mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1578 from nextcloud/use-more-magic-di 

Use magic DI for core controllers
This commit is contained in:
Lukas Reschke 2016-10-01 20:15:51 +02:00 committed by GitHub
parent da03018add a1e4b17ff4
commit 793d3868c2
10 changed files with 44 additions and 367 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
build/integration/features/bootstrap/Auth.php
View File

@ -67,13 +67,21 @@ trait Auth {
* @Given a new client token is used
*/
public function aNewClientTokenIsUsed() {
$this->loggingInUsingWebAs('user0');
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens';
$client = new Client();
$resp = $client->post(substr($this->baseUrl, 0, -5) . '/token/generate', [
'json' => [
'user' => 'user0',
'password' => '123456',
]
]);
$options = [
'auth' => ['user0', '123456'],
'body' => [
'requesttoken' => $this->requestToken,
'name' => md5(microtime()),
],
'cookies' => $this->cookieJar,
];
$resp = $client->send($client->createRequest('POST', $fullUrl, $options));
$this->clientToken = json_decode($resp->getBody()->getContents())->token;
}

112
core/Application.php
View File

@ -1,6 +1,7 @@
<?php
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @copyright Copyright (c) 2016 Joas Schilling <coding@schilljs.com>
*
* @author Bernhard Posselt <dev@bernhard-posselt.com>
* @author Christoph Wurst <christoph@owncloud.com>
@ -29,13 +30,8 @@
namespace OC\Core;
use OC\AppFramework\Utility\SimpleContainer;
use OC\AppFramework\Utility\TimeFactory;
use OC\Core\Controller\LoginController;
use OC\Core\Controller\LostController;
use OC\Core\Controller\TokenController;
use OC\Core\Controller\TwoFactorChallengeController;
use OC\Core\Controller\UserController;
use OC\Authentication\Token\DefaultTokenProvider;
use OC\Authentication\Token\IProvider;
use OCP\AppFramework\App;
use OCP\Util;
@ -46,108 +42,12 @@ use OCP\Util;
*/
class Application extends App {
/**
* @param array $urlParams
*/
public function __construct(array $urlParams=array()){
parent::__construct('core', $urlParams);
public function __construct() {
parent::__construct('core');
$container = $this->getContainer();
/**
* Controllers
*/
$container->registerService('LostController', function(SimpleContainer $c) {
return new LostController(
$c->query('AppName'),
$c->query('Request'),
$c->query('URLGenerator'),
$c->query('UserManager'),
$c->query('Defaults'),
$c->query('L10N'),
$c->query('Config'),
$c->query('SecureRandom'),
$c->query('DefaultEmailAddress'),
$c->query('IsEncryptionEnabled'),
$c->query('Mailer'),
$c->query('TimeFactory')
);
});
$container->registerService('LoginController', function(SimpleContainer $c) {
return new LoginController(
$c->query('AppName'),
$c->query('Request'),
$c->query('UserManager'),
$c->query('Config'),
$c->query('Session'),
$c->query('UserSession'),
$c->query('URLGenerator'),
$c->query('TwoFactorAuthManager'),
$c->query('ServerContainer')->getBruteforceThrottler()
);
});
$container->registerService('TwoFactorChallengeController', function (SimpleContainer $c) {
return new TwoFactorChallengeController(
$c->query('AppName'),
$c->query('Request'),
$c->query('TwoFactorAuthManager'),
$c->query('UserSession'),
$c->query('Session'),
$c->query('URLGenerator'));
});
$container->registerService('TokenController', function(SimpleContainer $c) {
return new TokenController(
$c->query('AppName'),
$c->query('Request'),
$c->query('UserManager'),
$c->query('ServerContainer')->query('OC\Authentication\Token\IProvider'),
$c->query('TwoFactorAuthManager'),
$c->query('SecureRandom')
);
});
/**
* Core class wrappers
*/
$container->registerService('IsEncryptionEnabled', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getEncryptionManager()->isEnabled();
});
$container->registerService('URLGenerator', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getURLGenerator();
});
$container->registerService('UserManager', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getUserManager();
});
$container->registerService('Config', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getConfig();
});
$container->registerService('L10N', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getL10N('core');
});
$container->registerService('SecureRandom', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getSecureRandom();
});
$container->registerService('Session', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getSession();
});
$container->registerService('UserSession', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getUserSession();
});
$container->registerService('Defaults', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getThemingDefaults();
});
$container->registerService('Mailer', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getMailer();
});
$container->registerService('TimeFactory', function(SimpleContainer $c) {
return new TimeFactory();
});
$container->registerService('DefaultEmailAddress', function() {
$container->registerService('defaultMailAddress', function() {
return Util::getDefaultEmailAddress('lostpassword-noreply');
});
$container->registerService('TwoFactorAuthManager', function(SimpleContainer $c) {
return $c->query('ServerContainer')->getTwoFactorAuthManager();
});
}
}

