AppSuite:Filestorages: Difference between revisions
(→Microsoft Onedrive: changed azure page link, configuration changed) |
|||
(15 intermediate revisions by 6 users not shown) | |||
Line 1: | Line 1: | ||
'''Note:''' you can find updated guides at [https://documentation.open-xchange.com/7.10.2/middleware/3rd_party_integrations.html https://documentation.open-xchange.com/7.10.2/middleware/3rd_party_integrations.html] | |||
This page is only for pre 7.10.2 versions. | |||
= Common preparations = | = Common preparations = | ||
This page shows how to setup external file stores. For all of these file stores you have to install the package "open-xchange-oauth", which provides the necessary authentication mechanisms. | This page shows how to setup external file stores. For all of these file stores you have to install the package "open-xchange-oauth", which provides the necessary authentication mechanisms. | ||
Line 15: | Line 19: | ||
Open-Xchange application uses the deferrer URL as call-back for some of the providers, which use OAuth v2.0 authentication (such as Google). | Open-Xchange application uses the deferrer URL as call-back for some of the providers, which use OAuth v2.0 authentication (such as Google). | ||
If your OX server is reachable only via one host name, you won't have to do anything. If it is reachable by more than one host name, create or open the file ''/opt/openexchange/etc | If your OX server is reachable only via one host name, you won't have to do anything. If it is reachable by more than one host name, create or open the file ''/opt/openexchange/etc/deferrer.properties'' and set the properties therein as such: | ||
<syntaxhighlight lang="properties"> | <syntaxhighlight lang="properties"> | ||
com.openexchange.http.deferrer.url=https://mymaindomain.invalid | com.openexchange.http.deferrer.url=https://mymaindomain.invalid | ||
Line 27: | Line 31: | ||
* Log in to your Dropbox account [https://www.dropbox.com/login here], and create your Dropbox app [https://www.dropbox.com/developers/apps/create here] | * Log in to your Dropbox account [https://www.dropbox.com/login here], and create your Dropbox app [https://www.dropbox.com/developers/apps/create here] | ||
* There are two options available creating an app, Drops-in App & Dropbox API App. Please select '''Dropbox API''' app and enter the name of your app. | * There are two options available creating an app, Drops-in App & Dropbox API App. Please select '''Dropbox API''' app and enter the name of your app. | ||
* Go to [ | * Go to [https://www.dropbox.com/developers/apps App Console] and select your created app. Select settings tab to view the <source enclose="none" lang="java">APP_KEY</source> (App key) and <source enclose="none" lang="java">SECRET_KEY</source> (App secret) and to configure the redirect URI to your AppSuite platform under the Oauth2 section. All the other fields can keep their default value. | ||
* Please ensure the following conditions are met for the redirect URI: | |||
** The redirect URI uses <source enclose="none" lang="java">"https://"</source> as protocol | |||
** The redirect URI follows the pattern: <source enclose="none" lang="java">"https://" + <host-name> + "/ajax/defer"</source> | |||
** E.g. <source enclose="none" lang="java">"https://myappsuite.mydomain.invalid/ajax/defer"</source> | |||
<br> | |||
== Configuration == | == Configuration == | ||
Line 42: | Line 51: | ||
com.openexchange.oauth.dropbox.apiKey=REPLACE_THIS_WITH_DROPBOX_APP_KEY | com.openexchange.oauth.dropbox.apiKey=REPLACE_THIS_WITH_DROPBOX_APP_KEY | ||
com.openexchange.oauth.dropbox.apiSecret=REPLACE_THIS_WITH_DROPBOX_APP_SECRET | com.openexchange.oauth.dropbox.apiSecret=REPLACE_THIS_WITH_DROPBOX_APP_SECRET | ||
</syntaxhighlight> | |||
<br> | |||
* Set the redirect URL. Please ensure the use the same URL as specified in the Dropbox App: | |||
<syntaxhighlight lang="properties"> | |||
com.openexchange.oauth.dropbox.redirectUrl= | |||
</syntaxhighlight> | |||
<br> | |||
* Set the product ID of the registered Dropbox app | |||
<syntaxhighlight lang="properties"> | |||
com.openexchange.oauth.dropbox.productName= | |||
</syntaxhighlight> | </syntaxhighlight> | ||
<br> | <br> | ||
Line 66: | Line 87: | ||
** Google Cloud Storage | ** Google Cloud Storage | ||
** Google Cloud Storage JSON API | ** Google Cloud Storage JSON API | ||
* perform [https://support.google.com/webmasters/answer/35179 Google's site verification] | |||
** you can use any method listed by Google in general | |||
** in case our OXaaS offering is used the HTML tag and HTML file methods are not accessible but the DNS based approach is required | |||
* [[AppSuite:GoogleAppVerification|get your app verified by Google]] to avoid awkward warnings | |||
== Configuration == | == Configuration == | ||
Line 76: | Line 101: | ||
<br> | <br> | ||
* Set the API key and secret | * Set the API key and secret, which is Client ID and Client Secret to call the sign-in API (Select your project, select API manager from upper left burger menu, select credentials in left side bar, select Client ID for Web application) | ||
