NS_IMETHODIMP MailEwsMsgMessageService::CopyMessages(uint32_t aNumKeys,
nsMsgKey*aMsgKeys,
nsIMsgFolder *srcFolder,
nsIStreamListener *aMailboxCopyHandler,
bool moveMessage,
nsIUrlListener *aUrlListener,
nsIMsgWindow *aMsgWindow,
nsIURI **aURL)
{
NS_ENSURE_ARG_POINTER(aMailboxCopyHandler);
NS_ENSURE_ARG_POINTER(aMsgKeys);
nsresult rv = NS_OK;
NS_ENSURE_ARG(srcFolder);
NS_ENSURE_ARG(aMsgKeys);
nsCOMPtr<nsIMailboxUrl> mailboxurl;
mailews_logger << "Message Service Copy Messages-------------" << std::endl;
nsMailboxAction actionToUse = nsIMailboxUrl::ActionMoveMessage;
if (!moveMessage)
actionToUse = nsIMailboxUrl::ActionCopyMessage;
nsCOMPtr <nsIMsgDBHdr> msgHdr;
nsCOMPtr <nsIMsgDatabase> db;
srcFolder->GetMsgDatabase(getter_AddRefs(db));
if (db)
{
db->GetMsgHdrForKey(aMsgKeys[0], getter_AddRefs(msgHdr));
if (msgHdr)
{
nsCString uri;
srcFolder->GetURI(uri);
mailews_logger << "Src Folder uri:" << uri.get() << std::endl;
srcFolder->GetUriForMsg(msgHdr, uri);
mailews_logger << "Msg uri:" << uri.get() << std::endl;
rv = PrepareMessageUrl(uri.get(), aUrlListener, actionToUse , getter_AddRefs(mailboxurl), aMsgWindow);
if (NS_SUCCEEDED(rv))
{
nsCOMPtr<nsIURI> url = do_QueryInterface(mailboxurl);
nsCOMPtr<nsIMsgMailNewsUrl> msgUrl (do_QueryInterface(url));
nsCOMPtr<nsIMailboxUrl> mailboxUrl (do_QueryInterface(url));
msgUrl->SetMsgWindow(aMsgWindow);
mailboxUrl->SetMoveCopyMsgKeys(aMsgKeys, aNumKeys);
rv = RunMailboxUrl(url, aMailboxCopyHandler);
}
}
}
if (aURL && mailboxurl)
CallQueryInterface(mailboxurl, aURL);
return rv;
}
nsresult nsMailboxService::CopyMessages(nsMsgKeyArray *msgKeys,
nsIMsgFolder *srcFolder,
nsIStreamListener * aMailboxCopyHandler,
PRBool moveMessage,
nsIUrlListener * aUrlListener,
nsIMsgWindow *aMsgWindow,
nsIURI **aURL)
{
nsresult rv = NS_OK;
NS_ENSURE_ARG(srcFolder);
nsCOMPtr<nsIMailboxUrl> mailboxurl;
nsMailboxAction actionToUse = nsIMailboxUrl::ActionMoveMessage;
if (!moveMessage)
actionToUse = nsIMailboxUrl::ActionCopyMessage;
nsCOMPtr <nsIMsgDBHdr> msgHdr;
nsCOMPtr <nsIMsgDatabase> db;
srcFolder->GetMsgDatabase(aMsgWindow, getter_AddRefs(db));
if (db)
{
db->GetMsgHdrForKey(msgKeys->GetAt(0), getter_AddRefs(msgHdr));
if (msgHdr)
{
nsXPIDLCString uri;
srcFolder->GetUriForMsg(msgHdr, getter_Copies(uri));
rv = PrepareMessageUrl(uri, aUrlListener, actionToUse , getter_AddRefs(mailboxurl), aMsgWindow);
if (NS_SUCCEEDED(rv))
{
nsCOMPtr<nsIURI> url = do_QueryInterface(mailboxurl);
nsCOMPtr<nsIMsgMailNewsUrl> msgUrl (do_QueryInterface(url));
nsCOMPtr<nsIMailboxUrl> mailboxUrl (do_QueryInterface(url));
msgUrl->SetMsgWindow(aMsgWindow);
mailboxUrl->SetMoveCopyMsgKeys(msgKeys->GetArray(), msgKeys->GetSize());
rv = RunMailboxUrl(url, aMailboxCopyHandler);
}
}
}
if (aURL)
mailboxurl->QueryInterface(NS_GET_IID(nsIURI), (void **) aURL);
return rv;
}
NS_IMETHODIMP nsMailboxService::OpenAttachment(const char *aContentType,
const char *aFileName,
const char *aUrl,
const char *aMessageUri,
nsISupports *aDisplayConsumer,
nsIMsgWindow *aMsgWindow,
nsIUrlListener *aUrlListener)
{
nsCOMPtr <nsIURI> URL;
nsCAutoString urlString(aUrl);
urlString += "&type=";
urlString += aContentType;
urlString += "&filename=";
urlString += aFileName;
CreateStartupUrl(urlString.get(), getter_AddRefs(URL));
nsresult rv;
nsCOMPtr<nsIMsgMailNewsUrl> mailboxUrl(do_QueryInterface(URL, &rv));
if (NS_SUCCEEDED(rv) && mailboxUrl)
mailboxUrl->SetMsgWindow(aMsgWindow);
// try to run the url in the docshell...