8
core/Controller/LoginController.php
View File

@ -33,12 +33,14 @@ use OC_Util;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\IConfig;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
class LoginController extends Controller {
/** @var IUserManager */
@ -47,7 +49,7 @@ class LoginController extends Controller {
private $config;
/** @var ISession */
private $session;
/** @var Session */
/** @var IUserSession|Session */
private $userSession;
/** @var IURLGenerator */
private $urlGenerator;
@ -62,7 +64,7 @@ class LoginController extends Controller {
* @param IUserManager $userManager
* @param IConfig $config
* @param ISession $session
* @param Session $userSession
* @param IUserSession $userSession
* @param IURLGenerator $urlGenerator
* @param Manager $twoFactorManager
* @param Throttler $throttler
@ -72,7 +74,7 @@ class LoginController extends Controller {
IUserManager $userManager,
IConfig $config,
ISession $session,
Session $userSession,
IUserSession $userSession,
IURLGenerator $urlGenerator,
Manager $twoFactorManager,
Throttler $throttler) {

19
core/Controller/LostController.php
View File

@ -33,6 +33,7 @@ namespace OC\Core\Controller;
use \OCP\AppFramework\Controller;
use \OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Encryption\IManager;
use \OCP\IURLGenerator;
use \OCP\IRequest;
use \OCP\IL10N;
@ -60,8 +61,8 @@ class LostController extends Controller {
protected $l10n;
/** @var string */
protected $from;
/** @var bool */
protected $isDataEncrypted;
/** @var IManager */
protected $encryptionManager;
/** @var IConfig */
protected $config;
/** @var ISecureRandom */
@ -80,8 +81,8 @@ class LostController extends Controller {
* @param IL10N $l10n
* @param IConfig $config
* @param ISecureRandom $secureRandom
* @param string $from
* @param string $isDataEncrypted
* @param string $defaultMailAddress
* @param IManager $encryptionManager
* @param IMailer $mailer
* @param ITimeFactory $timeFactory
*/
@ -93,8 +94,8 @@ class LostController extends Controller {
IL10N $l10n,
IConfig $config,
ISecureRandom $secureRandom,
$from,
$isDataEncrypted,
$defaultMailAddress,
IManager $encryptionManager,
IMailer $mailer,
ITimeFactory $timeFactory) {
parent::__construct($appName, $request);
@ -103,8 +104,8 @@ class LostController extends Controller {
$this->defaults = $defaults;
$this->l10n = $l10n;
$this->secureRandom = $secureRandom;
$this->from = $from;
$this->isDataEncrypted = $isDataEncrypted;
$this->from = $defaultMailAddress;
$this->encryptionManager = $encryptionManager;
$this->config = $config;
$this->mailer = $mailer;
$this->timeFactory = $timeFactory;
@ -207,7 +208,7 @@ class LostController extends Controller {
* @return array
*/
public function setPassword($token, $userId, $password, $proceed) {
if ($this->isDataEncrypted && !$proceed) {
if ($this->encryptionManager->isEnabled() && !$proceed) {
return $this->error('', array('encryption' => true));
}

