otetard · otetard · May 2, 2024 · May 2, 2024 · May 2, 2024 · May 2, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,19 +4,14 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
-## 0.11.0-beta.2
-
-### Fixed
-
-- Remove `3rdparty` from the Nextcloud App Store tarball.
-
-## 0.11.0-beta.1
+## 0.11.0
 
 ### Added
 
 - Add support for OAuth2 authentication now that Etherpad 2.x requires
   it. Keep support for old APIKey authentication. This requires a
   version strictly upper than 2.0.2.
+- Add a new “test etherpad authentication” button in settings.
 
 ### Changed
 
@@ -25,6 +20,10 @@ All notable changes to this project will be documented in this file.
 - Rewrite settings page to make use of Vue to improve user experience
   and maintenance.
 
+### Fixed
+
+- Remove `3rdparty` from the Nextcloud App Store tarball.
+
 ## 0.10.1
 
 ### Changed

diff --git a/README.md b/README.md
@@ -16,14 +16,16 @@ In order to make Ownpad work, go to the configuration panel (Settings /
 Admininstration / Additional Settings) and fill in the necessary data
 within the “Ownpad (collaborative documents)” section.
 
-**Set a Etherpad Host:**
-To be able to process the document, you must configure a Host. [Find more public providers at the Etherpad-Lite wiki](https://github.com/ether/etherpad-lite/wiki/Sites-that-run-Etherpad-Lite)
+**Set a Etherpad Host:** To be able to process the document, you must
+configure a Host. [Find more public providers at the Etherpad-Lite
+wiki](https://github.com/ether/etherpad-lite/wiki/Sites-that-run-Etherpad-Lite)
 
 *Example:*
 * Etherpad Host   https://etherpad.wikimedia.org/
 * Ethercalc Host  https://ethercalc.net/
 
-Note that most browsers will only display the content if both Nextcloud and Etherpad/Ethercalc are served via HTTPS.
+Note that most browsers will only display the content if both
+Nextcloud and Etherpad/Ethercalc are served via HTTPS.
 
