From 6e507d974b62626858a3067c153425c42bb93ae4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20B=C3=B6lts?= Date: Fri, 21 Jun 2024 13:38:30 +0200 Subject: [PATCH 1/2] #409 Remove old Auth2-Flow (integrated browser) --- KeeAnywhere/KeeAnywhere.csproj | 12 -- KeeAnywhere/OAuth2/IOAuth2Provider.cs | 21 --- KeeAnywhere/OAuth2/OAuth2Flow.cs | 23 --- KeeAnywhere/OAuth2/OAuth2Form.Designer.cs | 136 ------------------ KeeAnywhere/OAuth2/OAuth2Form.cs | 119 --------------- KeeAnywhere/OAuth2/OAuth2Form.resx | 120 ---------------- KeeAnywhere/OAuth2/OAuth2Token.cs | 36 ----- KeeAnywhere/StorageProviders/Box/BoxHelper.cs | 4 +- .../Box/BoxStorageConfigurator.cs | 119 ++++----------- 9 files changed, 26 insertions(+), 564 deletions(-) delete mode 100644 KeeAnywhere/OAuth2/IOAuth2Provider.cs delete mode 100644 KeeAnywhere/OAuth2/OAuth2Flow.cs delete mode 100644 KeeAnywhere/OAuth2/OAuth2Form.Designer.cs delete mode 100644 KeeAnywhere/OAuth2/OAuth2Form.cs delete mode 100644 KeeAnywhere/OAuth2/OAuth2Form.resx delete mode 100644 KeeAnywhere/OAuth2/OAuth2Token.cs diff --git a/KeeAnywhere/KeeAnywhere.csproj b/KeeAnywhere/KeeAnywhere.csproj index 49afa23..9d7fc0b 100644 --- a/KeeAnywhere/KeeAnywhere.csproj +++ b/KeeAnywhere/KeeAnywhere.csproj @@ -410,21 +410,12 @@ - - Form OidcWaitForm.cs - - Form - - - OAuth2Form.cs - - @@ -526,9 +517,6 @@ OidcWaitForm.cs - - OAuth2Form.cs - ResXFileCodeGenerator PluginResources.Designer.cs diff --git a/KeeAnywhere/OAuth2/IOAuth2Provider.cs b/KeeAnywhere/OAuth2/IOAuth2Provider.cs deleted file mode 100644 index 5c3c1a8..0000000 --- a/KeeAnywhere/OAuth2/IOAuth2Provider.cs +++ /dev/null @@ -1,21 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.Threading.Tasks; - -namespace KeeAnywhere.OAuth2 -{ - public interface IOAuth2Provider - { - Task Initialize(); - bool CanClaim(Uri uri, string documentTitle); - Task Claim(Uri uri, string documentTitle); - - Uri PreAuthorizationUrl { get; } - Uri AuthorizationUrl { get; } - Uri RedirectionUrl { get; } - - string FriendlyProviderName { get; } - } -} diff --git a/KeeAnywhere/OAuth2/OAuth2Flow.cs b/KeeAnywhere/OAuth2/OAuth2Flow.cs deleted file mode 100644 index 70a6287..0000000 --- a/KeeAnywhere/OAuth2/OAuth2Flow.cs +++ /dev/null @@ -1,23 +0,0 @@ -using System.Windows.Forms; -using KeePass.UI; -using KeePassLib.Utility; - -namespace KeeAnywhere.OAuth2 -{ - public static class OAuth2Flow - { - public static bool TryAuthenticate(IOAuth2Provider provider) - { - var dlg = new OAuth2Form(); - dlg.InitEx(provider); - var result = UIUtil.ShowDialogAndDestroy(dlg); - - if (result == DialogResult.Abort) // Faulted - no user cancellation - { - MessageService.ShowFatal("Authentication failed!", dlg.LastException); - } - - return result == DialogResult.OK; - } - } -} \ No newline at end of file diff --git a/KeeAnywhere/OAuth2/OAuth2Form.Designer.cs b/KeeAnywhere/OAuth2/OAuth2Form.Designer.cs deleted file mode 100644 index cad2f57..0000000 --- a/KeeAnywhere/OAuth2/OAuth2Form.Designer.cs +++ /dev/null @@ -1,136 +0,0 @@ -namespace KeeAnywhere.OAuth2 -{ - partial class OAuth2Form - { - /// - /// Required designer variable. - /// - private System.ComponentModel.IContainer components = null; - - /// - /// Clean up any resources being used. - /// - /// true if managed resources should be disposed; otherwise, false. - protected override void Dispose(bool disposing) - { - if (disposing && (components != null)) - { - components.Dispose(); - } - base.Dispose(disposing); - } - - #region Windows Form Designer generated code - - /// - /// Required method for Designer support - do not modify - /// the contents of this method with the code editor. - /// - private void InitializeComponent() - { - this.m_browser = new System.Windows.Forms.WebBrowser(); - this.m_bannerImage = new System.Windows.Forms.PictureBox(); - this.m_pnlWait = new System.Windows.Forms.Panel(); - this.m_lblWait = new System.Windows.Forms.Label(); - this.m_pgbWait = new System.Windows.Forms.ProgressBar(); - ((System.ComponentModel.ISupportInitialize)(this.m_bannerImage)).BeginInit(); - this.m_pnlWait.SuspendLayout(); - this.SuspendLayout(); - // - // m_browser - // - this.m_browser.AllowWebBrowserDrop = false; - this.m_browser.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom) - | System.Windows.Forms.AnchorStyles.Left) - | System.Windows.Forms.AnchorStyles.Right))); - this.m_browser.Location = new System.Drawing.Point(0, 66); - this.m_browser.MinimumSize = new System.Drawing.Size(20, 20); - this.m_browser.Name = "m_browser"; - this.m_browser.ScriptErrorsSuppressed = true; - this.m_browser.Size = new System.Drawing.Size(834, 546); - this.m_browser.TabIndex = 0; - this.m_browser.WebBrowserShortcutsEnabled = false; - this.m_browser.DocumentCompleted += new System.Windows.Forms.WebBrowserDocumentCompletedEventHandler(this.OnDocumentCompleted); - this.m_browser.Navigated += new System.Windows.Forms.WebBrowserNavigatedEventHandler(this.OnNavigated); - this.m_browser.Navigating += new System.Windows.Forms.WebBrowserNavigatingEventHandler(this.OnNavigating); - this.m_browser.NewWindow += new System.ComponentModel.CancelEventHandler(this.OnNewWindow); - // - // m_bannerImage - // - this.m_bannerImage.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) - | System.Windows.Forms.AnchorStyles.Right))); - this.m_bannerImage.Location = new System.Drawing.Point(0, 0); - this.m_bannerImage.Name = "m_bannerImage"; - this.m_bannerImage.Size = new System.Drawing.Size(834, 60); - this.m_bannerImage.TabIndex = 17; - this.m_bannerImage.TabStop = false; - // - // m_pnlWait - // - this.m_pnlWait.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom) - | System.Windows.Forms.AnchorStyles.Left) - | System.Windows.Forms.AnchorStyles.Right))); - this.m_pnlWait.Controls.Add(this.m_lblWait); - this.m_pnlWait.Controls.Add(this.m_pgbWait); - this.m_pnlWait.Location = new System.Drawing.Point(0, 66); - this.m_pnlWait.Name = "m_pnlWait"; - this.m_pnlWait.Size = new System.Drawing.Size(834, 546); - this.m_pnlWait.TabIndex = 18; - this.m_pnlWait.UseWaitCursor = true; - this.m_pnlWait.Visible = false; - // - // m_lblWait - // - this.m_lblWait.AutoSize = true; - this.m_lblWait.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.m_lblWait.Location = new System.Drawing.Point(109, 181); - this.m_lblWait.Name = "m_lblWait"; - this.m_lblWait.Size = new System.Drawing.Size(161, 13); - this.m_lblWait.TabIndex = 1; - this.m_lblWait.Text = "Processing ... Please Wait!"; - this.m_lblWait.UseWaitCursor = true; - // - // m_pgbWait - // - this.m_pgbWait.Anchor = ((System.Windows.Forms.AnchorStyles)(((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Left) - | System.Windows.Forms.AnchorStyles.Right))); - this.m_pgbWait.Location = new System.Drawing.Point(109, 151); - this.m_pgbWait.Name = "m_pgbWait"; - this.m_pgbWait.Size = new System.Drawing.Size(615, 23); - this.m_pgbWait.Style = System.Windows.Forms.ProgressBarStyle.Marquee; - this.m_pgbWait.TabIndex = 0; - this.m_pgbWait.UseWaitCursor = true; - this.m_pgbWait.Value = 100; - // - // OAuth2Form - // - this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F); - this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font; - this.ClientSize = new System.Drawing.Size(834, 612); - this.Controls.Add(this.m_pnlWait); - this.Controls.Add(this.m_bannerImage); - this.Controls.Add(this.m_browser); - this.MaximizeBox = false; - this.MinimizeBox = false; - this.Name = "OAuth2Form"; - this.StartPosition = System.Windows.Forms.FormStartPosition.CenterParent; - this.Text = "OAuth2Form"; - this.FormClosed += new System.Windows.Forms.FormClosedEventHandler(this.OnFormClosed); - this.Load += new System.EventHandler(this.OnLoad); - this.Resize += new System.EventHandler(this.OnResize); - ((System.ComponentModel.ISupportInitialize)(this.m_bannerImage)).EndInit(); - this.m_pnlWait.ResumeLayout(false); - this.m_pnlWait.PerformLayout(); - this.ResumeLayout(false); - - } - - #endregion - - private System.Windows.Forms.WebBrowser m_browser; - private System.Windows.Forms.PictureBox m_bannerImage; - private System.Windows.Forms.Panel m_pnlWait; - private System.Windows.Forms.Label m_lblWait; - private System.Windows.Forms.ProgressBar m_pgbWait; - } -} \ No newline at end of file diff --git a/KeeAnywhere/OAuth2/OAuth2Form.cs b/KeeAnywhere/OAuth2/OAuth2Form.cs deleted file mode 100644 index 339f35f..0000000 --- a/KeeAnywhere/OAuth2/OAuth2Form.cs +++ /dev/null @@ -1,119 +0,0 @@ -using System; -using System.ComponentModel; -using System.Diagnostics; -using System.Windows.Forms; -using KeePass.UI; - -namespace KeeAnywhere.OAuth2 -{ - public partial class OAuth2Form : Form - { - private IOAuth2Provider m_provider; - private bool m_isPreAuthorization; - private bool m_isClaimed; - - public OAuth2Form() - { - InitializeComponent(); - } - - public async void InitEx(IOAuth2Provider provider) - { - if (provider == null) throw new ArgumentNullException("provider"); - m_provider = provider; - - - await provider.Initialize(); - } - - private void OnLoad(object sender, EventArgs e) - { - GlobalWindowManager.AddWindow(this); - - Icon = PluginResources.Icon_OneDrive_16x16; - - UpdateBanner(); - - m_isPreAuthorization = m_provider.PreAuthorizationUrl != null; - m_browser.Navigate(m_provider.PreAuthorizationUrl ?? m_provider.AuthorizationUrl); - } - - private void OnFormClosed(object sender, FormClosedEventArgs e) - { - GlobalWindowManager.RemoveWindow(this); - } - - private void UpdateBanner() - { - if (m_provider == null) return; - var text = string.Format("Authorize to {0}", m_provider.FriendlyProviderName); - this.Text = text; - BannerFactory.CreateBannerEx(this, m_bannerImage, - PluginResources.KeeAnywhere_48x48, text, - string.Format("Please follow the instructions to authorize KeeAnywhere to access your {0} account.", m_provider.FriendlyProviderName)); - } - - private void OnDocumentCompleted(object sender, WebBrowserDocumentCompletedEventArgs e) - { - Debug.WriteLine("DocumentCompleted " + e.Url); - } - - private async void OnNavigated(object sender, WebBrowserNavigatedEventArgs e) - { - Debug.WriteLine("Navigated " + e.Url); - - // Pre-Authorization performed? - if (m_isPreAuthorization) - { - m_isPreAuthorization = false; - m_browser.Stop(); - m_browser.Navigate(m_provider.AuthorizationUrl); - return; - } - - // we need to ignore all navigation that is already claimed or could not be claimed (due to missing code). - if (m_isClaimed || !m_provider.CanClaim(e.Url, m_browser.DocumentTitle)) - { - return; - } - - m_isClaimed = true; - m_browser.Stop(); - m_browser.Visible = false; - m_pnlWait.Visible = true; - - try - { - var isOk = await m_provider.Claim(e.Url, m_browser.DocumentTitle); - DialogResult = isOk ? DialogResult.OK : DialogResult.Abort; - } - catch (Exception ex) - { - this.LastException = ex; - DialogResult = DialogResult.Abort; - } - finally - { - Close(); - } - } - - public Exception LastException { get; set; } - - private void OnNavigating(object sender, WebBrowserNavigatingEventArgs e) - { - Debug.WriteLine("Navigating " + e.Url); - } - - private void OnNewWindow(object sender, CancelEventArgs e) - { - Debug.WriteLine("NewWindow"); - e.Cancel = true; - } - - private void OnResize(object sender, EventArgs e) - { - UpdateBanner(); - } - } -} \ No newline at end of file diff --git a/KeeAnywhere/OAuth2/OAuth2Form.resx b/KeeAnywhere/OAuth2/OAuth2Form.resx deleted file mode 100644 index 1af7de1..0000000 --- a/KeeAnywhere/OAuth2/OAuth2Form.resx +++ /dev/null @@ -1,120 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - text/microsoft-resx - - - 2.0 - - - System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 - - - System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 - - \ No newline at end of file diff --git a/KeeAnywhere/OAuth2/OAuth2Token.cs b/KeeAnywhere/OAuth2/OAuth2Token.cs deleted file mode 100644 index dd804a9..0000000 --- a/KeeAnywhere/OAuth2/OAuth2Token.cs +++ /dev/null @@ -1,36 +0,0 @@ -using System; -using System.Runtime.Serialization; - -namespace KeeAnywhere.OAuth2 -{ - [DataContract] - public class OAuth2Token - { - public OAuth2Token() - { - } - - internal OAuth2Token(string accessToken, string tokenType, int? expiresIn = null, string refreshToken = null) - { - if (string.IsNullOrEmpty(accessToken)) - throw new ArgumentException("Invalid OAuth 2.0 response, missing access_token."); - - AccessToken = accessToken; - ExpiresIn = expiresIn; - TokenType = tokenType; - RefreshToken = refreshToken; - } - - [DataMember(Name = "access_token")] - public string AccessToken { get; set; } - - [DataMember(Name = "expires_in")] - public int? ExpiresIn { get; set; } - - [DataMember(Name = "token_type")] - public string TokenType { get; set; } - - [DataMember(Name = "refresh_token")] - public string RefreshToken { get; set; } - } -} \ No newline at end of file diff --git a/KeeAnywhere/StorageProviders/Box/BoxHelper.cs b/KeeAnywhere/StorageProviders/Box/BoxHelper.cs index 8a72870..60ab197 100644 --- a/KeeAnywhere/StorageProviders/Box/BoxHelper.cs +++ b/KeeAnywhere/StorageProviders/Box/BoxHelper.cs @@ -31,8 +31,6 @@ never the real production keys. internal const string BoxClientId = "dummy"; internal const string BoxClientSecret = "dummy"; - - internal const string RedirectUri = "https://localhost/oauth"; internal const int Limit = 500; internal static BoxConfig Config; @@ -41,7 +39,7 @@ never the real production keys. static BoxHelper() { - Config = new BoxConfig(BoxClientId, BoxClientSecret, new Uri(RedirectUri)); + Config = new BoxConfig(BoxClientId, BoxClientSecret, null); } public static async Task GetClient(AccountConfiguration account) diff --git a/KeeAnywhere/StorageProviders/Box/BoxStorageConfigurator.cs b/KeeAnywhere/StorageProviders/Box/BoxStorageConfigurator.cs index 00360a4..8122c3f 100644 --- a/KeeAnywhere/StorageProviders/Box/BoxStorageConfigurator.cs +++ b/KeeAnywhere/StorageProviders/Box/BoxStorageConfigurator.cs @@ -1,122 +1,53 @@ using System; -using System.Collections.Generic; using System.Threading.Tasks; -using Box.V2; -using Box.V2.Auth; +using Box.V2.Config; using KeeAnywhere.Configuration; using KeeAnywhere.OAuth2; namespace KeeAnywhere.StorageProviders.Box { - // OAuth Flow with localhost listener. Box does not allow "insecure" http-Access in general. - // => can't user local server here. - - //public class BoxStorageConfigurator : IStorageConfigurator - //{ - // public async Task CreateAccount() - // { - // var f = new OidcWaitForm(); - // f.InitEx(StorageType.Box); - // f.Show(); - - - // var clientId = BoxHelper.Config.ClientId; - // var clientSecret = BoxHelper.Config.ClientSecret; - - // var browser = new OidcSystemBrowser(); - - // var redirectUri = browser.RedirectUri; + public class BoxStorageConfigurator : IStorageConfigurator + { + public async Task CreateAccount() + { + var f = new OidcWaitForm(); + f.InitEx(StorageType.Box); + f.Show(); - // var config = new BoxConfig(clientId, clientSecret, new Uri(redirectUri)); - // var uri = config.AuthCodeUri; - // var query = await browser.GetQueryStringAsync(uri.ToString(), f.CancellationToken); + var clientId = BoxHelper.Config.ClientId; + var clientSecret = BoxHelper.Config.ClientSecret; - // var code = query["code"]; + var browser = new OidcSystemBrowser(); - // var api = BoxHelper.GetClient(); - // var token = await api.Auth.AuthenticateAsync(code); + var redirectUri = browser.RedirectUri; - // if (token == null || token.RefreshToken == null || token.AccessToken == null) - // { - // throw new Exception("Unauthorized"); - // } + var config = new BoxConfig(clientId, clientSecret, new Uri(redirectUri)); - // var user = await api.UsersManager.GetCurrentUserInformationAsync(); + var uri = config.AuthCodeUri; + var query = await browser.GetQueryStringAsync(uri.ToString(), f.CancellationToken); - // f.Close(); + var code = query["code"]; - // return new AccountConfiguration - // { - // Type = StorageType.Box, - // Id = user.Id, - // Name = user.Name, - // Secret = token.RefreshToken - // }; - // } - //} + var api = BoxHelper.GetClient(); + var token = await api.Auth.AuthenticateAsync(code); - public class BoxStorageConfigurator : IStorageConfigurator, IOAuth2Provider - { - private OAuthSession _token; - private BoxClient _api; + if (token == null || token.RefreshToken == null || token.AccessToken == null) + { + throw new Exception("Unauthorized"); + } - public async Task CreateAccount() - { - var isOk = OAuth2Flow.TryAuthenticate(this); - if (!isOk) return null; + var user = await api.UsersManager.GetCurrentUserInformationAsync(); - var user = await _api.UsersManager.GetCurrentUserInformationAsync(); + f.Close(); return new AccountConfiguration { Type = StorageType.Box, Id = user.Id, Name = user.Name, - Secret = _token.RefreshToken + Secret = token.RefreshToken }; } - - public async Task Initialize() - { - this.RedirectionUrl = BoxHelper.Config.RedirectUri; - this.AuthorizationUrl = BoxHelper.Config.AuthCodeUri; - } - - public bool CanClaim(Uri uri, string documentTitle) - { - return uri.ToString().StartsWith(this.RedirectionUrl.ToString(), StringComparison.OrdinalIgnoreCase); - } - - public async Task Claim(Uri uri, string documentTitle) - { - IDictionary keyDictionary = new Dictionary(); - var qSplit = uri.Query.Split('?'); - foreach (var kvp in qSplit[qSplit.Length - 1].Split('&')) - { - var kvpSplit = kvp.Split('='); - if (kvpSplit.Length == 2) - { - keyDictionary.Add(kvpSplit[0], kvpSplit[1]); - } - } - - if (!keyDictionary.ContainsKey("code")) - return false; - - var authCode = keyDictionary["code"]; - if (string.IsNullOrEmpty(authCode)) - return false; - - _api = BoxHelper.GetClient(); - _token = await _api.Auth.AuthenticateAsync(authCode); - - return _token != null && _token.RefreshToken != null && _token.AccessToken != null; - } - - public Uri PreAuthorizationUrl { get; protected set; } - public Uri AuthorizationUrl { get; protected set; } - public Uri RedirectionUrl { get; protected set; } - public string FriendlyProviderName { get { return "Box"; } } } } \ No newline at end of file From 285de8e46aa5d3c1aae284ce9b5d17e6c308480d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20B=C3=B6lts?= Date: Fri, 21 Jun 2024 13:41:44 +0200 Subject: [PATCH 2/2] #409 Remove old Auth2-Flow (integrated browser) --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b927ea1..aba1034 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ ## 2.2.0 (unrelease) +### New + +- \#409 Remove old Auth2-Flow (integrated browser) + ### Improved - Updated Dependencies (AWS, Box, Dropbox, Google Drive, Google Storage, OneDrive)