Harden apptoken check
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
3854e7f8f0
commit
4a2775a442
|
@ -121,6 +121,10 @@ class AuthSettingsController extends Controller {
|
||||||
* @return JSONResponse
|
* @return JSONResponse
|
||||||
*/
|
*/
|
||||||
public function create($name) {
|
public function create($name) {
|
||||||
|
if ($this->checkAppToken()) {
|
||||||
|
return $this->getServiceNotAvailableResponse();
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$sessionId = $this->session->getId();
|
$sessionId = $this->session->getId();
|
||||||
} catch (SessionNotAvailableException $ex) {
|
} catch (SessionNotAvailableException $ex) {
|
||||||
|
@ -181,6 +185,10 @@ class AuthSettingsController extends Controller {
|
||||||
return implode('-', $groups);
|
return implode('-', $groups);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function checkAppToken(): bool {
|
||||||
|
return $this->session->exists('app_password');
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @NoAdminRequired
|
* @NoAdminRequired
|
||||||
* @NoSubAdminRequired
|
* @NoSubAdminRequired
|
||||||
|
@ -189,6 +197,10 @@ class AuthSettingsController extends Controller {
|
||||||
* @return array|JSONResponse
|
* @return array|JSONResponse
|
||||||
*/
|
*/
|
||||||
public function destroy($id) {
|
public function destroy($id) {
|
||||||
|
if ($this->checkAppToken()) {
|
||||||
|
return new JSONResponse([], Http::STATUS_BAD_REQUEST);
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$token = $this->findTokenByIdAndUser($id);
|
$token = $this->findTokenByIdAndUser($id);
|
||||||
} catch (WipeTokenException $e) {
|
} catch (WipeTokenException $e) {
|
||||||
|
@ -213,6 +225,10 @@ class AuthSettingsController extends Controller {
|
||||||
* @return array|JSONResponse
|
* @return array|JSONResponse
|
||||||
*/
|
*/
|
||||||
public function update($id, array $scope, string $name) {
|
public function update($id, array $scope, string $name) {
|
||||||
|
if ($this->checkAppToken()) {
|
||||||
|
return new JSONResponse([], Http::STATUS_BAD_REQUEST);
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$token = $this->findTokenByIdAndUser($id);
|
$token = $this->findTokenByIdAndUser($id);
|
||||||
} catch (InvalidTokenException $e) {
|
} catch (InvalidTokenException $e) {
|
||||||
|
@ -286,6 +302,10 @@ class AuthSettingsController extends Controller {
|
||||||
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
|
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
|
||||||
*/
|
*/
|
||||||
public function wipe(int $id): JSONResponse {
|
public function wipe(int $id): JSONResponse {
|
||||||
|
if ($this->checkAppToken()) {
|
||||||
|
return new JSONResponse([], Http::STATUS_BAD_REQUEST);
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$token = $this->findTokenByIdAndUser($id);
|
$token = $this->findTokenByIdAndUser($id);
|
||||||
} catch (InvalidTokenException $e) {
|
} catch (InvalidTokenException $e) {
|
||||||
|
|
Loading…
Reference in New Issue