From 92fd21bf88765cbb0b4c56853a96e17116aff5b2 Mon Sep 17 00:00:00 2001 From: Hugo Gonzalez Labrador Date: Mon, 9 Mar 2020 10:12:18 +0100 Subject: [PATCH 1/3] update CONTRIBUTORS.md --- CONTRIBUTORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 541b4dad4f..5c36b38193 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -7,6 +7,7 @@ - Hugo Gonzalez Labrador - Ilja Neumann - Jörn Friedrich Dreyer +- LovisaLugnegard - Michael D'Silva - Michael D'Silva - Mohitty From b9a36cea0c30b77d4d44a4a22cb577134895f258 Mon Sep 17 00:00:00 2001 From: Hugo Gonzalez Labrador Date: Thu, 12 Mar 2020 14:41:32 +0100 Subject: [PATCH 2/3] simple oc + phoenix config --- examples/oc-phoenix/grpc-oidc.toml | 9 ++++ examples/oc-phoenix/grpc.toml | 64 +++++++++++++++++++++++++++++ examples/oc-phoenix/http.toml | 39 ++++++++++++++++++ examples/oc-phoenix/users.demo.json | 35 ++++++++++++++++ 4 files changed, 147 insertions(+) create mode 100644 examples/oc-phoenix/grpc-oidc.toml create mode 100644 examples/oc-phoenix/grpc.toml create mode 100644 examples/oc-phoenix/http.toml create mode 100644 examples/oc-phoenix/users.demo.json diff --git a/examples/oc-phoenix/grpc-oidc.toml b/examples/oc-phoenix/grpc-oidc.toml new file mode 100644 index 0000000000..d0798ed712 --- /dev/null +++ b/examples/oc-phoenix/grpc-oidc.toml @@ -0,0 +1,9 @@ +[grpc] +address = "0.0.0.0:29000" + +[grpc.services.authprovider] +auth_manager = "oidc" + +# If you want to use your own openid provider change this config +[grpc.services.authprovider.auth_managers.oidc] +issuer = "http://localhost:20080" diff --git a/examples/oc-phoenix/grpc.toml b/examples/oc-phoenix/grpc.toml new file mode 100644 index 0000000000..7498ba7662 --- /dev/null +++ b/examples/oc-phoenix/grpc.toml @@ -0,0 +1,64 @@ +[shared] +jwt_secret = "Pive-Fumkiu4" +gatewaysvc = "localhost:19000" + +[grpc] +address = "0.0.0.0:19000" + +[grpc.services.gateway] +authregistrysvc = "localhost:19000" +storageregistrysvc = "localhost:19000" +preferencessvc = "localhost:19000" +userprovidersvc = "localhost:19000" +usershareprovidersvc = "localhost:19000" +publicshareprovidersvc = "localhost:19000" +ocmshareprovidersvc = "localhost:19000" +commit_share_to_storage_grant = false +datagateway = "http://localhost:19001/data" +transfer_shared_secret = "replace-me-with-a-transfer-secret" # for direct uploads +transfer_expires = 6 # give it a moment + +[grpc.services.authregistry] +driver = "static" +[grpc.services.authregistry.drivers.static.rules] +basic = "localhost:19000" +oidc = "localhost:29000" + +[grpc.services.storageregistry] +driver = "static" +[grpc.services.storageregistry.drivers.static] +home_provider = "/" +[grpc.services.storageregistry.drivers.static.rules] +"/" = "localhost:19000" +"123e4567-e89b-12d3-a456-426655440000" = "localhost:19000" + +[grpc.services.usershareprovider] +driver = "memory" + +[grpc.services.publicshareprovider] +driver = "memory" + +[grpc.services.storageprovider] +driver = "local" +mount_path = "/" +mount_id = "123e4567-e89b-12d3-a456-426655440000" +expose_data_server = true +data_server_url = "http://localhost:19001/data" +enable_home_creation = true + +[grpc.services.storageprovider.drivers.local] +namespace = "/var/tmp/reva/" +user_layout = "{{.Username}}" +enable_home = true + +[grpc.services.authprovider] +auth_manager = "json" +[grpc.services.authprovider.auth_managers.json] +users = "users.demo.json" + +[grpc.services.userprovider] +driver = "json" + +[grpc.services.userprovider.drivers.json] +users = "users.demo.json" + diff --git a/examples/oc-phoenix/http.toml b/examples/oc-phoenix/http.toml new file mode 100644 