AppSuite:Filestorages: Difference between revisions

From Open-Xchange
No edit summary
(→‎Microsoft Onedrive: changed azure page link, configuration changed)
 
(5 intermediate revisions by 3 users not shown)
Line 1: Line 1:
'''Note:''' you can find updated guides at [https://documentation.open-xchange.com/7.10.2/middleware/3rd_party_integrations.html https://documentation.open-xchange.com/7.10.2/middleware/3rd_party_integrations.html]
This page is only for pre 7.10.2 versions.
= Common preparations =
= Common preparations =
This page shows how to setup external file stores. For all of these file stores you have to install the package "open-xchange-oauth", which provides the necessary authentication mechanisms.
This page shows how to setup external file stores. For all of these file stores you have to install the package "open-xchange-oauth", which provides the necessary authentication mechanisms.
Line 27: Line 31:
* Log in to your Dropbox account [https://www.dropbox.com/login here], and create your Dropbox app [https://www.dropbox.com/developers/apps/create here]
* Log in to your Dropbox account [https://www.dropbox.com/login here], and create your Dropbox app [https://www.dropbox.com/developers/apps/create here]
* There are two options available creating an app, Drops-in App & Dropbox API App. Please select '''Dropbox API''' app and enter the name of your app.
* There are two options available creating an app, Drops-in App & Dropbox API App. Please select '''Dropbox API''' app and enter the name of your app.
* Go to [https://www.dropbox.com/developers/apps App Console] and select your created app. Select settings tab to view the <source enclose="none" lang="java">APP_KEY</source> (App key) and <source enclose="none" lang="java">SECRET_KEY</source> (App secret)
* Go to [https://www.dropbox.com/developers/apps App Console] and select your created app. Select settings tab to view the <source enclose="none" lang="java">APP_KEY</source> (App key) and <source enclose="none" lang="java">SECRET_KEY</source> (App secret) and to configure the redirect URI to your AppSuite platform under the Oauth2 section. All the other fields can keep their default value.
* Please ensure the following conditions are met for the redirect URI:
** The redirect URI uses <source enclose="none" lang="java">"https://"</source> as protocol
** The redirect URI follows the pattern: <source enclose="none" lang="java">"https://" + <host-name> + "/ajax/defer"</source>
** E.g. <source enclose="none" lang="java">"https://myappsuite.mydomain.invalid/ajax/defer"</source>
<br>


== Configuration ==
== Configuration ==
Line 45: Line 54:
<br>
<br>


* Set the redirect URL. Please ensure the following conditions are met:
* Set the redirect URL. Please ensure the use the same URL as specified in the Dropbox App:
** The redirect URL specified in the Dropbox App needs to be the same as the one specified by this  property.
** The redirect URI uses <source enclose="none" lang="java">"https://"</source> as protocol
** The redirect URI follows the pattern: <source enclose="none" lang="java">"https://" + <host-name> + "/ajax/defer"</source>
<syntaxhighlight lang="properties">
<syntaxhighlight lang="properties">
  com.openexchange.oauth.dropbox.redirectUrl=
  com.openexchange.oauth.dropbox.redirectUrl=
</syntaxhighlight>
</syntaxhighlight>
E.g. <source enclose="none" lang="java">"https://myappsuite.mydomain.invalid/ajax/defer"</source>
<br>
<br>


Line 82: Line 87:
** Google Cloud Storage
** Google Cloud Storage
** Google Cloud Storage JSON API
** Google Cloud Storage JSON API
* perform [https://support.google.com/webmasters/answer/35179 Google's site verification]
** you can use any method listed by Google in general
** in case our OXaaS offering is used the HTML tag and HTML file methods are not accessible but the DNS based approach is required
* [[AppSuite:GoogleAppVerification|get your app verified by Google]] to avoid awkward warnings
* [[AppSuite:GoogleAppVerification|get your app verified by Google]] to avoid awkward warnings


Line 121: Line 129:


= Microsoft Onedrive =
= Microsoft Onedrive =
To setup the Microsoft OneDrive file store you have to install the package "open-xchange-file-storage-onedrive".
To setup the Microsoft OneDrive file store you have to install the package "open-xchange-file-storage-onedrive".  


