PDF-Serialisierung erfolgt jetzt direkt auf Razor Page - Sicherheitsverbesserung
Externer Fetch-Vorgang entfernt, PDF-Inhalt aus Sicherheitsgründen direkt auf der Razor Page serialisiert.
This commit is contained in:
Developer 02
parent
2c17d440c0
commit
f5dd3cf8be
@ -32,7 +32,7 @@ namespace EnvelopeGenerator.Web.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpPost("/")]
|
[HttpPost("/")]
|
||||||
public IActionResult DebugEnvelopes([FromForm] string password)
|
public IActionResult DebugEnvelopes([FromForm] string? password)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
@ -44,12 +44,6 @@ namespace EnvelopeGenerator.Web.Controllers
|
|||||||
return View("Index");
|
return View("Index");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (password == null)
|
|
||||||
{
|
|
||||||
ViewData["error"] = "No password supplied!";
|
|
||||||
return View("Index");
|
|
||||||
}
|
|
||||||
|
|
||||||
if (password != passwordFromConfig)
|
if (password != passwordFromConfig)
|
||||||
{
|
{
|
||||||
ViewData["error"] = "Wrong Password!";
|
ViewData["error"] = "Wrong Password!";
|
||||||
@ -75,15 +69,34 @@ namespace EnvelopeGenerator.Web.Controllers
|
|||||||
{
|
{
|
||||||
var decodedId = envelopeReceiverId.DecodeEnvelopeReceiverId();
|
var decodedId = envelopeReceiverId.DecodeEnvelopeReceiverId();
|
||||||
|
|
||||||
|
_logger.LogInformation($"Envelope UUID: [{decodedId.EnvelopeUuid}]");
|
||||||
|
_logger.LogInformation($"Receiver Signature: [{decodedId.ReceiverSignature}]");
|
||||||
|
|
||||||
var verification = await _envRcvService.VerifyAccessCode(decodedId.EnvelopeUuid, access_code);
|
var verification = await _envRcvService.VerifyAccessCode(decodedId.EnvelopeUuid, access_code);
|
||||||
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
|
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
|
||||||
|
|
||||||
if (verification.IsSuccess)
|
if (verification.IsSuccess)
|
||||||
{
|
{
|
||||||
var envelope = await _envelopeService.ReadByUuidAsync(uuid: decodedId.EnvelopeUuid, signature: decodedId.ReceiverSignature, withAll:true);
|
if (envelopeOldService.ReceiverAlreadySigned(response.Envelope, response.Receiver.Id) == true)
|
||||||
|
{
|
||||||
|
return Problem(statusCode: 403);
|
||||||
|
}
|
||||||
|
|
||||||
|
var envelope = await _envelopeService.ReadByUuidAsync(uuid: decodedId.EnvelopeUuid, signature: decodedId.ReceiverSignature, withAll: true);
|
||||||
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||||
ViewData["EnvelopeKey"] = envelopeReceiverId;
|
ViewData["EnvelopeKey"] = envelopeReceiverId;
|
||||||
ViewData["EnvelopeResponse"] = response;
|
ViewData["EnvelopeResponse"] = response;
|
||||||
|
ViewData["EnvelopeResponse"] = response;
|
||||||
|
|
||||||
|
if (response.Envelope.Documents.Count() > 0)
|
||||||
|
{
|
||||||
|
var document = await envelopeOldService.GetDocument(response.Envelope.Documents[0].Id, envelopeReceiverId);
|
||||||
|
byte[] bytes = await envelopeOldService.GetDocumentContents(document);
|
||||||
|
ViewData["DocumentBytes"] = bytes;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
ViewData["DocumentBytes"] = null;
|
||||||
|
|
||||||
return View("ShowEnvelope", envelope);
|
return View("ShowEnvelope", envelope);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|||||||
@ -1,10 +1,6 @@
|
|||||||
using DigitalData.Core.API;
|
using DigitalData.Core.API;
|
||||||
using DigitalData.Core.Contracts.Application;
|
using DigitalData.Core.Contracts.Application;
|
||||||
using DigitalData.Core.Contracts.Infrastructure;
|
using DigitalData.Core.Contracts.Infrastructure;
|
||||||
using EnvelopeGenerator.Application.Contracts;
|
|
||||||
using EnvelopeGenerator.Application.DTOs;
|
|
||||||
using EnvelopeGenerator.Infrastructure.Contracts;
|
|
||||||
using Microsoft.AspNetCore.Authorization;
|
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
|
||||||
namespace EnvelopeGenerator.Web.Controllers.Test
|
namespace EnvelopeGenerator.Web.Controllers.Test
|
||||||
|
|||||||
@ -56,21 +56,34 @@
