From a6dca9e7a0c344f0914ce53982e1c6f926e620ac Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Tue, 8 Nov 2016 09:15:02 +0100 Subject: [PATCH 01/10] add login credential store Signed-off-by: Christoph Wurst --- lib/composer/composer/autoload_classmap.php | 5 + lib/composer/composer/autoload_static.php | 5 + .../DependencyInjection/DIContainer.php | 4 + .../LoginCredentials/Credentials.php | 72 ++++++++++ .../Authentication/LoginCredentials/Store.php | 86 ++++++++++++ lib/private/Server.php | 9 ++ .../CredentialsUnavailableException.php | 34 +++++ .../LoginCredentials/ICredentials.php | 46 +++++++ .../LoginCredentials/IStore.php | 42 ++++++ .../LoginCredentials/CredentialsTest.php | 66 +++++++++ .../LoginCredentials/StoreTest.php | 127 ++++++++++++++++++ 11 files changed, 496 insertions(+) create mode 100644 lib/private/Authentication/LoginCredentials/Credentials.php create mode 100644 lib/private/Authentication/LoginCredentials/Store.php create mode 100644 lib/public/Authentication/Exceptions/CredentialsUnavailableException.php create mode 100644 lib/public/Authentication/LoginCredentials/ICredentials.php create mode 100644 lib/public/Authentication/LoginCredentials/IStore.php create mode 100644 tests/lib/Authentication/LoginCredentials/CredentialsTest.php create mode 100644 tests/lib/Authentication/LoginCredentials/StoreTest.php diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index d0ca4646e5..57b55ea37c 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -54,7 +54,10 @@ return array( 'OCP\\App\\AppPathNotFoundException' => $baseDir . '/lib/public/App/AppPathNotFoundException.php', 'OCP\\App\\IAppManager' => $baseDir . '/lib/public/App/IAppManager.php', 'OCP\\App\\ManagerEvent' => $baseDir . '/lib/public/App/ManagerEvent.php', + 'OCP\\Authentication\\Exceptions\\CredentialsUnavailableException' => $baseDir . '/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php', 'OCP\\Authentication\\IApacheBackend' => $baseDir . '/lib/public/Authentication/IApacheBackend.php', + 'OCP\\Authentication\\LoginCredentials\\ICredentials' => $baseDir . '/lib/public/Authentication/LoginCredentials/ICredentials.php', + 'OCP\\Authentication\\LoginCredentials\\IStore' => $baseDir . '/lib/public/Authentication/LoginCredentials/IStore.php', 'OCP\\Authentication\\TwoFactorAuth\\IProvider' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/IProvider.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php', 'OCP\\AutoloadNotAllowedException' => $baseDir . '/lib/public/AutoloadNotAllowedException.php', @@ -320,6 +323,8 @@ return array( 'OC\\Authentication\\Exceptions\\PasswordlessTokenException' => $baseDir . '/lib/private/Authentication/Exceptions/PasswordlessTokenException.php', 'OC\\Authentication\\Exceptions\\TwoFactorAuthRequiredException' => $baseDir . '/lib/private/Authentication/Exceptions/TwoFactorAuthRequiredException.php', 'OC\\Authentication\\Exceptions\\UserAlreadyLoggedInException' => $baseDir . '/lib/private/Authentication/Exceptions/UserAlreadyLoggedInException.php', + 'OC\\Authentication\\LoginCredentials\\Credentials' => $baseDir . '/lib/private/Authentication/LoginCredentials/Credentials.php', + 'OC\\Authentication\\LoginCredentials\\Store' => $baseDir . '/lib/private/Authentication/LoginCredentials/Store.php', 'OC\\Authentication\\Token\\DefaultToken' => $baseDir . '/lib/private/Authentication/Token/DefaultToken.php', 'OC\\Authentication\\Token\\DefaultTokenCleanupJob' => $baseDir . '/lib/private/Authentication/Token/DefaultTokenCleanupJob.php', 'OC\\Authentication\\Token\\DefaultTokenMapper' => $baseDir . '/lib/private/Authentication/Token/DefaultTokenMapper.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index 6fe9a95c24..f0a7694e85 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -84,7 +84,10 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\App\\AppPathNotFoundException' => __DIR__ . '/../../..' . '/lib/public/App/AppPathNotFoundException.php', 'OCP\\App\\IAppManager' => __DIR__ . '/../../..' . '/lib/public/App/IAppManager.php', 'OCP\\App\\ManagerEvent' => __DIR__ . '/../../..' . '/lib/public/App/ManagerEvent.php', + 'OCP\\Authentication\\Exceptions\\CredentialsUnavailableException' => __DIR__ . '/../../..' . '/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php', 'OCP\\Authentication\\IApacheBackend' => __DIR__ . '/../../..' . '/lib/public/Authentication/IApacheBackend.php', + 'OCP\\Authentication\\LoginCredentials\\ICredentials' => __DIR__ . '/../../..' . '/lib/public/Authentication/LoginCredentials/ICredentials.php', + 'OCP\\Authentication\\LoginCredentials\\IStore' => __DIR__ . '/../../..' . '/lib/public/Authentication/LoginCredentials/IStore.php', 'OCP\\Authentication\\TwoFactorAuth\\IProvider' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/IProvider.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php', 'OCP\\AutoloadNotAllowedException' => __DIR__ . '/../../..' . '/lib/public/AutoloadNotAllowedException.php', @@ -350,6 +353,8 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Authentication\\Exceptions\\PasswordlessTokenException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/PasswordlessTokenException.php', 'OC\\Authentication\\Exceptions\\TwoFactorAuthRequiredException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/TwoFactorAuthRequiredException.php', 'OC\\Authentication\\Exceptions\\UserAlreadyLoggedInException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/UserAlreadyLoggedInException.php', + 'OC\\Authentication\\LoginCredentials\\Credentials' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Credentials.php', + 