105
core/Controller/TokenController.php
View File

@ -1,105 +0,0 @@
<?php
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
*
* @author Christoph Wurst <christoph@owncloud.com>
* @author Lukas Reschke <lukas@statuscode.ch>
*
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OC\Core\Controller;
use OC\AppFramework\Http;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OC\Authentication\TwoFactorAuth\Manager as TwoFactorAuthManager;
use OC\User\Manager as UserManager;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IRequest;
use OCP\Security\ISecureRandom;
class TokenController extends Controller {
/** @var UserManager */
private $userManager;
/** @var IProvider */
private $tokenProvider;
/** @var TwoFactorAuthManager */
private $twoFactorAuthManager;
/** @var ISecureRandom */
private $secureRandom;
/**
* @param string $appName
* @param IRequest $request
* @param UserManager $userManager
* @param IProvider $tokenProvider
* @param TwoFactorAuthManager $twoFactorAuthManager
* @param ISecureRandom $secureRandom
*/
public function __construct($appName,
IRequest $request,
UserManager $userManager,
IProvider $tokenProvider,
TwoFactorAuthManager $twoFactorAuthManager,
ISecureRandom $secureRandom) {
parent::__construct($appName, $request);
$this->userManager = $userManager;
$this->tokenProvider = $tokenProvider;
$this->secureRandom = $secureRandom;
$this->twoFactorAuthManager = $twoFactorAuthManager;
}
/**
* Generate a new access token clients can authenticate with
*
* @PublicPage
* @NoCSRFRequired
*
* @param string $user
* @param string $password
* @param string $name the name of the client
* @return JSONResponse
*/
public function generateToken($user, $password, $name = 'unknown client') {
if (is_null($user) || is_null($password)) {
$response = new JSONResponse();
$response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
return $response;
}
$loginName = $user;
$user = $this->userManager->checkPassword($loginName, $password);
if ($user === false) {
$response = new JSONResponse();
$response->setStatus(Http::STATUS_UNAUTHORIZED);
return $response;
}
if ($this->twoFactorAuthManager->isTwoFactorAuthenticated($user)) {
$resp = new JSONResponse();
$resp->setStatus(Http::STATUS_UNAUTHORIZED);
return $resp;
}
$token = $this->secureRandom->generate(128);
$this->tokenProvider->generateToken($token, $user->getUID(), $loginName, $password, $name, IToken::PERMANENT_TOKEN);
return new JSONResponse([
'token' => $token,
]);
}
}

1
core/routes.php
View File

@ -48,7 +48,6 @@ $application->registerRoutes($this, [
['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
['name' => 'token#generateToken', 'url' => '/token/generate', 'verb' => 'POST'],
['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],

1
lib/composer/composer/autoload_classmap.php
View File

@ -399,7 +399,6 @@ return array(
'OC\\Core\\Controller\\LostController' => $baseDir . '/core/Controller/LostController.php',
'OC\\Core\\Controller\\OCSController' => $baseDir . '/core/Controller/OCSController.php',
'OC\\Core\\Controller\\SetupController' => $baseDir . '/core/Controller/SetupController.php',
'OC\\Core\\Controller\\TokenController' => $baseDir . '/core/Controller/TokenController.php',
'OC\\Core\\Controller\\TwoFactorChallengeController' => $baseDir . '/core/Controller/TwoFactorChallengeController.php',
'OC\\Core\\Controller\\UserController' => $baseDir . '/core/Controller/UserController.php',
'OC\\Core\\Middleware\\TwoFactorMiddleware' => $baseDir . '/core/Middleware/TwoFactorMiddleware.php',

1
lib/composer/composer/autoload_static.php
View File

@ -429,7 +429,6 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
'OC\\Core\\Controller\\LostController' => __DIR__ . '/../../..' . '/core/Controller/LostController.php',
'OC\\Core\\Controller\\OCSController' => __DIR__ . '/../../..' . '/core/Controller/OCSController.php',
'OC\\Core\\Controller\\SetupController' => __DIR__ . '/../../..' . '/core/Controller/SetupController.php',
'OC\\Core\\Controller\\TokenController' => __DIR__ . '/../../..' . '/core/Controller/TokenController.php',
'OC\\Core\\Controller\\TwoFactorChallengeController' => __DIR__ . '/../../..' . '/core/Controller/TwoFactorChallengeController.php',
'OC\\Core\\Controller\\UserController' => __DIR__ . '/../../..' . '/core/Controller/UserController.php',
'OC\\Core\\Middleware\\TwoFactorMiddleware' => __DIR__ . '/../../..' . '/core/Middleware/TwoFactorMiddleware.php',

