Kano redirect back

Makefile

@@ -5,7 +5,7 @@ build_dir=$(CURDIR)/build/artifacts
 source_dir=$(build_dir)/source
 sign_dir=$(build_dir)/sign
 package_name=$(app_name)
-version+=2.3.1
+version+=2.5.0-beta1
 
 all: appstore
 

appinfo/info.xml

@@ -17,7 +17,7 @@
 	<bugs>https://github.com/nextcloud/globalsiteselector/issues</bugs>
 	<repository>https://github.com/nextcloud/globalsiteselector</repository>
 	<dependencies>
-		<nextcloud min-version="28" max-version="28"/>
+		<nextcloud min-version="27" max-version="28"/>
 	</dependencies>
 	<background-jobs>
 		<job>OCA\GlobalSiteSelector\BackgroundJobs\UpdateLookupServer</job>

lib/Controller/SlaveController.php

@@ -1,4 +1,5 @@
 <?php
+
 /**
  * @copyright Copyright (c) 2017 Bjoern Schiessle <bjoern@schiessle.org>
  *
@@ -54,7 +55,8 @@
  *
  * @package OCA\GlobalSiteSelector\Controller
  */
-class SlaveController extends OCSController {
+class SlaveController extends OCSController
+{
 
 	public function __construct(
 		$appName,
@@ -83,7 +85,8 @@ public function __construct(
 	 *
 	 * @return RedirectResponse
 	 */
-	public function autoLogin(string $jwt): RedirectResponse {
+	public function autoLogin(string $jwt): RedirectResponse
+	{
 		$this->logger->debug('autologin incoming request with ' . $jwt);
 
 		try {
@@ -150,10 +153,49 @@ public function autoLogin(string $jwt): RedirectResponse {
 		$this->slaveService->updateUserById($uid);
 		$this->logger->debug('userdata updated on lus');
 
-		$home = $this->urlGenerator->getAbsoluteURL($target);
-		$this->logger->debug('redirecting to ' . $home);
+		$redirectUrl = $this->urlGenerator->getAbsoluteURL($target);
+
+		/* see if we need to handle client login */
+		$clientFeatureEnabled = filter_var($this->config->getAppValue('globalsiteselector', 'client_feature_enabled', 'false'), FILTER_VALIDATE_BOOLEAN);
+		if ($clientFeatureEnabled) {
+			$this->logger->debug('Client redirect feature enabled');
+
+			$isClient = $this->request->isUserAgent(
+				[
+					IRequest::USER_AGENT_CLIENT_IOS,
+					IRequest::USER_AGENT_CLIENT_ANDROID,
+					IRequest::USER_AGENT_CLIENT_DESKTOP,
+					'/^.*\(Android\)$/'
+				]
+			);
+
+			$requestUri = $this->request->getRequestUri();
+			// check for both possible direct webdav end-points
+			$isDirectWebDavAccess = strpos($requestUri, 'remote.php/webdav') !== false;
+			$isDirectWebDavAccess = $isDirectWebDavAccess || strpos($requestUri, 'remote.php/dav') !== false;
+			// direct webdav access with old client or general purpose webdav clients
+			if ($isClient && $isDirectWebDavAccess) {
+				$this->logger->debug('redirectUser: client direct webdav request');
+				$redirectUrl = $target . '/remote.php/webdav/';
+			} elseif ($isClient && !$isDirectWebDavAccess) {
+				$this->logger->debug('redirectUser: client request generating apptoken');
+				$data = $this->createAppToken($jwt)->getData();
+				if (!isset($data['token'])) {
+					$info = 'getAppToken - data doesn\'t contain token: ' . json_encode($data);
+					throw new \Exception($info);
+				}
+				$appToken = $data['token'];
+
+				$redirectUrl =
+					'nc://login/server:' . $requestUri . '&user:' . urlencode($uid) . '&password:' . urlencode(
+						$appToken
+					);
+			}
+		}
+
+		$this->logger->debug('redirecting to ' . $redirectUrl);
 
-		return new RedirectResponse($home);
+		return new RedirectResponse($redirectUrl);
 	}
 
 	/**
@@ -164,7 +206,8 @@ public function autoLogin(string $jwt): RedirectResponse {
 	 *
 	 * @return DataResponse
 	 */
-	public function createAppToken($jwt) {
+	public function createAppToken($jwt)
+	{
 		if ($this->gss->getMode() === 'master' || empty($jwt)) {
 			return new DataResponse([], Http::STATUS_BAD_REQUEST);
 		}
@@ -202,7 +245,8 @@ public function createAppToken($jwt) {
 	 * @return array
 	 * @throws \Exception
 	 */
-	protected function decodeJwt($jwt) {
+	protected function decodeJwt($jwt)
+	{
 		$key = $this->gss->getJwtKey();
 		$decoded = (array)JWT::decode($jwt, new Key($key, Application::JWT_ALGORITHM));
 
