Make the Token Auth code strict
In preparation for #9441 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
497a4facdf
commit
47388e1cfe
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||||
*
|
*
|
||||||
|
@ -28,82 +29,69 @@ use OCP\AppFramework\Db\Entity;
|
||||||
/**
|
/**
|
||||||
* @method void setId(int $id)
|
* @method void setId(int $id)
|
||||||
* @method void setUid(string $uid);
|
* @method void setUid(string $uid);
|
||||||
* @method void setLoginName(string $loginName)
|
* @method void setLoginName(string $loginname)
|
||||||
* @method void setPassword(string $password)
|
* @method void setPassword(string $password)
|
||||||
* @method void setName(string $name)
|
|
||||||
* @method string getName()
|
* @method string getName()
|
||||||
|
* @method void setName(string $name)
|
||||||
* @method void setToken(string $token)
|
* @method void setToken(string $token)
|
||||||
* @method string getToken()
|
* @method string getToken()
|
||||||
* @method void setType(string $type)
|
* @method void setType(int $type)
|
||||||
* @method int getType()
|
* @method int getType()
|
||||||
* @method void setRemember(int $remember)
|
* @method void setRemember(int $remember)
|
||||||
* @method int getRemember()
|
* @method int getRemember()
|
||||||
* @method void setLastActivity(int $lastActivity)
|
* @method void setLastActivity(int $lastactivity)
|
||||||
* @method int getLastActivity()
|
* @method int getLastActivity()
|
||||||
*/
|
*/
|
||||||
class DefaultToken extends Entity implements IToken {
|
class DefaultToken extends Entity implements IToken {
|
||||||
|
|
||||||
/**
|
/** @var string user UID */
|
||||||
* @var string user UID
|
|
||||||
*/
|
|
||||||
protected $uid;
|
protected $uid;
|
||||||
|
|
||||||
/**
|
/** @var string login name used for generating the token */
|
||||||
* @var string login name used for generating the token
|
|
||||||
*/
|
|
||||||
protected $loginName;
|
protected $loginName;
|
||||||
|
|
||||||
/**
|
/** @var string encrypted user password */
|
||||||
* @var string encrypted user password
|
|
||||||
*/
|
|
||||||
protected $password;
|
protected $password;
|
||||||
|
|
||||||
/**
|
/** @var string token name (e.g. browser/OS) */
|
||||||
* @var string token name (e.g. browser/OS)
|
|
||||||
*/
|
|
||||||
protected $name;
|
protected $name;
|
||||||
|
|
||||||
/**
|
/** @var string */
|
||||||
* @var string
|
|
||||||
*/
|
|
||||||
protected $token;
|
protected $token;
|
||||||
|
|
||||||
/**
|
/** @var int */
|
||||||
* @var int
|
|
||||||
*/
|
|
||||||
protected $type;
|
protected $type;
|
||||||
|
|
||||||
/**
|
/** @var int */
|
||||||
* @var int
|
|
||||||
*/
|
|
||||||
protected $remember;
|
protected $remember;
|
||||||
|
|
||||||
/**
|
/** @var int */
|
||||||
* @var int
|
|
||||||
*/
|
|
||||||
protected $lastActivity;
|
protected $lastActivity;
|
||||||
|
|
||||||
/**
|
/** @var int */
|
||||||
* @var int
|
|
||||||
*/
|
|
||||||
protected $lastCheck;
|
protected $lastCheck;
|
||||||
|
|
||||||
/**
|
/** @var string */
|
||||||
* @var string
|
|
||||||
*/
|
|
||||||
protected $scope;
|
protected $scope;
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
|
$this->addType('uid', 'string');
|
||||||
|
$this->addType('loginName', 'string');
|
||||||
|
$this->addType('password', 'string');
|
||||||
|
$this->addType('name', 'string');
|
||||||
|
$this->addType('token', 'string');
|
||||||
$this->addType('type', 'int');
|
$this->addType('type', 'int');
|
||||||
|
$this->addType('remember', 'int');
|
||||||
$this->addType('lastActivity', 'int');
|
$this->addType('lastActivity', 'int');
|
||||||
$this->addType('lastCheck', 'int');
|
$this->addType('lastCheck', 'int');
|
||||||
|
$this->addType('scope', 'string');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getId() {
|
public function getId(): int {
|
||||||
return $this->id;
|
return $this->id;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getUID() {
|
public function getUID(): string {
|
||||||
return $this->uid;
|
