Commit Graph

34 Commits

Author SHA1 Message Date
Conrad Hoffmann
4765adc1a3 Use NewHTTPError to return better errors
That function is merged upstream, but the current version still depends
on some stuff not yet merged into upstream go-webdav.
2022-05-06 09:16:17 +02:00
Conrad Hoffmann
c2f35df455 Add some debug output to auth module 2022-05-03 16:59:39 +02:00
Conrad Hoffmann
001917295d Add CalDAV support, refactor
The filesystem storage backend now implements the required functions to
act as a basic CalDAV server. Some refactoring was done based on the
go-webdav development: introduce a UserPrincipalBackend, a new function
to serve the user principal URL, and more. See this PR for lots of
details: https://github.com/emersion/go-webdav/pull/62

Also adds a simple facility for debug output.
2022-05-03 16:06:47 +02:00
Conrad Hoffmann
5728f1ee27 Make sure clients cannot overwrite address book
Tighten the regex for valid resources and change the name of the default
address book file so that it is not covered by that regex. This will
prohibit clients from accidentally or maliciously PUTing to that file.
2022-03-16 15:15:01 +01:00
Conrad Hoffmann
f4a3598191 Use simpler os.Create for writing files 2022-03-16 15:11:06 +01:00
Conrad Hoffmann
29bf819ab1 Avoid empty array allocations 2022-03-16 15:08:42 +01:00
Conrad Hoffmann
e5db18e289 Remove stat call from happy path
Just try to read the file, use it if it works. Only if the file does
not exist, create default address book and try again.
2022-03-16 15:02:18 +01:00
Conrad Hoffmann
86359a5e11 Avoid using pointers for card.Card
It's just a map, Go will do the right thing.
2022-03-16 14:51:26 +01:00
Conrad Hoffmann
e069bc0e9b Use SHA1 streaming hash for Etag 2022-03-16 14:47:47 +01:00
Conrad Hoffmann
b3277148d7 Compile regex globally 2022-03-16 14:47:11 +01:00
Conrad Hoffmann
78bd2a9b84 Keep context keys private
Instead, offer type safe accessors, as documented here:

https://pkg.go.dev/context#Context
2022-03-16 14:33:47 +01:00
Conrad Hoffmann
07c19a6f6c Use base64 encoded user name as their base dir
This is safe in all circumstance and leaves it up to the auth backend to
use whatever name they like for authentication.
2022-03-10 17:56:58 +01:00
Conrad Hoffmann
04be038c05 Implement UID conflict check in PutAddressObject 2022-03-10 17:56:58 +01:00
Conrad Hoffmann
8b3306b580 Depend on latest go-webdav version 2022-03-10 16:52:07 +01:00
Conrad Hoffmann
1d50d6dad8 Harden mapping from request path to FS path
Put strict checks in place to avoid authenticated users accessing files
outside of their actual storage directory. These checks will need
updating if multiple address books are to be supported.
2022-03-10 16:46:56 +01:00
Conrad Hoffmann
18a9f9bf77 Implement query and property filters
The property filters are also used for other operations.
2022-03-01 11:51:34 +01:00
Conrad Hoffmann
9b0d3b87ad Use latest upstream go-webdav 2022-03-01 11:51:34 +01:00
Conrad Hoffmann
8c8d96c2bc Fix conflation of URL and storage path
The path returned must of course be the external URL path, not the
internal storage path.
2022-02-28 19:48:49 +01:00
Conrad Hoffmann
0f2356f42d Register COPY & MOVE methods with chi 2022-02-24 13:39:03 +01:00
Conrad Hoffmann
8b46585109 storage/filesystem: implement more operations
Everything except QueryAddressObjects is now functional, though not
feature-complete. Simple operations work, e.g. via Evolution.
2022-02-24 12:54:30 +01:00
Conrad Hoffmann
65346f0317 Depend on latest go-webdav version 2022-02-24 12:51:57 +01:00
Conrad Hoffmann
edd01ff7a3 Make storage backend configurable via -storage.url
Same mechanism as for configuring the auth backend.
2022-02-23 21:09:20 +01:00
Conrad Hoffmann
3e464747d8 Define and use an auth context structure 2022-02-23 21:09:20 +01:00
Conrad Hoffmann
d917938a29 Start simple filesystem storage backend 2022-02-23 21:09:20 +01:00
Conrad Hoffmann
3281b1d32b Switch to new interfaces with context
See https://github.com/emersion/go-webdav/pull/53
2022-02-23 13:44:05 +01:00
Conrad Hoffmann
6051fec4c4 Register WebDAV-specific HTTP methods with chi
Otherwise the router will return 405 before the request makes it to our
middleware.
2022-02-22 18:28:37 +01:00
Conrad Hoffmann
2b6220c1ea Add stub for filesystem storage backend
References: https://todo.sr.ht/~sircmpwn/tokidoki/2
2022-02-22 12:18:07 +01:00
Conrad Hoffmann
071ee7c729 Implement configurable auth providers
New providers need to "register" their URL scheme of choice in
auth.NewFromURL().

Implements: https://todo.sr.ht/~sircmpwn/tokidoki/1
2022-02-22 11:44:37 +01:00
Simon Ser
5f8e94c4a1 Fix chi routing to CardDAV handler
We could probably just stick to net/http here...
2022-02-21 11:47:58 +01:00
Simon Ser
97f86226d6 Rig up CardDAV backend to HTTP server
References: https://todo.sr.ht/~sircmpwn/tokidoki/3
2022-02-21 11:39:57 +01:00
Simon Ser
13008e0d96 go fmt 2022-02-21 11:11:27 +01:00
Drew DeVault
5a641ceca1 Implement IMAP auth provider 2022-02-21 10:55:02 +01:00
Drew DeVault
96ef5f9b2a Initial server skeleton 2022-02-21 10:10:25 +01:00
Drew DeVault
c804095480 Initial commit 2022-02-21 09:52:55 +01:00