== Registering your app ==
== Registering your app ==
* Please follow [https://msdn.microsoft.com/en-us/library/ff751474.aspx this guide] to create/register your app
* register your app on the [https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade Azure App registration] page
* application ID maps to apiKey in OX properties
* create credentials and copy it to apiSecret
* choose "Web" as platform
* enter the redirect URI/URL, see below
* enter profile data for your application


== Configuration ==
== Configuration ==
In addition you have to configure the following properties in file ''/opt/open-xchange/etc/msliveconntectoauth.properties'':
In addition you have to configure the following properties in file ''/opt/open-xchange/etc/microsoftgraphoauth.properties'' (before 7.10.x ''/opt/open-xchange/etc/msliveconntectoauth.properties''):  


* Enable the OAuth connector
* Enable the OAuth connector
<syntaxhighlight lang="properties">
<syntaxhighlight lang="properties">
  com.openexchange.oauth.msliveconnect=true
  com.openexchange.oauth.microsoft.graph=true
</syntaxhighlight>
</syntaxhighlight>
<br>
<br>
Line 137: Line 150:
* Set the API key and secret
* Set the API key and secret
<syntaxhighlight lang="properties">
<syntaxhighlight lang="properties">
  com.openexchange.oauth.msliveconnect.apiKey=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_KEY
  com.openexchange.oauth.microsoft.graph.apiKey=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_KEY
  com.openexchange.oauth.msliveconnect.apiSecret=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_SECRET
  com.openexchange.oauth.microsoft.graph.apiSecret=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_SECRET
</syntaxhighlight>
</syntaxhighlight>
<br>
<br>
Line 144: Line 157:
* Set the redirect URL
* Set the redirect URL
<syntaxhighlight lang="properties">
<syntaxhighlight lang="properties">
  com.openexchange.oauth.msliveconnect.redirectUrl=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_REDIRECT_URL
  com.openexchange.oauth.microsoft.graph.redirectUrl=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_REDIRECT_URL
</syntaxhighlight>
</syntaxhighlight>
<br>
<br>
Note: the redirect URL must be the same as defined in the azure app registration, it should be https://<REPLACE_WITH_FQDN>/ajax/defer


You can define them system-wide or via the config cascade mechanism.
You can define them system-wide or via the config cascade mechanism.

Latest revision as of 04:57, 18 August 2020

Note: you can find updated guides at https://documentation.open-xchange.com/7.10.2/middleware/3rd_party_integrations.html

This page is only for pre 7.10.2 versions.

Common preparations

This page shows how to setup external file stores. For all of these file stores you have to install the package "open-xchange-oauth", which provides the necessary authentication mechanisms.

Moreover your setup is required to be reachable via HTTPS, since the providers expect that a call-back URL to your setup is specified. Such a call-back URL is only accepted if it contains the "https://" scheme., e.g.:

 "https://my.oxsetup.invalid/ajax/defer"

Keep HTTPS protocol

Appsuite:Grizzly#Cluster_setup shows that HTTPS communication is terminated by the Apache balancer in front of the Open-Xchange nodes. To let the Open-Xchange application know about the HTTPS protocol that is used to communicate with the Apache server:

  • Either set a special header in the SSL virtual hosts configurations in Apache to forward this information. The de facto standard for this is the "X-Forwarded-Proto" header. See Appsuite:Grizzly#X-FORWARDED-PROTO_Header for how to setup that header.
  • Or force the Open-Xchange application to assume it is reached via SSL through setting property "com.openexchange.forceHTTPS=true" in file /opt/open-xchange/etc/server.properties.

Deferrer URL

Open-Xchange application uses the deferrer URL as call-back for some of the providers, which use OAuth v2.0 authentication (such as Google).

If your OX server is reachable only via one host name, you won't have to do anything. If it is reachable by more than one host name, create or open the file /opt/openexchange/etc/deferrer.properties and set the properties therein as such:

 com.openexchange.http.deferrer.url=https://mymaindomain.invalid

Dropbox

To setup the Dropbox file store you have to install the package "open-xchange-file-storage-dropbox".

Registering your app

  • Log in to your Dropbox account here, and create your Dropbox app here
  • There are two options available creating an app, Drops-in App & Dropbox API App. Please select Dropbox API app and enter the name of your app.
  • Go to App Console and select your created app. Select settings tab to view the APP_KEY (App key) and SECRET_KEY (App secret) and to configure the redirect URI to your AppSuite platform under the Oauth2 section. All the other fields can keep their default value.
  • Please ensure the following conditions are met for the redirect URI:
    • The redirect URI uses "https://" as protocol
    • The redirect URI follows the pattern: "https://" + <host-name> + "/ajax/defer"
    • E.g. "https://myappsuite.mydomain.invalid/ajax/defer"


Configuration

In addition you have to configure the following properties in file /opt/open-xchange/etc/dropboxoauth.properties:

  • Enable the OAuth connector to Dropbox OAuth
 com.openexchange.oauth.dropbox=true


  • Set the API key and secret
 com.openexchange.oauth.dropbox.apiKey=REPLACE_THIS_WITH_DROPBOX_APP_KEY
 com.openexchange.oauth.dropbox.apiSecret=REPLACE_THIS_WITH_DROPBOX_APP_SECRET


  • Set the redirect URL. Please ensure the use the same URL as specified in the Dropbox App:
 com.openexchange.oauth.dropbox.redirectUrl=


  • Set the product ID of the registered Dropbox app
 com.openexchange.oauth.dropbox.productName=


You can define them system-wide or via the config cascade mechanism.

