From cb818d1ab7ec7249aa5d29a6c29950d6c430f544 Mon Sep 17 00:00:00 2001 From: alma Date: Sun, 20 Apr 2025 13:41:40 +0200 Subject: [PATCH] carnet api --- app/api/nextcloud/status/route.ts | 70 ++----------------------------- 1 file changed, 4 insertions(+), 66 deletions(-) diff --git a/app/api/nextcloud/status/route.ts b/app/api/nextcloud/status/route.ts index 2f38d13f..78057caa 100644 --- a/app/api/nextcloud/status/route.ts +++ b/app/api/nextcloud/status/route.ts @@ -3,75 +3,10 @@ import { getServerSession } from 'next-auth'; import { authOptions } from '@/app/api/auth/[...nextauth]/route'; import { DOMParser } from '@xmldom/xmldom'; -// Simple in-memory cache for Nextcloud tokens -const tokenCache = new Map(); - async function sleep(ms: number) { return new Promise(resolve => setTimeout(resolve, ms)); } -async function establishNextcloudSession(nextcloudUrl: string, keycloakToken: string, maxRetries = 3) { - // Check cache first - const cacheKey = `${nextcloudUrl}:${keycloakToken}`; - const cached = tokenCache.get(cacheKey); - if (cached && cached.expires > Date.now()) { - return cached.token; - } - - let lastError; - for (let attempt = 0; attempt < maxRetries; attempt++) { - try { - // Add exponential backoff - if (attempt > 0) { - await sleep(Math.pow(2, attempt) * 1000); - } - - const sessionResponse = await fetch(`${nextcloudUrl}/index.php/apps/oauth2/api/v1/token`, { - method: 'POST', - headers: { - 'Content-Type': 'application/x-www-form-urlencoded', - 'Authorization': `Bearer ${keycloakToken}`, - }, - body: new URLSearchParams({ - grant_type: 'urn:ietf:params:oauth:grant-type:token-exchange', - subject_token: keycloakToken, - subject_token_type: 'urn:ietf:params:oauth:token-type:access_token', - client_id: process.env.NEXTCLOUD_CLIENT_ID || '', - client_secret: process.env.NEXTCLOUD_CLIENT_SECRET || '', - }).toString(), - }); - - if (sessionResponse.status === 429) { - // Rate limited, wait and retry - const retryAfter = sessionResponse.headers.get('Retry-After'); - await sleep((retryAfter ? parseInt(retryAfter) : 5) * 1000); - continue; - } - - if (!sessionResponse.ok) { - const errorText = await sessionResponse.text(); - console.error('Failed to establish Nextcloud session:', errorText); - throw new Error('Failed to establish Nextcloud session'); - } - - const sessionData = await sessionResponse.json(); - - // Cache the token for 5 minutes - tokenCache.set(cacheKey, { - token: sessionData.access_token, - expires: Date.now() + 5 * 60 * 1000 - }); - - return sessionData.access_token; - } catch (error) { - lastError = error; - console.error(`Attempt ${attempt + 1} failed:`, error); - } - } - - throw lastError || new Error('Failed to establish Nextcloud session after retries'); -} - export async function GET() { try { const session = await getServerSession(authOptions); @@ -103,13 +38,16 @@ export async function GET() { } try { - // Get user's folders using WebDAV with Keycloak token + // Get user's folders using WebDAV with OIDC token const webdavUrl = `${nextcloudUrl}/remote.php/dav/files/${encodeURIComponent(session.user.email)}/`; console.log('Requesting WebDAV URL:', webdavUrl); const foldersResponse = await fetch(webdavUrl, { headers: { 'Authorization': `Bearer ${session.accessToken}`, + 'OIDC_CLAIM_sub': session.user.id, // Keycloak subject ID + 'OIDC_CLAIM_email': session.user.email, + 'OIDC_CLAIM_preferred_username': session.user.username, 'Depth': '1', 'Content-Type': 'application/xml', },