2020-04-27 22:41:31 +02:00
|
|
|
|
import hashlib
|
2019-11-16 09:26:28 +01:00
|
|
|
|
import json
|
2020-04-27 22:41:31 +02:00
|
|
|
|
import random
|
2020-09-05 04:02:13 +02:00
|
|
|
|
import secrets
|
|
|
|
|
from base64 import b32encode
|
2019-11-16 09:26:28 +01:00
|
|
|
|
from typing import Dict
|
2020-04-27 22:41:31 +02:00
|
|
|
|
from urllib.parse import quote, urlencode, urljoin
|
2019-11-16 09:26:28 +01:00
|
|
|
|
|
2020-06-11 00:54:34 +02:00
|
|
|
|
import requests
|
2020-04-27 22:41:31 +02:00
|
|
|
|
from defusedxml import ElementTree
|
2019-11-16 09:26:28 +01:00
|
|
|
|
from django.conf import settings
|
2020-10-20 19:25:34 +02:00
|
|
|
|
from django.core.signing import Signer
|
2020-06-11 00:54:34 +02:00
|
|
|
|
from django.http import HttpRequest, HttpResponse
|
2019-11-16 09:26:28 +01:00
|
|
|
|
from django.middleware import csrf
|
|
|
|
|
from django.shortcuts import redirect, render
|
|
|
|
|
from django.utils.crypto import constant_time_compare, salted_hmac
|
2021-04-16 00:57:30 +02:00
|
|
|
|
from django.utils.translation import gettext as _
|
2019-11-16 09:26:28 +01:00
|
|
|
|
from django.views.decorators.cache import never_cache
|
|
|
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
|
|
|
from django.views.decorators.http import require_POST
|
|
|
|
|
from oauthlib.oauth2 import OAuth2Error
|
|
|
|
|
from requests_oauthlib import OAuth2Session
|
2023-09-11 20:22:32 +02:00
|
|
|
|
from returns.curry import partial
|
2018-12-28 20:45:54 +01:00
|
|
|
|
|
2022-04-14 23:29:39 +02:00
|
|
|
|
from zerver.actions.video_calls import do_set_zoom_token
|
2021-07-16 22:11:10 +02:00
|
|
|
|
from zerver.decorator import zulip_login_required
|
2019-11-16 09:26:28 +01:00
|
|
|
|
from zerver.lib.exceptions import ErrorCode, JsonableError
|
2021-05-07 03:54:25 +02:00
|
|
|
|
from zerver.lib.outgoing_http import OutgoingSession
|
2019-12-20 00:00:45 +01:00
|
|
|
|
from zerver.lib.pysa import mark_sanitized
|
2021-07-16 22:11:10 +02:00
|
|
|
|
from zerver.lib.request import REQ, has_request_variables
|
2021-06-30 18:35:50 +02:00
|
|
|
|
from zerver.lib.response import json_success
|
2019-11-16 09:26:28 +01:00
|
|
|
|
from zerver.lib.subdomains import get_subdomain
|
2021-10-14 01:45:34 +02:00
|
|
|
|
from zerver.lib.url_encoding import append_url_query_string
|
2023-08-27 02:43:48 +02:00
|
|
|
|
from zerver.lib.validator import check_bool, check_dict, check_string
|
2019-11-16 09:26:28 +01:00
|
|
|
|
from zerver.models import UserProfile, get_realm
|
|
|
|
|
|
|
|
|
|
|
2021-05-07 03:54:25 +02:00
|
|
|
|
class VideoCallSession(OutgoingSession):
|
|
|
|
|
def __init__(self) -> None:
|
|
|
|
|
super().__init__(role="video_calls", timeout=5)
|
|
|
|
|
|
|
|
|
|
|
2019-11-16 09:26:28 +01:00
|
|
|
|
class InvalidZoomTokenError(JsonableError):
|
|
|
|
|
code = ErrorCode.INVALID_ZOOM_TOKEN
|
|
|
|
|
|
|
|
|
|
def __init__(self) -> None:
|
|
|
|
|
super().__init__(_("Invalid Zoom access token"))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_zoom_session(user: UserProfile) -> OAuth2Session:
|
|
|
|
|
if settings.VIDEO_ZOOM_CLIENT_ID is None:
|
|
|
|
|
raise JsonableError(_("Zoom credentials have not been configured"))
|
|
|
|
|
|
2020-08-29 01:34:36 +02:00
|
|
|
|
client_id = settings.VIDEO_ZOOM_CLIENT_ID
|
|
|
|
|
client_secret = settings.VIDEO_ZOOM_CLIENT_SECRET
|
|
|
|
|
|
2019-11-16 09:26:28 +01:00
|
|
|
|
return OAuth2Session(
|
2020-08-29 01:34:36 +02:00
|
|
|
|
client_id,
|
2019-11-16 09:26:28 +01:00
|
|
|
|
redirect_uri=urljoin(settings.ROOT_DOMAIN_URI, "/calls/zoom/complete"),
|
|
|
|
|
auto_refresh_url="https://zoom.us/oauth/token",
|
|
|
|
|
auto_refresh_kwargs={
|
2020-08-29 01:34:36 +02:00
|
|
|
|
"client_id": client_id,
|
|
|
|
|
"client_secret": client_secret,
|
2019-11-16 09:26:28 +01:00
|
|
|
|
},
|
|
|
|
|
token=user.zoom_token,
|
|
|
|
|
token_updater=partial(do_set_zoom_token, user),
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_zoom_sid(request: HttpRequest) -> str:
|
|
|
|
|
# This is used to prevent CSRF attacks on the Zoom OAuth
|
|
|
|
|
# authentication flow. We want this value to be unpredictable and
|
|
|
|
|
# tied to the session, but we don’t want to expose the main CSRF
|
|
|
|
|
# token directly to the Zoom server.
|
|
|
|
|
|
|
|
|
|
csrf.get_token(request)
|
2019-12-20 00:00:45 +01:00
|
|
|
|
# Use 'mark_sanitized' to cause Pysa to ignore the flow of user controlled
|
|
|
|
|
# data out of this function. 'request.META' is indeed user controlled, but
|
2020-08-11 01:47:44 +02:00
|
|
|
|
# post-HMAC output is no longer meaningfully controllable.
|
2019-12-20 00:00:45 +01:00
|
|
|
|
return mark_sanitized(
|
2019-11-16 09:26:28 +01:00
|
|
|
|
""
|
|
|
|
|
if getattr(request, "_dont_enforce_csrf_checks", False)
|
|
|
|
|
else salted_hmac("Zulip Zoom sid", request.META["CSRF_COOKIE"]).hexdigest()
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@zulip_login_required
|
|
|
|
|
@never_cache
|
|
|
|
|
def register_zoom_user(request: HttpRequest) -> HttpResponse:
|
2021-07-24 20:37:35 +02:00
|
|
|
|
assert request.user.is_authenticated
|
|
|
|
|
|
2019-11-16 09:26:28 +01:00
|
|
|
|
oauth = get_zoom_session(request.user)
|
|
|
|
|
authorization_url, state = oauth.authorization_url(
|
|
|
|
|
"https://zoom.us/oauth/authorize",
|
|
|
|
|
state=json.dumps(
|
python: Use trailing commas consistently.
Automatically generated by the following script, based on the output
of lint with flake8-comma:
import re
import sys
last_filename = None
last_row = None
lines = []
for msg in sys.stdin:
m = re.match(
r"\x1b\[35mflake8 \|\x1b\[0m \x1b\[1;31m(.+):(\d+):(\d+): (\w+)", msg
)
if m:
filename, row_str, col_str, err = m.groups()
row, col = int(row_str), int(col_str)
if filename == last_filename:
assert last_row != row
else:
if last_filename is not None:
with open(last_filename, "w") as f:
f.writelines(lines)
with open(filename) as f:
lines = f.readlines()
last_filename = filename
last_row = row
line = lines[row - 1]
if err in ["C812", "C815"]:
lines[row - 1] = line[: col - 1] + "," + line[col - 1 :]
elif err in ["C819"]:
assert line[col - 2] == ","
lines[row - 1] = line[: col - 2] + line[col - 1 :].lstrip(" ")
if last_filename is not None:
with open(last_filename, "w") as f:
f.writelines(lines)
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 05:23:40 +02:00
|
|
|
|
{"realm": get_subdomain(request), "sid": get_zoom_sid(request)},
|
2019-11-16 09:26:28 +01:00
|
|
|
|
),
|
|
|
|
|
)
|
|
|
|
|
return redirect(authorization_url)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@never_cache
|
|
|
|
|
@has_request_variables
|
|
|
|
|
def complete_zoom_user(
|
|
|
|
|
request: HttpRequest,
|
2021-02-12 08:19:30 +01:00
|
|
|
|
state: Dict[str, str] = REQ(
|
2021-04-07 22:00:44 +02:00
|
|
|
|
json_validator=check_dict([("realm", check_string)], value_validator=check_string)
|
2021-02-12 08:19:30 +01:00
|
|
|
|
),
|
2019-11-16 09:26:28 +01:00
|
|
|
|
) -> HttpResponse:
|
|
|
|
|
if get_subdomain(request) != state["realm"]:
|
|
|
|
|
return redirect(urljoin(get_realm(state["realm"]).uri, request.get_full_path()))
|
|
|
|
|
return complete_zoom_user_in_realm(request)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@zulip_login_required
|
|
|
|
|
@has_request_variables
|
|
|
|
|
def complete_zoom_user_in_realm(
|
|
|
|
|
request: HttpRequest,
|
|
|
|
|
code: str = REQ(),
|
2021-02-12 08:19:30 +01:00
|
|
|
|
state: Dict[str, str] = REQ(
|
2021-04-07 22:00:44 +02:00
|
|
|
|
json_validator=check_dict([("sid", check_string)], value_validator=check_string)
|
2021-02-12 08:19:30 +01:00
|
|
|
|
),
|
2019-11-16 09:26:28 +01:00
|
|
|
|
) -> HttpResponse:
|
2021-07-24 20:37:35 +02:00
|
|
|
|
assert request.user.is_authenticated
|
|
|
|
|
|
2019-11-16 09:26:28 +01:00
|
|
|
|
if not constant_time_compare(state["sid"], get_zoom_sid(request)):
|
|
|
|
|
raise JsonableError(_("Invalid Zoom session identifier"))
|
|
|
|
|
|
2020-08-29 01:34:36 +02:00
|
|
|
|
client_secret = settings.VIDEO_ZOOM_CLIENT_SECRET
|
|
|
|
|
|
2019-11-16 09:26:28 +01:00
|
|
|
|
oauth = get_zoom_session(request.user)
|
|
|
|
|
try:
|
|
|
|
|
token = oauth.fetch_token(
|
|
|
|
|
"https://zoom.us/oauth/token",
|
|
|
|
|
code=code,
|
2020-08-29 01:34:36 +02:00
|
|
|
|
client_secret=client_secret,
|
2019-11-16 09:26:28 +01:00
|
|
|
|
)
|
|
|
|
|
except OAuth2Error:
|
|
|
|
|
raise JsonableError(_("Invalid Zoom credentials"))
|
|
|
|
|
|
|
|
|
|
do_set_zoom_token(request.user, token)
|
|
|
|
|
return render(request, "zerver/close_window.html")
|
|
|
|
|
|
|
|
|
|
|
2023-08-27 02:43:48 +02:00
|
|
|
|
@has_request_variables
|
|
|
|
|
def make_zoom_video_call(
|
|
|
|
|
request: HttpRequest,
|
|
|
|
|
user: UserProfile,
|
|
|
|
|
is_video_call: bool = REQ(json_validator=check_bool, default=True),
|
|
|
|
|
) -> HttpResponse:
|
2019-11-16 09:26:28 +01:00
|
|
|
|
oauth = get_zoom_session(user)
|
|
|
|
|
if not oauth.authorized:
|
|
|
|
|
raise InvalidZoomTokenError
|
|
|
|
|
|
2023-08-27 02:43:48 +02:00
|
|
|
|
# The meeting host has the ability to configure both their own and
|
|
|
|
|
# participants' default video on/off state for the meeting. That's
|
|
|
|
|
# why when creating a meeting, configure the video on/off default
|
|
|
|
|
# according to the desired call type. Each Zoom user can still have
|
|
|
|
|
# their own personal setting to not start video by default.
|
|
|
|
|
payload = {
|
|
|
|
|
"settings": {
|
|
|
|
|
"host_video": is_video_call,
|
|
|
|
|
"participant_video": is_video_call,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-16 09:26:28 +01:00
|
|
|
|
try:
|
2023-08-27 02:43:48 +02:00
|
|
|
|
res = oauth.post("https://api.zoom.us/v2/users/me/meetings", json=payload)
|
2019-11-16 09:26:28 +01:00
|
|
|
|
except OAuth2Error:
|
|
|
|
|
do_set_zoom_token(user, None)
|
|
|
|
|
raise InvalidZoomTokenError
|
|
|
|
|
|
|
|
|
|
if res.status_code == 401:
|
|
|
|
|
do_set_zoom_token(user, None)
|
|
|
|
|
raise InvalidZoomTokenError
|
|
|
|
|
elif not res.ok:
|
|
|
|
|
raise JsonableError(_("Failed to create Zoom call"))
|
|
|
|
|
|
2022-01-31 13:44:02 +01:00
|
|
|
|
return json_success(request, data={"url": res.json()["join_url"]})
|
2019-11-16 09:26:28 +01:00
|
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
|
2019-11-16 09:26:28 +01:00
|
|
|
|
@csrf_exempt
|
|
|
|
|
@require_POST
|
2018-12-28 20:45:54 +01:00
|
|
|
|
@has_request_variables
|
2019-11-16 09:26:28 +01:00
|
|
|
|
def deauthorize_zoom_user(request: HttpRequest) -> HttpResponse:
|
2022-01-31 13:44:02 +01:00
|
|
|
|
return json_success(request)
|
2020-04-27 22:41:31 +02:00
|
|
|
|
|
|
|
|
|
|
2020-10-20 19:25:34 +02:00
|
|
|
|
@has_request_variables
|
|
|
|
|
def get_bigbluebutton_url(
|
|
|
|
|
request: HttpRequest, user_profile: UserProfile, meeting_name: str = REQ()
|
|
|
|
|
) -> HttpResponse:
|
2020-10-23 02:43:28 +02:00
|
|
|
|
# https://docs.bigbluebutton.org/dev/api.html#create for reference on the API calls
|
2020-04-27 22:41:31 +02:00
|
|
|
|
# https://docs.bigbluebutton.org/dev/api.html#usage for reference for checksum
|
|
|
|
|
id = "zulip-" + str(random.randint(100000000000, 999999999999))
|
2022-03-21 00:09:36 +01:00
|
|
|
|
password = b32encode(secrets.token_bytes(20)).decode() # 20 bytes means 32 characters
|
2020-10-20 19:25:34 +02:00
|
|
|
|
|
2023-10-09 21:28:43 +02:00
|
|
|
|
# We sign our data here to ensure a Zulip user cannot tamper with
|
2020-10-20 19:25:34 +02:00
|
|
|
|
# the join link to gain access to other meetings that are on the
|
|
|
|
|
# same bigbluebutton server.
|
|
|
|
|
signed = Signer().sign_object(
|
|
|
|
|
{
|
|
|
|
|
"meeting_id": id,
|
|
|
|
|
"name": meeting_name,
|
|
|
|
|
"password": password,
|
|
|
|
|
}
|
2021-02-12 08:19:30 +01:00
|
|
|
|
)
|
2020-10-20 19:25:34 +02:00
|
|
|
|
url = append_url_query_string("/calls/bigbluebutton/join", "bigbluebutton=" + signed)
|
|
|
|
|
return json_success(request, {"url": url})
|
2020-04-27 22:41:31 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# We use zulip_login_required here mainly to get access to the user's
|
|
|
|
|
# full name from Zulip to prepopulate the user's name in the
|
|
|
|
|
# BigBlueButton meeting. Since the meeting's details are encoded in
|
|
|
|
|
# the link the user is clicking, there is no validation tying this
|
|
|
|
|
# meeting to the Zulip organization it was created in.
|
|
|
|
|
@zulip_login_required
|
|
|
|
|
@never_cache
|
|
|
|
|
@has_request_variables
|
2020-10-20 19:25:34 +02:00
|
|
|
|
def join_bigbluebutton(request: HttpRequest, bigbluebutton: str = REQ()) -> HttpResponse:
|
2021-07-24 20:37:35 +02:00
|
|
|
|
assert request.user.is_authenticated
|
|
|
|
|
|
2020-04-27 22:41:31 +02:00
|
|
|
|
if settings.BIG_BLUE_BUTTON_URL is None or settings.BIG_BLUE_BUTTON_SECRET is None:
|
2021-07-06 00:23:51 +02:00
|
|
|
|
raise JsonableError(_("BigBlueButton is not configured."))