Install on OX App Suite

Debian GNU/Linux 11.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-dropbox

Debian GNU/Linux 12.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-dropbox


Google Drive

To setup the Google Drive file store you have to install the package "open-xchange-file-storage-googledrive".

Registering your app

  • Sign in to Google Developers Console using your Google account
  • Please follow these instructions to create a new project with a client ID, which is needed to call the sign-in API
  • Enable the following APIs for your project
    • BigQuery API
    • Calendar API
    • Contacts API
    • Drive API
    • Drive SDK
    • Gmail API
    • Google Cloud SQL
    • Google Cloud Storage
    • Google Cloud Storage JSON API
  • perform Google's site verification
    • you can use any method listed by Google in general
    • in case our OXaaS offering is used the HTML tag and HTML file methods are not accessible but the DNS based approach is required
  • get your app verified by Google to avoid awkward warnings

Configuration

In addition you have to configure the following properties in file /opt/open-xchange/etc/googleoauth.properties:

  • Enable the OAuth connector to Google OAuth
 com.openexchange.oauth.google=true


  • Set the API key and secret, which is Client ID and Client Secret to call the sign-in API (Select your project, select API manager from upper left burger menu, select credentials in left side bar, select Client ID for Web application)
 com.openexchange.oauth.google.apiKey=REPLACE_THIS_WITH_YOUR_CLIENT_ID
 com.openexchange.oauth.google.apiSecret=REPLACE_THIS_WITH_YOUR_CLIENT_SECRET


  • Set the redirect URL. Please ensure the following conditions are met:
    • The redirect URL specified in the Google App needs to be the same as the one specified by this property.
    • The redirect URI uses "https://" as protocol
    • The redirect URI follows the pattern: "https://" + <host-name> + "/ajax/defer"
 com.openexchange.oauth.google.redirectUrl=

E.g. "https://myappsuite.mydomain.invalid/ajax/defer"

  • Set the product ID of the registered Google app
 com.openexchange.oauth.google.productName=


You can define them system-wide or via the config cascade mechanism.

Install on OX App Suite

Debian GNU/Linux 11.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-googledrive

Debian GNU/Linux 12.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-googledrive


Microsoft Onedrive

To setup the Microsoft OneDrive file store you have to install the package "open-xchange-file-storage-onedrive".

Registering your app

  • register your app on the Azure App registration page
  • application ID maps to apiKey in OX properties
  • create credentials and copy it to apiSecret
  • choose "Web" as platform
  • enter the redirect URI/URL, see below
  • enter profile data for your application

Configuration

In addition you have to configure the following properties in file /opt/open-xchange/etc/microsoftgraphoauth.properties (before 7.10.x /opt/open-xchange/etc/msliveconntectoauth.properties):

  • Enable the OAuth connector
 com.openexchange.oauth.microsoft.graph=true


  • Set the API key and secret
 com.openexchange.oauth.microsoft.graph.apiKey=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_KEY
 com.openexchange.oauth.microsoft.graph.apiSecret=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_SECRET


  • Set the redirect URL
 com.openexchange.oauth.microsoft.graph.redirectUrl=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_REDIRECT_URL


Note: the redirect URL must be the same as defined in the azure app registration, it should be https://<REPLACE_WITH_FQDN>/ajax/defer

You can define them system-wide or via the config cascade mechanism.

Install on OX App Suite

Debian GNU/Linux 11.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-onedrive

Debian GNU/Linux 12.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-onedrive


Box.com

To setup the Box.com file store you have to install the package "open-xchange-file-storage-boxcom".

Registering your app

  • Sign in to box Developers
  • Select Create a Box Application
  • Select Box Content
  • Hit Configure your application
  • Enter redirect_uri' (the deferrer URL; e.g. "https://my.oxsetup.invalid/ajax/defer")
  • Enable Read and write all files and folders

Configuration

In addition you have to configure the following properties in file /opt/open-xchange/etc/boxcomoauth.properties:

  • Enable the OAuth connector
 com.openexchange.oauth.boxcom=true


  • Set the API key and secret
 com.openexchange.oauth.boxcom.apiKey=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_KEY
 com.openexchange.oauth.boxcom.apiSecret=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_SECRET


  • Set the redirect URL
 com.openexchange.oauth.boxcom.redirectUrl=REPLACE_THIS_WITH_YOUR_BOX_REDIRECT_URL


You can define them system-wide or via the config cascade mechanism.

Install on OX App Suite

Debian GNU/Linux 11.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-boxcom

Debian GNU/Linux 12.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /

and run

$ apt-get update
$ apt-get install open-xchange-file-storage-boxcom