Allow clients to delete their own apptoken
Fixes #15480 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
e625164e85
commit
2dcb4cfbd6
|
@ -24,6 +24,7 @@ declare(strict_types=1);
|
||||||
|
|
||||||
namespace OC\Core\Controller;
|
namespace OC\Core\Controller;
|
||||||
|
|
||||||
|
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||||
use OC\Authentication\Token\IProvider;
|
use OC\Authentication\Token\IProvider;
|
||||||
use OC\Authentication\Token\IToken;
|
use OC\Authentication\Token\IToken;
|
||||||
use OCP\AppFramework\Http\DataResponse;
|
use OCP\AppFramework\Http\DataResponse;
|
||||||
|
@ -115,4 +116,26 @@ class AppPasswordController extends \OCP\AppFramework\OCSController {
|
||||||
'apppassword' => $token
|
'apppassword' => $token
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @NoAdminRequired
|
||||||
|
*
|
||||||
|
* @return DataResponse
|
||||||
|
*/
|
||||||
|
public function deleteAppPassword() {
|
||||||
|
if (!$this->session->exists('app_password')) {
|
||||||
|
throw new OCSForbiddenException('no app password in use');
|
||||||
|
}
|
||||||
|
|
||||||
|
$appPassword = $this->session->get('app_password');
|
||||||
|
|
||||||
|
try {
|
||||||
|
$token = $this->tokenProvider->getToken($appPassword);
|
||||||
|
} catch (InvalidTokenException $e) {
|
||||||
|
throw new OCSForbiddenException('could not remove apptoken');
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId());
|
||||||
|
return new DataResponse();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -102,6 +102,7 @@ $application->registerRoutes($this, [
|
||||||
['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'],
|
['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'],
|
||||||
['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'],
|
['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'],
|
||||||
['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'],
|
['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'],
|
||||||
|
['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'],
|
||||||
|
|
||||||
['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'],
|
['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'],
|
||||||
['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'],
|
['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'],
|
||||||
|
|
|
@ -24,9 +24,11 @@ declare(strict_types=1);
|
||||||
|
|
||||||
namespace Tests\Core\Controller;
|
namespace Tests\Core\Controller;
|
||||||
|
|
||||||
|
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||||
use OC\Authentication\Token\IProvider;
|
use OC\Authentication\Token\IProvider;
|
||||||
use OC\Authentication\Token\IToken;
|
use OC\Authentication\Token\IToken;
|
||||||
use OC\Core\Controller\AppPasswordController;
|
use OC\Core\Controller\AppPasswordController;
|
||||||
|
use OCP\AppFramework\Http\DataResponse;
|
||||||
use OCP\AppFramework\OCS\OCSForbiddenException;
|
use OCP\AppFramework\OCS\OCSForbiddenException;
|
||||||
use OCP\Authentication\Exceptions\CredentialsUnavailableException;
|
use OCP\Authentication\Exceptions\CredentialsUnavailableException;
|
||||||
use OCP\Authentication\Exceptions\PasswordUnavailableException;
|
use OCP\Authentication\Exceptions\PasswordUnavailableException;
|
||||||
|
@ -187,5 +189,60 @@ class AppPasswordControllerTest extends TestCase {
|
||||||
$this->controller->getAppPassword();
|
$this->controller->getAppPassword();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testDeleteAppPasswordNoAppPassword() {
|
||||||
|
$this->session->method('exists')
|
||||||
|
->with('app_password')
|
||||||
|
->willReturn(false);
|
||||||
|
|
||||||
|
$this->expectException(OCSForbiddenException::class);
|
||||||
|
|
||||||
|
$this->controller->deleteAppPassword();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testDeleteAppPasswordFails() {
|
||||||
|
$this->session->method('exists')
|
||||||
|
->with('app_password')
|
||||||
|
->willReturn(true);
|
||||||
|
$this->session->method('get')
|
||||||
|
->with('app_password')
|
||||||
|
->willReturn('myAppPassword');
|
||||||
|
|
||||||
|
$this->tokenProvider->method('getToken')
|
||||||
|
->with('myAppPassword')
|
||||||
|
->willThrowException(new InvalidTokenException());
|
||||||
|
|
||||||
|
$this->expectException(OCSForbiddenException::class);
|
||||||
|
|
||||||
|
$this->controller->deleteAppPassword();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testDeleteAppPasswordSuccess() {
|
||||||
|
$this->session->method('exists')
|
||||||
|
->with('app_password')
|
||||||
|
->willReturn(true);
|
||||||
|
$this->session->method('get')
|
||||||
|
->with('app_password')
|
||||||
|
->willReturn('myAppPassword');
|
||||||
|
|
||||||
|
$token = $this->createMock(IToken::class);
|
||||||
|
$this->tokenProvider->method('getToken')
|
||||||
|
->with('myAppPassword')
|
||||||
|
->willReturn($token);
|
||||||
|
|
||||||
|
$token->method('getUID')
|
||||||
|
->willReturn('myUID');
|
||||||
|
$token->method('getId')
|
||||||
|
->willReturn(42);
|
||||||
|
|
||||||
|
$this->tokenProvider->expects($this->once())
|
||||||
|
->method('invalidateTokenById')
|
||||||
|
->with(
|
||||||
|
'myUID',
|
||||||
|
42
|
||||||
|
);
|
||||||
|
|
||||||
|
$result = $this->controller->deleteAppPassword();
|
||||||
|
|
||||||
|
$this->assertEquals(new DataResponse(), $result);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue