2019-12-03 21:57:53 +03:00
< ? php
declare ( strict_types = 1 );
2019-11-25 17:59:55 +03:00
2016-11-08 11:15:02 +03:00
/**
* @ copyright 2016 Christoph Wurst < christoph @ winzerhof - wurst . at >
*
2019-12-03 21:57:53 +03:00
* @ author Christoph Wurst < christoph @ winzerhof - wurst . at >
2020-09-07 15:37:44 +03:00
* @ author Lionel Elie Mamane < lionel @ mamane . lu >
2016-11-08 11:15:02 +03:00
*
* @ license GNU AGPL version 3 or any later version
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation , either version 3 of the
* License , or ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU Affero General Public License for more details .
*
* You should have received a copy of the GNU Affero General Public License
2019-12-03 21:57:53 +03:00
* along with this program . If not , see < http :// www . gnu . org / licenses />.
2016-11-08 11:15:02 +03:00
*
*/
namespace OC\Authentication\LoginCredentials ;
use OC\Authentication\Exceptions\InvalidTokenException ;
use OC\Authentication\Exceptions\PasswordlessTokenException ;
use OC\Authentication\Token\IProvider ;
use OCP\Authentication\Exceptions\CredentialsUnavailableException ;
use OCP\Authentication\LoginCredentials\ICredentials ;
use OCP\Authentication\LoginCredentials\IStore ;
use OCP\ISession ;
use OCP\Session\Exceptions\SessionNotAvailableException ;
2017-01-02 12:04:55 +03:00
use OCP\Util ;
2020-10-12 18:14:25 +03:00
use Psr\Log\LoggerInterface ;
2016-11-08 11:15:02 +03:00
class Store implements IStore {
/** @var ISession */
private $session ;
2020-10-12 18:14:25 +03:00
/** @var LoggerInterface */
2016-11-08 11:15:02 +03:00
private $logger ;
2017-01-02 13:57:05 +03:00
/** @var IProvider|null */
private $tokenProvider ;
2020-10-12 18:14:25 +03:00
public function __construct ( ISession $session ,
LoggerInterface $logger ,
IProvider $tokenProvider = null ) {
2016-11-08 11:15:02 +03:00
$this -> session = $session ;
$this -> logger = $logger ;
2017-01-02 13:57:05 +03:00
$this -> tokenProvider = $tokenProvider ;
2017-01-02 12:04:55 +03:00
Util :: connectHook ( 'OC_User' , 'post_login' , $this , 'authenticate' );
}
/**
* Hook listener on post login
*
* @ param array $params
*/
public function authenticate ( array $params ) {
$this -> session -> set ( 'login_credentials' , json_encode ( $params ));
2016-11-08 11:15:02 +03:00
}
2016-11-19 18:33:19 +03:00
/**
* Replace the session implementation
*
* @ param ISession $session
*/
public function setSession ( ISession $session ) {
$this -> session = $session ;
}
2016-11-08 11:15:02 +03:00
/**
2016-12-19 13:27:42 +03:00
* @ since 12
2016-11-08 11:15:02 +03:00
*
* @ return ICredentials the login credentials of the current user
* @ throws CredentialsUnavailableException
*/
2019-11-25 17:59:55 +03:00
public function getLoginCredentials () : ICredentials {
if ( $this -> tokenProvider === null ) {
2017-01-02 13:57:05 +03:00
throw new CredentialsUnavailableException ();
}
2017-01-02 12:04:55 +03:00
$trySession = false ;
2016-11-08 11:15:02 +03:00
try {
$sessionId = $this -> session -> getId ();
$token = $this -> tokenProvider -> getToken ( $sessionId );
$uid = $token -> getUID ();
$user = $token -> getLoginName ();
$password = $this -> tokenProvider -> getPassword ( $token , $sessionId );
return new Credentials ( $uid , $user , $password );
} catch ( SessionNotAvailableException $ex ) {
$this -> logger -> debug ( 'could not get login credentials because session is unavailable' , [ 'app' => 'core' ]);
} catch ( InvalidTokenException $ex ) {
$this -> logger -> debug ( 'could not get login credentials because the token is invalid' , [ 'app' => 'core' ]);
2017-01-02 12:04:55 +03:00
$trySession = true ;
2016-11-08 11:15:02 +03:00
} catch ( PasswordlessTokenException $ex ) {
$this -> logger -> debug ( 'could not get login credentials because the token has no password' , [ 'app' => 'core' ]);
2017-01-02 12:04:55 +03:00
$trySession = true ;
}
if ( $trySession && $this -> session -> exists ( 'login_credentials' )) {
2020-09-07 12:21:16 +03:00
/** @var array $creds */
$creds = json_decode ( $this -> session -> get ( 'login_credentials' ), true );
return new Credentials (
$creds [ 'uid' ],
$creds [ 'loginName' ] ? ? $this -> session -> get ( 'loginname' ) ? ? $creds [ 'uid' ], // Pre 20 didn't have a loginName property, hence fall back to the session value and then to the UID
$creds [ 'password' ]
);
2016-11-08 11:15:02 +03:00
}
2017-01-02 12:04:55 +03:00
2016-11-08 11:15:02 +03:00
// If we reach this line, an exception was thrown.
throw new CredentialsUnavailableException ();
}
}