melon/tokidoki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
56 Commits 1 Branch 0 Tags 123 KiB
0719d5c32f
Commit Graph

56 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Conrad Hoffmann
0719d5c32f Use latest go-webdav from dev fork 
PRs for all change sets are open on upstream go-webdav.
 2022-10-31 12:23:54 +01:00
Conrad Hoffmann
058c063819 Fix errors introduced in previous commit :/ 2022-10-28 19:41:44 +02:00
Conrad Hoffmann
b99f38a1b7 Fix assignment to shadowed variable 
This fixes the request that creates the address book returning an error
even though it was successfully created and read.
 2022-10-28 12:37:41 +02:00
Conrad Hoffmann
196503553a storage/filesystem: implement DeleteCalendarObject 2022-10-28 12:20:22 +02:00
Conrad Hoffmann
9425b8cc81 Temporarily switch to dev version of go-webdav 2022-10-28 12:19:24 +02:00
Conrad Hoffmann
474048d4cd Update to latest go-webdav 2022-10-18 15:19:30 +02:00
Simon Ser
10587f425b auth: add PAM support 
Handy for small local installations.

Disabled by default because it adds a dependency on the PAM
library.
 2022-09-13 10:04:45 +02:00
Simon Ser
228384530e storage/filesystem: atomically check for IfNoneMatch 
Using a separate os.Stat() call may result in a race where another
request handler running concurrently creates the file in-between
the os.Stat() call and the os.Create() call.

Use O_EXCL to avoid this situation.
 2022-06-03 10:15:23 +02:00
Conrad Hoffmann
a3bfd56bf9 Update go-webdav dependency 
Latest version includes some improvements for `carddav.Filter()`
 2022-06-03 09:49:00 +02:00
Conrad Hoffmann
486a5285db Add filtering of CalDAV query results 
Currently, `QueryCalendarObjects()` simply returns all objects. Now that
`caldav.Filter()` is available upstream, use it to actually filter out
events that do not match the query.
 2022-06-03 09:45:27 +02:00
Conrad Hoffmann
04a422523a Handle If-None-Match in PUT requests 
As objects always get written to the path that is their UID, we don't
have to worry about UID conflicts. Unless, the client creates a new
contact, in which case this header should be set.
 2022-06-01 11:55:03 +02:00
Conrad Hoffmann
b2057fe9ef Switch back to upstream go-webdav 
It now has all the patches needed. There is still more to come for
providing more functionality, but this can all happen upstream.
 2022-06-01 11:11:20 +02:00
Simon Ser
5edd0f5a0e storage/filesystem: simplify UserPrincipalBackend 
Use composition to expose UserPrincipalBackend in filesystemBackend.
That way, no need to re-define the CurrentUserPrincipal method.
 2022-05-24 13:50:54 +02:00
Simon Ser
e443b02acf auth/imap: close IMAP connection earlier 
No need to keep it around after Authenticate succeeds while handling
the HTTP request (via next.ServeHTTP).
 2022-05-24 13:27:15 +02:00
Conrad Hoffmann
e349c22ef3 Add build manifest with build and lint steps 2022-05-20 09:55:51 +02:00
Conrad Hoffmann
21514ae6b0 Add usage notes to README 
Specifically, mention some of the current limitations.
 2022-05-20 09:45:17 +02:00
Conrad Hoffmann
d05d1d486e Add more details to README 2022-05-19 12:22:41 +02:00
Conrad Hoffmann
c033c1dfcb Allow PROPPATCH method 
This only tells chi to pass those requests to the regular handler. It is
not really handled well in go-webdav so far (work in progress).
 2022-05-18 10:21:31 +02:00
Conrad Hoffmann
a734b3b532 Set content length propery for DAV objects 
This makes collections play nice with clients that require it, like
cadaver.
 2022-05-17 15:28:09 +02:00
Conrad Hoffmann
5a6306bd83 Properly mark TODO comment 2022-05-17 15:24:43 +02:00
Conrad Hoffmann
be2e21ad37 Add very brief instructions for running tokidoki 2022-05-13 15:54:51 +02:00
Conrad Hoffmann
53b2c88311 Adapt to latest changes in go-webdav 
There is now only one last PR missing before we can start using the
vanilla upstream go-webdav again. Thanks a lot to Simon for his patience
reviewing my PRs!
 2022-05-13 15:38:02 +02:00
Conrad Hoffmann
4765adc1a3 Use NewHTTPError to return better errors 
That function is merged upstream, but the current version still depends
on some stuff not yet merged into upstream go-webdav.
 2022-05-06 09:16:17 +02:00
Conrad Hoffmann
c2f35df455 Add some debug output to auth module 2022-05-03 16:59:39 +02:00
Conrad Hoffmann
001917295d Add CalDAV support, refactor 
The filesystem storage backend now implements the required functions to
act as a basic CalDAV server. Some refactoring was done based on the
go-webdav development: introduce a UserPrincipalBackend, a new function
to serve the user principal URL, and more. See this PR for lots of
details: https://github.com/emersion/go-webdav/pull/62