<syntaxhighlight lang="properties"> | <syntaxhighlight lang="properties"> | ||
com.openexchange.oauth.google.apiKey=REPLACE_THIS_WITH_YOUR_CLIENT_ID | com.openexchange.oauth.google.apiKey=REPLACE_THIS_WITH_YOUR_CLIENT_ID | ||
Line 104: | Line 129: | ||
= Microsoft Onedrive = | = Microsoft Onedrive = | ||
To setup the Microsoft OneDrive file store you have to install the package "open-xchange-file-storage-onedrive". | To setup the Microsoft OneDrive file store you have to install the package "open-xchange-file-storage-onedrive". | ||
== Registering your app == | == Registering your app == | ||
* | * register your app on the [https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade Azure App registration] page | ||
* application ID maps to apiKey in OX properties | |||
* create credentials and copy it to apiSecret | |||
* choose "Web" as platform | |||
* enter the redirect URI/URL, see below | |||
* enter profile data for your application | |||
== Configuration == | == Configuration == | ||
In addition you have to configure the following properties in file ''/opt/open-xchange/etc/msliveconntectoauth.properties'': | In addition you have to configure the following properties in file ''/opt/open-xchange/etc/microsoftgraphoauth.properties'' (before 7.10.x ''/opt/open-xchange/etc/msliveconntectoauth.properties''): | ||
* Enable the OAuth connector | * Enable the OAuth connector | ||
<syntaxhighlight lang="properties"> | <syntaxhighlight lang="properties"> | ||
com.openexchange.oauth. | com.openexchange.oauth.microsoft.graph=true | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<br> | <br> | ||
Line 120: | Line 150: | ||
* Set the API key and secret | * Set the API key and secret | ||
<syntaxhighlight lang="properties"> | <syntaxhighlight lang="properties"> | ||
com.openexchange.oauth. | com.openexchange.oauth.microsoft.graph.apiKey=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_KEY | ||
com.openexchange.oauth. | com.openexchange.oauth.microsoft.graph.apiSecret=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_SECRET | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<br> | <br> | ||
Line 127: | Line 157: | ||
* Set the redirect URL | * Set the redirect URL | ||
<syntaxhighlight lang="properties"> | <syntaxhighlight lang="properties"> | ||
com.openexchange.oauth. | com.openexchange.oauth.microsoft.graph.redirectUrl=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_REDIRECT_URL | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<br> | <br> | ||
Note: the redirect URL must be the same as defined in the azure app registration, it should be https://<REPLACE_WITH_FQDN>/ajax/defer | |||
You can define them system-wide or via the config cascade mechanism. | You can define them system-wide or via the config cascade mechanism. | ||
Line 135: | Line 167: | ||
{{InstallPlugin|pluginname=open-xchange-file-storage-onedrive|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}} | {{InstallPlugin|pluginname=open-xchange-file-storage-onedrive|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}} | ||
= | = Box.com = | ||
To setup the | To setup the Box.com file store you have to install the package "open-xchange-file-storage-boxcom". | ||
== Registering your app == | |||
* Sign in to [https://developers.box.com/ box Developers] | |||
* Select '''Create a Box Application''' | |||
* Select '''Box Content''' | |||
* Hit '''Configure your application''' | |||
* Enter ''redirect_uri''' (the deferrer URL; e.g. <source enclose="none" lang="java">"https://my.oxsetup.invalid/ajax/defer"</source>) | |||
* Enable ''Read and write all files and folders'' | |||
< | == Configuration == | ||
com.openexchange.oauth.boxcom=true | In addition you have to configure the following properties in file ''/opt/open-xchange/etc/boxcomoauth.properties'': | ||
com.openexchange.oauth.boxcom.apiKey= | * Enable the OAuth connector | ||
<syntaxhighlight lang="properties"> | |||
com.openexchange.oauth.boxcom.apiSecret= | com.openexchange.oauth.boxcom=true | ||
</syntaxhighlight> | |||
<br> | |||
com.openexchange.oauth.boxcom.redirectUrl= | |||
</ | * Set the API key and secret | ||
You can define them system wide | <syntaxhighlight lang="properties"> | ||
com.openexchange.oauth.boxcom.apiKey=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_KEY | |||
com.openexchange.oauth.boxcom.apiSecret=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_SECRET | |||
</syntaxhighlight> | |||
<br> | |||
* Set the redirect URL | |||
<syntaxhighlight lang="properties"> | |||
com.openexchange.oauth.boxcom.redirectUrl=REPLACE_THIS_WITH_YOUR_BOX_REDIRECT_URL | |||
</syntaxhighlight> | |||
<br> | |||
You can define them system-wide or via the config cascade mechanism. | |||
{{InstallPlugin|pluginname=open-xchange-file-storage-boxcom|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}} | {{InstallPlugin|pluginname=open-xchange-file-storage-boxcom|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}} |
Latest revision as of 04:57, 18 August 2020
Note: you can find updated guides at https://documentation.open-xchange.com/7.10.2/middleware/3rd_party_integrations.html
This page is only for pre 7.10.2 versions.