return $this->uid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -112,7 +100,7 @@ class DefaultToken extends Entity implements IToken {
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getLoginName() {
|
public function getLoginName(): string {
|
||||||
return parent::getLoginName();
|
return parent::getLoginName();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -121,7 +109,7 @@ class DefaultToken extends Entity implements IToken {
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getPassword() {
|
public function getPassword(): string {
|
||||||
return parent::getPassword();
|
return parent::getPassword();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -140,7 +128,7 @@ class DefaultToken extends Entity implements IToken {
|
||||||
*
|
*
|
||||||
* @return int
|
* @return int
|
||||||
*/
|
*/
|
||||||
public function getLastCheck() {
|
public function getLastCheck(): int {
|
||||||
return parent::getLastCheck();
|
return parent::getLastCheck();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -148,16 +136,17 @@ class DefaultToken extends Entity implements IToken {
|
||||||
* Get the timestamp of the last password check
|
* Get the timestamp of the last password check
|
||||||
*
|
*
|
||||||
* @param int $time
|
* @param int $time
|
||||||
|
* @return int
|
||||||
*/
|
*/
|
||||||
public function setLastCheck($time) {
|
public function setLastCheck(int $time): int {
|
||||||
return parent::setLastCheck($time);
|
return parent::setLastCheck($time);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getScope() {
|
public function getScope(): string {
|
||||||
return parent::getScope();
|
return parent::getScope();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getScopeAsArray() {
|
public function getScopeAsArray(): array {
|
||||||
$scope = json_decode($this->getScope(), true);
|
$scope = json_decode($this->getScope(), true);
|
||||||
if (!$scope) {
|
if (!$scope) {
|
||||||
return [
|
return [
|
||||||
|
@ -167,11 +156,7 @@ class DefaultToken extends Entity implements IToken {
|
||||||
return $scope;
|
return $scope;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setScope($scope) {
|
public function setScope(array $scope) {
|
||||||
if (is_array($scope)) {
|
parent::setScope(json_encode($scope));
|
||||||
parent::setScope(json_encode($scope));
|
|
||||||
} else {
|
|
||||||
parent::setScope((string)$scope);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||||
*
|
*
|
||||||
|
@ -29,7 +30,6 @@
|
||||||
namespace OC\Authentication\Token;
|
namespace OC\Authentication\Token;
|
||||||
|
|
||||||
use OCP\AppFramework\Db\DoesNotExistException;
|
use OCP\AppFramework\Db\DoesNotExistException;
|
||||||
use OCP\AppFramework\Db\Mapper;
|
|
||||||
use OCP\AppFramework\Db\QBMapper;
|
use OCP\AppFramework\Db\QBMapper;
|
||||||
use OCP\DB\QueryBuilder\IQueryBuilder;
|
use OCP\DB\QueryBuilder\IQueryBuilder;
|
||||||
use OCP\IDBConnection;
|
use OCP\IDBConnection;
|
||||||
|
@ -46,7 +46,7 @@ class DefaultTokenMapper extends QBMapper {
|
||||||
*
|
*
|
||||||
* @param string $token
|
* @param string $token
|
||||||
*/
|
*/
|
||||||
public function invalidate($token) {
|
public function invalidate(string $token) {
|
||||||
/* @var $qb IQueryBuilder */
|
/* @var $qb IQueryBuilder */
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
$qb->delete('authtoken')
|
$qb->delete('authtoken')
|
||||||
|
@ -59,7 +59,7 @@ class DefaultTokenMapper extends QBMapper {
|
||||||
* @param int $olderThan
|
* @param int $olderThan
|
||||||
* @param int $remember
|
* @param int $remember
|
||||||
*/
|
*/
|
||||||
public function invalidateOld($olderThan, $remember = IToken::DO_NOT_REMEMBER) {
|
public function invalidateOld(int $olderThan, int $remember = IToken::DO_NOT_REMEMBER) {
|
||||||
/* @var $qb IQueryBuilder */
|
/* @var $qb IQueryBuilder */
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
$qb->delete('authtoken')
|
$qb->delete('authtoken')
|
||||||
|
@ -76,7 +76,7 @@ class DefaultTokenMapper extends QBMapper {
|
||||||
* @throws DoesNotExistException
|
* @throws DoesNotExistException
|
||||||
* @return DefaultToken
|
* @return DefaultToken
|
||||||
*/
|
*/
|
||||||
public function getToken($token) {
|
public function getToken(string $token): DefaultToken {
|
||||||
/* @var $qb IQueryBuilder */
|
/* @var $qb IQueryBuilder */
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
|
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
|
||||||
|
@ -95,11 +95,11 @@ class DefaultTokenMapper extends QBMapper {
|
||||||
/**
|
/**
|
||||||
* Get the token for $id
|
* Get the token for $id
|
||||||
*
|
*
|
||||||
* @param string $id
|
* @param int $id
|
||||||
* @throws DoesNotExistException
|
* @throws DoesNotExistException
|
||||||
* @return DefaultToken
|
* @return DefaultToken
|
||||||
*/
|
*/
|
||||||
public function getTokenById($id) {
|
public function getTokenById(int $id): DefaultToken {
|
||||||
/* @var $qb IQueryBuilder */
|
/* @var $qb IQueryBuilder */
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope')
|
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope')
|
||||||
|
@ -124,7 +124,7 @@ class DefaultTokenMapper extends QBMapper {
|
||||||
* @param IUser $user
|
* @param IUser $user
|
||||||
* @return DefaultToken[]
|
* @return DefaultToken[]
|
||||||
*/
|
*/
|
||||||
public function getTokenByUser(IUser $user) {
|
public function getTokenByUser(IUser $user): array {
|
||||||
/* @var $qb IQueryBuilder */
|
/* @var $qb IQueryBuilder */
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
$qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
|
$qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
|
||||||
|
@ -146,7 +146,7 @@ class DefaultTokenMapper extends QBMapper {
|
||||||
* @param IUser $user
|
* @param IUser $user
|
||||||
* @param int $id
|
* @param int $id
|
||||||
*/
|
*/
|
||||||
public function deleteById(IUser $user, $id) {
|
public function deleteById(IUser $user, int $id) {
|
||||||
/* @var $qb IQueryBuilder */
|
/* @var $qb IQueryBuilder */
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
$qb->delete('authtoken')
|
$qb->delete('authtoken')
|
||||||
|
@ -160,7 +160,7 @@ class DefaultTokenMapper extends QBMapper {
|
||||||
*
|
*
|
||||||
* @param string $name
|
* @param string $name
|
||||||
*/
|
*/
|
||||||
public function deleteByName($name) {
|
public function deleteByName(string $name) {
|
||||||
$qb = $this->db->getQueryBuilder();
|
$qb = $this->db->getQueryBuilder();
|
||||||
$qb->delete('authtoken')
|
$qb->delete('authtoken')
|
||||||
->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR));
|
->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR));
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||||
* @copyright Copyright (c) 2016, Christoph Wurst <christoph@winzerhof-wurst.at>
|
* @copyright Copyright (c) 2016, Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
@ -85,7 +86,13 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @param int $remember whether the session token should be used for remember-me
|
* @param int $remember whether the session token should be used for remember-me
|
||||||
* @return IToken
|
* @return IToken
|
||||||
*/
|
*/
|
||||||
public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN, $remember = IToken::DO_NOT_REMEMBER) {
|
public function generateToken(string $token,
|
||||||
|
string $uid,
|
||||||
|
string $loginName,
|
||||||
|
$password,
|
||||||
|
string $name,
|
||||||
|
int $type = IToken::TEMPORARY_TOKEN,
|
||||||
|
int $remember = IToken::DO_NOT_REMEMBER): IToken {
|
||||||
$dbToken = new DefaultToken();
|
$dbToken = new DefaultToken();
|
||||||
$dbToken->setUid($uid);
|
$dbToken->setUid($uid);
|
||||||
$dbToken->setLoginName($loginName);
|
$dbToken->setLoginName($loginName);
|
||||||
|
@ -145,7 +152,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @param IUser $user
|
* @param IUser $user
|
||||||
* @return IToken[]
|
* @return IToken[]
|
||||||
*/
|
*/
|
||||||
public function getTokenByUser(IUser $user) {
|
public function getTokenByUser(IUser $user): array {
|
||||||
return $this->mapper->getTokenByUser($user);
|