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@{
|
|
||||||
var envelopeResponse = ViewData["EnvelopeResponse"];
|
|
||||||
var settings = new Newtonsoft.Json.JsonSerializerSettings
|
|
||||||
{
|
|
||||||
ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver()
|
|
||||||
};
|
|
||||||
var envelopeResponseJson = Newtonsoft.Json.JsonConvert.SerializeObject(envelopeResponse, settings);
|
|
||||||
}
|
|
||||||
|
|
||||||
var envelopeResponse = @Html.Raw(envelopeResponseJson);
|
|
||||||
|
|
||||||
document.addEventListener("DOMContentLoaded", async () => {
|
|
||||||
const app = new App("#app", "@ViewData["EnvelopeKey"]", envelopeResponse);
|
|
||||||
await app.init();
|
|
||||||
})
|
|
||||||
</script>
|
</script>
|
||||||
|
@if (ViewData["DocumentBytes"] is byte[] documentBytes)
|
||||||
|
{
|
||||||
|
var envelopeResponse = ViewData["EnvelopeResponse"];
|
||||||
|
var settings = new Newtonsoft.Json.JsonSerializerSettings
|
||||||
|
{
|
||||||
|
ContractResolver = new Newtonsoft.Json.Serialization.CamelCasePropertyNamesContractResolver()
|
||||||
|
};
|
||||||
|
var envelopeResponseJson = Newtonsoft.Json.JsonConvert.SerializeObject(envelopeResponse, settings);
|
||||||
|
|
||||||
|
var documentBase64String = Convert.ToBase64String(documentBytes);
|
||||||
|
|
||||||
|
<script>
|
||||||
|
var base64String = "@Html.Raw(documentBase64String)";
|
||||||
|
var byteCharacters = atob(base64String);
|
||||||
|
var byteNumbers = new Array(byteCharacters.length);
|
||||||
|
for (var i = 0; i < byteCharacters.length; i++) {
|
||||||
|
byteNumbers[i] = byteCharacters.charCodeAt(i);
|
||||||
|
}
|
||||||
|
var byteArray = new Uint8Array(byteNumbers);
|
||||||
|
var documentArrayBuffer = byteArray.buffer;
|
||||||
|
|
||||||
|
var envelopeResponse = @Html.Raw(envelopeResponseJson);
|
||||||
|
document.addEventListener("DOMContentLoaded", async () => {
|
||||||
|
const app = new App("#app", "@ViewData["EnvelopeKey"]", envelopeResponse, documentArrayBuffer);
|
||||||
|
await app.init();
|
||||||
|
})
|
||||||
|
</script>
|
||||||
|
}
|
||||||
|
|
||||||
<div id='app' style='background: gray; width: 100vw; height: 100vh; margin: 0 auto;'></div>
|
<div id='app' style='background: gray; width: 100vw; height: 100vh; margin: 0 auto;'></div>
|
||||||
@ -36,7 +36,6 @@
|
|||||||
const allAnnotations = await this.getAnnotations(instance)
|
const allAnnotations = await this.getAnnotations(instance)
|
||||||
const pageAnnotations = allAnnotations
|
const pageAnnotations = allAnnotations
|
||||||
.map((annotation) => {
|
.map((annotation) => {
|
||||||
console.log(annotation.toJS())
|
|
||||||
return annotation
|
return annotation
|
||||||
})
|
})
|
||||||
|
|
||||||
@ -108,9 +107,7 @@
|
|||||||
const canvas = document.createElement('canvas')
|
const canvas = document.createElement('canvas')
|
||||||
const scale = 4
|
const scale = 4
|
||||||
const fontSize = 10
|
const fontSize = 10
|
||||||
|
|
||||||
console.log(receiverSignature)
|
|
||||||
|
|
||||||
canvas.width = width * scale
|
canvas.width = width * scale
|
||||||
canvas.height = height * scale
|
canvas.height = height * scale
|
||||||
|
|
||||||
|
|||||||
@ -10,7 +10,7 @@ const ActionType = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
class App {
|
class App {
|
||||||
constructor(container, envelopeKey, envelopeResponse) {
|
constructor(container, envelopeKey, envelopeResponse, documentBytes) {
|
||||||
this.container = container
|
this.container = container
|
||||||
this.envelopeKey = envelopeKey
|
this.envelopeKey = envelopeKey
|
||||||
|
|
||||||
@ -23,6 +23,7 @@ class App {
|
|||||||
this.currentReceiver = null
|
this.currentReceiver = null
|
||||||
this.signatureCount = 0
|
this.signatureCount = 0
|
||||||
this.envelopeResponse = envelopeResponse;
|
this.envelopeResponse = envelopeResponse;
|
||||||
|
this.documentBytes = documentBytes;
|
||||||
}
|
}
|
||||||
|
|
||||||
// This function will be called from the ShowEnvelope.razor page
|
// This function will be called from the ShowEnvelope.razor page
|
||||||
@ -47,9 +48,11 @@ class App {