index 0000000000..0601080609 --- /dev/null +++ b/examples/oc-phoenix/http.toml @@ -0,0 +1,39 @@ +[shared] +jwt_secret = "Pive-Fumkiu4" +gatewaysvc = "localhost:19000" + +[http] +address = "0.0.0.0:20080" + +[http.services.dataprovider] +driver = "local" +temp_folder = "/var/tmp/" + +[http.services.dataprovider.drivers.local] +namespace = "/var/tmp/reva/" +user_layout = "{{.Username}}" +enable_home = true + +[http.services.wellknown] +issuer = "http://localhost:20080" +authorization_endpoint = "http://localhost:20080/oauth2/auth" +token_endpoint = "http://localhost:20080/oauth2/token" +revocation_endpoint = "http://localhost:20080/oauth2/auth" +introspection_endpoint = "http://localhost:20080/oauth2/introspect" +userinfo_endpoint = "http://localhost:20080/oauth2/userinfo" + +[http.services.oidcprovider] +prefix = "oauth2" +issuer = "http://localhost:20080" + +[http.services.oidcprovider.clients.phoenix] +id = "phoenix" +redirect_uris = ["http://localhost:8300/oidc-callback.html", "http://localhost:8300/"] +grant_types = ["implicit", "refresh_token", "authorization_code", "password", "client_credentials"] +response_types = ["code"] # use authorization code flow, see https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead for details +scopes = ["openid", "profile", "email", "offline"] +public = true # force PKCS for public clients + +[http.services.ocdav] +files_namespace = "/" +dav_namespace = "/" diff --git a/examples/oc-phoenix/users.demo.json b/examples/oc-phoenix/users.demo.json new file mode 100644 index 0000000000..2e7567da97 --- /dev/null +++ b/examples/oc-phoenix/users.demo.json @@ -0,0 +1,35 @@ +[ + { + "id": { + "opaque_id": "4c510ada-c86b-4815-8820-42cdf82c3d51", + "idp": "http://localhost:20080" + }, + "username": "einstein", + "secret": "relativity", + "mail": "einstein@example.org", + "display_name": "Albert Einstein", + "groups": ["sailing-lovers", "violin-haters", "physics-lovers"] + }, + { + "id": { + "opaque_id": "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", + "idp": "http://localhost:20080" + }, + "username": "marie", + "secret": "radioactivity", + "mail": "marie@example.org", + "display_name": "Marie Curie", + "groups": ["radium-lovers", "polonium-lovers", "physics-lovers"] + }, + { + "id": { + "opaque_id": "932b4540-8d16-481e-8ef4-588e4b6b151c", + "idp": "http://localhost:20080" + }, + "username": "richard", + "secret": "superfluidity", + "mail": "richard@example.org", + "display_name": "Richard Feynman", + "groups": ["quantum-lovers", "philosophy-haters", "physics-lovers"] + } +] From b620d04c7902eeb360eb892df721687a1ed77540 Mon Sep 17 00:00:00 2001 From: Hugo Gonzalez Labrador Date: Fri, 13 Mar 2020 08:54:10 +0100 Subject: [PATCH 3/3] oc phoenix config --- .../{separate => oc-phoenix}/frontend.toml | 89 +------------------ .../{separate => oc-phoenix}/gateway.toml | 0 examples/oc-phoenix/grpc-oidc.toml | 9 -- examples/oc-phoenix/grpc.toml | 64 ------------- examples/oc-phoenix/http.toml | 39 -------- .../phoenix.oidc.config.json | 1 - examples/{separate => oc-phoenix}/shares.toml | 0 .../storage-home.toml | 2 +- .../{separate => oc-phoenix}/storage-oc.toml | 2 +- examples/{separate => oc-phoenix}/users.toml | 0 examples/separate/users.demo.json | 35 -------- 11 files changed, 4 insertions(+), 237 deletions(-) rename examples/{separate => oc-phoenix}/frontend.toml (61%) rename examples/{separate => oc-phoenix}/gateway.toml (100%) delete mode 100644 examples/oc-phoenix/grpc-oidc.toml delete mode 100644 examples/oc-phoenix/grpc.toml delete mode 100644 examples/oc-phoenix/http.toml rename examples/{separate => oc-phoenix}/phoenix.oidc.config.json (87%) rename examples/{separate => oc-phoenix}/shares.toml (100%) rename examples/{separate => oc-phoenix}/storage-home.toml (97%) rename examples/{separate => oc-phoenix}/storage-oc.toml (96%) rename examples/{separate => oc-phoenix}/users.toml (100%) delete mode 100644 examples/separate/users.demo.json diff --git a/examples/separate/frontend.toml b/examples/oc-phoenix/frontend.toml similarity index 61% rename from examples/separate/frontend.toml rename to examples/oc-phoenix/frontend.toml index 8aeece11f1..b91f5d4090 100644 --- a/examples/separate/frontend.toml +++ b/examples/oc-phoenix/frontend.toml @@ -67,7 +67,7 @@ chunk_folder = "/var/tmp/reva/chunks" # for eos we need to rewrite the path # TODO strip the username from the path so the CS3 namespace can be mounted # at the files/ endpoint? what about migration? separate reva instance -files_namespace = "/oc" +files_namespace = "/" # similar to the dav/files endpoint we can configure a prefix for the old webdav endpoint # we use the old webdav endpoint to present the cs3 namespace @@ -80,89 +80,4 @@ files_namespace = "/oc" # - TODO android? no sync ... but will see different tree webdav_namespace = "/home" -# options for the /ocs/v1.php/config endpoint -[http.services.ocs.config] -version = "1.8" -website = "reva" -host = "http://localhost:20080" -contact = "admin@localhost" -ssl = "false" - -# options for the /ocs/v1.php/cloud/capabilities endpoint -[http.services.ocs.capabilities.capabilities.core] -poll_interval = 60 -webdav_root = "remote.php/webdav" - -[http.services.ocs.capabilities.capabilities.core.status] -installed = true -maintenance = false -needsDbUpgrade = false -version = "10.1.0.5" -versionstring = "10.1.0" -edition = "community" -productname = "reva" -hostname = "" - -[http.services.ocs.capabilities.capabilities.checksums] -supported_types = ["SHA256"] -preferred_upload_type = "SHA256" - -[http.services.ocs.capabilities.capabilities.files] -private_links = false -bigfilechunking = false -blacklisted_files = [] -undelete = true -versioning = true - -[http.services.ocs.capabilities.capabilities.dav] -chunking = "1.0" - -[http.services.ocs.capabilities.capabilities.files_sharing] -api_enabled = true -resharing = true -group_sharing = true -auto_accept_share = true -share_with_group_members_only = true -share_with_membership_groups_only = true -default_permissions = 22 -search_min_length = 3 - -[http.services.ocs.capabilities.capabilities.files_sharing.public] -enabled = true -send_mail = true -social_share = true -upload = true -multiple = true -supports_upload_only = true - -[http.services.ocs.capabilities.capabilities.files_sharing.public.password] -enforced = true - -[http.services.ocs.capabilities.capabilities.files_sharing.public.password.enforced_for] -read_only = true -read_write = true -upload_only = true - -[http.services.ocs.capabilities.capabilities.files_sharing.public.expire_date] -enabled = true - -[http.services.ocs.capabilities.capabilities.files_sharing.user] -send_mail = true - -[http.services.ocs.capabilities.capabilities.files_sharing.user_enumeration] -enabled = true -group_members_only = true - -[http.services.ocs.capabilities.capabilities.files_sharing.federation] -outgoing = true -incoming = true - -[http.services.ocs.capabilities.capabilities.notifications] -endpoints = ["list", "get", "delete"] - -[http.services.ocs.capabilities.version] -edition = "reva" -major = 10 -minor = 1 -micro = 0 -string = "10.1.0" +[http.services.ocs] diff --git a/examples/separate/gateway.toml b/examples/oc-phoenix/gateway.toml similarity index 100% rename