Issue CollaboraOnline#56: Convert CoolJwt into a service.

donquixote · Nov 14, 2024 · c3139c7 · c3139c7
1 parent 950981c
commit c3139c7
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 14 deletions.
diff --git a/collabora_online.services.yml b/collabora_online.services.yml
@@ -6,3 +6,4 @@ services:
     arguments: ['cool']
   Drupal\collabora_online\Cool\CoolDiscoveryXmlEndpoint: { }
   Drupal\collabora_online\Cool\CoolRequest: { }
+  Drupal\collabora_online\Service\CoolJwt: { }
diff --git a/src/Controller/ViewerController.php b/src/Controller/ViewerController.php
@@ -27,13 +27,16 @@
 class ViewerController extends ControllerBase {
 
     /**
-     * The controller constructor.
+     * Constructor.
      *
+     * @param \Drupal\collabora_online\Service\CoolJwt $coolJwt
+     *   Service to manage the JWT token.
      * @param \Drupal\Core\Render\RendererInterface $renderer
      *   The renderer service.
      */
     public function __construct(
-        private readonly RendererInterface $renderer,
+        protected readonly CoolJwt $coolJwt,
+        protected readonly RendererInterface $renderer,
     ) {}
 
     /**
@@ -126,11 +129,11 @@ protected function getViewerRender(Media $media, string $wopi_client, bool $can_
 
         $id = $media->id();
 
-        $ttl = CoolJwt::getAccessTokenTtl();
+        $ttl = $this->coolJwt->getAccessTokenTtl();
         if ($ttl == 0) {
             $ttl = 86400;
         }
-        $access_token = CoolJwt::tokenForFileId($id, $ttl, $can_write);
+        $access_token = $this->coolJwt->tokenForFileId($id, $ttl, $can_write);
 
         $render_array = [
             '#wopiClient' => $wopi_client,

diff --git a/src/Controller/WopiController.php b/src/Controller/WopiController.php
@@ -27,6 +27,16 @@
  */
 class WopiController extends ControllerBase {
 
+    /**
+     * Constructor.
+     *
+     * @param \Drupal\collabora_online\Service\CoolJwt $coolJwt
+     *   Service to manage the JWT token.
+     */
+    public function __construct(
+       protected readonly CoolJwt $coolJwt,
+    ) {}
+
     /**
      * Creates a failure response that is understood by Collabora.
      *
@@ -55,7 +65,7 @@ public static function permissionDenied(): Response {
     public function wopiCheckFileInfo(string $id, Request $request) {
         $token = $request->query->get('access_token');
 
-        $jwt_payload = CoolJwt::verifyTokenForId($token, $id);
+        $jwt_payload = $this->coolJwt->verifyTokenForId($token, $id);
         if ($jwt_payload == NULL) {
             return static::permissionDenied();
         }
@@ -123,7 +133,7 @@ public function wopiCheckFileInfo(string $id, Request $request) {
     public function wopiGetFile(string $id, Request $request) {
         $token = $request->query->get('access_token');
 
-        $jwt_payload = CoolJwt::verifyTokenForId($token, $id);
+        $jwt_payload = $this->coolJwt->verifyTokenForId($token, $id);
         if ($jwt_payload == NULL) {
             return static::permissionDenied();
         }
@@ -162,7 +172,7 @@ public function wopiPutFile(string $id, Request $request) {
         $autosave = $request->headers->get('x-cool-wopi-isautosave') == 'true';
         $exitsave = $request->headers->get('x-cool-wopi-isexitsave') == 'true';
 
-        $jwt_payload = CoolJwt::verifyTokenForId($token, $id);
+        $jwt_payload = $this->coolJwt->verifyTokenForId($token, $id);
         if ($jwt_payload == NULL || !$jwt_payload->wri) {
             return static::permissionDenied();
         }

diff --git a/src/Service/CoolJwt.php b/src/Service/CoolJwt.php
@@ -8,7 +8,7 @@
 use Firebase\JWT\Key;
 
 /**
- * Static methods related to the JWT token.
+ * Service with functionality related to the JWT token.
  */
 class CoolJwt {
 
@@ -18,7 +18,7 @@ class CoolJwt {
      * @return string
      *   The key value.
      */
-    public static function getKey() {
+    public function getKey() {
         $default_config = \Drupal::config('collabora_online.settings');
         $key_id = $default_config->get('cool')['key_id'];
 
@@ -43,12 +43,12 @@ public static function getKey() {
      *   Data decoded from the token, or NULL on failure or if the token has
      *   expired.
      */
-    public static function verifyTokenForId(
+    public function verifyTokenForId(
         #[\SensitiveParameter]
         string $token,
         $id,
     ) {
-        $key = CoolJwt::getKey();
+        $key = $this->getKey();
         try {
             $payload = JWT::decode($token, new Key($key, 'HS256'));
 
@@ -85,14 +85,14 @@ public static function verifyTokenForId(
      * @return string
      *   The access token.
      */
-    public static function tokenForFileId($id, $ttl, $can_write = FALSE) {
+    public function tokenForFileId($id, $ttl, $can_write = FALSE) {
         $payload = [
             "fid" => $id,
             "uid" => \Drupal::currentUser()->id(),
             "exp" => $ttl,
             "wri" => $can_write,
         ];
-        $key = CoolJwt::getKey();
+        $key = $this->getKey();
         $jwt = JWT::encode($payload, $key, 'HS256');
 
         return $jwt;
@@ -104,7 +104,7 @@ public static function tokenForFileId($id, $ttl, $can_write = FALSE) {
      * @return int
      *   Token TTL in seconds.
      */
-    public static function getAccessTokenTtl() {
+    public function getAccessTokenTtl() {
         $default_config = \Drupal::config('collabora_online.settings');
         $ttl = $default_config->get('cool')['access_token_ttl'];