Set OAuth token expiration

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2018-05-16 10:35:18 +02:00
parent 46aafe4f11
commit 000cf1951c
No known key found for this signature in database
GPG Key ID: F941078878347C0C
5 changed files with 89 additions and 2 deletions

View File

@ -6,7 +6,7 @@
<licence>agpl</licence>
<author>Lukas Reschke</author>
<namespace>OAuth2</namespace>
<version>1.1.0</version>
<version>1.1.1</version>
<default_enable/>
<types>
<authentication/>
@ -15,6 +15,12 @@
<nextcloud min-version="13" max-version="13" />
</dependencies>
<repair-steps>
<post-migration>
<step>OCA\OAuth2\Migration\SetTokenExpiration</step>
</post-migration>
</repair-steps>
<settings>
<admin>OCA\OAuth2\Settings\Admin</admin>
</settings>

View File

@ -15,5 +15,6 @@ return array(
'OCA\\OAuth2\\Db\\ClientMapper' => $baseDir . '/../lib/Db/ClientMapper.php',
'OCA\\OAuth2\\Exceptions\\AccessTokenNotFoundException' => $baseDir . '/../lib/Exceptions/AccessTokenNotFoundException.php',
'OCA\\OAuth2\\Exceptions\\ClientNotFoundException' => $baseDir . '/../lib/Exceptions/ClientNotFoundException.php',
'OCA\\OAuth2\\Migration\\SetTokenExpiration' => $baseDir . '/../lib/Migration/SetTokenExpiration.php',
'OCA\\OAuth2\\Settings\\Admin' => $baseDir . '/../lib/Settings/Admin.php',
);

View File

@ -27,6 +27,7 @@ class ComposerStaticInitOAuth2
'OCA\\OAuth2\\Db\\ClientMapper' => __DIR__ . '/..' . '/../lib/Db/ClientMapper.php',
'OCA\\OAuth2\\Exceptions\\AccessTokenNotFoundException' => __DIR__ . '/..' . '/../lib/Exceptions/AccessTokenNotFoundException.php',
'OCA\\OAuth2\\Exceptions\\ClientNotFoundException' => __DIR__ . '/..' . '/../lib/Exceptions/ClientNotFoundException.php',
'OCA\\OAuth2\\Migration\\SetTokenExpiration' => __DIR__ . '/..' . '/../lib/Migration/SetTokenExpiration.php',
'OCA\\OAuth2\\Settings\\Admin' => __DIR__ . '/..' . '/../lib/Settings/Admin.php',
);

View File

@ -65,9 +65,11 @@ class OauthApiController extends Controller {
* @NoCSRFRequired
*
* @param string $code
* @param string $client_id
* @param string $client_secret
* @return JSONResponse
*/
public function getToken($code) {
public function getToken($code, $client_id, $client_secret) {
$accessToken = $this->accessTokenMapper->getByCode($code);
$decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code);
$newCode = $this->secureRandom->generate(128);

View File

@ -0,0 +1,77 @@
<?php
/**
* @copyright Copyright 2018, Roeland Jago Douma <roeland@famdouma.nl>
*
* @author Roeland Jago Douma <roeland@famdouma.nl>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\OAuth2\Migration;
use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\IProvider as TokenProvider;
use OCA\OAuth2\Db\AccessToken;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IDBConnection;
use OCP\Migration\IOutput;
use OCP\Migration\IRepairStep;
class SetTokenExpiration implements IRepairStep {
/** @var IDBConnection */
private $connection;
/** @var ITimeFactory */
private $time;
/** @var TokenProvider */
private $tokenProvider;
public function __construct(IDBConnection $connection,
ITimeFactory $timeFactory,
TokenProvider $tokenProvider) {
$this->connection = $connection;
$this->time = $timeFactory;
$this->tokenProvider = $tokenProvider;
}
public function getName() {
return 'Update OAuth token expiration times';
}
public function run(IOutput $output) {
$qb = $this->connection->getQueryBuilder();
$qb->select('*')
->from('oauth2_access_tokens');
$cursor = $qb->execute();
while($row = $cursor->fetch()) {
$token = AccessToken::fromRow($row);
try {
$appToken = $this->tokenProvider->getTokenById($token->getTokenId());
$appToken->setExpires($this->time->getTime() + 3600);
$this->tokenProvider->updateToken($appToken);
} catch (InvalidTokenException $e) {
//Skip this token
}
}
$cursor->closeCursor();
}
}