Common preparations
This page shows how to setup external file stores. For all of these file stores you have to install the package "open-xchange-oauth", which provides the necessary authentication mechanisms.
Moreover your setup is required to be reachable via HTTPS, since the providers expect that a call-back URL to your setup is specified. Such a call-back URL is only accepted if it contains the "https://"
scheme., e.g.:
"https://my.oxsetup.invalid/ajax/defer"
Keep HTTPS protocol
Appsuite:Grizzly#Cluster_setup shows that HTTPS communication is terminated by the Apache balancer in front of the Open-Xchange nodes. To let the Open-Xchange application know about the HTTPS protocol that is used to communicate with the Apache server:
- Either set a special header in the SSL virtual hosts configurations in Apache to forward this information. The de facto standard for this is the
"X-Forwarded-Proto"
header. See Appsuite:Grizzly#X-FORWARDED-PROTO_Header for how to setup that header. - Or force the Open-Xchange application to assume it is reached via SSL through setting property
"com.openexchange.forceHTTPS=true"
in file /opt/open-xchange/etc/server.properties.
Deferrer URL
Open-Xchange application uses the deferrer URL as call-back for some of the providers, which use OAuth v2.0 authentication (such as Google).
If your OX server is reachable only via one host name, you won't have to do anything. If it is reachable by more than one host name, create or open the file /opt/openexchange/etc/deferrer.properties and set the properties therein as such:
com.openexchange.http.deferrer.url=https://mymaindomain.invalid
Dropbox
To setup the Dropbox file store you have to install the package "open-xchange-file-storage-dropbox".
Registering your app
- Log in to your Dropbox account here, and create your Dropbox app here
- There are two options available creating an app, Drops-in App & Dropbox API App. Please select Dropbox API app and enter the name of your app.
- Go to App Console and select your created app. Select settings tab to view the
APP_KEY
(App key) andSECRET_KEY
(App secret) and to configure the redirect URI to your AppSuite platform under the Oauth2 section. All the other fields can keep their default value. - Please ensure the following conditions are met for the redirect URI:
- The redirect URI uses
"https://"
as protocol - The redirect URI follows the pattern:
"https://" + <host-name> + "/ajax/defer"
- E.g.
"https://myappsuite.mydomain.invalid/ajax/defer"
- The redirect URI uses
Configuration
In addition you have to configure the following properties in file /opt/open-xchange/etc/dropboxoauth.properties:
- Enable the OAuth connector to Dropbox OAuth
com.openexchange.oauth.dropbox=true
- Set the API key and secret
com.openexchange.oauth.dropbox.apiKey=REPLACE_THIS_WITH_DROPBOX_APP_KEY
com.openexchange.oauth.dropbox.apiSecret=REPLACE_THIS_WITH_DROPBOX_APP_SECRET
- Set the redirect URL. Please ensure the use the same URL as specified in the Dropbox App:
com.openexchange.oauth.dropbox.redirectUrl=
- Set the product ID of the registered Dropbox app
com.openexchange.oauth.dropbox.productName=
You can define them system-wide or via the config cascade mechanism.