nsCOMPtr<nsIDocShell> docShell(do_QueryInterface(aDisplayConsumer, &rv));
// if we were given a docShell, run the url in the docshell..otherwise just run it normally.
if (NS_SUCCEEDED(rv) && docShell)
{
nsCOMPtr<nsIDocShellLoadInfo> loadInfo;
// DIRTY LITTLE HACK --> since we are opening an attachment we want the docshell to
// treat this load as if it were a user click event. Then the dispatching stuff will be much
// happier.
docShell->CreateLoadInfo(getter_AddRefs(loadInfo));
loadInfo->SetLoadType(nsIDocShellLoadInfo::loadLink);
return docShell->LoadURI(URL, loadInfo, nsIWebNavigation::LOAD_FLAGS_NONE, PR_FALSE);
}
return RunMailboxUrl(URL, aDisplayConsumer);
}
UtlBoolean
SubscribeServerThread::isAuthenticated (
const SipMessage* message,
SipMessage *responseMessage,
UtlString& authenticatedUser,
UtlString& authenticatedRealm )
{
UtlBoolean isAuthorized = FALSE;
// if we are not using a database we must assume authenticated
if ( !mIsCredentialDB )
{
OsSysLog::add(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated() "
":: No Credential DB - request is always AUTHENTICATED");
isAuthorized = TRUE;
} else
{
// realm and auth type should be default for server
// if URI not defined in DB, the user is not authorized to modify bindings -
OsSysLog::add( FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated():TRUE realm=\"%s\" ",
mRealm.data());
UtlString requestNonce;
UtlString requestRealm;
UtlString requestUser;
UtlString requestUserBase;
UtlString requestUriParam;
int requestAuthIndex = 0;
// can have multiphe authorization / authorization-proxy headers
// headers search for a realm match
while ( message->getDigestAuthorizationData (
&requestUser,
&requestRealm,
&requestNonce,
NULL,
NULL,
&requestUriParam,
HttpMessage::SERVER,
requestAuthIndex,
&requestUserBase) )
{
OsSysLog::add(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated() "
"- Authorization header set in message, validate it.\n"
"- reqRealm=\"%s\", reqUser=\"%s\", reqUserBase=\"%s\"",
requestRealm.data(), requestUser.data(),
requestUserBase.data());
// case sensitive comparison of realm
if ( mRealm.compareTo( requestRealm ) == 0 )
{
OsSysLog::add(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated()"
"- Realm matches, now validate userid/password");
// See if the nonce is valid - see net/SipNonceDb.cpp
UtlString reqUri;
message->getRequestUri(&reqUri);
Url mailboxUrl(reqUri);
UtlString authTypeDB;
UtlString passTokenDB;
UtlString callId;
UtlString fromTag;
long nonceExpires = (5*60); // five minutes
Url fromUrl;
message->getFromUrl(fromUrl);
fromUrl.getFieldParameter("tag", fromTag);
message->getCallIdField(&callId);
if (mNonceDb.isNonceValid(requestNonce, callId, fromTag,
mRealm, nonceExpires))
{
// then get the credentials for this realm
if (CredentialDB::getInstance()->
getCredentialByUserid(
mailboxUrl,
mRealm,
requestUserBase,
passTokenDB,
authTypeDB))
{
// the Digest Password is calculated from the request
// user, passtoken, nonce and request URI
isAuthorized =
message->verifyMd5Authorization(requestUser.data(),
passTokenDB.data(),
requestNonce,
requestRealm.data(),
requestUriParam.data());
if (isAuthorized)
{
// can have multiple credentials for same realm so only break out
// when we have a positive match
OsSysLog::add(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated() "
