Allow custom URI schemas to work

solid/appinfo/routes.php

@@ -14,6 +14,7 @@
         ['name' => 'page#handleRevoke', 'url' => '/revoke/{clientId}', 'verb' => 'GET'],
         ['name' => 'page#handleApproval', 'url' => '/sharing/{clientId}', 'verb' => 'POST'],
         ['name' => 'page#dataJson', 'url' => '/@{userId}/data.json', 'verb' => 'GET' ],
+        ['name' => 'page#customscheme', 'url' => '/customscheme', 'verb' => 'GET'],
 
         ['name' => 'server#cors', 'url' => '/{path}', 'verb' => 'OPTIONS', 'requirements' => array('path' => '.+') ],
         ['name' => 'server#authorize', 'url' => '/authorize', 'verb' => 'GET'],

solid/js/customscheme.js

@@ -0,0 +1,2 @@
+let newUrl = document.location.href.replace("customscheme", "authorize");
+document.location.href = newUrl;

solid/lib/Controller/CalendarController.php

@@ -50,7 +50,7 @@ public function __construct(
 
 	private function getFileSystem($userId) {
 		// Make sure the root folder has an acl file, as is required by the spec;
-        // Generate a default file granting the owner full access.
+		// Generate a default file granting the owner full access.
 		$defaultAcl = $this->generateDefaultAcl($userId);
 
 		// Create the Nextcloud Calendar Adapter
@@ -61,7 +61,11 @@ private function getFileSystem($userId) {
 		// Create Formats objects
 		$formats = new \Pdsinterop\Rdf\Formats();
 
-		$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
+		$serverParams = $this->rawRequest->getServerParams();
+		$scheme = $serverParams['REQUEST_SCHEME'];
+		$domain = $serverParams['SERVER_NAME'];
+		$path = $serverParams['REQUEST_URI'];
+		$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
 
 		// Create the RDF Adapter
 		$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -122,8 +126,8 @@ private function getCalendarUrl($userId) {
 	 * @NoCSRFRequired
 	 */
 	public function handleRequest($userId, $path) {
-        $this->calendarUserId = $userId;
-        
+		$this->calendarUserId = $userId;
+
 		$this->rawRequest = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
 		$this->response = new \Laminas\Diactoros\Response();
 

solid/lib/Controller/ContactsController.php

@@ -51,7 +51,7 @@ public function __construct(
 
 	private function getFileSystem($userId) {
 		// Make sure the root folder has an acl file, as is required by the spec;
-        // Generate a default file granting the owner full access.
+		// Generate a default file granting the owner full access.
 		$defaultAcl = $this->generateDefaultAcl($userId);
 
 		// Create the Nextcloud Contacts Adapter
@@ -62,7 +62,11 @@ private function getFileSystem($userId) {
 		// Create Formats objects
 		$formats = new \Pdsinterop\Rdf\Formats();
 
-		$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
+		$serverParams = $this->rawRequest->getServerParams();
+		$scheme = $serverParams['REQUEST_SCHEME'];
+		$domain = $serverParams['SERVER_NAME'];
+		$path = $serverParams['REQUEST_URI'];
+		$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
 
 		// Create the RDF Adapter
 		$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -123,8 +127,8 @@ private function getContactsUrl($userId) {
 	 * @NoCSRFRequired
 	 */
 	public function handleRequest($userId, $path) {
-        $this->contactsUserId = $userId;
-        
+		$this->contactsUserId = $userId;
+
 		$this->rawRequest = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
 		$this->response = new \Laminas\Diactoros\Response();
 

solid/lib/Controller/PageController.php

@@ -95,18 +95,29 @@ public function approval($clientId) {
 			"returnUrl" => $_GET['returnUrl'],
 		);
 		$templateResponse = new TemplateResponse('solid', 'sharing', $params);
+
 		$policy = new ContentSecurityPolicy();
 		$policy->addAllowedStyleDomain("data:");
 
 		$parsedOrigin = parse_url($clientRegistration['redirect_uris'][0]);
-		$origin = $parsedOrigin['scheme'] . "://" . $parsedOrigin['host'];
+		$origin = $parsedOrigin['host'];
 		if ($origin) {
-			$policy->addAllowedFormActionDomain($origin);
+			$policy->addAllowedFormActionDomain($parsedOrigin['scheme'] . "://" . $origin);
 			$templateResponse->setContentSecurityPolicy($policy);
 		}
 		return $templateResponse;
 	}
 
+	/**
+	 * @PublicPage
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 */
+	public function customscheme() {
+		$templateResponse = new TemplateResponse('solid', 'customscheme');
+		return $templateResponse;
+	}
+
 	/**
 	 * @PublicPage
 	 * @NoAdminRequired

solid/lib/Controller/ProfileController.php

@@ -54,7 +54,7 @@ public function __construct(
 
 	private function getFileSystem($userId) {
 		// Make sure the root folder has an acl file, as is required by the spec;
-        // Generate a default file granting the owner full access.
+		// Generate a default file granting the owner full access.
 		$defaultAcl = $this->generateDefaultAcl($userId);
 		$profile = $this->generateTurtleProfile($userId);
 
@@ -65,7 +65,11 @@ private function getFileSystem($userId) {
 		// Create Formats objects
 		$formats = new \Pdsinterop\Rdf\Formats();
 
-		$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
+		$serverParams = $this->rawRequest->getServerParams();
+		$scheme = $serverParams['REQUEST_SCHEME'];
+		$domain = $serverParams['SERVER_NAME'];
+		$path = $serverParams['REQUEST_URI'];
+		$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
 
 		// Create the RDF Adapter
 		$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -139,8 +143,8 @@ private function getStorageUrl($userId) {
 	 * @NoCSRFRequired
 	 */
 	public function handleRequest($userId, $path) {
-        $this->userId = $userId;
-        
+		$this->userId = $userId;
+
 		$this->rawRequest = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
 		$this->response = new \Laminas\Diactoros\Response();
 

solid/lib/Controller/ServerController.php

@@ -220,6 +220,20 @@ public function authorize() {
 			return $result; // ->addHeader('Access-Control-Allow-Origin', '*');
 		}
 
+		$parsedOrigin = parse_url($clientRegistration['redirect_uris'][0]);
+		if (
+			$parsedOrigin['scheme'] != "https" &&
+			$parsedOrigin['scheme'] != "http" &&
+			!isset($_GET['customscheme'])
+		) {
+			$result = new JSONResponse('Custom schema');
+			$result->setStatus(302);
+			$originalRequest = parse_url($_SERVER['REQUEST_URI']);
+			$customSchemeUrl = $this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkToRoute("solid.page.customscheme")) . ($originalRequest['query'] ? "?" . $originalRequest['query'] . "&customscheme=" . $parsedOrigin['scheme'] : '');
+			$result->addHeader("Location", $customSchemeUrl);
+			return $result;
+		}
+
 		$user = new \Pdsinterop\Solid\Auth\Entity\User();
 		$user->setIdentifier($this->getProfilePage());
 

solid/lib/Controller/StorageController.php

@@ -63,7 +63,11 @@ private function getFileSystem() {
 		// Create Formats objects
 		$formats = new \Pdsinterop\Rdf\Formats();
 
-		$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
+		$serverParams = $this->rawRequest->getServerParams();
+		$scheme = $serverParams['REQUEST_SCHEME'];
+		$domain = $serverParams['SERVER_NAME'];
+		$path = $serverParams['REQUEST_URI'];
+		$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
 
 		// Create the RDF Adapter
 		$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -431,19 +435,19 @@ private function respond($response) {
 //		$result->addHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
 //		$result->addHeader('Access-Control-Allow-Origin', $origin);
 
-                $policy = new EmptyContentSecurityPolicy();
-                $policy->addAllowedStyleDomain("*");
-                $policy->addAllowedStyleDomain("data:");
-                $policy->addAllowedScriptDomain("*");
-                $policy->addAllowedImageDomain("*");
-                $policy->addAllowedFontDomain("*");
-                $policy->addAllowedConnectDomain("*");
-                $policy->allowInlineStyle(true);
-                // $policy->allowInlineScript(true); - removed, this function no longer exists in NC28
-                $policy->allowEvalScript(true);
-                $result->setContentSecurityPolicy($policy);
-                
-                $result->setStatus($statusCode);
+		$policy = new EmptyContentSecurityPolicy();
+		$policy->addAllowedStyleDomain("*");
+		$policy->addAllowedStyleDomain("data:");
+		$policy->addAllowedScriptDomain("*");
+		$policy->addAllowedImageDomain("*");
+		$policy->addAllowedFontDomain("*");
+		$policy->addAllowedConnectDomain("*");
+		$policy->allowInlineStyle(true);
+		// $policy->allowInlineScript(true); - removed, this function no longer exists in NC28
+		$policy->allowEvalScript(true);
+		$result->setContentSecurityPolicy($policy);
+
+		$result->setStatus($statusCode);
 		return $result;
 	}
 }

solid/templates/customscheme.php

@@ -0,0 +1,2 @@
+<?php
+script('solid', 'customscheme');