|
2020-04-27 22:41:31 +02:00
|
|
|
|
|
2020-10-20 19:25:34 +02:00
|
|
|
|
try:
|
|
|
|
|
bigbluebutton_data = Signer().unsign_object(bigbluebutton)
|
|
|
|
|
except Exception:
|
|
|
|
|
raise JsonableError(_("Invalid signature."))
|
|
|
|
|
|
|
|
|
|
create_params = urlencode(
|
|
|
|
|
{
|
|
|
|
|
"meetingID": bigbluebutton_data["meeting_id"],
|
|
|
|
|
"name": bigbluebutton_data["name"],
|
|
|
|
|
"moderatorPW": bigbluebutton_data["password"],
|
|
|
|
|
# We generate the attendee password from moderatorPW,
|
|
|
|
|
# because the BigBlueButton API requires a separate
|
|
|
|
|
# password. This integration is designed to have all users
|
|
|
|
|
# join as moderators, so we generate attendeePW by
|
|
|
|
|
# truncating the moderatorPW while keeping it long enough
|
|
|
|
|
# to not be vulnerable to brute force attacks.
|
|
|
|
|
"attendeePW": bigbluebutton_data["password"][:16],
|
|
|
|
|
},
|
|
|
|
|
quote_via=quote,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
checksum = hashlib.sha256(
|
|
|
|
|
("create" + create_params + settings.BIG_BLUE_BUTTON_SECRET).encode()
|
|
|
|
|
).hexdigest()
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
response = VideoCallSession().get(
|
|
|
|
|
append_url_query_string(settings.BIG_BLUE_BUTTON_URL + "api/create", create_params)
|
|
|
|
|
+ "&checksum="
|
|
|
|
|
+ checksum
|
2021-02-12 08:19:30 +01:00
|
|
|
|
)
|
2020-10-20 19:25:34 +02:00
|
|
|
|
response.raise_for_status()
|
|
|
|
|
except requests.RequestException:
|
|
|
|
|
raise JsonableError(_("Error connecting to the BigBlueButton server."))
|
|
|
|
|
|
|
|
|
|
payload = ElementTree.fromstring(response.text)
|
|
|
|
|
if payload.find("messageKey").text == "checksumError":
|
|
|
|
|
raise JsonableError(_("Error authenticating to the BigBlueButton server."))
|
|
|
|
|
|
|
|
|
|
if payload.find("returncode").text != "SUCCESS":
|
|
|
|
|
raise JsonableError(_("BigBlueButton server returned an unexpected error."))
|
|
|
|
|
|
|
|
|
|
join_params = urlencode(
|
|
|
|
|
{
|
|
|
|
|
"meetingID": bigbluebutton_data["meeting_id"],
|
|
|
|
|
# We use the moderator password here to grant ever user
|
|
|
|
|
# full moderator permissions to the bigbluebutton session.
|
|
|
|
|
"password": bigbluebutton_data["password"],
|
|
|
|
|
"fullName": request.user.full_name,
|
|
|
|
|
# https://docs.bigbluebutton.org/dev/api.html#create
|
|
|
|
|
# The createTime option is used to have the user redirected to a link
|
|
|
|
|
# that is only valid for this meeting.
|
|
|
|
|
#
|
|
|
|
|
# Even if the same link in Zulip is used again, a new
|
|
|
|
|
# createTime parameter will be created, as the meeting on
|
|
|
|
|
# the BigBlueButton server has to be recreated. (after a
|
|
|
|
|
# few minutes)
|
|
|
|
|
"createTime": payload.find("createTime").text,
|
|
|
|
|
},
|
|
|
|
|
quote_via=quote,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
checksum = hashlib.sha256(
|
|
|
|
|
("join" + join_params + settings.BIG_BLUE_BUTTON_SECRET).encode()
|
|
|
|
|
).hexdigest()
|
|
|
|
|
redirect_url_base = append_url_query_string(
|
|
|
|
|
settings.BIG_BLUE_BUTTON_URL + "api/join", join_params
|
|
|
|
|
)
|
|
|
|
|
return redirect(append_url_query_string(redirect_url_base, "checksum=" + checksum))
|