diff --git a/packages/file-handling/src/crypto.js b/packages/file-handling/src/crypto.js
index 0e85c1b14db71344fccf54ae47b76bda3ea69239..195a685d3f6f3e26760a8401e87ead033816263d 100644
--- a/packages/file-handling/src/crypto.js
+++ b/packages/file-handling/src/crypto.js
@@ -1,4 +1,5 @@
import { CompactEncrypt } from 'jose/jwe/compact/encrypt';
+import { compactDecrypt } from 'jose/jwe/compact/decrypt';
import { parseJwk } from 'jose/jwk/parse';
import {encode} from 'jose/util/base64url';
@@ -26,7 +27,6 @@ export async function encrypt(token, payload) {
const jwe = await new CompactEncrypt(encoder.encode(payload))
.setProtectedHeader({alg: 'PBES2-HS256+A128KW', enc: 'A256GCM'})
.encrypt(key);
- console.log("+++++++++++", jwe);
return jwe;
}
@@ -50,15 +50,11 @@ export async function encrypt(token, payload) {
* @returns {string}
*/
export async function decrypt(token, payload) {
- console.log("payload", payload);
- const encoder = new TextEncoder();
const key = await parseJwk({kty: 'oct', k: encode(token)}, 'PBES2-HS256+A128KW');
- const jwe = await new CompactEncrypt(encoder.encode(payload))
- .setProtectedHeader({alg: 'PBES2-HS256+A128KW', enc: 'A256GCM'})
- .decrypt(key);
- console.log("jwe", jwe);
+ const decryption = await compactDecrypt(payload, key, {alg: 'PBES2-HS256+A128KW', enc: 'A256GCM'});
+ const secret = new TextDecoder().decode(decryption.plaintext);
- return jwe;
+ return secret;
}
export function parseJwt (token) {
diff --git a/packages/file-handling/src/nextcloud-file-picker.js b/packages/file-handling/src/nextcloud-file-picker.js
index e54b71e00e81c875810a636017af84e04f335ed8..5f4595efbb94746c3418c3165a669d89d4397ae1 100644
--- a/packages/file-handling/src/nextcloud-file-picker.js
+++ b/packages/file-handling/src/nextcloud-file-picker.js
@@ -428,24 +428,32 @@ export class NextcloudFilePicker extends ScopedElementsMixin(DBPLitElement) {
*
*/
async checkSessionStorage() {
+ if (!this.isLoggedIn() || !this.auth)
+ return;
const publicId = this.auth['person-id'];
const token = parseJwt(this.auth.token);
const sessionId = token ? token.sid : "";
- if (this.isLoggedIn() && this.storeSession && sessionId
+ if (this.storeSession && sessionId
&& sessionStorage.getItem("nextcloud-webdav-username" + publicId)
&& sessionStorage.getItem("nextcloud-webdav-password" + publicId) ){
- console.log("----------", sessionStorage.getItem("nextcloud-webdav-username" + publicId));
- const sessionStorageName = await sessionStorage.getItem("nextcloud-webdav-username" + publicId);
- console.log("decrypt:", await decrypt(sessionId, sessionStorageName));
- /* this.webDavClient = createClient(
- this.webDavUrl + "/" + sessionStorage.getItem("nextcloud-webdav-username"),
- {
- username: decrypt(sessionId, sessionStorage.getItem("nextcloud-webdav-username" + publicId)),
- password: decrypt(sessionId, sessionStorage.getItem("nextcloud-webdav-password" + publicId))
- }
- );
- this.isPickerActive = true;
- this.loadDirectory(this.directoryPath);*/
+ try {
+ const userName = await decrypt(sessionId, sessionStorage.getItem("nextcloud-webdav-username" + publicId));
+ const password = await decrypt(sessionId, sessionStorage.getItem("nextcloud-webdav-password" + publicId));
+ this.webDavClient = createClient(
+ this.webDavUrl + "/" + userName,
+ {
+ username: userName,
+ password: password
+ }
+ );
+
+ this.isPickerActive = true;
+ this.loadDirectory(this.directoryPath);
+ } catch (e) {
+ sessionStorage.removeItem('nextcloud-webdav-username' + publicId);
+ sessionStorage.removeItem('nextcloud-webdav-password' + publicId);
+ return;
+ }
}
}
@@ -1543,10 +1551,11 @@ export class NextcloudFilePicker extends ScopedElementsMixin(DBPLitElement) {
logOut() {
this.webDavClient = null;
this.isPickerActive = false;
- sessionStorage.removeItem('nextcloud-webdav-username');
- sessionStorage.removeItem('nextcloud-webdav-password');
-
- console.log("log out!");
+ if (this.auth) {
+ const publicId = this.auth['person-id'];
+ sessionStorage.removeItem('nextcloud-webdav-username' + publicId);
+ sessionStorage.removeItem('nextcloud-webdav-password' + publicId);
+ }
}
/**
@@ -2228,7 +2237,7 @@ export class NextcloudFilePicker extends ScopedElementsMixin(DBPLitElement) {
}}">${i18n.t('nextcloud-file-picker.connect-nextcloud', {name: this.nextcloudName})}
</button>
</div>
- <div class="block text-center m-inherit ${classMap({hidden: this.isPickerActive && !this.storeSession})}"> <!-- remove hidden to enable remember me -->
+ <div class="block text-center m-inherit ${classMap({hidden: this.isPickerActive && !this.storeSession || !this.isLoggedIn()})}"> <!-- remove hidden to enable remember me -->
<label class="button-container remember-container">
${i18n.t('nextcloud-file-picker.remember-me')}
<input type="checkbox" id="remember-checkbox" name="remember">