return $this->mapper->getTokenByUser($user);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -154,9 +161,9 @@ class DefaultTokenProvider implements IProvider {
|
||||||
*
|
*
|
||||||
* @param string $tokenId
|
* @param string $tokenId
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
* @return DefaultToken
|
* @return IToken
|
||||||
*/
|
*/
|
||||||
public function getToken($tokenId) {
|
public function getToken(string $tokenId): IToken {
|
||||||
try {
|
try {
|
||||||
return $this->mapper->getToken($this->hashToken($tokenId));
|
return $this->mapper->getToken($this->hashToken($tokenId));
|
||||||
} catch (DoesNotExistException $ex) {
|
} catch (DoesNotExistException $ex) {
|
||||||
|
@ -169,9 +176,9 @@ class DefaultTokenProvider implements IProvider {
|
||||||
*
|
*
|
||||||
* @param string $tokenId
|
* @param string $tokenId
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
* @return DefaultToken
|
* @return IToken
|
||||||
*/
|
*/
|
||||||
public function getTokenById($tokenId) {
|
public function getTokenById(string $tokenId): IToken {
|
||||||
try {
|
try {
|
||||||
return $this->mapper->getTokenById($tokenId);
|
return $this->mapper->getTokenById($tokenId);
|
||||||
} catch (DoesNotExistException $ex) {
|
} catch (DoesNotExistException $ex) {
|
||||||
|
@ -184,7 +191,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @param string $sessionId
|
* @param string $sessionId
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
*/
|
*/
|
||||||
public function renewSessionToken($oldSessionId, $sessionId) {
|
public function renewSessionToken(string $oldSessionId, string $sessionId) {
|
||||||
$token = $this->getToken($oldSessionId);
|
$token = $this->getToken($oldSessionId);
|
||||||
|
|
||||||
$newToken = new DefaultToken();
|
$newToken = new DefaultToken();
|
||||||
|
@ -210,7 +217,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @throws PasswordlessTokenException
|
* @throws PasswordlessTokenException
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getPassword(IToken $savedToken, $tokenId) {
|
public function getPassword(IToken $savedToken, string $tokenId): string {
|
||||||
$password = $savedToken->getPassword();
|
$password = $savedToken->getPassword();
|
||||||
if (is_null($password)) {
|
if (is_null($password)) {
|
||||||
throw new PasswordlessTokenException();
|
throw new PasswordlessTokenException();
|
||||||
|
@ -226,7 +233,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @param string $password
|
* @param string $password
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
*/
|
*/
|
||||||
public function setPassword(IToken $token, $tokenId, $password) {
|
public function setPassword(IToken $token, string $tokenId, string $password) {
|
||||||
if (!($token instanceof DefaultToken)) {
|
if (!($token instanceof DefaultToken)) {
|
||||||
throw new InvalidTokenException();
|
throw new InvalidTokenException();
|
||||||
}
|
}
|
||||||
|
@ -240,7 +247,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
*
|
*
|
||||||
* @param string $token
|
* @param string $token
|
||||||
*/
|
*/
|
||||||
public function invalidateToken($token) {
|
public function invalidateToken(string $token) {
|
||||||
$this->mapper->invalidate($this->hashToken($token));
|
$this->mapper->invalidate($this->hashToken($token));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -250,7 +257,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @param IUser $user
|
* @param IUser $user
|
||||||
* @param int $id
|
* @param int $id
|
||||||
*/
|
*/
|
||||||
public function invalidateTokenById(IUser $user, $id) {
|
public function invalidateTokenById(IUser $user, int $id) {
|
||||||
$this->mapper->deleteById($user, $id);
|
$this->mapper->deleteById($user, $id);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -270,7 +277,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @param string $token
|
* @param string $token
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
private function hashToken($token) {
|
private function hashToken(string $token) {
|
||||||