Also adds a simple facility for debug output.
 2022-05-03 16:06:47 +02:00
Conrad Hoffmann
5728f1ee27 Make sure clients cannot overwrite address book 
Tighten the regex for valid resources and change the name of the default
address book file so that it is not covered by that regex. This will
prohibit clients from accidentally or maliciously PUTing to that file.
 2022-03-16 15:15:01 +01:00
Conrad Hoffmann
f4a3598191 Use simpler os.Create for writing files 2022-03-16 15:11:06 +01:00
Conrad Hoffmann
29bf819ab1 Avoid empty array allocations 2022-03-16 15:08:42 +01:00
Conrad Hoffmann
e5db18e289 Remove stat call from happy path 
Just try to read the file, use it if it works. Only if the file does
not exist, create default address book and try again.
 2022-03-16 15:02:18 +01:00
Conrad Hoffmann
86359a5e11 Avoid using pointers for card.Card 
It's just a map, Go will do the right thing.
 2022-03-16 14:51:26 +01:00
Conrad Hoffmann
e069bc0e9b Use SHA1 streaming hash for Etag 2022-03-16 14:47:47 +01:00
Conrad Hoffmann
b3277148d7 Compile regex globally 2022-03-16 14:47:11 +01:00
Conrad Hoffmann
78bd2a9b84 Keep context keys private 
Instead, offer type safe accessors, as documented here:

https://pkg.go.dev/context#Context
 2022-03-16 14:33:47 +01:00
Conrad Hoffmann
07c19a6f6c Use base64 encoded user name as their base dir 
This is safe in all circumstance and leaves it up to the auth backend to
use whatever name they like for authentication.
 2022-03-10 17:56:58 +01:00
Conrad Hoffmann
04be038c05 Implement UID conflict check in PutAddressObject 2022-03-10 17:56:58 +01:00
Conrad Hoffmann
8b3306b580 Depend on latest go-webdav version 2022-03-10 16:52:07 +01:00
Conrad Hoffmann
1d50d6dad8 Harden mapping from request path to FS path 
Put strict checks in place to avoid authenticated users accessing files
outside of their actual storage directory. These checks will need
updating if multiple address books are to be supported.
 2022-03-10 16:46:56 +01:00
Conrad Hoffmann
18a9f9bf77 Implement query and property filters 
The property filters are also used for other operations.
 2022-03-01 11:51:34 +01:00
Conrad Hoffmann
9b0d3b87ad Use latest upstream go-webdav 2022-03-01 11:51:34 +01:00
Conrad Hoffmann
8c8d96c2bc Fix conflation of URL and storage path 
The path returned must of course be the external URL path, not the
internal storage path.
 2022-02-28 19:48:49 +01:00
Conrad Hoffmann
0f2356f42d Register COPY & MOVE methods with chi 2022-02-24 13:39:03 +01:00
Conrad Hoffmann
8b46585109 storage/filesystem: implement more operations 
Everything except QueryAddressObjects is now functional, though not
feature-complete. Simple operations work, e.g. via Evolution.
 2022-02-24 12:54:30 +01:00
Conrad Hoffmann
65346f0317 Depend on latest go-webdav version 2022-02-24 12:51:57 +01:00
Conrad Hoffmann
edd01ff7a3 Make storage backend configurable via -storage.url 
Same mechanism as for configuring the auth backend.
 2022-02-23 21:09:20 +01:00
Conrad Hoffmann
3e464747d8 Define and use an auth context structure 2022-02-23 21:09:20 +01:00
Conrad Hoffmann
d917938a29 Start simple filesystem storage backend 2022-02-23 21:09:20 +01:00
Conrad Hoffmann
3281b1d32b Switch to new interfaces with context 
See https://github.com/emersion/go-webdav/pull/53
 2022-02-23 13:44:05 +01:00
Conrad Hoffmann
6051fec4c4 Register WebDAV-specific HTTP methods with chi 
Otherwise the router will return 405 before the request makes it to our
middleware.
 2022-02-22 18:28:37 +01:00
Conrad Hoffmann
2b6220c1ea Add stub for filesystem storage backend 
References: https://todo.sr.ht/~sircmpwn/tokidoki/2
 2022-02-22 12:18:07 +01:00
Conrad Hoffmann
071ee7c729 Implement configurable auth providers 
New providers need to "register" their URL scheme of choice in
auth.NewFromURL().

Implements: https://todo.sr.ht/~sircmpwn/tokidoki/1
 2022-02-22 11:44:37 +01:00