from examples/separate/gateway.toml rename to examples/oc-phoenix/gateway.toml diff --git a/examples/oc-phoenix/grpc-oidc.toml b/examples/oc-phoenix/grpc-oidc.toml deleted file mode 100644 index d0798ed712..0000000000 --- a/examples/oc-phoenix/grpc-oidc.toml +++ /dev/null @@ -1,9 +0,0 @@ -[grpc] -address = "0.0.0.0:29000" - -[grpc.services.authprovider] -auth_manager = "oidc" - -# If you want to use your own openid provider change this config -[grpc.services.authprovider.auth_managers.oidc] -issuer = "http://localhost:20080" diff --git a/examples/oc-phoenix/grpc.toml b/examples/oc-phoenix/grpc.toml deleted file mode 100644 index 7498ba7662..0000000000 --- a/examples/oc-phoenix/grpc.toml +++ /dev/null @@ -1,64 +0,0 @@ -[shared] -jwt_secret = "Pive-Fumkiu4" -gatewaysvc = "localhost:19000" - -[grpc] -address = "0.0.0.0:19000" - -[grpc.services.gateway] -authregistrysvc = "localhost:19000" -storageregistrysvc = "localhost:19000" -preferencessvc = "localhost:19000" -userprovidersvc = "localhost:19000" -usershareprovidersvc = "localhost:19000" -publicshareprovidersvc = "localhost:19000" -ocmshareprovidersvc = "localhost:19000" -commit_share_to_storage_grant = false -datagateway = "http://localhost:19001/data" -transfer_shared_secret = "replace-me-with-a-transfer-secret" # for direct uploads -transfer_expires = 6 # give it a moment - -[grpc.services.authregistry] -driver = "static" -[grpc.services.authregistry.drivers.static.rules] -basic = "localhost:19000" -oidc = "localhost:29000" - -[grpc.services.storageregistry] -driver = "static" -[grpc.services.storageregistry.drivers.static] -home_provider = "/" -[grpc.services.storageregistry.drivers.static.rules] -"/" = "localhost:19000" -"123e4567-e89b-12d3-a456-426655440000" = "localhost:19000" - -[grpc.services.usershareprovider] -driver = "memory" - -[grpc.services.publicshareprovider] -driver = "memory" - -[grpc.services.storageprovider] -driver = "local" -mount_path = "/" -mount_id = "123e4567-e89b-12d3-a456-426655440000" -expose_data_server = true -data_server_url = "http://localhost:19001/data" -enable_home_creation = true - -[grpc.services.storageprovider.drivers.local] -namespace = "/var/tmp/reva/" -user_layout = "{{.Username}}" -enable_home = true - -[grpc.services.authprovider] -auth_manager = "json" -[grpc.services.authprovider.auth_managers.json] -users = "users.demo.json" - -[grpc.services.userprovider] -driver = "json" - -[grpc.services.userprovider.drivers.json] -users = "users.demo.json" - diff --git a/examples/oc-phoenix/http.toml b/examples/oc-phoenix/http.toml deleted file mode 100644 index 0601080609..0000000000 --- a/examples/oc-phoenix/http.toml +++ /dev/null @@ -1,39 +0,0 @@ -[shared] -jwt_secret = "Pive-Fumkiu4" -gatewaysvc = "localhost:19000" - -[http] -address = "0.0.0.0:20080" - -[http.services.dataprovider] -driver = "local" -temp_folder = "/var/tmp/" - -[http.services.dataprovider.drivers.local] -namespace = "/var/tmp/reva/" -user_layout = "{{.Username}}" -enable_home = true - -[http.services.wellknown] -issuer = "http://localhost:20080" -authorization_endpoint = "http://localhost:20080/oauth2/auth" -token_endpoint = "http://localhost:20080/oauth2/token" -revocation_endpoint = "http://localhost:20080/oauth2/auth" -introspection_endpoint = "http://localhost:20080/oauth2/introspect" -userinfo_endpoint = "http://localhost:20080/oauth2/userinfo" - -[http.services.oidcprovider] -prefix = "oauth2" -issuer = "http://localhost:20080" - -[http.services.oidcprovider.clients.phoenix] -id = "phoenix" -redirect_uris = ["http://localhost:8300/oidc-callback.html", "http://localhost:8300/"] -grant_types = ["implicit", "refresh_token", "authorization_code", "password", "client_credentials"] -response_types = ["code"] # use authorization code flow, see https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead for details -scopes = ["openid", "profile", "email", "offline"] -public = true # force PKCS for public clients - -[http.services.ocdav] -files_namespace = "/" -dav_namespace = "/" diff --git a/examples/separate/phoenix.oidc.config.json b/examples/oc-phoenix/phoenix.oidc.config.json similarity index 87% rename from examples/separate/phoenix.oidc.config.json rename to examples/oc-phoenix/phoenix.oidc.config.json index 454f5661a0..95792a6ba3 100644 --- a/examples/separate/phoenix.oidc.config.json +++ b/examples/oc-phoenix/phoenix.oidc.config.json @@ -4,7 +4,6 @@ "theme": "owncloud", "version": "0.1.0", "openIdConnect": { - "metadataUrl": "http://localhost:20080/.well-known/openid-configuration", "authority": "http://localhost:20080", "client_id": "phoenix", "response_type": "code", diff --git a/examples/separate/shares.toml b/examples/oc-phoenix/shares.toml similarity index 100% rename from examples/separate/shares.toml rename to examples/oc-phoenix/shares.toml diff --git a/examples/separate/storage-home.toml b/examples/oc-phoenix/storage-home.toml similarity index 97% rename from examples/separate/storage-home.toml rename to examples/oc-phoenix/storage-home.toml index ad7f0911b2..1184d47703 100644 --- a/examples/separate/storage-home.toml +++ b/examples/oc-phoenix/storage-home.toml @@ -43,7 +43,7 @@ address = "0.0.0.0:12001" [http.services.dataprovider] driver = "owncloud" -temp_folder = "/var/tmp/" +temp_folder = "/var/tmp/reva/tmp" [http.services.dataprovider.drivers.owncloud] datadirectory = "/var/tmp/reva/data" diff --git a/examples/separate/storage-oc.toml b/examples/oc-phoenix/storage-oc.toml similarity index 96% rename from examples/separate/storage-oc.toml rename to examples/oc-phoenix/storage-oc.toml index 2ae464fe18..7774e2733b 100644 --- a/examples/separate/storage-oc.toml +++ b/examples/oc-phoenix/storage-oc.toml @@ -29,7 +29,7 @@ address = "0.0.0.0:11001" [http.services.dataprovider] driver = "owncloud" -temp_folder = "/var/tmp/" +temp_folder = "/var/tmp/reva/tmp" [http.services.dataprovider.drivers.owncloud] datadirectory = "/var/tmp/reva/data" diff --git a/examples/separate/users.toml b/examples/oc-phoenix/users.toml similarity index 100% rename from examples/separate/users.toml rename to examples/oc-phoenix/users.toml diff --git a/examples/separate/users.demo.json b/examples/separate/users.demo.json deleted file mode 100644 index 2e7567da97..0000000000 --- a/examples/separate/users.demo.json +++ /dev/null @@ -1,35 +0,0 @@ -[ - { - "id": { - "opaque_id": "4c510ada-c86b-4815-8820-42cdf82c3d51", - "idp": "http://localhost:20080" - }, - "username": "einstein", - "secret": "relativity", - "mail": "einstein@example.org", - "display_name": "Albert Einstein", - "groups": ["sailing-lovers", "violin-haters", "physics-lovers"] - }, - { - "id": { - "opaque_id": "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", - "idp": "http://localhost:20080" - }, - "username": "marie", - "secret": "radioactivity", - "mail": "marie@example.org", - "display_name": "Marie Curie", - "groups": ["radium-lovers", "polonium-lovers", "physics-lovers"] - }, - { - "id": { - "opaque_id": "932b4540-8d16-481e-8ef4-588e4b6b151c", - "idp": "http://localhost:20080" - }, - "username": "richard", - "secret": "superfluidity", - "mail": "richard@example.org", - "display_name": "Richard Feynman", - "groups": ["quantum-lovers", "philosophy-haters", "physics-lovers"] - } -]