"- request is AUTHENTICATED");
// copy the authenticated user/realm for subsequent authorization
authenticatedUser = requestUserBase;
authenticatedRealm = requestRealm;
break;
}
else
{
OsSysLog::add(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated() "
"- digest authorization failed");
}
}
else
{
OsSysLog::add(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated() "
"- No Credentials for mailboxUrl=\"%s\", reqRealm=\"%s\", reqUser=\"%s\"",
mailboxUrl.toString().data(),
requestRealm.data(),
requestUser.data());
}
}
else
{
OsSysLog::add(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated() "
"- Invalid nonce \"%s\" for mailboxUrl=\"%s\", reqRealm=\"%s\", reqUser=\"%s\"",
requestNonce.data(),
mailboxUrl.toString().data(),
requestRealm.data(),
requestUser.data());
}
// end check credentials
}
requestAuthIndex++;
} //end while
if ( !isAuthorized )
{
// Generate the 401 Unauthorized response to challenge for credentials
// Use the SipNonceDB to generate a nonce
UtlString newNonce;
UtlString callId;
UtlString fromTag;
Url fromUrl;
message->getFromUrl(fromUrl);
fromUrl.getFieldParameter("tag", fromTag);
message->getCallIdField(&callId);
mNonceDb.createNewNonce(callId,
fromTag,
mRealm,
newNonce);
responseMessage->setRequestUnauthorized(message, HTTP_DIGEST_AUTHENTICATION,
mRealm, newNonce);
}
}
return isAuthorized;
}
UtlBoolean
SubscribeServerThread::isAuthenticated (const SipMessage* message,
SipMessage *responseMessage,
UtlString& authenticatedUser,
UtlString& authenticatedRealm )
{
UtlBoolean retIsAuthenticated = FALSE;
// if we are not using a database we must assume authenticated
if ( !mIsCredentialDB )
{
Os::Logger::instance().log(FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated() "
":: No Credential DB - request is always AUTHENTICATED");
retIsAuthenticated = TRUE;
} else
{
// realm and auth type should be default for server
// if URI not defined in DB, the user is not authorized to modify bindings -
Os::Logger::instance().log( FAC_AUTH, PRI_DEBUG, "SubscribeServerThread::isAuthenticated():TRUE realm=\"%s\" ",
mRealm.data());
UtlString requestNonce;
UtlString requestCnonce;
UtlString requestNonceCount;
UtlString requestQop;
UtlString requestRealm;
UtlString requestUser;
UtlString requestUserBase;
UtlString requestUriParam;
int requestAuthIndex = 0;
EntityDB* entityDb = StatusServer::getInstance()->getEntityDb();
// can have multiple authorization / authorization-proxy headers
// headers search for a realm match
while ( message->getDigestAuthorizationData ( &requestUser,
&requestRealm,
&requestNonce,
NULL, // opaque
NULL, // response
&requestUriParam,
&requestCnonce,
&requestNonceCount,
&requestQop,
HttpMessage::SERVER,
requestAuthIndex,
&requestUserBase) )
{
Os::Logger::instance().log(FAC_AUTH, PRI_DEBUG,
"SubscribeServerThread::isAuthenticated() "
"- Authorization header set in message, validate it.\n"
"- reqRealm=\"%s\", reqUser=\"%s\", reqUserBase=\"%s\"",
requestRealm.data(), requestUser.data(),
requestUserBase.data());
UtlString qopType;
UtlString callId;
UtlString fromTag;
long nonceExpires = (5*60); // five minutes
Url fromUrl;
message->getFromUrl(fromUrl);
fromUrl.getFieldParameter("tag", fromTag);
UtlString reqUri;
message->getRequestUri(&reqUri);
Url mailboxUrl(reqUri);
message->getCallIdField(&callId);
if (mRealm.compareTo(requestRealm) ) // case sensitive check that realm is correct
{
Os::Logger::instance().log(FAC_AUTH, PRI_DEBUG,
"SubscribeServerThread::isAuthenticated() "
"Realm does not match");
}
// See if the nonce is valid - see net/SipNonceDb.cpp
else if (!mNonceDb.isNonceValid(requestNonce, callId, fromTag, mRealm, nonceExpires))
{
Os::Logger::instance().log(FAC_AUTH, PRI_INFO,
"SubscribeServerThread::isAuthenticated() "
"Invalid NONCE: '%s' found for mailboxUrl '%s' "
"realm: '%s' user: '******' "
"cnonce: '%s' nc: '%s' qop: '%s' "
"expiration: %ld",
requestNonce.data(), mailboxUrl.toString().data(),
mRealm.data(), requestUser.data(),
requestCnonce.data(), requestNonceCount.data(),
requestQop.data(), nonceExpires);
}
// verify that qop,cnonce, nonceCount are compatible
else if (message->verifyQopConsistency(requestCnonce.data(),
requestNonceCount.data(),
&requestQop,
qopType)
>= HttpMessage::AUTH_QOP_NOT_SUPPORTED)
{
Os::Logger::instance().log(FAC_AUTH, PRI_INFO,
"SubscribeServerThread::isAuthenticated() "
"Invalid combination of QOP('%s'), cnonce('%s') and nonceCount('%s')",
requestQop.data(), requestCnonce.data(), requestNonceCount.data());
}
else // realm, nonce and qop are all ok
{
UtlString authTypeDB;
UtlString passTokenDB;
// then get the credentials for this realm
if (entityDb->getCredential(mailboxUrl, mRealm, requestUserBase, passTokenDB, authTypeDB))
{
// the Digest Password is calculated from the request
// user, passtoken, nonce and request URI
retIsAuthenticated =
message->verifyMd5Authorization(requestUser.data(),
passTokenDB.data(),
requestNonce.data(),
requestRealm.data(),
requestCnonce.data(),
requestNonceCount.data(),
requestQop.data(),
requestUriParam.data());
if (retIsAuthenticated)
{
// can have multiple credentials for same realm so only break out
// when we have a positive match
Os::Logger::instance().log(FAC_AUTH, PRI_DEBUG,
"SubscribeServerThread::isAuthenticated() "
"- request is AUTHENTICATED");
// copy the authenticated user/realm for subsequent authorization
authenticatedUser = requestUserBase;
authenticatedRealm = requestRealm;
break;
}
else
{
Os::Logger::instance().log(FAC_AUTH, PRI_DEBUG,
"SubscribeServerThread::isAuthenticated() "
"- digest authorization failed "
"nonce \"%s\", cnonce \"%s\" for "
"mailboxUrl=\"%s\", reqRealm=\"%s\", reqUser=\"%s\"",
requestNonce.data(),
requestCnonce.data(),
mailboxUrl.toString().data(),
requestRealm.data(),
requestUser.data());
}
}
else
{
Os::Logger::instance().log(FAC_AUTH, PRI_DEBUG,
"SubscribeServerThread::isAuthenticated() "
"- No Credentials for mailboxUrl=\"%s\", reqRealm=\"%s\", reqUser=\"%s\"",
mailboxUrl.toString().data(),
requestRealm.data(),
requestUser.data());
} // end check credentials
}
requestAuthIndex++;
} //end while
if ( !retIsAuthenticated )
{
// Generate the 401 Unauthorized response to challenge for credentials
// Use the SipNonceDB to generate a nonce
UtlString newNonce;
UtlString callId;
UtlString fromTag;
Url fromUrl;
message->getFromUrl(fromUrl);
fromUrl.getFieldParameter("tag", fromTag);
message->getCallIdField(&callId);
mNonceDb.createNewNonce(callId,
fromTag,
mRealm,
newNonce);
responseMessage->setRequestUnauthorized(message, HTTP_DIGEST_AUTHENTICATION,
mRealm, newNonce);
}
} // end DB exists
return retIsAuthenticated;
}
