From 6f4cb12be2d026c45237359e2b0eea2266b86bdf Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Thu, 17 Nov 2016 17:35:14 +0100 Subject: [PATCH] Add identity proof Signed-off-by: Lukas Reschke --- core/Application.php | 11 ++++++- core/Controller/OCSController.php | 32 ++++++++++++++++--- core/routes.php | 1 + .../Security/IdentityProof/Manager.php | 15 ++++----- 4 files changed, 45 insertions(+), 14 deletions(-) diff --git a/core/Application.php b/core/Application.php index f68f7929e6..545b5fe420 100644 --- a/core/Application.php +++ b/core/Application.php @@ -30,7 +30,10 @@ namespace OC\Core; +use OC\AppFramework\Utility\SimpleContainer; +use OC\Security\IdentityProof\Manager; use OCP\AppFramework\App; +use OCP\Files\IAppData; use OCP\Util; /** @@ -45,8 +48,14 @@ class Application extends App { $container = $this->getContainer(); - $container->registerService('defaultMailAddress', function() { + $container->registerService('defaultMailAddress', function () { return Util::getDefaultEmailAddress('lostpassword-noreply'); }); + $container->registerService(Manager::class, function () { + return new Manager( + \OC::$server->getAppDataDir('identityproof'), + \OC::$server->getCrypto() + ); + }); } } diff --git a/core/Controller/OCSController.php b/core/Controller/OCSController.php index 27ab9deb08..b1c4f377a1 100644 --- a/core/Controller/OCSController.php +++ b/core/Controller/OCSController.php @@ -23,6 +23,7 @@ namespace OC\Core\Controller; use OC\CapabilitiesManager; use OC\Security\Bruteforce\Throttler; +use OC\Security\IdentityProof\Manager; use OCP\AppFramework\Http\DataResponse; use OCP\IRequest; use OCP\IUserManager; @@ -32,13 +33,12 @@ class OCSController extends \OCP\AppFramework\OCSController { /** @var CapabilitiesManager */ private $capabilitiesManager; - /** @var IUserSession */ private $userSession; - /** @var IUserManager */ private $userManager; - + /** @var Manager */ + private $keyManager; /** @var Throttler */ private $throttler; @@ -51,19 +51,21 @@ class OCSController extends \OCP\AppFramework\OCSController { * @param IUserSession $userSession * @param IUserManager $userManager * @param Throttler $throttler + * @param Manager $keyManager */ public function __construct($appName, IRequest $request, CapabilitiesManager $capabilitiesManager, IUserSession $userSession, IUserManager $userManager, - Throttler $throttler) { + Throttler $throttler, + Manager $keyManager) { parent::__construct($appName, $request); - $this->capabilitiesManager = $capabilitiesManager; $this->userSession = $userSession; $this->userManager = $userManager; $this->throttler = $throttler; + $this->keyManager = $keyManager; } /** @@ -139,4 +141,24 @@ class OCSController extends \OCP\AppFramework\OCSController { } return new DataResponse(null, 101); } + + /** + * @PublicPage + * + * @param string $cloudId + * @return DataResponse + */ + public function getIdentityProof($cloudId) { + $userObject = $this->userManager->get($cloudId); + + if($cloudId !== null) { + $key = $this->keyManager->getKey($userObject); + $data = [ + 'public' => $key->getPublic(), + ]; + return new DataResponse($data); + } + + return new DataResponse(101); + } } diff --git a/core/routes.php b/core/routes.php index e5636ff6c0..2b8080a3b7 100644 --- a/core/routes.php +++ b/core/routes.php @@ -61,6 +61,7 @@ $application->registerRoutes($this, [ ['root' => '/cloud', 'name' => 'OCS#getCurrentUser', 'url' => '/user', 'verb' => 'GET'], ['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'], ['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'], + ['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'], ], ]); diff --git a/lib/private/Security/IdentityProof/Manager.php b/lib/private/Security/IdentityProof/Manager.php index b3dba5f278..223af05410 100644 --- a/lib/private/Security/IdentityProof/Manager.php +++ b/lib/private/Security/IdentityProof/Manager.php @@ -22,13 +22,12 @@ namespace OC\Security\IdentityProof; use OCP\Files\IAppData; -use OCP\Files\SimpleFS\ISimpleFolder; use OCP\IUser; use OCP\Security\ICrypto; class Manager { - /** @var ISimpleFolder */ - private $folder; + /** @var IAppData */ + private $appData; /** @var ICrypto */ private $crypto; @@ -38,7 +37,7 @@ class Manager { */ public function __construct(IAppData $appData, ICrypto $crypto) { - $this->folder = $appData->getFolder('identityproof'); + $this->appData = $appData; $this->crypto = $crypto; } @@ -64,9 +63,9 @@ class Manager { $publicKey = $publicKey['key']; // Write the private and public key to the disk - $this->folder->newFile($user->getUID() . '.private') + $this->appData->getFolder($user->getUID())->newFile('private') ->putContent($this->crypto->encrypt($privateKey)); - $this->folder->newFile($user->getUID() . '.public') + $this->appData->getFolder($user->getUID())->newFile('public') ->putContent($publicKey); return new Key($publicKey, $privateKey); @@ -80,8 +79,8 @@ class Manager { */ public function getKey(IUser $user) { try { - $privateKey = $this->crypto->decrypt($this->folder->getFile($user->getUID() . '.private')->getContent()); - $publicKey = $this->folder->getFile($user->getUID() . '.public')->getContent(); + $privateKey = $this->crypto->decrypt($this->appData->getFolder($user->getUID())->getFile('private')->getContent()); + $publicKey = $this->appData->getFolder($user->getUID())->getFile('public')->getContent(); return new Key($publicKey, $privateKey); } catch (\Exception $e) { return $this->generateKey($user);