$secret = $this->config->getSystemValue('secret');
|
$secret = $this->config->getSystemValue('secret');
|
||||||
return hash('sha512', $token . $secret);
|
return hash('sha512', $token . $secret);
|
||||||
}
|
}
|
||||||
|
@ -284,7 +291,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @param string $token
|
* @param string $token
|
||||||
* @return string encrypted password
|
* @return string encrypted password
|
||||||
*/
|
*/
|
||||||
private function encryptPassword($password, $token) {
|
private function encryptPassword(string $password, string $token): string {
|
||||||
$secret = $this->config->getSystemValue('secret');
|
$secret = $this->config->getSystemValue('secret');
|
||||||
return $this->crypto->encrypt($password, $token . $secret);
|
return $this->crypto->encrypt($password, $token . $secret);
|
||||||
}
|
}
|
||||||
|
@ -299,7 +306,7 @@ class DefaultTokenProvider implements IProvider {
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
* @return string the decrypted key
|
* @return string the decrypted key
|
||||||
*/
|
*/
|
||||||
private function decryptPassword($password, $token) {
|
private function decryptPassword(string $password, string $token): string {
|
||||||
$secret = $this->config->getSystemValue('secret');
|
$secret = $this->config->getSystemValue('secret');
|
||||||
try {
|
try {
|
||||||
return $this->crypto->decrypt($password, $token . $secret);
|
return $this->crypto->decrypt($password, $token . $secret);
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||||
*
|
*
|
||||||
|
@ -44,7 +45,13 @@ interface IProvider {
|
||||||
* @param int $remember whether the session token should be used for remember-me
|
* @param int $remember whether the session token should be used for remember-me
|
||||||
* @return IToken
|
* @return IToken
|
||||||
*/
|
*/
|
||||||
public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN, $remember = IToken::DO_NOT_REMEMBER);
|
public function generateToken(string $token,
|
||||||
|
string $uid,
|
||||||
|
string $loginName,
|
||||||
|
$password,
|
||||||
|
string $name,
|
||||||
|
int $type = IToken::TEMPORARY_TOKEN,
|
||||||
|
int $remember = IToken::DO_NOT_REMEMBER): IToken;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a token by token id
|
* Get a token by token id
|
||||||
|
@ -53,16 +60,16 @@ interface IProvider {
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
* @return IToken
|
* @return IToken
|
||||||
*/
|
*/
|
||||||
public function getToken($tokenId);
|
public function getToken(string $tokenId): IToken;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a token by token id
|
* Get a token by token id
|
||||||
*
|
*
|
||||||
* @param string $tokenId
|
* @param string $tokenId
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
* @return DefaultToken
|
* @return IToken
|
||||||
*/
|
*/
|
||||||
public function getTokenById($tokenId);
|
public function getTokenById(string $tokenId): IToken;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Duplicate an existing session token
|
* Duplicate an existing session token
|
||||||
|
@ -71,14 +78,14 @@ interface IProvider {
|
||||||
* @param string $sessionId
|
* @param string $sessionId
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
*/
|
*/
|
||||||
public function renewSessionToken($oldSessionId, $sessionId);
|
public function renewSessionToken(string $oldSessionId, string $sessionId);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Invalidate (delete) the given session token
|
* Invalidate (delete) the given session token
|
||||||
*
|
*
|
||||||
* @param string $token
|
* @param string $token
|
||||||
*/
|
*/
|
||||||
public function invalidateToken($token);
|
public function invalidateToken(string $token);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Invalidate (delete) the given token
|
* Invalidate (delete) the given token
|
||||||
|
@ -86,7 +93,7 @@ interface IProvider {
|
||||||
* @param IUser $user
|
* @param IUser $user
|
||||||
* @param int $id
|
* @param int $id
|
||||||
*/
|
*/
|
||||||