Install on OX App Suite
Debian GNU/Linux 11.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-dropbox
Debian GNU/Linux 12.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-dropbox
Google Drive
To setup the Google Drive file store you have to install the package "open-xchange-file-storage-googledrive".
Registering your app
- Sign in to Google Developers Console using your Google account
- Please follow these instructions to create a new project with a client ID, which is needed to call the sign-in API
- Enable the following APIs for your project
- BigQuery API
- Calendar API
- Contacts API
- Drive API
- Drive SDK
- Gmail API
- Google Cloud SQL
- Google Cloud Storage
- Google Cloud Storage JSON API
- perform Google's site verification
- you can use any method listed by Google in general
- in case our OXaaS offering is used the HTML tag and HTML file methods are not accessible but the DNS based approach is required
- get your app verified by Google to avoid awkward warnings
Configuration
In addition you have to configure the following properties in file /opt/open-xchange/etc/googleoauth.properties:
- Enable the OAuth connector to Google OAuth
com.openexchange.oauth.google=true
- Set the API key and secret, which is Client ID and Client Secret to call the sign-in API (Select your project, select API manager from upper left burger menu, select credentials in left side bar, select Client ID for Web application)
com.openexchange.oauth.google.apiKey=REPLACE_THIS_WITH_YOUR_CLIENT_ID
com.openexchange.oauth.google.apiSecret=REPLACE_THIS_WITH_YOUR_CLIENT_SECRET
- Set the redirect URL. Please ensure the following conditions are met:
- The redirect URL specified in the Google App needs to be the same as the one specified by this property.
- The redirect URI uses
"https://"
as protocol - The redirect URI follows the pattern:
"https://" + <host-name> + "/ajax/defer"
com.openexchange.oauth.google.redirectUrl=
E.g. "https://myappsuite.mydomain.invalid/ajax/defer"
- Set the product ID of the registered Google app
com.openexchange.oauth.google.productName=
You can define them system-wide or via the config cascade mechanism.
Install on OX App Suite
Debian GNU/Linux 11.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-googledrive
Debian GNU/Linux 12.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-googledrive
Microsoft Onedrive
To setup the Microsoft OneDrive file store you have to install the package "open-xchange-file-storage-onedrive".
Registering your app
- register your app on the Azure App registration page
- application ID maps to apiKey in OX properties
- create credentials and copy it to apiSecret
- choose "Web" as platform
- enter the redirect URI/URL, see below
- enter profile data for your application
Configuration
In addition you have to configure the following properties in file /opt/open-xchange/etc/microsoftgraphoauth.properties (before 7.10.x /opt/open-xchange/etc/msliveconntectoauth.properties):
- Enable the OAuth connector
com.openexchange.oauth.microsoft.graph=true
- Set the API key and secret
com.openexchange.oauth.microsoft.graph.apiKey=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_KEY
com.openexchange.oauth.microsoft.graph.apiSecret=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_SECRET
- Set the redirect URL
com.openexchange.oauth.microsoft.graph.redirectUrl=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_REDIRECT_URL
Note: the redirect URL must be the same as defined in the azure app registration, it should be https://<REPLACE_WITH_FQDN>/ajax/defer
You can define them system-wide or via the config cascade mechanism.
Install on OX App Suite
Debian GNU/Linux 11.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-onedrive
Debian GNU/Linux 12.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-onedrive
Box.com
To setup the Box.com file store you have to install the package "open-xchange-file-storage-boxcom".
Registering your app
- Sign in to box Developers
- Select Create a Box Application
- Select Box Content
- Hit Configure your application
- Enter redirect_uri' (the deferrer URL; e.g.
"https://my.oxsetup.invalid/ajax/defer"
) - Enable Read and write all files and folders
Configuration
In addition you have to configure the following properties in file /opt/open-xchange/etc/boxcomoauth.properties:
- Enable the OAuth connector
com.openexchange.oauth.boxcom=true
- Set the API key and secret
com.openexchange.oauth.boxcom.apiKey=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_KEY
com.openexchange.oauth.boxcom.apiSecret=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_SECRET
- Set the redirect URL
com.openexchange.oauth.boxcom.redirectUrl=REPLACE_THIS_WITH_YOUR_BOX_REDIRECT_URL
You can define them system-wide or via the config cascade mechanism.
Install on OX App Suite
Debian GNU/Linux 11.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-boxcom
Debian GNU/Linux 12.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /
and run
$ apt-get update $ apt-get install open-xchange-file-storage-boxcom