Add controller to generate client tokens
This commit is contained in:
Christoph Wurst
Thomas Müller
parent
3ab922601a
commit
53636c73d6
|
|
@ -32,6 +32,7 @@ use OC\AppFramework\Utility\TimeFactory;
|
|||
use OC\Core\Controller\AvatarController;
|
||||
use OC\Core\Controller\LoginController;
|
||||
use OC\Core\Controller\LostController;
|
||||
use OC\Core\Controller\TokenController;
|
||||
use OC\Core\Controller\UserController;
|
||||
use OC_Defaults;
|
||||
use OCP\AppFramework\App;
|
||||
|
|
@ -103,6 +104,15 @@ class Application extends App {
|
|||
$c->query('URLGenerator')
|
||||
);
|
||||
});
|
||||
$container->registerService('TokenController', function(SimpleContainer $c) {
|
||||
return new TokenController(
|
||||
$c->query('AppName'),
|
||||
$c->query('Request'),
|
||||
$c->query('UserManager'),
|
||||
$c->query('OC\Authentication\Token\DefaultTokenProvider'),
|
||||
$c->query('SecureRandom')
|
||||
);
|
||||
});
|
||||
|
||||
/**
|
||||
* Core class wrappers
|
||||
|
|
|
|||
|
|
@ -0,0 +1,82 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@owncloud.com>
|
||||
*
|
||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||
* @license AGPL-3.0
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OC\Core\Controller;
|
||||
|
||||
use OC\AppFramework\Http;
|
||||
use OC\Authentication\Token\DefaultTokenProvider;
|
||||
use OC\User\Manager;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\IRequest;
|
||||
use OCP\Security\ISecureRandom;
|
||||
|
||||
class TokenController extends Controller {
|
||||
|
||||
/** @var Manager */
|
||||
private $userManager;
|
||||
|
||||
/** @var DefaultTokenProvider */
|
||||
private $tokenProvider;
|
||||
|
||||
/** @var ISecureRandom */
|
||||
private $secureRandom;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param Manager $userManager
|
||||
* @param DefaultTokenProvider $tokenProvider
|
||||
* @param ISecureRandom $crypto
|
||||
*/
|
||||
public function __construct($appName, IRequest $request, Manager $userManager, DefaultTokenProvider $tokenProvider,
|
||||
ISecureRandom $crypto) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->userManager = $userManager;
|
||||
$this->tokenProvider = $tokenProvider;
|
||||
$this->secureRandom = $crypto;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a new access token clients can authenticate with
|
||||
*
|
||||
* @PublicPage
|
||||
* @NoCSRFRequired
|
||||
*
|
||||
* @param string $user
|
||||
* @param string $password
|
||||
*/
|
||||
public function generateToken($user, $password, $name = 'unknown client') {
|
||||
if (is_null($user) || is_null($password)) {
|
||||
return new Response([], Http::STATUS_UNPROCESSABLE_ENTITY);
|
||||
}
|
||||
if ($this->userManager->checkPassword($user, $password) === false) {
|
||||
return new Response([], Http::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
$token = $this->secureRandom->generate(128);
|
||||
$this->tokenProvider->generateToken($token, $user, $password, $name);
|
||||
return [
|
||||
'token' => $token,
|
||||
];
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -45,6 +45,7 @@ $application->registerRoutes($this, [
|
|||
['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
|
||||
['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
|
||||
['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
|
||||
['name' => 'token#generateToken', 'url' => '/token/generate', 'verb' => 'POST'],
|
||||
],
|
||||
]);
|
||||
|
||||
|
|
|
|||
|
|
@ -353,7 +353,7 @@ class Session implements IUserSession, Emitter {
|
|||
// User does not exist
|
||||
return false;
|
||||
}
|
||||
$name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown device';
|
||||
$name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown browser';
|
||||
// TODO: use ISession::getId(), https://github.com/owncloud/core/pull/24229
|
||||
$sessionId = session_id();
|
||||
$token = $this->tokenProvider->generateToken($sessionId, $uid, $password, $name);
|
||||
|
|
|
|||
Loading…
Reference in New Issue