'OC\\Authentication\\LoginCredentials\\Store' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Store.php', 'OC\\Authentication\\Token\\DefaultToken' => __DIR__ . '/../../..' . '/lib/private/Authentication/Token/DefaultToken.php', 'OC\\Authentication\\Token\\DefaultTokenCleanupJob' => __DIR__ . '/../../..' . '/lib/private/Authentication/Token/DefaultTokenCleanupJob.php', 'OC\\Authentication\\Token\\DefaultTokenMapper' => __DIR__ . '/../../..' . '/lib/private/Authentication/Token/DefaultTokenMapper.php', diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index ac42960f54..c8b5187a0f 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -91,6 +91,10 @@ class DIContainer extends SimpleContainer implements IAppContainer { return new Output($this->getServer()->getWebRoot()); }); + $this->registerService(\OCP\Authentication\LoginCredentials\IStore::class, function() { + return $this->getServer()->query(\OCP\Authentication\LoginCredentials\IStore::class); + }); + $this->registerService('OCP\\IAvatarManager', function($c) { return $this->getServer()->getAvatarManager(); }); diff --git a/lib/private/Authentication/LoginCredentials/Credentials.php b/lib/private/Authentication/LoginCredentials/Credentials.php new file mode 100644 index 0000000000..9314b7489d --- /dev/null +++ b/lib/private/Authentication/LoginCredentials/Credentials.php @@ -0,0 +1,72 @@ + + * + * @author 2016 Christoph Wurst + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Authentication\LoginCredentials; + +use OCP\Authentication\LoginCredentials\ICredentials; + +class Credentials implements ICredentials { + + /** @var string */ + private $uid; + + /** @var string */ + private $loginName; + + /** @var string */ + private $password; + + /** + * @param string $uid + * @param string $loginName + * @param string $password + */ + public function __construct($uid, $loginName, $password) { + $this->uid = $uid; + $this->loginName = $loginName; + $this->password = $password; + } + + /** + * @return string + */ + public function getUID() { + return $this->uid; + } + + /** + * @return string + */ + public function getLoginName() { + return $this->loginName; + } + + /** + * @return string + */ + public function getPassword() { + return $this->password; + } + +} diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php new file mode 100644 index 0000000000..ea4c9fdd0c --- /dev/null +++ b/lib/private/Authentication/LoginCredentials/Store.php @@ -0,0 +1,86 @@ + + * + * @author 2016 Christoph Wurst + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Authentication\LoginCredentials; + +use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Exceptions\PasswordlessTokenException; +use OC\Authentication\Token\IProvider; +use OCP\Authentication\Exceptions\CredentialsUnavailableException; +use OCP\Authentication\LoginCredentials\ICredentials; +use OCP\Authentication\LoginCredentials\IStore; +use OCP\ILogger; +use OCP\ISession; +use OCP\Session\Exceptions\SessionNotAvailableException; + +class Store implements IStore { + + /** @var ISession */ + private $session; + + /** @var IProvider */ + private $tokenProvider; + + /** @var ILogger */ + private $logger; + + /** + * @param ISession $session + * @param IProvider $tokenProvider + * @param ILogger $logger + */ + public function __construct(ISession $session, IProvider $tokenProvider, ILogger $logger) { + $this->session = $session; + $this->tokenProvider = $tokenProvider; + $this->logger = $logger; + } + + /** + * @since 9.2 + * + * @return ICredentials the login credentials of the current user + * @throws CredentialsUnavailableException + */ + public function getLoginCredentials() { + try { + $sessionId = $this->session->getId(); + $token = $this->tokenProvider->getToken($sessionId); + + $uid = $token->getUID(); + $user = $token->getLoginName(); + $password = $this->tokenProvider->getPassword($token, $sessionId); + + return new Credentials($uid, $user, $password); + } catch (SessionNotAvailableException $ex) { + $this->logger->debug('could not get login credentials because session is unavailable', ['app' => 'core']); + } catch (InvalidTokenException $ex) { + $this->logger->debug('could not get login credentials because the token is invalid', ['app' => 'core']); + } catch (PasswordlessTokenException $ex) { + $this->logger->debug('could not get login credentials because the token has no password', ['app' => 'core']); + } + // If we reach this line, an exception was thrown. + throw new CredentialsUnavailableException(); + } + +} diff --git a/lib/private/Server.php b/lib/private/Server.php index d88a687bbc..7c2d00e283 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -46,6 +46,7 @@ use OC\App\AppStore\Fetcher\AppFetcher; use OC\App\AppStore\Fetcher\CategoryFetcher; use OC\AppFramework\Http\Request; use OC\AppFramework\Utility\TimeFactory; +use OC\Authentication\LoginCredentials\Store; use OC\Command\AsyncBus; use OC\Diagnostics\EventLogger; use OC\Diagnostics\NullEventLogger; @@ -89,6 +90,7 @@ use OC\Security\TrustedDomainHelper; use OC\Session\CryptoWrapper; use OC\Tagging\TagMapper; use OCA\Theming\ThemingDefaults; +use OCP\Authentication\LoginCredentials\IStore; use OCP\IL10N; use OCP\IServerContainer; use OCP\RichObjectStrings\IValidator; @@ -246,6 +248,13 @@ class Server extends ServerContainer implements IServerContainer { }); return $groupManager; }); + $this->registerService(Store::class, function(Server $c) { + $session = $c->getSession(); + $tokenProvider = $c->query('OC\Authentication\Token\DefaultTokenProvider'); + $logger = $c->getLogger(); + return new Store($session, $tokenProvider, $logger); + }); + $this->registerAlias(IStore::class, Store::class); $this->registerService('OC\Authentication\Token\DefaultTokenMapper', function (Server $c) { $dbConnection = $c->getDatabaseConnection(); return new Authentication\Token\DefaultTokenMapper($dbConnection); diff --git a/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php b/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php new file mode 100644 index 0000000000..44ae8d37ff --- /dev/null +++ b/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php @@ -0,0 +1,34 @@ + + * + * @author 2016 Christoph Wurst + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCP\Authentication\Exceptions; + +use Exception; + +/** + * @since 9.2 + */ +class CredentialsUnavailableException extends Exception { + +} diff --git a/lib/public/Authentication/LoginCredentials/ICredentials.php b/lib/public/Authentication/LoginCredentials/ICredentials.php new file mode 100644 index 0000000000..97c88dda5d --- /dev/null +++ b/lib/public/Authentication/LoginCredentials/ICredentials.php @@ -0,0 +1,46 @@ + + * + * @author 2016 Christoph Wurst + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCP\Authentication\LoginCredentials; + +/** + * @since 9.2 + */ +interface ICredentials { + + /** + * @return string + */ + public function getUID(); + + /** + * @return string + */ + public function getLoginName(); + + /** + * @return string + */ + public function getPassword(); +} diff --git a/lib/public/Authentication/LoginCredentials/IStore.php b/lib/public/Authentication/LoginCredentials/IStore.php new file mode 100644 index 0000000000..a35e9214e7 --- /dev/null +++ b/lib/public/Authentication/LoginCredentials/IStore.php @@ -0,0 +1,42 @@ + + * + * @author 2016 Christoph Wurst + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCP\Authentication\LoginCredentials; + +use OCP\Authentication\Exceptions\CredentialsUnavailableException; + +/** + * @since 9.2 + */ +interface IStore { + + /** + * @since 9.2 + * + * @throws CredentialsUnavailableException + * @return ICredentials the login credentials of the current user + */ + public function getLoginCredentials(); + +} diff --git a/tests/lib/Authentication/LoginCredentials/CredentialsTest.php b/tests/lib/Authentication/LoginCredentials/CredentialsTest.php new file mode 100644 index 0000000000..308ccafb15 --- /dev/null +++ b/tests/lib/Authentication/LoginCredentials/CredentialsTest.php @@ -0,0 +1,66 @@ + + * + * @author 2016 Christoph Wurst + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace Test\Authentication\LoginCredentials; + +use OC\Authentication\LoginCredentials\Credentials; +use Test\TestCase; + +class CredentialsTest extends TestCase { + + /** @var string */ + private $uid; + + /** @var string */ + private $user; + + /** @var string */ + private $password; + + /** @var Credentials */ + private $credentials; + + protected function setUp() { + parent::setUp(); + + $this->uid = 'user123'; + $this->user = 'User123'; + $this->password = '123456'; + + $this->credentials = new Credentials($this->uid, $this->user, $this->password); + } + + public function testGetUID() { + $this->assertEquals($this->uid, $this->credentials->getUID()); + } + + public function testGetUserName() { + $this->assertEquals($this->user, $this->credentials->getLoginName()); + } + + public function testGetPassword() { + $this->assertEquals($this->password, $this->credentials->getPassword()); + } + +} diff --git a/tests/lib/Authentication/LoginCredentials/StoreTest.php b/tests/lib/Authentication/LoginCredentials/StoreTest.php new file mode 100644 index 0000000000..d60add6713 --- /dev/null +++ b/tests/lib/Authentication/LoginCredentials/StoreTest.php @@ -0,0 +1,127 @@ + + * + * @author 2016 Christoph Wurst + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace Test\Authentication\LoginCredentials; + +use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Exceptions\PasswordlessTokenException; +use OC\Authentication\LoginCredentials\Credentials; +use OC\Authentication\LoginCredentials\Store; +use OC\Authentication\Token\IProvider; +use OC\Authentication\Token\IToken; +use OCP\Authentication\Exceptions\CredentialsUnavailableException; +use OCP\ILogger; +use OCP\ISession; +use OCP\Session\Exceptions\SessionNotAvailableException; +use Test\TestCase; + +class StoreTest extends TestCase { + + /** @var ISession|PHPUnit_Framework_MockObject_MockObject */ + private $session; + + /** @var IProvider|PHPUnit_Framework_MockObject_MockObject */ + private $tokenProvider; + + /** @var ILogger|PHPUnit_Framework_MockObject_MockObject */ + private $logger; + + /** @var Store */ + private $store; + + protected function setUp() { + parent::setUp(); + + $this->session = $this->createMock(ISession::class); + $this->tokenProvider = $this->createMock(IProvider::class); + $this->logger = $this->createMock(ILogger::class); + + $this->store = new Store($this->session, $this->tokenProvider, $this->logger); + } + + public function testGetLoginCredentials() { + $uid = 'uid'; + $user = 'user123'; + $password = 'passme'; + $token = $this->createMock(IToken::class); + $this->session->expects($this->once()) + ->method('getId') + ->will($this->returnValue('sess2233')); + $this->tokenProvider->expects($this->once()) + ->method('getToken') + ->with('sess2233') + ->will($this->returnValue($token)); + $token->expects($this->once()) + ->method('getUID') + ->will($this->returnValue($uid)); + $token->expects($this->once()) + ->method('getLoginName') + ->will($this->returnValue($user)); + $this->tokenProvider->expects($this->once()) + ->method('getPassword') + ->with($token, 'sess2233') + ->will($this->returnValue($password)); + $expected = new Credentials($uid, $user, $password); + + $creds = $this->store->getLoginCredentials(); + + $this->assertEquals($expected, $creds); + } + + public function testGetLoginCredentialsSessionNotAvailable() { + $this->session->expects($this->once()) + ->method('getId') + ->will($this->throwException(new SessionNotAvailableException())); + $this->expectException(CredentialsUnavailableException::class); + + $this->store->getLoginCredentials(); + } + + public function testGetLoginCredentialsInvalidToken() { + $this->session->expects($this->once()) + ->method('getId') + ->will($this->returnValue('sess2233')); + $this->tokenProvider->expects($this->once()) + ->method('getToken') + ->with('sess2233') + ->will($this->throwException(new InvalidTokenException())); + $this->expectException(CredentialsUnavailableException::class); + + $this->store->getLoginCredentials(); + } + + public function testGetLoginCredentialsPasswordlessToken() { + $this->session->expects($this->once()) + ->method('getId') + ->will($this->returnValue('sess2233')); + $this->tokenProvider->expects($this->once()) + ->method('getToken') + ->with('sess2233') + ->will($this->throwException(new PasswordlessTokenException())); + $this->expectException(CredentialsUnavailableException::class); + + $this->store->getLoginCredentials(); + } + +} From 730442cd8fbe305b0b136bb7a5251a39d24af0c9 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Tue, 8 Nov 2016 11:59:09 +0100 Subject: [PATCH 02/10] add @since annotations and document methods Signed-off-by: Christoph Wurst --- .../Authentication/LoginCredentials/ICredentials.php | 12 ++++++++++++ .../Authentication/LoginCredentials/IStore.php | 2 ++ 2 files changed, 14 insertions(+) diff --git a/lib/public/Authentication/LoginCredentials/ICredentials.php b/lib/public/Authentication/LoginCredentials/ICredentials.php index 97c88dda5d..46c6f26701 100644 --- a/lib/public/Authentication/LoginCredentials/ICredentials.php +++ b/lib/public/Authentication/LoginCredentials/ICredentials.php @@ -30,16 +30,28 @@ namespace OCP\Authentication\LoginCredentials; interface ICredentials { /** + * Get the user UID + * + * @since 9.2 + * * @return string */ public function getUID(); /** + * Get the login name the users used to login + * + * @since 9.2 + * * @return string */ public function getLoginName(); /** + * Get the password + * + * @since 9.2 + * * @return string */ public function getPassword(); diff --git a/lib/public/Authentication/LoginCredentials/IStore.php b/lib/public/Authentication/LoginCredentials/IStore.php index a35e9214e7..549f0e7759 100644 --- a/lib/public/Authentication/LoginCredentials/IStore.php +++ b/lib/public/Authentication/LoginCredentials/IStore.php @@ -32,6 +32,8 @@ use OCP\Authentication\Exceptions\CredentialsUnavailableException; interface IStore { /** + * Get login credentials of the currently logged in user + * * @since 9.2 * * @throws CredentialsUnavailableException From 46adb3eced0386b97540947beb8c305efdc15175 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Sat, 19 Nov 2016 16:33:19 +0100 Subject: [PATCH 03/10] replace session implementation if it changes at runtime Signed-off-by: Christoph Wurst --- lib/private/Authentication/LoginCredentials/Store.php | 9 +++++++++ lib/private/Server.php | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php index ea4c9fdd0c..17749c63b3 100644 --- a/lib/private/Authentication/LoginCredentials/Store.php +++ b/lib/private/Authentication/LoginCredentials/Store.php @@ -56,6 +56,15 @@ class Store implements IStore { $this->logger = $logger; } + /** + * Replace the session implementation + * + * @param ISession $session + */ + public function setSession(ISession $session) { + $this->session = $session; + } + /** * @since 9.2 * diff --git a/lib/private/Server.php b/lib/private/Server.php index 7c2d00e283..45ed9d5e3b 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -1004,7 +1004,8 @@ class Server extends ServerContainer implements IServerContainer { */ public function setSession(\OCP\ISession $session) { $this->query(SessionStorage::class)->setSession($session); - return $this->query('UserSession')->setSession($session); + $this->query('UserSession')->setSession($session); + $this->query(Store::class)->setSession($session); } /** From 3316a9d2940f2fe134bcf4c5fc9193861d23fc90 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Mon, 19 Dec 2016 11:27:42 +0100 Subject: [PATCH 04/10] fix @since annotations (9.1->12) Signed-off-by: Christoph Wurst --- lib/private/Authentication/LoginCredentials/Store.php | 2 +- .../Exceptions/CredentialsUnavailableException.php | 2 +- .../Authentication/LoginCredentials/ICredentials.php | 8 ++++---- lib/public/Authentication/LoginCredentials/IStore.php | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php index 17749c63b3..c2b11c8e34 100644 --- a/lib/private/Authentication/LoginCredentials/Store.php +++ b/lib/private/Authentication/LoginCredentials/Store.php @@ -66,7 +66,7 @@ class Store implements IStore { } /** - * @since 9.2 + * @since 12 * * @return ICredentials the login credentials of the current user * @throws CredentialsUnavailableException diff --git a/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php b/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php index 44ae8d37ff..9f9e38103f 100644 --- a/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php +++ b/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php @@ -27,7 +27,7 @@ namespace OCP\Authentication\Exceptions; use Exception; /** - * @since 9.2 + * @since 12 */ class CredentialsUnavailableException extends Exception { diff --git a/lib/public/Authentication/LoginCredentials/ICredentials.php