Add identity proof
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
Lukas Reschke
Roeland Jago Douma
parent
53c8391e96
commit
6f4cb12be2
|
|
@ -30,7 +30,10 @@
|
|||
|
||||
namespace OC\Core;
|
||||
|
||||
use OC\AppFramework\Utility\SimpleContainer;
|
||||
use OC\Security\IdentityProof\Manager;
|
||||
use OCP\AppFramework\App;
|
||||
use OCP\Files\IAppData;
|
||||
use OCP\Util;
|
||||
|
||||
/**
|
||||
|
|
@ -45,8 +48,14 @@ class Application extends App {
|
|||
|
||||
$container = $this->getContainer();
|
||||
|
||||
$container->registerService('defaultMailAddress', function() {
|
||||
$container->registerService('defaultMailAddress', function () {
|
||||
return Util::getDefaultEmailAddress('lostpassword-noreply');
|
||||
});
|
||||
$container->registerService(Manager::class, function () {
|
||||
return new Manager(
|
||||
\OC::$server->getAppDataDir('identityproof'),
|
||||
\OC::$server->getCrypto()
|
||||
);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ namespace OC\Core\Controller;
|
|||
|
||||
use OC\CapabilitiesManager;
|
||||
use OC\Security\Bruteforce\Throttler;
|
||||
use OC\Security\IdentityProof\Manager;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\IRequest;
|
||||
use OCP\IUserManager;
|
||||
|
|
@ -32,13 +33,12 @@ class OCSController extends \OCP\AppFramework\OCSController {
|
|||
|
||||
/** @var CapabilitiesManager */
|
||||
private $capabilitiesManager;
|
||||
|
||||
/** @var IUserSession */
|
||||
private $userSession;
|
||||
|
||||
/** @var IUserManager */
|
||||
private $userManager;
|
||||
|
||||
/** @var Manager */
|
||||
private $keyManager;
|
||||
/** @var Throttler */
|
||||
private $throttler;
|
||||
|
||||
|
|
@ -51,19 +51,21 @@ class OCSController extends \OCP\AppFramework\OCSController {
|
|||
* @param IUserSession $userSession
|
||||
* @param IUserManager $userManager
|
||||
* @param Throttler $throttler
|
||||
* @param Manager $keyManager
|
||||
*/
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
CapabilitiesManager $capabilitiesManager,
|
||||
IUserSession $userSession,
|
||||
IUserManager $userManager,
|
||||
Throttler $throttler) {
|
||||
Throttler $throttler,
|
||||
Manager $keyManager) {
|
||||
parent::__construct($appName, $request);
|
||||
|
||||
$this->capabilitiesManager = $capabilitiesManager;
|
||||
$this->userSession = $userSession;
|
||||
$this->userManager = $userManager;
|
||||
$this->throttler = $throttler;
|
||||
$this->keyManager = $keyManager;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -139,4 +141,24 @@ class OCSController extends \OCP\AppFramework\OCSController {
|
|||
}
|
||||
return new DataResponse(null, 101);
|
||||
}
|
||||
|
||||
/**
|
||||
* @PublicPage
|
||||
*
|
||||
* @param string $cloudId
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function getIdentityProof($cloudId) {
|
||||
$userObject = $this->userManager->get($cloudId);
|
||||
|
||||
if($cloudId !== null) {
|
||||
$key = $this->keyManager->getKey($userObject);
|
||||
$data = [
|
||||
'public' => $key->getPublic(),
|
||||
];
|
||||
return new DataResponse($data);
|
||||
}
|
||||
|
||||
return new DataResponse(101);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -61,6 +61,7 @@ $application->registerRoutes($this, [
|
|||
['root' => '/cloud', 'name' => 'OCS#getCurrentUser', 'url' => '/user', 'verb' => 'GET'],
|
||||
['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
|
||||
['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
|
||||
['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'],
|
||||
],
|
||||
]);
|
||||
|
||||
|
|
|
|||
|
|
@ -22,13 +22,12 @@
|
|||
namespace OC\Security\IdentityProof;
|
||||
|
||||
use OCP\Files\IAppData;
|
||||
use OCP\Files\SimpleFS\ISimpleFolder;
|
||||
use OCP\IUser;
|
||||
use OCP\Security\ICrypto;
|
||||
|
||||
class Manager {
|
||||
/** @var ISimpleFolder */
|
||||
private $folder;
|
||||
/** @var IAppData */
|
||||
private $appData;
|
||||
/** @var ICrypto */
|
||||
private $crypto;
|
||||
|
||||
|
|
@ -38,7 +37,7 @@ class Manager {
|
|||
*/
|
||||
public function __construct(IAppData $appData,
|
||||
ICrypto $crypto) {
|
||||
$this->folder = $appData->getFolder('identityproof');
|
||||
$this->appData = $appData;
|
||||
$this->crypto = $crypto;
|
||||
}
|
||||
|
||||
|
|
@ -64,9 +63,9 @@ class Manager {
|
|||
$publicKey = $publicKey['key'];
|
||||
|
||||
// Write the private and public key to the disk
|
||||
$this->folder->newFile($user->getUID() . '.private')
|
||||
$this->appData->getFolder($user->getUID())->newFile('private')
|
||||
->putContent($this->crypto->encrypt($privateKey));
|
||||
$this->folder->newFile($user->getUID() . '.public')
|
||||
$this->appData->getFolder($user->getUID())->newFile('public')
|
||||
->putContent($publicKey);
|
||||
|
||||
return new Key($publicKey, $privateKey);
|
||||
|
|
@ -80,8 +79,8 @@ class Manager {
|
|||
*/
|
||||
public function getKey(IUser $user) {
|
||||
try {
|
||||
$privateKey = $this->crypto->decrypt($this->folder->getFile($user->getUID() . '.private')->getContent());
|
||||
$publicKey = $this->folder->getFile($user->getUID() . '.public')->getContent();
|
||||
$privateKey = $this->crypto->decrypt($this->appData->getFolder($user->getUID())->getFile('private')->getContent());
|
||||
$publicKey = $this->appData->getFolder($user->getUID())->getFile('public')->getContent();
|
||||
return new Key($publicKey, $privateKey);
|
||||
} catch (\Exception $e) {
|
||||
return $this->generateKey($user);
|
||||
|
|
|
|||
Loading…
Reference in New Issue