origin, stanza, xmlns, filename, filesize) 58 local function handle_request(origin, stanza, xmlns, filename, filesize, filetype)
50 -- local clients only 59 -- local clients only
51 if origin.type ~= "c2s" then 60 if origin.type ~= "c2s" then
52 module:log("debug", "Request for upload slot from a %s", origin.type); 61 module:log("debug", "Request for upload slot from a %s", origin.type);
53 origin.send(st.error_reply(stanza, "cancel", "not-authorized")); 62 origin.send(st.error_reply(stanza, "cancel", "not-authorized"));
54 return nil, nil; 63 return nil, nil;
69 st.stanza("file-too-large", {xmlns=xmlns}) 78 st.stanza("file-too-large", {xmlns=xmlns})
70 :tag("max-size"):text(tostring(file_size_limit)))); 79 :tag("max-size"):text(tostring(file_size_limit))));
71 return nil, nil; 80 return nil, nil;
72 end 81 end
73 local random = uuid(); 82 local random = uuid();
74 local get_url, verify = magic_crypto_dust(random, filename, filesize); 83 local get_url, verify = magic_crypto_dust(random, filename, filesize, filetype);
75 local put_url = get_url .. verify; 84 local put_url = get_url .. verify;
76 85
77 module:log("info", "Handing out upload slot %s to %s@%s", get_url, origin.username, origin.host); 86 module:log("info", "Handing out upload slot %s to %s@%s", get_url, origin.username, origin.host);
78 87
79 return get_url, put_url; 88 return get_url, put_url;
83 module:hook("iq/host/"..legacy_namespace..":request", function (event) 92 module:hook("iq/host/"..legacy_namespace..":request", function (event)
84 local stanza, origin = event.stanza, event.origin; 93 local stanza, origin = event.stanza, event.origin;
85 local request = stanza.tags[1]; 94 local request = stanza.tags[1];
86 local filename = request:get_child_text("filename"); 95 local filename = request:get_child_text("filename");
87 local filesize = tonumber(request:get_child_text("size")); 96 local filesize = tonumber(request:get_child_text("size"));
97 local filetype = request.attr["content-type"] or "application/octet-stream";
88 98
89 local get_url, put_url = handle_request( 99 local get_url, put_url = handle_request(
90 origin, stanza, legacy_namespace, filename, filesize); 100 origin, stanza, legacy_namespace, filename, filesize, filetype);
91 101
92 if not get_url then 102 if not get_url then
93 -- error was already sent 103 -- error was already sent
94 return true; 104 return true;
95 end 105 end
106 module:hook("iq/host/"..namespace..":request", function (event) 116 module:hook("iq/host/"..namespace..":request", function (event)
107 local stanza, origin = event.stanza, event.origin; 117 local stanza, origin = event.stanza, event.origin;
108 local request = stanza.tags[1]; 118 local request = stanza.tags[1];
109 local filename = request.attr.filename; 119 local filename = request.attr.filename;
110 local filesize = tonumber(request.attr.size); 120 local filesize = tonumber(request.attr.size);
121 local filetype = request.attr["content-type"] or "application/octet-stream";
122
111 local get_url, put_url = handle_request( 123 local get_url, put_url = handle_request(
112 origin, stanza, namespace, filename, filesize); 124 origin, stanza, namespace, filename, filesize, filetype);
113 125
114 if not get_url then 126 if not get_url then
115 -- error was already sent 127 -- error was already sent
116 return true; 128 return true;
117 end 129 end