b/lib/public/Authentication/LoginCredentials/ICredentials.php index 46c6f26701..c5ef957439 100644 --- a/lib/public/Authentication/LoginCredentials/ICredentials.php +++ b/lib/public/Authentication/LoginCredentials/ICredentials.php @@ -25,14 +25,14 @@ namespace OCP\Authentication\LoginCredentials; /** - * @since 9.2 + * @since 12 */ interface ICredentials { /** * Get the user UID * - * @since 9.2 + * @since 12 * * @return string */ @@ -41,7 +41,7 @@ interface ICredentials { /** * Get the login name the users used to login * - * @since 9.2 + * @since 12 * * @return string */ @@ -50,7 +50,7 @@ interface ICredentials { /** * Get the password * - * @since 9.2 + * @since 12 * * @return string */ diff --git a/lib/public/Authentication/LoginCredentials/IStore.php b/lib/public/Authentication/LoginCredentials/IStore.php index 549f0e7759..4787b16d98 100644 --- a/lib/public/Authentication/LoginCredentials/IStore.php +++ b/lib/public/Authentication/LoginCredentials/IStore.php @@ -27,14 +27,14 @@ namespace OCP\Authentication\LoginCredentials; use OCP\Authentication\Exceptions\CredentialsUnavailableException; /** - * @since 9.2 + * @since 12 */ interface IStore { /** * Get login credentials of the currently logged in user * - * @since 9.2 + * @since 12 * * @throws CredentialsUnavailableException * @return ICredentials the login credentials of the current user From e4abb9cb6e6b87dcd5c248aefee393c952d257f5 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Mon, 19 Dec 2016 11:42:57 +0100 Subject: [PATCH 05/10] migrate 'password::sessioncredentials' extern storage auth to credential store Signed-off-by: Christoph Wurst --- .../Lib/Auth/Password/SessionCredentials.php | 56 ++++++++----------- 1 file changed, 24 insertions(+), 32 deletions(-) diff --git a/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php b/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php index 2fa939764d..196be05e52 100644 --- a/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php +++ b/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php @@ -1,4 +1,5 @@ session = $session; $this->crypto = $crypto; + $this->credentialsStore = $credentialsStore; - $this - ->setIdentifier('password::sessioncredentials') + $this->setIdentifier('password::sessioncredentials') ->setScheme(self::SCHEME_PASSWORD) ->setText($l->t('Log-in credentials, save in session')) - ->addParameters([ - ]) - ; - - \OCP\Util::connectHook('OC_User', 'post_login', $this, 'authenticate'); - } - - /** - * Hook listener on post login - * - * @param array $params - */ - public function authenticate(array $params) { - $this->session->set('password::sessioncredentials/credentials', $this->crypto->encrypt(json_encode($params))); + ->addParameters([]); } public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) { - $encrypted = $this->session->get('password::sessioncredentials/credentials'); - if (!isset($encrypted)) { + try { + $credentials = $this->credentialsStore->getLoginCredentials(); + } catch (CredentialsUnavailableException $e) { throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved'); } - $credentials = json_decode($this->crypto->decrypt($encrypted), true); - $storage->setBackendOption('user', $this->session->get('loginname')); - $storage->setBackendOption('password', $credentials['password']); + $storage->setBackendOption('user', $credentials->getLoginName()); + $storage->setBackendOption('password', $credentials->getPassword()); } public function wrapStorage(Storage $storage) { From 6f74ecd94a65485f9cd09434845f3c62e66fb9e5 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Mon, 2 Jan 2017 10:04:55 +0100 Subject: [PATCH 06/10] use login hook credentials as fallback If no session token is available, we can use the credentials provided by the login hook. Signed-off-by: Christoph Wurst --- .../Lib/Auth/Password/SessionCredentials.php | 12 +--- .../Authentication/LoginCredentials/Store.php | 21 +++++++ .../LoginCredentials/StoreTest.php | 63 ++++++++++++++++--- 3 files changed, 77 insertions(+), 19 deletions(-) diff --git a/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php b/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php index 196be05e52..30644206c2 100644 --- a/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php +++ b/apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php @@ -32,27 +32,17 @@ use OCP\Authentication\Exceptions\CredentialsUnavailableException; use OCP\Authentication\LoginCredentials\IStore as CredentialsStore; use OCP\Files\Storage; use OCP\IL10N; -use OCP\ISession; use OCP\IUser; -use OCP\Security\ICrypto; /** * Username and password from login credentials, saved in session */ class SessionCredentials extends AuthMechanism { - /** @var ISession */ - protected $session; - - /** @var ICrypto */ - protected $crypto; - /** @var CredentialsStore */ private $credentialsStore; - public function __construct(IL10N $l, ISession $session, ICrypto $crypto, CredentialsStore $credentialsStore) { - $this->session = $session; - $this->crypto = $crypto; + public function __construct(IL10N $l, CredentialsStore $credentialsStore) { $this->credentialsStore = $credentialsStore; $this->setIdentifier('password::sessioncredentials') diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php index c2b11c8e34..c50b7246f6 100644 --- a/lib/private/Authentication/LoginCredentials/Store.php +++ b/lib/private/Authentication/LoginCredentials/Store.php @@ -33,6 +33,7 @@ use OCP\Authentication\LoginCredentials\IStore; use OCP\ILogger; use OCP\ISession; use OCP\Session\Exceptions\SessionNotAvailableException; +use OCP\Util; class Store implements IStore { @@ -54,6 +55,17 @@ class Store implements IStore { $this->session = $session; $this->tokenProvider = $tokenProvider; $this->logger = $logger; + + Util::connectHook('OC_User', 'post_login', $this, 'authenticate'); + } + + /** + * Hook listener on post login + * + * @param array $params + */ + public function authenticate(array $params) { + $this->session->set('login_credentials', json_encode($params)); } /** @@ -72,6 +84,7 @@ class Store implements IStore { * @throws CredentialsUnavailableException */ public function getLoginCredentials() { + $trySession = false; try { $sessionId = $this->session->getId(); $token = $this->tokenProvider->getToken($sessionId); @@ -85,9 +98,17 @@ class Store implements IStore { $this->logger->debug('could not get login credentials because session is unavailable', ['app' => 'core']); } catch (InvalidTokenException $ex) { $this->logger->debug('could not get login credentials because the token is invalid', ['app' => 'core']); + $trySession = true; } catch (PasswordlessTokenException $ex) { $this->logger->debug('could not get login credentials because the token has no password', ['app' => 'core']); + $trySession = true; } + + if ($trySession && $this->session->exists('login_credentials')) { + $creds = json_decode($this->session->get('login_credentials')); + return new Credentials($creds->uid, $creds->uid, $creds->password); + } + // If we reach this line, an exception was thrown. throw new CredentialsUnavailableException(); } diff --git a/tests/lib/Authentication/LoginCredentials/StoreTest.php b/tests/lib/Authentication/LoginCredentials/StoreTest.php index d60add6713..56277fd0f3 100644 --- a/tests/lib/Authentication/LoginCredentials/StoreTest.php +++ b/tests/lib/Authentication/LoginCredentials/StoreTest.php @@ -34,6 +34,7 @@ use OCP\Authentication\Exceptions\CredentialsUnavailableException; use OCP\ILogger; use OCP\ISession; use OCP\Session\Exceptions\SessionNotAvailableException; +use PHPUnit_Framework_MockObject_MockObject; use Test\TestCase; class StoreTest extends TestCase { @@ -60,6 +61,26 @@ class StoreTest extends TestCase { $this->store = new Store($this->session, $this->tokenProvider, $this->logger); } + public function testAuthenticate() { + $params = [ + 'run' => true, + 'uid' => 'user123', + 'password' => 123456, + ]; + + $this->session->expects($this->once()) + ->method('set') + ->with($this->equalTo('login_credentials'), $this->equalTo(json_encode($params))); + + $this->store->authenticate($params); + } + + public function testSetSession() { + $session = $this->createMock(ISession::class); + + $this->store->setSession($session); + } + public function testGetLoginCredentials() { $uid = 'uid'; $user = 'user123'; @@ -67,21 +88,21 @@ class StoreTest extends TestCase { $token = $this->createMock(IToken::class); $this->session->expects($this->once()) ->method('getId') - ->will($this->returnValue('sess2233')); + ->willReturn('sess2233'); $this->tokenProvider->expects($this->once()) ->method('getToken') ->with('sess2233') - ->will($this->returnValue($token)); + ->willReturn($token); $token->expects($this->once()) ->method('getUID') - ->will($this->returnValue($uid)); + ->willReturn($uid); $token->expects($this->once()) ->method('getLoginName') - ->will($this->returnValue($user)); + ->willReturn($user); $this->tokenProvider->expects($this->once()) ->method('getPassword') ->with($token, 'sess2233') - ->will($this->returnValue($password)); + ->willReturn($password); $expected = new Credentials($uid, $user, $password); $creds = $this->store->getLoginCredentials(); @@ -101,7 +122,7 @@ class StoreTest extends TestCase { public function testGetLoginCredentialsInvalidToken() { $this->session->expects($this->once()) ->method('getId') - ->will($this->returnValue('sess2233')); + ->willReturn('sess2233'); $this->tokenProvider->expects($this->once()) ->method('getToken') ->with('sess2233') @@ -110,11 +131,37 @@ class StoreTest extends TestCase { $this->store->getLoginCredentials(); } - + + public function testGetLoginCredentialsInvalidTokenLoginCredentials() { + $uid = 'user987'; + $password = '7389374'; + + $this->session->expects($this->once()) + ->method('getId') + ->willReturn('sess2233'); + $this->tokenProvider->expects($this->once()) + ->method('getToken') + ->with('sess2233') + ->will($this->throwException(new InvalidTokenException())); + $this->session->expects($this->once()) + ->method('exists') + ->with($this->equalTo('login_credentials')) + ->willReturn(true); + $this->session->expects($this->once()) + ->method('get') + ->with($this->equalTo('login_credentials')) + ->willReturn('{"run":true,"uid":"user987","password":"7389374"}'); + $expected = new Credentials('user987', 'user987', '7389374'); + + $actual = $this->store->getLoginCredentials(); + + $this->assertEquals($expected, $actual); + } + public function testGetLoginCredentialsPasswordlessToken() { $this->session->expects($this->once()) ->method('getId') - ->will($this->returnValue('sess2233')); + ->willReturn('sess2233'); $this->tokenProvider->expects($this->once()) ->method('getToken') ->with('sess2233') From 21d3fe588396ebb3535a947ee4afd514aa24bd78 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Mon, 2 Jan 2017 11:57:05 +0100 Subject: [PATCH 07/10] do not hard-require the token provider The provider might need DB access and therefore depenedency resolution fails on the setup page where we cannot inject the db implementation. Signed-off-by: Christoph Wurst --- .../Authentication/LoginCredentials/Store.php | 16 ++++++++++------ lib/private/Server.php | 8 ++++++-- .../LoginCredentials/StoreTest.php | 10 +++++++++- 3 files changed, 25 insertions(+), 9 deletions(-) diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php index c50b7246f6..e44c88c7ae 100644 --- a/lib/private/Authentication/LoginCredentials/Store.php +++ b/lib/private/Authentication/LoginCredentials/Store.php @@ -40,21 +40,21 @@ class Store implements IStore { /** @var ISession */ private $session; - /** @var IProvider */ - private $tokenProvider; - /** @var ILogger */ private $logger; + /** @var IProvider|null */ + private $tokenProvider; + /** * @param ISession $session - * @param IProvider $tokenProvider * @param ILogger $logger + * @param IProvider $tokenProvider */ - public function __construct(ISession $session, IProvider $tokenProvider, ILogger $logger) { + public function __construct(ISession $session, ILogger $logger, IProvider $tokenProvider = null) { $this->session = $session; - $this->tokenProvider = $tokenProvider; $this->logger = $logger; + $this->tokenProvider = $tokenProvider; Util::connectHook('OC_User', 'post_login', $this, 'authenticate'); } @@ -84,6 +84,10 @@ class Store implements IStore { * @throws CredentialsUnavailableException */ public function getLoginCredentials() { + if (is_null($this->tokenProvider)) { + throw new CredentialsUnavailableException(); + } + $trySession = false; try { $sessionId = $this->session->getId(); diff --git a/lib/private/Server.php b/lib/private/Server.php index 45ed9d5e3b..903e05925e 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -250,9 +250,13 @@ class Server extends ServerContainer implements IServerContainer { }); $this->registerService(Store::class, function(Server $c) { $session = $c->getSession(); - $tokenProvider = $c->query('OC\Authentication\Token\DefaultTokenProvider'); + if (\OC::$server->getSystemConfig()->getValue('installed', false)) { + $tokenProvider = $c->query('OC\Authentication\Token\IProvider'); + } else { + $tokenProvider = null; + } $logger = $c->getLogger(); - return new Store($session, $tokenProvider, $logger); + return new Store($session, $logger, $tokenProvider); }); $this->registerAlias(IStore::class, Store::class); $this->registerService('OC\Authentication\Token\DefaultTokenMapper', function (Server $c) { diff --git a/tests/lib/Authentication/LoginCredentials/StoreTest.php b/tests/lib/Authentication/LoginCredentials/StoreTest.php index 56277fd0f3..9a719339b4 100644 --- a/tests/lib/Authentication/LoginCredentials/StoreTest.php +++ b/tests/lib/Authentication/LoginCredentials/StoreTest.php @@ -58,7 +58,7 @@ class StoreTest extends TestCase { $this->tokenProvider = $this->createMock(IProvider::class); $this->logger = $this->createMock(ILogger::class); - $this->store = new Store($this->session, $this->tokenProvider, $this->logger); + $this->store = new Store($this->session, $this->logger, $this->tokenProvider); } public function testAuthenticate() { @@ -81,6 +81,14 @@ class StoreTest extends TestCase { $this->store->setSession($session); } + public function testGetLoginCredentialsNoTokenProvider() { + $this->store = new Store($this->session, $this->logger, null); + + $this->expectException(CredentialsUnavailableException::class); + + $this->store->getLoginCredentials(); + } + public function testGetLoginCredentials() { $uid = 'uid'; $user = 'user123'; From 6f84eb89fc5f46dc1fd064563a06a03b2d8e9577 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Mon, 2 Jan 2017 13:13:20 +0100 Subject: [PATCH 08/10] fix constructor params in failing test Signed-off-by: Christoph Wurst --- .../tests/Command/ListCommandTest.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/apps/files_external/tests/Command/ListCommandTest.php b/apps/files_external/tests/Command/ListCommandTest.php index 5563b19c7a..76a8f98f52 100644 --- a/apps/files_external/tests/Command/ListCommandTest.php +++ b/apps/files_external/tests/Command/ListCommandTest.php @@ -31,25 +31,27 @@ use OCA\Files_External\Lib\Backend\Local; use OCA\Files_External\Lib\StorageConfig; use OCA\Files_External\Service\GlobalStoragesService; use OCA\Files_External\Service\UserStoragesService; +use OCP\Authentication\LoginCredentials\IStore; use OCP\IL10N; use OCP\ISession; use OCP\IUserManager; use OCP\IUserSession; use OCP\Security\ICrypto; +use PHPUnit_Framework_MockObject_MockObject; use Symfony\Component\Console\Output\BufferedOutput; class ListCommandTest extends CommandTest { /** - * @return \OCA\Files_External\Command\ListCommand|\PHPUnit_Framework_MockObject_MockObject + * @return ListCommand|PHPUnit_Framework_MockObject_MockObject */ private function getInstance() { - /** @var \OCA\Files_External\Service\GlobalStoragesService|\PHPUnit_Framework_MockObject_MockObject $globalService */ + /** @var GlobalStoragesService|PHPUnit_Framework_MockObject_MockObject $globalService */ $globalService = $this->createMock(GlobalStoragesService::class); - /** @var \OCA\Files_External\Service\UserStoragesService|\PHPUnit_Framework_MockObject_MockObject $userService */ + /** @var UserStoragesService|PHPUnit_Framework_MockObject_MockObject $userService */ $userService = $this->createMock(UserStoragesService::class); - /** @var \OCP\IUserManager|\PHPUnit_Framework_MockObject_MockObject $userManager */ + /** @var IUserManager|PHPUnit_Framework_MockObject_MockObject $userManager */ $userManager = $this->createMock(IUserManager::class); - /** @var \OCP\IUserSession|\PHPUnit_Framework_MockObject_MockObject $userSession */ + /** @var IUserSession|PHPUnit_Framework_MockObject_MockObject $userSession */ $userSession = $this->createMock(IUserSession::class); return new ListCommand($globalService, $userService, $userSession, $userManager); @@ -64,7 +66,8 @@ class ListCommandTest extends CommandTest { $mount1->setAuthMechanism(new Password($l10n)); $mount1->setBackend(new Local($l10n, new NullMechanism($l10n))); $mount2 = new StorageConfig(); - $mount2->setAuthMechanism(new SessionCredentials($l10n, $session, $crypto)); + $credentialStore = $this->createMock(IStore::class); + $mount2->setAuthMechanism(new SessionCredentials($l10n, $credentialStore)); $mount2->setBackend(new Local($l10n, new NullMechanism($l10n))); $input = $this->getInput($instance, [], [ 'output' => 'json' From 140555b78685189ff14872c69ed438c5391e77fe Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Mon, 2 Jan 2017 13:27:10 +0100 Subject: [PATCH 09/10] always allow remembered login Signed-off-by: Christoph Wurst --- apps/encryption/appinfo/info.xml | 1 - apps/files_external/appinfo/info.xml | 1 - core/Controller/LoginController.php | 1 - core/templates/login.php | 2 -- lib/private/legacy/util.php | 21 ------------------- tests/Core/Controller/LoginControllerTest.php | 3 --- tests/data/app/expected-info.json | 1 - tests/data/app/invalid-info.xml | 1 - tests/data/app/valid-info.xml | 1 - 9 files changed, 32 deletions(-) diff --git a/apps/encryption/appinfo/info.xml b/apps/encryption/appinfo/info.xml index 1e63ca5c47..61dc556406 100644 --- a/apps/encryption/appinfo/info.xml +++ b/apps/encryption/appinfo/info.xml @@ -18,7 +18,6 @@ user-encryption admin-encryption - false 1.5.0 diff --git a/apps/files_external/appinfo/info.xml b/apps/files_external/appinfo/info.xml index b2f73dce62..1237e17300 100644 --- a/apps/files_external/appinfo/info.xml +++ b/apps/files_external/appinfo/info.xml @@ -12,7 +12,6 @@ admin-external-storage - false 1.2.0 diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 3c81ed5242..b2a5c510d0 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -159,7 +159,6 @@ class LoginController extends Controller { } $parameters['alt_login'] = OC_App::getAlternativeLogIns(); - $parameters['rememberLoginAllowed'] = OC_Util::rememberLoginAllowed(); $parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0; if (!is_null($user) && $user !== '') { diff --git a/core/templates/login.php b/core/templates/login.php index c200dfe366..221242c0dc 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -68,7 +68,6 @@ script('core', [ diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php index d97ba37c4c..5ef1130d36 100644 --- a/lib/private/legacy/util.php +++ b/lib/private/legacy/util.php @@ -1001,27 +1001,6 @@ class OC_Util { } } - /** - * Check if it is allowed to remember login. - * - * @note Every app can set 'rememberlogin' to 'false' to disable the remember login feature - * - * @return bool - */ - public static function rememberLoginAllowed() { - - $apps = OC_App::getEnabledApps(); - - foreach ($apps as $app) { - $appInfo = OC_App::getAppInfo($app); - if (isset($appInfo['rememberlogin']) && $appInfo['rememberlogin'] === 'false') { - return false; - } - - } - return true; - } - /** * Check if the user is a subadmin, redirects to home if not * diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php index 600179a1dc..a1a4452abf 100644 --- a/tests/Core/Controller/LoginControllerTest.php +++ b/tests/Core/Controller/LoginControllerTest.php @@ -179,7 +179,6 @@ class LoginControllerTest extends TestCase { 'user_autofocus' => true, 'canResetPassword' => true, 'alt_login' => [], - 'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(), 'rememberLoginState' => 0, 'resetPasswordLink' => null, ], @@ -238,7 +237,6 @@ class LoginControllerTest extends TestCase { 'user_autofocus' => false, 'canResetPassword' => $expectedResult, 'alt_login' => [], - 'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(), 'rememberLoginState' => 0, 'resetPasswordLink' => false, ], @@ -277,7 +275,6 @@ class LoginControllerTest extends TestCase { 'user_autofocus' => false, 'canResetPassword' => false, 'alt_login' => [], - 'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(), 'rememberLoginState' => 0, 'resetPasswordLink' => false, ], diff --git a/tests/data/app/expected-info.json b/tests/data/app/expected-info.json index 646f22bea8..0666b902f2 100644 --- a/tests/data/app/expected-info.json +++ b/tests/data/app/expected-info.json @@ -13,7 +13,6 @@ "user": "user-encryption", "admin": "admin-encryption" }, - "rememberlogin": "false", "types": ["filesystem"], "ocsid": "166047", "dependencies": { diff --git a/tests/data/app/invalid-info.xml b/tests/data/app/invalid-info.xml index 3947f5420c..0ddb13b89c 100644 --- a/tests/data/app/invalid-info.xml +++ b/tests/data/app/invalid-info.xml @@ -14,7 +14,6 @@ user-encryption admin-encryption - false diff --git a/tests/data/app/valid-info.xml b/tests/data/app/valid-info.xml index 4b22d55d7b..4788d046c1 100644 --- a/tests/data/app/valid-info.xml +++ b/tests/data/app/valid-info.xml @@ -14,7 +14,6 @@ user-encryption admin-encryption - false From 3ee5c7ea4e508b4945646013f871ad532d09ddbd Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Tue, 17 Jan 2017 09:17:56 +0100 Subject: [PATCH 10/10] minor version bump Signed-off-by: Christoph Wurst --- apps/encryption/appinfo/info.xml | 2 +- apps/files_external/appinfo/info.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/encryption/appinfo/info.xml b/apps/encryption/appinfo/info.xml index 61dc556406..307fef4ad8 100644 --- a/apps/encryption/appinfo/info.xml +++ b/apps/encryption/appinfo/info.xml @@ -18,7 +18,7 @@ user-encryption admin-encryption - 1.5.0 + 1.6.0 diff --git a/apps/files_external/appinfo/info.xml b/apps/files_external/appinfo/info.xml index 1237e17300..a28ff177e9 100644 --- a/apps/files_external/appinfo/info.xml +++ b/apps/files_external/appinfo/info.xml @@ -12,7 +12,7 @@ admin-external-storage - 1.2.0 + 1.3.0