 Afterwards, the “pad” and/or “calc” items will be available in the “+”
 menu from the “File” app.
@@ -59,7 +61,12 @@ Then, you should add the following content in the `/config/mimetypemapping.json`
 }
 ```
 
-For the [snap-distribution of Nextcloud](https://github.com/nextcloud/nextcloud-snap) the template file can be found under `/snap/nextcloud/current/htdocs/resources/config/mimetypemapping.dist.json` and the active config-folder by default is `/var/snap/nextcloud/current/nextcloud/config/`.
+For the [snap-distribution of
+Nextcloud](https://github.com/nextcloud/nextcloud-snap) the template
+file can be found under
+`/snap/nextcloud/current/htdocs/resources/config/mimetypemapping.dist.json`
+and the active config-folder by default is
+`/var/snap/nextcloud/current/nextcloud/config/`.
 
 Then you should copy the MIME type icons from Ownpad to the Nextcloud core:
 
@@ -91,19 +98,18 @@ Ownpad. If this is used then the user will simply be prompted to enter
 login credentials by their browser when they try to access a pad from
 within Nextcloud.
 
-### Etherpad-managed auth
+### Etherpad-managed Authentication
 
 Ownpad supports communication with the Etherpad API for access
-restriction (so called *protected pads*). This support is considered
-**experimental** due to work in progress; some features are still
-missing. See the [TODO.md](TODO.md) for details.
+restriction (so called *protected pads*).
 
 Protected pads need to be accessed via Nextcloud in order to gain access
 privileges.
 
-In order for this to work, you’ll need to enter your Etherpad API key
-within the Ownpad settings. You can find your API key in the
-`APIKEY.txt` file of your Etherpad instance.
+In order for this to work, you’ll need to enter your Etherpad API
+credentials (either the API key for Etherpad 1.x or the client
+ID/client secret for Etherpad 2.x). Please refer to the next section
+to find out how to configure Etherpad.
 
 In addition you’ll need to host your Etherpad and Nextcloud instances
 under the same domain. For example, you can host your Etherpad in
@@ -112,14 +118,60 @@ example, you’ll have to set the cookie domain to `example.org` within
 the Ownpad settings.
 
 If you want to create *truly* private pads, you have to dedicate an
-Etherpad instance for Nextcloud **running both with HTTPS**. You will then configure Etherpad to
-restrict pad access via sessions and pad creation via the API.
-For this, you have to adjust your Etherpad configuration file
-(`settings.json`) as following:
+Etherpad instance for Nextcloud **running both with HTTPS**. You will
+then configure Etherpad to restrict pad access via sessions and pad
+creation via the API.  For this, you have to adjust your Etherpad
+configuration file (`settings.json`) as following:
 
+```json
+{
+    # …
     "requireSession" : true,
     "editOnly" : true,
+}
+```
+
+#### Etherpad Authentication
+
+If you are using Etherpad 1.x, then authentication is using a single
+API key secret. You can find your API key in the `APIKEY.txt` file of
+your Etherpad instance. This API key should be put in Ownpad settings.
+
+If you are using Etherpad 2.x (at least 2.0.3 is required), then, you
+should first configure your Etherpad’s `settings.json` file to add a
+new service account. You should give that account admin
+credentials. You should add the following snippet (you should adjust
+`client_id` and `client_secret` to strong values):
+
+```json
+{
+  # …
+  "sso": {
+    # …
+    "clients": [
+      # …
+      {
+        "client_id": "client_id",
+        "redirect_uris": [],
+        "response_types": [],
+        "grant_types": ["client_credentials"],
+        "client_secret": "client_secret",
+        "extraParams": [
+          {
+            "name": "admin",
+            "value": "true"
+          }
+        ]
+      }
+    ]
+  }
+}
+```
+
+Then, you should push that secrets in Ownpad configuration after
+having enabled the OAuth2 authentication mode.
 
 ## License
 
-The code is licensed under the AGPLv3 which can be found as the file [COPYING](COPYING) in the source code repository.
+The code is licensed under the AGPLv3 which can be found as the file
+[COPYING](COPYING) in the source code repository.
diff --git a/appinfo/info.xml b/appinfo/info.xml
@@ -7,7 +7,7 @@
   <description><![CDATA[Ownpad is a Nextcloud application that allows to create and open Etherpad and Ethercalc documents.
 
 This application requires to have access to an instance of <a href="https://etherpad.org/">Etherpad</a> and/or <a href="https://ethercalc.net/">Ethercalc</a> to work properly.]]></description>
-  <version>0.11.0-beta.2</version>
+  <version>0.11.0</version>
   <licence>agpl</licence>
   <author mail="[email protected]">Olivier Tétard</author>
   <documentation>

diff --git a/appinfo/routes.php b/appinfo/routes.php
@@ -20,4 +20,5 @@
 	['name' => 'publicDisplay#showPad', 'url' => '/public/{token}', 'verb' => 'GET'],
 	['name' => 'ajax#getconfig', 'url' => '/ajax/v1.0/getconfig', 'verb' => 'GET'],
 	['name' => 'ajax#newpad', 'url' => '/ajax/v1.0/newpad', 'verb' => 'POST'],
+	['name' => 'ajax#testetherpadtoken', 'url' => '/ajax/v1.0/testetherpadtoken', 'verb' => 'GET'],
 ]];
diff --git a/js/ownpad-main.js b/js/ownpad-main.js
diff --git a/js/ownpad-main.js.LICENSE.txt b/js/ownpad-main.js.LICENSE.txt
@@ -27,7 +27,7 @@
  * MIT Licensed
  */
 
-/*! @license DOMPurify 3.1.0 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.1.0/LICENSE */
+/*! @license DOMPurify 3.1.2 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.1.2/LICENSE */
 
 /*! For license information please see index.js.LICENSE.txt */
 

diff --git a/js/ownpad-main.js.map b/js/ownpad-main.js.map
diff --git a/js/ownpad-settings.js b/js/ownpad-settings.js
diff --git a/js/ownpad-settings.js.LICENSE.txt b/js/ownpad-settings.js.LICENSE.txt
@@ -36,7 +36,7 @@
 * @license MIT, https://github.com/focus-trap/tabbable/blob/master/LICENSE
 */
 
-/*! @license DOMPurify 3.1.0 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.1.0/LICENSE */
+/*! @license DOMPurify 3.1.2 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.1.2/LICENSE */
 
 /*! ieee754. BSD-3-Clause License. Feross Aboukhadijeh <https://feross.org/opensource> */
 

diff --git a/js/ownpad-settings.js.map b/js/ownpad-settings.js.map
diff --git a/js/ownpad-vendors-node_modules_nextcloud_dialogs_dist_chunks_DialogBase-aHPYSWdD_mjs.js b/js/ownpad-vendors-node_modules_nextcloud_dialogs_dist_chunks_DialogBase-aHPYSWdD_mjs.js
diff --git a/js/ownpad-vendors-node_modules_nextcloud_dialogs_dist_chunks_DialogBase-aHPYSWdD_mjs.js.map b/js/ownpad-vendors-node_modules_nextcloud_dialogs_dist_chunks_DialogBase-aHPYSWdD_mjs.js.map
diff --git a/lib/Controller/AjaxController.php b/lib/Controller/AjaxController.php
@@ -68,4 +68,23 @@ public function newpad($dir, $padname, $type, $protected) {
 			return new JSONResponse($message, Http::STATUS_NOT_FOUND);
 		}
 	}
+
+	/**
+	 * @NoAdminRequired
+	 */
+	public function testetherpadtoken() {
+		try {
+			$this->service->testEtherpadToken();
+			return new JSONResponse([
+				'data' => null,
+				'status' => 'success',
+			]);
+		} catch(OwnpadException $e) {
+			$message = [
+				'data' => ['message' => $e->getMessage()],
+				'status' => 'error',
+			];
+			return new JSONResponse($message, Http::STATUS_FORBIDDEN);
+		}
+	}
 }
diff --git a/lib/Service/OwnpadService.php b/lib/Service/OwnpadService.php
@@ -228,6 +228,14 @@ public function parseOwnpadContent($file, $content, bool $publicMode = false) {
 		return $url;
 	}
 
+	public function testEtherpadToken() {
+		try {
+			return $this->etherpadCallApi('checkToken');
+		} catch(Exception) {
+			$l10n = \OC::$server->getL10N('ownpad');
+			throw new OwnpadException($l10n->t('Invalid authentication credentials'));
+		}
+	}
 
 	/**
 	 * Main entrypoint to call Etherpad API.