public function invalidateTokenById(IUser $user, $id);
|
public function invalidateTokenById(IUser $user, int $id);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Invalidate (delete) old session tokens
|
* Invalidate (delete) old session tokens
|
||||||
|
@ -116,7 +123,7 @@ interface IProvider {
|
||||||
* @param IUser $user
|
* @param IUser $user
|
||||||
* @return IToken[]
|
* @return IToken[]
|
||||||
*/
|
*/
|
||||||
public function getTokenByUser(IUser $user);
|
public function getTokenByUser(IUser $user): array;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the (unencrypted) password of the given token
|
* Get the (unencrypted) password of the given token
|
||||||
|
@ -127,7 +134,7 @@ interface IProvider {
|
||||||
* @throws PasswordlessTokenException
|
* @throws PasswordlessTokenException
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getPassword(IToken $token, $tokenId);
|
public function getPassword(IToken $token, string $tokenId): string;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Encrypt and set the password of the given token
|
* Encrypt and set the password of the given token
|
||||||
|
@ -137,5 +144,5 @@ interface IProvider {
|
||||||
* @param string $password
|
* @param string $password
|
||||||
* @throws InvalidTokenException
|
* @throws InvalidTokenException
|
||||||
*/
|
*/
|
||||||
public function setPassword(IToken $token, $tokenId, $password);
|
public function setPassword(IToken $token, string $tokenId, string $password);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||||
*
|
*
|
||||||
|
@ -37,61 +38,65 @@ interface IToken extends JsonSerializable {
|
||||||
*
|
*
|
||||||
* @return int
|
* @return int
|
||||||
*/
|
*/
|
||||||
public function getId();
|
public function getId(): int;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the user UID
|
* Get the user UID
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getUID();
|
public function getUID(): string;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the login name used when generating the token
|
* Get the login name used when generating the token
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getLoginName();
|
public function getLoginName(): string;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the (encrypted) login password
|
* Get the (encrypted) login password
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getPassword();
|
public function getPassword(): string;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the timestamp of the last password check
|
* Get the timestamp of the last password check
|
||||||
*
|
*
|
||||||
* @return int
|
* @return int
|
||||||
*/
|
*/
|
||||||
public function getLastCheck();
|
public function getLastCheck(): int;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the timestamp of the last password check
|
* Set the timestamp of the last password check
|
||||||
*
|
*
|
||||||
* @param int $time
|
* @param int $time
|
||||||
*/
|
*/
|
||||||
public function setLastCheck($time);
|
public function setLastCheck(int $time);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the authentication scope for this token
|
* Get the authentication scope for this token
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getScope();
|
public function getScope(): string;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the authentication scope for this token
|
* Get the authentication scope for this token
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function getScopeAsArray();
|
public function getScopeAsArray(): array;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the authentication scope for this token
|
* Set the authentication scope for this token
|
||||||
*
|
*
|
||||||
* @param array $scope
|
* @param array $scope
|
||||||
*/
|
*/
|
||||||
public function setScope($scope);
|
public function setScope(array $scope);
|
||||||
|
|
||||||
|
public function getName(): string;
|
||||||
|
|
||||||
|
public function getRemember(): int;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue