Skip to content

Commit

Permalink
Support signature authentication for public links (#118)
Browse files Browse the repository at this point in the history
  • Loading branch information
@C0rby
C0rby authored Mar 25, 2021
1 parent 4a26f4f commit aa7f446
Show file tree
Hide file tree
Showing 4 changed files with 232 additions and 25 deletions.
18 changes: 12 additions & 6 deletions cs3/sharing/link/v1beta1/link_api.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,9 @@ message ListPublicSharesRequest {
// OPTIONAL.
// The list of filters to apply if any.
repeated Filter filters = 2;
// OPTIONAL.
// If a signature should be included in the share.
bool sign = 3;
}

message ListPublicSharesResponse {
Expand Down Expand Up @@ -212,6 +215,9 @@ message GetPublicShareRequest {
// REQUIRED.
// The reference to which the action should be performed.
PublicShareReference ref = 2;
// OPTIONAL.
// If a signature should be included in the share.
bool sign = 3;
}

message GetPublicShareResponse {
Expand All @@ -224,9 +230,6 @@ message GetPublicShareResponse {
// REQUIRED.
// The share.
PublicShare share = 3;
// OPTIONAL.
// The share password hash.
string password_hash = 4;
}

message GetPublicShareByTokenRequest {
Expand All @@ -237,8 +240,11 @@ message GetPublicShareByTokenRequest {
// The unlisted token to identify the public share.
string token = 2;
// OPTIONAL.
// The public link can be password protected.
string password = 3;
// The public link can require authentication.
PublicShareAuthentication authentication = 3;
// OPTIONAL.
// If a signature should be included in the share.
bool sign = 4;
}

message GetPublicShareByTokenResponse {
Expand All @@ -253,5 +259,5 @@ message GetPublicShareByTokenResponse {
PublicShare share = 3;
// OPTIONAL.
// The share password hash.
string password_hash = 4;
string password_hash = 4 [deprecated = true];
}
27 changes: 27 additions & 0 deletions cs3/sharing/link/v1beta1/resources.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,11 @@ message PublicShare {
// This field is only useful for informational purposes, like for example,
// setting the window title in a public share HTML page.
string display_name = 11;
// OPTIONAL.
// A time constrained token with which
// GetPublicSharebyToken requests can be
// authenticated.
ShareSignature signature = 12;
}

// The permissions for a share.
Expand Down Expand Up @@ -130,6 +135,28 @@ message PublicShareReference {
}
}

// The mechanism to authenticate a request to
// GetPublicShareByToken.
message PublicShareAuthentication {
oneof spec {
// The password of the share.
string password = 1;
// The signature issued by GetPublicShareByToken.
ShareSignature signature = 2;
}
}

// A time constrained token which can be used to
// authenticate link share requests.
message ShareSignature {
// REQUIRED.
// The signature value.
string signature = 1;
// REQUIRED.
// The time until the signature becomes invalid.
cs3.types.v1beta1.Timestamp signature_expiration = 2;
}

// Defines the restrictions for the public share.
message Grant {
// REQUIRED.
Expand Down
141 changes: 130 additions & 11 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1103,6 +1103,10 @@ <h2>Table of Contents</h2>
<a href="#cs3.sharing.link.v1beta1.PublicShare"><span class="badge">M</span>PublicShare</a>
</li>

<li>
<a href="#cs3.sharing.link.v1beta1.PublicShareAuthentication"><span class="badge">M</span>PublicShareAuthentication</a>
</li>

<li>
<a href="#cs3.sharing.link.v1beta1.PublicShareId"><span class="badge">M</span>PublicShareId</a>
</li>
Expand All @@ -1115,6 +1119,10 @@ <h2>Table of Contents</h2>
<a href="#cs3.sharing.link.v1beta1.PublicShareReference"><span class="badge">M</span>PublicShareReference</a>
</li>

<li>
<a href="#cs3.sharing.link.v1beta1.ShareSignature"><span class="badge">M</span>ShareSignature</a>
</li>




Expand Down Expand Up @@ -8482,11 +8490,19 @@ <h3 id="cs3.sharing.link.v1beta1.GetPublicShareByTokenRequest">GetPublicShareByT
</tr>

<tr>
<td>password</td>
<td><a href="#string">string</a></td>
<td>authentication</td>
<td><a href="#cs3.sharing.link.v1beta1.PublicShareAuthentication">PublicShareAuthentication</a></td>
<td></td>
<td><p>OPTIONAL.
The public link can require authentication. </p></td>
</tr>

<tr>
<td>sign</td>
<td><a href="#bool">bool</a></td>
<td></td>
<td><p>OPTIONAL.
The public link can be password protected. </p></td>
If a signature should be included in the share. </p></td>
</tr>

</tbody>
Expand Down Expand Up @@ -8542,6 +8558,27 @@ <h3 id="cs3.sharing.link.v1beta1.GetPublicShareByTokenResponse">GetPublicShareBy
</table>




<h4>Fields with deprecated option</h4>
<table>
<thead>
<tr>
<td>Name</td>
<td>Option</td>
</tr>
</thead>
<tbody>

<tr>
<td>password_hash</td>
<td><p>true</p></td>
</tr>

</tbody>
</table>





Expand Down Expand Up @@ -8571,6 +8608,14 @@ <h3 id="cs3.sharing.link.v1beta1.GetPublicShareRequest">GetPublicShareRequest</h
The reference to which the action should be performed. </p></td>
</tr>

<tr>
<td>sign</td>
<td><a href="#bool">bool</a></td>
<td></td>
<td><p>OPTIONAL.
If a signature should be included in the share. </p></td>
</tr>

</tbody>
</table>

Expand Down Expand Up @@ -8612,14 +8657,6 @@ <h3 id="cs3.sharing.link.v1beta1.GetPublicShareResponse">GetPublicShareResponse<
The share. </p></td>
</tr>

<tr>
<td>password_hash</td>
<td><a href="#string">string</a></td>
<td></td>
<td><p>OPTIONAL.
The share password hash. </p></td>
</tr>

</tbody>
</table>

Expand Down Expand Up @@ -8653,6 +8690,14 @@ <h3 id="cs3.sharing.link.v1beta1.ListPublicSharesRequest">ListPublicSharesReques
The list of filters to apply if any. </p></td>
</tr>

<tr>
<td>sign</td>
<td><a href="#bool">bool</a></td>
<td></td>
<td><p>OPTIONAL.
If a signature should be included in the share. </p></td>
</tr>

</tbody>
</table>

Expand Down Expand Up @@ -9243,6 +9288,47 @@ <h3 id="cs3.sharing.link.v1beta1.PublicShare">PublicShare</h3>
setting the window title in a public share HTML page. </p></td>
</tr>

<tr>
<td>signature</td>
<td><a href="#cs3.sharing.link.v1beta1.ShareSignature">ShareSignature</a></td>
<td></td>
<td><p>OPTIONAL.
A time constrained token with which
GetPublicSharebyToken requests can be
authenticated. </p></td>
</tr>

</tbody>
</table>





<h3 id="cs3.sharing.link.v1beta1.PublicShareAuthentication">PublicShareAuthentication</h3>
<p>The mechanism to authenticate a request to</p><p>GetPublicShareByToken.</p>


<table class="field-table">
<thead>
<tr><td>Field</td><td>Type</td><td>Label</td><td>Description</td></tr>
</thead>
<tbody>

<tr>
<td>password</td>
<td><a href="#string">string</a></td>
<td></td>
<td><p>The password of the share. </p></td>
</tr>

<tr>
<td>signature</td>
<td><a href="#cs3.sharing.link.v1beta1.ShareSignature">ShareSignature</a></td>
<td></td>
<td><p>The signature issued by GetPublicShareByToken. </p></td>
</tr>

</tbody>
</table>

Expand Down Expand Up @@ -9332,6 +9418,39 @@ <h3 id="cs3.sharing.link.v1beta1.PublicShareReference">PublicShareReference</h3>



<h3 id="cs3.sharing.link.v1beta1.ShareSignature">ShareSignature</h3>
<p>A time constrained token which can be used to</p><p>authenticate link share requests.</p>


<table class="field-table">
<thead>
<tr><td>Field</td><td>Type</td><td>Label</td><td>Description</td></tr>
</thead>
<tbody>

<tr>
<td>signature</td>
<td><a href="#string">string</a></td>
<td></td>
<td><p>REQUIRED.
The signature value. </p></td>
</tr>

<tr>
<td>signature_expiration</td>
<td><a href="#cs3.types.v1beta1.Timestamp">cs3.types.v1beta1.Timestamp</a></td>
<td></td>
<td><p>REQUIRED.
The time until the signature becomes invalid. </p></td>
</tr>

</tbody>
</table>








Expand Down
Loading

0 comments on commit aa7f446

Please sign in to comment.