-
Type:
Bug
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: None
-
Component/s: Nuxeo Drive
-
Sprint:nxfit 9.3.10
-
Story Points:3
Starting with Nuxeo Drive 2.5.6, because of https://github.com/nuxeo/nuxeo-drive/commit/7f260a2808024fff6898a6de260c048bc0bae1ca#diff-4e28f266cae0506e3b730d2ccc380adaR296 (NXDRIVE-1006), the "applicationName" parameter sent to acquire a Nuxeo Drive token is quoted, so the applicationName is stored as "Nuxeo%20Drive" instead of "Nuxeo Drive".
This was done to fix the following error that appeared since NXP-23246:
15:17:11,551 ERROR [nuxeo-error-log] java.lang.IllegalArgumentException: Illegal character in query at index 37: drive_login.jsp?applicationName=Nuxeo Drive&forceAnonymousLogin=true&deviceDescription=GNU%2FLinux&deviceId=70155d1ac94611e78f56e4a47129de0c&permission=ReadWrite
at java.net.URI.create(URI.java:852)
at javax.ws.rs.core.UriBuilder.fromUri(UriBuilder.java:95)
at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.getSavedRequestedURL(NuxeoAuthenticationFilter.java:823)
...
Caused by: java.net.URISyntaxException: Illegal character in query at index 37: drive_login.jsp?applicationName=Nuxeo Drive&forceAnonymousLogin=true&deviceDescription=GNU%2FLinux&deviceId=70155d1ac94611e78f56e4a47129de0c&permission=ReadWrite
at java.net.URI$Parser.fail(URI.java:2848)
at java.net.URI$Parser.checkChars(URI.java:3021)
at java.net.URI$Parser.parseHierarchical(URI.java:3111)
at java.net.URI$Parser.parse(URI.java:3063)
at java.net.URI.<init>(URI.java:588)
at java.net.URI.create(URI.java:850)
Yet, this fix was wrong since the parameters were then both quoted and URL encoded by Drive*:
token_params = {
'deviceId': self._manager.get_device_id(),
'applicationName': quote(self._manager.app_name),
...
}
...
params = (parts.query + '&' + urlencode(token_params)
It was in fact relying on some faulty code in the NuxeoAuthenticationFilter abusively decoding the "requestedUrl" parameter:
String requestedUrl = httpRequest.getParameter(REQUESTED_URL); if (!StringUtils.isEmpty(requestedUrl)) { try { requestedPage = URLDecoder.decode(requestedUrl, "UTF-8"); } catch (UnsupportedEncodingException e) { log.error("Unable to get the requestedUrl parameter" + e); } }
Since NXP-23564 (https://github.com/nuxeo/nuxeo/commit/b12b9c0b6ea133cfe6843c1e3bcea93016a23265), the "requestedUrl" parameter is no more decoded.
Consequently, Drive doesn't need this hack anymore. It will be reverted for the next Drive release, see NXDRIVE-1038.
Nevertheless, some customers using Nuxeo Drive 2.5.6 have stored a token with the bad applicationName "Nuxeo%20Drive".
As a consequence, checking if a document can be Drive Edited fails for a user that only has a token with the quoted applicationName. Indeed, the string comparison in NuxeoDriveActions currently relies on the decoded name:
public boolean hasOneDriveToken(Principal user) {
TokenAuthenticationService tokenService = Framework.getLocalService(TokenAuthenticationService.class);
for (DocumentModel token : tokenService.getTokenBindings(user.getName())) {
if ("Nuxeo Drive".equals(token.getPropertyValue("authtoken:applicationName"))) {
return true;
}
}
return false;
}
- is related to
-
-
- Resolved
-
-
-
- Resolved
-
-
-
- Resolved
-
-
NXDRIVE-1006 Improve calls to /site/automation
-
- Resolved
-
