mirror of https://github.com/keeweb/keeweb.git
fix #1753: option to use short-lived tokens in cloud storages
This commit is contained in:
parent
8023bcea96
commit
e66f52a8ce
|
@ -46,6 +46,7 @@ const DefaultAppSettings = {
|
||||||
deviceOwnerAuth: null, // Touch ID: null / 'memory' / 'file'
|
deviceOwnerAuth: null, // Touch ID: null / 'memory' / 'file'
|
||||||
deviceOwnerAuthTimeoutMinutes: 0, // how often master password is required with Touch ID
|
deviceOwnerAuthTimeoutMinutes: 0, // how often master password is required with Touch ID
|
||||||
disableOfflineStorage: false, // don't cache loaded files in offline storage
|
disableOfflineStorage: false, // don't cache loaded files in offline storage
|
||||||
|
shortLivedStorageToken: false, // short-lived sessions in cloud storage providers
|
||||||
|
|
||||||
yubiKeyShowIcon: true, // show an icon to open OTP codes from YubiKey
|
yubiKeyShowIcon: true, // show an icon to open OTP codes from YubiKey
|
||||||
yubiKeyAutoOpen: false, // auto-load one-time codes when there are open files
|
yubiKeyAutoOpen: false, // auto-load one-time codes when there are open files
|
||||||
|
|
|
@ -455,6 +455,7 @@
|
||||||
"setGenLockOrSleep": "When the computer is locked or put to sleep",
|
"setGenLockOrSleep": "When the computer is locked or put to sleep",
|
||||||
"setGenStorage": "Storage",
|
"setGenStorage": "Storage",
|
||||||
"setGenDisableOfflineStorage": "Don't cache loaded files in offline storage",
|
"setGenDisableOfflineStorage": "Don't cache loaded files in offline storage",
|
||||||
|
"setGenShortLivedStorageToken": "Use short-lived sessions in cloud storage providers",
|
||||||
"setGenStorageLogout": "Log out",
|
"setGenStorageLogout": "Log out",
|
||||||
"setGenShowAdvanced": "Show advanced settings",
|
"setGenShowAdvanced": "Show advanced settings",
|
||||||
"setGenDevTools": "Show dev tools",
|
"setGenDevTools": "Show dev tools",
|
||||||
|
|
|
@ -83,7 +83,9 @@ class StorageDropbox extends StorageBase {
|
||||||
pkce: true,
|
pkce: true,
|
||||||
width: 600,
|
width: 600,
|
||||||
height: 400,
|
height: 400,
|
||||||
urlParams: { 'token_access_type': 'offline' }
|
urlParams: this.appSettings.shortLivedStorageToken
|
||||||
|
? {}
|
||||||
|
: { 'token_access_type': 'offline' }
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -254,9 +254,9 @@ class StorageGDrive extends StorageBase {
|
||||||
width: 600,
|
width: 600,
|
||||||
height: 400,
|
height: 400,
|
||||||
pkce: true,
|
pkce: true,
|
||||||
redirectUrlParams: {
|
redirectUrlParams: this.appSettings.shortLivedStorageToken
|
||||||
'access_type': 'offline'
|
? {}
|
||||||
}
|
: { 'access_type': 'offline' }
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -230,10 +230,14 @@ class StorageOneDrive extends StorageBase {
|
||||||
({ id: clientId, secret: clientSecret } = OneDriveApps.Production);
|
({ id: clientId, secret: clientSecret } = OneDriveApps.Production);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
let scope = 'files.readwrite';
|
||||||
|
if (!this.appSettings.shortLivedStorageToken) {
|
||||||
|
scope += ' offline_access';
|
||||||
|
}
|
||||||
return {
|
return {
|
||||||
url: 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize',
|
url: 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize',
|
||||||
tokenUrl: 'https://login.microsoftonline.com/common/oauth2/v2.0/token',
|
tokenUrl: 'https://login.microsoftonline.com/common/oauth2/v2.0/token',
|
||||||
scope: 'files.readwrite offline_access',
|
scope,
|
||||||
clientId,
|
clientId,
|
||||||
clientSecret,
|
clientSecret,
|
||||||
pkce: true,
|
pkce: true,
|
||||||
|
|
|
@ -50,6 +50,10 @@ class StorageBase {
|
||||||
|
|
||||||
logout() {}
|
logout() {}
|
||||||
|
|
||||||
|
deleteStoredToken() {
|
||||||
|
delete this.runtimeData[this.name + 'OAuthToken'];
|
||||||
|
}
|
||||||
|
|
||||||
_xhr(config) {
|
_xhr(config) {
|
||||||
this.logger.info('HTTP request', config.method || 'GET', config.url);
|
this.logger.info('HTTP request', config.method || 'GET', config.url);
|
||||||
if (config.data) {
|
if (config.data) {
|
||||||
|
@ -315,7 +319,9 @@ class StorageBase {
|
||||||
const token = this._oauthMsgToToken(message);
|
const token = this._oauthMsgToToken(message);
|
||||||
if (token && !token.error) {
|
if (token && !token.error) {
|
||||||
this._oauthToken = token;
|
this._oauthToken = token;
|
||||||
this.runtimeData[this.name + 'OAuthToken'] = token;
|
if (!this.appSettings.shortLivedStorageToken) {
|
||||||
|
this.runtimeData[this.name + 'OAuthToken'] = token;
|
||||||
|
}
|
||||||
this.logger.debug('OAuth token received');
|
this.logger.debug('OAuth token received');
|
||||||
}
|
}
|
||||||
return token;
|
return token;
|
||||||
|
@ -343,7 +349,9 @@ class StorageBase {
|
||||||
|
|
||||||
_oauthGetNewToken(callback) {
|
_oauthGetNewToken(callback) {
|
||||||
this._oauthToken.expired = true;
|
this._oauthToken.expired = true;
|
||||||
this.runtimeData[this.name + 'OAuthToken'] = this._oauthToken;
|
if (!this.appSettings.shortLivedStorageToken) {
|
||||||
|
this.runtimeData[this.name + 'OAuthToken'] = this._oauthToken;
|
||||||
|
}
|
||||||
if (this._oauthToken.refreshToken) {
|
if (this._oauthToken.refreshToken) {
|
||||||
this._oauthExchangeRefreshToken(callback);
|
this._oauthExchangeRefreshToken(callback);
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -62,6 +62,7 @@ class SettingsGeneralView extends View {
|
||||||
'click .settings__general-download-update-btn': 'downloadUpdate',
|
'click .settings__general-download-update-btn': 'downloadUpdate',
|
||||||
'click .settings__general-update-found-btn': 'installFoundUpdate',
|
'click .settings__general-update-found-btn': 'installFoundUpdate',
|
||||||
'change .settings__general-disable-offline-storage': 'changeDisableOfflineStorage',
|
'change .settings__general-disable-offline-storage': 'changeDisableOfflineStorage',
|
||||||
|
'change .settings__general-short-lived-storage-token': 'changeShortLivedStorageToken',
|
||||||
'change .settings__general-prv-check': 'changeStorageEnabled',
|
'change .settings__general-prv-check': 'changeStorageEnabled',
|
||||||
'click .settings__general-prv-logout': 'logoutFromStorage',
|
'click .settings__general-prv-logout': 'logoutFromStorage',
|
||||||
'click .settings__general-show-advanced': 'showAdvancedSettings',
|
'click .settings__general-show-advanced': 'showAdvancedSettings',
|
||||||
|
@ -142,7 +143,8 @@ class SettingsGeneralView extends View {
|
||||||
hasDeviceOwnerAuth: Features.isDesktop && Features.isMac,
|
hasDeviceOwnerAuth: Features.isDesktop && Features.isMac,
|
||||||
deviceOwnerAuth: AppSettingsModel.deviceOwnerAuth,
|
deviceOwnerAuth: AppSettingsModel.deviceOwnerAuth,
|
||||||
deviceOwnerAuthTimeout: AppSettingsModel.deviceOwnerAuthTimeoutMinutes,
|
deviceOwnerAuthTimeout: AppSettingsModel.deviceOwnerAuthTimeoutMinutes,
|
||||||
disableOfflineStorage: AppSettingsModel.disableOfflineStorage
|
disableOfflineStorage: AppSettingsModel.disableOfflineStorage,
|
||||||
|
shortLivedStorageToken: AppSettingsModel.shortLivedStorageToken
|
||||||
});
|
});
|
||||||
this.renderProviderViews(storageProviders);
|
this.renderProviderViews(storageProviders);
|
||||||
}
|
}
|
||||||
|
@ -486,6 +488,16 @@ class SettingsGeneralView extends View {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
changeShortLivedStorageToken(e) {
|
||||||
|
const shortLivedStorageToken = e.target.checked;
|
||||||
|
AppSettingsModel.shortLivedStorageToken = shortLivedStorageToken;
|
||||||
|
if (shortLivedStorageToken) {
|
||||||
|
for (const storage of Object.values(Storage)) {
|
||||||
|
storage.deleteStoredToken();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
changeStorageEnabled(e) {
|
changeStorageEnabled(e) {
|
||||||
const storage = Storage[$(e.target).data('storage')];
|
const storage = Storage[$(e.target).data('storage')];
|
||||||
if (storage) {
|
if (storage) {
|
||||||
|
|
|
@ -312,6 +312,11 @@
|
||||||
{{#if disableOfflineStorage}}checked{{/if}} />
|
{{#if disableOfflineStorage}}checked{{/if}} />
|
||||||
<label for="settings__general-disable-offline-storage">{{res 'setGenDisableOfflineStorage'}}</label>
|
<label for="settings__general-disable-offline-storage">{{res 'setGenDisableOfflineStorage'}}</label>
|
||||||
</div>
|
</div>
|
||||||
|
<div>
|
||||||
|
<input type="checkbox" class="settings__input input-base settings__general-short-lived-storage-token" id="settings__general-short-lived-storage-token"
|
||||||
|
{{#if shortLivedStorageToken}}checked{{/if}} />
|
||||||
|
<label for="settings__general-short-lived-storage-token">{{res 'setGenShortLivedStorageToken'}}</label>
|
||||||
|
</div>
|
||||||
|
|
||||||
{{#each storageProviders as |prv|}}
|
{{#each storageProviders as |prv|}}
|
||||||
<h4 class="settings__general-storage-header"><input
|
<h4 class="settings__general-storage-header"><input
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
Release notes
|
Release notes
|
||||||
-------------
|
-------------
|
||||||
##### v1.18.0 (TBD)
|
##### v1.18.0 (TBD)
|
||||||
`-` legacy auto-type removed
|
|
||||||
`+` optimized memory consumption for large files
|
`+` optimized memory consumption for large files
|
||||||
|
`+` option to use short-lived tokens in cloud storages
|
||||||
`+` opening XML and CSV files using the Open button
|
`+` opening XML and CSV files using the Open button
|
||||||
`-` ykman v4 support
|
`-` ykman v4 support
|
||||||
`-` setting expire date in the past
|
`-` setting expiry date in the past
|
||||||
|
`-` legacy auto-type removed
|
||||||
|
|
||||||
##### v1.17.4 (2021-03-18)
|
##### v1.17.4 (2021-03-18)
|
||||||
`-` fix #1740: Windows updater issues
|
`-` fix #1740: Windows updater issues
|
||||||
|
|
Loading…
Reference in New Issue