From e12723a64233e0dbf8d5732ba4bf85365695c60b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Thu, 4 Jul 2024 23:02:49 +0200
Subject: [PATCH] chore: Move config to service class
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 README.md                               | 21 +++++++++++++++++++--
 lib/Controller/JWTController.php        | 14 ++++++--------
 lib/Controller/WhiteboardController.php |  8 ++++----
 lib/Listener/LoadViewerListener.php     |  7 +++----
 4 files changed, 32 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 394a430..42c654c 100644
--- a/README.md
+++ b/README.md
@@ -24,8 +24,9 @@ Both the server and the Nextcloud instance must be accessible from the same netw
 On the Nextcloud side, the server must be configured through:
 
 ```bash
-occ config:app:set whiteboard websocket_server_url --value="ws://websocket-server:3002"
-occ config:system:set whiteboard jwt_secret_key --value="some-random"
+occ config:app:set whiteboard collabBackendUrl --value="nextcloud.local:3003"
+occ config:app:set whiteboard jwt_secret_key --value="some-random"
+```
 
 #### Local node
 
@@ -71,3 +72,19 @@ services:
       
 ```
 
+### Reverse proxy
+
+#### Nginx
+
+```
+location /whiteboard/ {
+	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	proxy_set_header Host $host;
+	
+	proxy_pass http://localhost:3002;
+	
+	proxy_http_version 1.1;
+	proxy_set_header Upgrade $http_upgrade;
+	proxy_set_header Connection "upgrade";
+}
+```
diff --git a/lib/Controller/JWTController.php b/lib/Controller/JWTController.php
index 5237b95..3da9ca2 100644
--- a/lib/Controller/JWTController.php
+++ b/lib/Controller/JWTController.php
@@ -10,6 +10,7 @@
 
 use Firebase\JWT\JWT;
 use OC\User\NoUserException;
+use OCA\Whiteboard\Service\ConfigService;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataResponse;
@@ -17,7 +18,6 @@
 use OCP\Files\IRootFolder;
 use OCP\Files\NotFoundException;
 use OCP\Files\NotPermittedException;
-use OCP\IConfig;
 use OCP\IRequest;
 use OCP\IUserSession;
 
@@ -28,15 +28,13 @@
 final class JWTController extends Controller {
 	private const EXPIRATION_TIME = 15 * 60;
 
-	private const JWT_CONFIG_KEY = 'jwt_secret_key';
-
-	private const JWT_ALGORITHM = 'HS256';
+	public const JWT_ALGORITHM = 'HS256';
 
 	public function __construct(
-		IRequest                      $request,
+		IRequest $request,
 		private IUserSession $userSession,
-		private IConfig      $config,
-		private IRootFolder  $rootFolder
+		private ConfigService $configService,
+		private IRootFolder $rootFolder
 	) {
 		parent::__construct('whiteboard', $request);
 	}
@@ -89,7 +87,7 @@ public function getJWT(int $fileId): DataResponse {
 			return new DataResponse(['message' => 'File not found'], Http::STATUS_NOT_FOUND);
 		}
 
-		$key = $this->config->getSystemValueString(self::JWT_CONFIG_KEY, 'secret');
+		$key = $this->configService->getJwtSecretKey();
 		$issuedAt = time();
 		$expirationTime = $issuedAt + self::EXPIRATION_TIME;
 		$payload = [
diff --git a/lib/Controller/WhiteboardController.php b/lib/Controller/WhiteboardController.php
index 7c2ee6f..a133f13 100644
--- a/lib/Controller/WhiteboardController.php
+++ b/lib/Controller/WhiteboardController.php
@@ -11,6 +11,7 @@
 use Firebase\JWT\JWT;
 use Firebase\JWT\Key;
 use OC\User\NoUserException;
+use OCA\Whiteboard\Service\ConfigService;
 use OCP\AppFramework\ApiController;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\NoAdminRequired;
@@ -19,7 +20,6 @@
 use OCP\AppFramework\Http\DataResponse;
 use OCP\Files\IRootFolder;
 use OCP\Files\NotPermittedException;
-use OCP\IConfig;
 use OCP\IRequest;
 use OCP\IUserSession;
 
@@ -33,7 +33,7 @@ public function __construct(
 		IRequest $request,
 		private IUserSession $userSession,
 		private IRootFolder $rootFolder,
-		private IConfig $config
+		private ConfigService $configService
 	) {
 		parent::__construct($appName, $request);
 	}
@@ -86,8 +86,8 @@ public function show(int $fileId): DataResponse {
 		}
 
 		try {
-			$key = $this->config->getSystemValueString('jwt_secret_key', 'secret');
-			$decoded = JWT::decode($jwt, new Key($key, 'HS256'));
+			$key = $this->configService->getJwtSecretKey();
+			$decoded = JWT::decode($jwt, new Key($key, JWTController::JWT_ALGORITHM));
 			$userId = $decoded->userid;
 		} catch (\Exception $e) {
 			return new DataResponse(['message' => 'Unauthorized'], Http::STATUS_UNAUTHORIZED);
diff --git a/lib/Listener/LoadViewerListener.php b/lib/Listener/LoadViewerListener.php
index fa0c221..888f892 100644
--- a/lib/Listener/LoadViewerListener.php
+++ b/lib/Listener/LoadViewerListener.php
@@ -11,18 +11,17 @@
 namespace OCA\Whiteboard\Listener;
 
 use OCA\Viewer\Event\LoadViewer;
-use OCA\Whiteboard\AppInfo\Application;
+use OCA\Whiteboard\Service\ConfigService;
 use OCP\AppFramework\Services\IInitialState;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
-use OCP\IConfig;
 use OCP\Util;
 
 /** @template-implements IEventListener<LoadViewer|Event> */
 class LoadViewerListener implements IEventListener {
 	public function __construct(
 		private IInitialState $initialState,
-		private IConfig $config,
+		private ConfigService $configService,
 	) {
 	}
 
@@ -36,7 +35,7 @@ public function handle(Event $event): void {
 
 		$this->initialState->provideInitialState(
 			'collabBackendUrl',
-			$this->config->getAppValue(Application::APP_ID, 'collabBackendUrl', '')
+			$this->configService->getCollabBackendUrl()
 		);
 	}
 }