|
|||||||
icon: 'error',
|
icon: 'error',
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
console.log(documentResponse.data)
|
||||||
|
console.log(this.documentBytes)
|
||||||
|
|
||||||
const arrayBuffer = documentResponse.data
|
const arrayBuffer = this.documentBytes
|
||||||
|
console.log(arrayBuffer)
|
||||||
// Load PSPDFKit
|
// Load PSPDFKit
|
||||||
this.Instance = await this.UI.loadPSPDFKit(arrayBuffer, this.container)
|
this.Instance = await this.UI.loadPSPDFKit(arrayBuffer, this.container)
|
||||||
this.UI.configurePSPDFKit(this.Instance, this.handleClick.bind(this))
|
this.UI.configurePSPDFKit(this.Instance, this.handleClick.bind(this))
|
||||||
@ -198,6 +201,7 @@ class App {
|
|||||||
// Export annotation data and save to database
|
// Export annotation data and save to database
|
||||||
try {
|
try {
|
||||||
const json = await this.Instance.exportInstantJSON()
|
const json = await this.Instance.exportInstantJSON()
|
||||||
|
console.log(json)
|
||||||
const postEnvelopeResult = await this.Network.postEnvelope(
|
const postEnvelopeResult = await this.Network.postEnvelope(
|
||||||
this.envelopeKey,
|
this.envelopeKey,
|
||||||
this.currentDocument.id,
|
this.currentDocument.id,
|
||||||
@ -236,30 +240,11 @@ class App {
|
|||||||
.map(a => a.toJS())
|
.map(a => a.toJS())
|
||||||
.filter(a => a.isSignature)
|
.filter(a => a.isSignature)
|
||||||
|
|
||||||
console.log(annotations.length,"Signatures total!")
|
|
||||||
console.log(filtered.length,"Signatures signed!")
|
|
||||||
|
|
||||||
if (totalSignatures > filtered.length) {
|
if (totalSignatures > filtered.length) {
|
||||||
return false
|
return false
|
||||||
} else {
|
} else {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
/*this.Instance.getFormFields().then(formFields => {
|
|
||||||
formFields.forEach(formField => {
|
|
||||||
console.log(formField.name, formField.toJS());
|
|
||||||
});
|
|
||||||
|
|
||||||
// Filter form fields by type
|
|
||||||
formFields.filter(formField => (
|
|
||||||
formField instanceof PSPDFKit.FormFields.TextFormField
|
|
||||||
));
|
|
||||||
|
|
||||||
// Get the total number of form fields
|
|
||||||
const totalFormFields = formFields.size;
|
|
||||||
|
|
||||||
console.log(totalFormFields)
|
|
||||||
})*/
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async handleReset(event) {
|
async handleReset(event) {
|
||||||
|
|||||||
@ -5,7 +5,6 @@
|
|||||||
* @param {any} envelopeKey
|
* @param {any} envelopeKey
|
||||||
*/
|
*/
|
||||||
async getEnvelope(envelopeKey) {
|
async getEnvelope(envelopeKey) {
|
||||||
console.log("getEnvelope")
|
|
||||||
return this.getRequest(`/api/envelope/${envelopeKey}`)
|
return this.getRequest(`/api/envelope/${envelopeKey}`)
|
||||||
.then(this.wrapJsonResponse.bind(this))
|
.then(this.wrapJsonResponse.bind(this))
|
||||||
}
|
}
|
||||||
@ -17,7 +16,6 @@
|
|||||||
* @param {any} json
|
* @param {any} json
|
||||||
*/
|
*/
|
||||||
async postEnvelope(envelopeKey, documentId, json) {
|
async postEnvelope(envelopeKey, documentId, json) {
|
||||||
console.log("postEnvelope")
|
|
||||||
return this.postRequest(`/api/envelope/${envelopeKey}?index=${documentId}`, json)
|
return this.postRequest(`/api/envelope/${envelopeKey}?index=${documentId}`, json)
|
||||||
.then(this.wrapJsonResponse.bind(this))
|
.then(this.wrapJsonResponse.bind(this))
|
||||||
}
|
}
|
||||||
@ -28,7 +26,6 @@
|
|||||||
* @param {any} documentId
|
* @param {any} documentId
|
||||||
*/
|
*/
|
||||||
async getDocument(envelopeKey, documentId) {
|
async getDocument(envelopeKey, documentId) {
|
||||||
console.log("getDocument", `/api/document/${envelopeKey}?index=${documentId}`)
|
|
||||||
return this.getRequest(`/api/document/${envelopeKey}?index=${documentId}`)
|
return this.getRequest(`/api/document/${envelopeKey}?index=${documentId}`)
|
||||||
.then(this.wrapBinaryResponse.bind(this))
|
.then(this.wrapBinaryResponse.bind(this))
|
||||||
}
|
}
|
||||||
@ -38,7 +35,6 @@
|
|||||||
* @param {any} envelopeKey
|
* @param {any} envelopeKey
|
||||||
*/
|
*/
|
||||||
async openDocument(envelopeKey) {
|
async openDocument(envelopeKey) {
|
||||||
console.log("openDocument")
|
|
||||||
return this.postRequest(`/api/document/${envelopeKey}`, {})
|
return this.postRequest(`/api/document/${envelopeKey}`, {})
|
||||||
.then(this.wrapJsonResponse.bind(this))
|
.then(this.wrapJsonResponse.bind(this))
|
||||||
}
|
}
|
||||||
@ -66,7 +62,6 @@
|
|||||||
*/
|
*/
|
||||||
getCSRFToken() {
|
getCSRFToken() {
|
||||||
const token = document.getElementsByName('__RequestVerificationToken')[0].value
|
const token = document.getElementsByName('__RequestVerificationToken')[0].value
|
||||||
console.log(token)
|
|
||||||
return { 'X-XSRF-TOKEN': token }
|
return { 'X-XSRF-TOKEN': token }
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -143,10 +138,6 @@
|
|||||||
async wrapResponse(response, responseHandler) {
|
async wrapResponse(response, responseHandler) {
|
||||||
let wrappedResponse
|
let wrappedResponse
|
||||||
|
|
||||||
console.log("Handling response from", response.url)
|
|
||||||
console.log("Status", response.status)
|
|
||||||
console.log(response)
|
|
||||||
|
|
||||||
if (response.status === 200) {
|
if (response.status === 200) {
|
||||||
const data = await responseHandler(response)
|
const data = await responseHandler(response)
|
||||||
wrappedResponse = new WrappedResponse(data, null)
|
wrappedResponse = new WrappedResponse(data, null)
|
||||||
@ -157,8 +148,6 @@
|
|||||||
wrappedResponse = new WrappedResponse(null, null)
|
wrappedResponse = new WrappedResponse(null, null)
|
||||||
}
|
}
|
||||||
|
|
||||||
console.log("Wrapped response", wrappedResponse)
|
|
||||||
|
|
||||||
return wrappedResponse
|
return wrappedResponse
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -76,7 +76,6 @@
|
|||||||
className: 'button-reset',
|
className: 'button-reset',
|
||||||
title: 'Zurücksetzen',
|
title: 'Zurücksetzen',
|
||||||
onPress() {
|
onPress() {
|
||||||
console.log('RESET')
|
|
||||||
callback('RESET')
|
callback('RESET')
|
||||||
},
|
},
|
||||||
icon: `<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor" class="bi bi-arrow-counterclockwise" viewBox="0 0 16 16">
|
icon: `<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor" class="bi bi-arrow-counterclockwise" viewBox="0 0 16 16">
|
||||||
@ -90,7 +89,6 @@
|
|||||||
className: 'button-reject',
|
className: 'button-reject',
|
||||||
title: 'Ablehnen',
|
title: 'Ablehnen',
|
||||||
onPress() {
|
onPress() {
|
||||||
console.log('REJECT')
|
|
||||||
callback('REJECT')
|
callback('REJECT')
|
||||||
},
|
},
|
||||||
icon: `<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor" class="bi bi-hand-thumbs-down" viewBox="0 0 16 16">
|
icon: `<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" fill="currentColor" class="bi bi-hand-thumbs-down" viewBox="0 0 16 16">
|
||||||
@ -103,7 +101,6 @@
|
|||||||
className: 'button-finish',
|
className: 'button-finish',
|
||||||
title: 'Abschließen',
|
title: 'Abschließen',
|
||||||
onPress() {
|
onPress() {
|
||||||
console.log('FINISH')
|
|
||||||
callback('FINISH')
|
callback('FINISH')
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|||||||
@ -795,7 +795,7 @@ $.extend( $.validator, {
|
|||||||
}
|
}
|
||||||
} catch ( e ) {
|
} catch ( e ) {
|
||||||
if ( this.settings.debug && window.console ) {
|
if ( this.settings.debug && window.console ) {
|
||||||
console.log( "Exception occurred when checking element " + element.id + ", check the '" + rule.method + "' method.", e );
|
console.error( "Exception occurred when checking element " + element.id + ", check the '" + rule.method + "' method.", e );
|
||||||
}
|
}
|
||||||
if ( e instanceof TypeError ) {
|
if ( e instanceof TypeError ) {
|
||||||
e.message += ". Exception occurred when checking element " + element.id + ", check the '" + rule.method + "' method.";
|
e.message += ". Exception occurred when checking element " + element.id + ", check the '" + rule.method + "' method.";
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user