@@ -228,7 +272,8 @@ protected function decodeJwt($jwt) {
 	 * @param string $uid
 	 * @param array $options
 	 */
-	protected function autoprovisionIfNeeded($uid, $options) {
+	protected function autoprovisionIfNeeded($uid, $options)
+	{
 		// make sure that a valid UID is given
 		if (empty($uid)) {
 			$this->logger->error('Uid "{uid}" is not valid.', ['app' => $this->appName, 'uid' => $uid]);

lib/Master.php

@@ -231,34 +231,37 @@ protected function queryLookupServer(string &$uid, bool $matchUid = false): stri
 	 * @throws Exception
 	 */
 	protected function redirectUser($uid, $password, $location, array $options = []) {
-		$isClient = $this->request->isUserAgent(
-			[
-				IRequest::USER_AGENT_CLIENT_IOS,
-				IRequest::USER_AGENT_CLIENT_ANDROID,
-				IRequest::USER_AGENT_CLIENT_DESKTOP,
-				'/^.*\(Android\)$/'
-			]
-		);
+		$this->logger->debug('redirectUser: direct login so forward to target node');
+		$jwt = $this->createJwt($uid, $password, $options);
+		$redirectUrl = $location . '/index.php/apps/globalsiteselector/autologin?jwt=' . $jwt;
+
+		$clientFeatureEnabled = filter_var($this->config->getAppValue('globalsiteselector', 'client_feature_enabled', 'false'), FILTER_VALIDATE_BOOLEAN);
+		if (!$clientFeatureEnabled) {
+			$isClient = $this->request->isUserAgent(
+				[
+					IRequest::USER_AGENT_CLIENT_IOS,
+					IRequest::USER_AGENT_CLIENT_ANDROID,
+					IRequest::USER_AGENT_CLIENT_DESKTOP,
+					'/^.*\(Android\)$/'
+				]
+			);
 
-		$requestUri = $this->request->getRequestUri();
-		// check for both possible direct webdav end-points
-		$isDirectWebDavAccess = strpos($requestUri, 'remote.php/webdav') !== false;
-		$isDirectWebDavAccess = $isDirectWebDavAccess || strpos($requestUri, 'remote.php/dav') !== false;
-		// direct webdav access with old client or general purpose webdav clients
-		if ($isClient && $isDirectWebDavAccess) {
-			$this->logger->debug('redirectUser: client direct webdav request');
-			$redirectUrl = $location . '/remote.php/webdav/';
-		} elseif ($isClient && !$isDirectWebDavAccess) {
-			$this->logger->debug('redirectUser: client request generating apptoken');
-			$appToken = $this->getAppToken($location, $uid, $password, $options);
-			$redirectUrl =
-				'nc://login/server:' . $location . '&user:' . urlencode($uid) . '&password:' . urlencode(
-					$appToken
-				);
-		} else {
-			$this->logger->debug('redirectUser: direct login so forward to target node');
-			$jwt = $this->createJwt($uid, $password, $options);
-			$redirectUrl = $location . '/index.php/apps/globalsiteselector/autologin?jwt=' . $jwt;
+			$requestUri = $this->request->getRequestUri();
+			// check for both possible direct webdav end-points
+			$isDirectWebDavAccess = strpos($requestUri, 'remote.php/webdav') !== false;
+			$isDirectWebDavAccess = $isDirectWebDavAccess || strpos($requestUri, 'remote.php/dav') !== false;
+			// direct webdav access with old client or general purpose webdav clients
+			if ($isClient && $isDirectWebDavAccess) {
+				$this->logger->debug('redirectUser: client direct webdav request');
+				$redirectUrl = $location . '/remote.php/webdav/';
+			} elseif ($isClient && !$isDirectWebDavAccess) {
+				$this->logger->debug('redirectUser: client request generating apptoken');
+				$appToken = $this->getAppToken($location, $uid, $password, $options);
+				$redirectUrl =
+					'nc://login/server:' . $location . '&user:' . urlencode($uid) . '&password:' . urlencode(
+						$appToken
+					);
+			}
 		}
 
 		$this->logger->debug('redirectUser: redirecting to: ' . $redirectUrl);
@@ -288,17 +291,6 @@ protected function createJwt($uid, $password, $options) {
 		return $jwt;
 	}
 
-	/**
-	 * get app token from the server the user is located
-	 *
-	 * @param string $location
-	 * @param string $uid
-	 * @param string $password
-	 * @param array $options
-	 *
-	 * @return string
-	 * @throws Exception
-	 */
 	protected function getAppToken($location, $uid, $password, $options) {
 		$client = $this->clientService->newClient();
 		$jwt = $this->createJwt($uid, $password, $options);