14
tests/Core/Controller/LostControllerTest.php
View File

@ -24,6 +24,7 @@ namespace Tests\Core\Controller;
use OC\Core\Controller\LostController;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Encryption\IManager;
use OCP\IConfig;
use OCP\IL10N;
use OCP\IRequest;
@ -59,6 +60,8 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
private $mailer;
/** @var ISecureRandom | PHPUnit_Framework_MockObject_MockObject */
private $secureRandom;
/** @var IManager|PHPUnit_Framework_MockObject_MockObject */
private $encryptionManager;
/** @var ITimeFactory | PHPUnit_Framework_MockObject_MockObject */
private $timeFactory;
/** @var IRequest */
@ -98,6 +101,11 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
->disableOriginalConstructor()->getMock();
$this->request = $this->getMockBuilder('OCP\IRequest')
->disableOriginalConstructor()->getMock();
$this->encryptionManager = $this->getMockBuilder(IManager::class)
->disableOriginalConstructor()->getMock();
$this->encryptionManager->expects($this->any())
->method('isEnabled')
->willReturn(true);
$this->lostController = new LostController(
'Core',
$this->request,
@ -108,7 +116,7 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
$this->config,
$this->secureRandom,
'lostpassword-noreply@localhost',
true,
$this->encryptionManager,
$this->mailer,
$this->timeFactory
);
@ -162,8 +170,6 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
public function testResetFormExpiredToken() {
$userId = 'ValidTokenUser';
$token = '12345:TheOnlyAndOnlyOneTokenToResetThePassword';
$user = $this->getMockBuilder('\OCP\IUser')
->disableOriginalConstructor()->getMock();
$this->userManager
@ -195,8 +201,6 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase {
}
public function testResetFormValidToken() {
$userId = 'ValidTokenUser';
$token = '12345:TheOnlyAndOnlyOneTokenToResetThePassword';
$user = $this->getMockBuilder('\OCP\IUser')
->disableOriginalConstructor()->getMock();
$user

130
tests/Core/Controller/TokenControllerTest.php
View File

@ -1,130 +0,0 @@
<?php
/**
* @author Christoph Wurst <christoph@owncloud.com>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace Tests\Core\Controller;
use OC\AppFramework\Http;
use OC\Authentication\Token\IToken;
use OC\Core\Controller\TokenController;
use OCP\AppFramework\Http\JSONResponse;
use Test\TestCase;
class TokenControllerTest extends TestCase {
/** \OC\Core\Controller\TokenController */
private $tokenController;
private $request;
private $userManager;
private $tokenProvider;
private $twoFactorAuthManager;
private $secureRandom;
protected function setUp() {
parent::setUp();
$this->request = $this->getMockBuilder('\OCP\IRequest')->getMock();
$this->userManager = $this->getMockBuilder('\OC\User\Manager')
->disableOriginalConstructor()
->getMock();
$this->tokenProvider = $this->getMockBuilder('\OC\Authentication\Token\IProvider')
->getMock();
$this->twoFactorAuthManager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')
->disableOriginalConstructor()
->getMock();
$this->secureRandom = $this->getMockBuilder('\OCP\Security\ISecureRandom')
->getMock();
$this->tokenController = new TokenController('core', $this->request, $this->userManager, $this->tokenProvider, $this->twoFactorAuthManager, $this->secureRandom);
}
public function testWithoutCredentials() {
$expected = new JSONResponse();
$expected->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
$actual = $this->tokenController->generateToken(null, null);
$this->assertEquals($expected, $actual);
}
public function testWithInvalidCredentials() {
$this->userManager->expects($this->once())
->method('checkPassword')
->with('john', 'passme')
->will($this->returnValue(false));
$expected = new JSONResponse();
$expected->setStatus(Http::STATUS_UNAUTHORIZED);
$actual = $this->tokenController->generateToken('john', 'passme');
$this->assertEquals($expected, $actual);
}
public function testWithValidCredentials() {
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
$this->userManager->expects($this->once())
->method('checkPassword')
->with('john', '123456')
->will($this->returnValue($user));
$user->expects($this->once())
->method('getUID')
->will($this->returnValue('john'));
$this->twoFactorAuthManager->expects($this->once())
->method('isTwoFactorAuthenticated')
->with($user)
->will($this->returnValue(false));
$this->secureRandom->expects($this->once())
->method('generate')
->with(128)
->will($this->returnValue('verysecurerandomtoken'));
$this->tokenProvider->expects($this->once())
->method('generateToken')
->with('verysecurerandomtoken', 'john', 'john', '123456', 'unknown client', IToken::PERMANENT_TOKEN);
$expected = new JSONResponse([
'token' => 'verysecurerandomtoken'
]);
$actual = $this->tokenController->generateToken('john', '123456');
$this->assertEquals($expected, $actual);
}
public function testWithValidCredentialsBut2faEnabled() {
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
$this->userManager->expects($this->once())
->method('checkPassword')
->with('john', '123456')
->will($this->returnValue($user));
$this->twoFactorAuthManager->expects($this->once())
->method('isTwoFactorAuthenticated')
->with($user)
->will($this->returnValue(true));
$this->secureRandom->expects($this->never())
->method('generate');
$expected = new JSONResponse();
$expected->setStatus(Http::STATUS_UNAUTHORIZED);
$actual = $this->tokenController->generateToken('john', '123456');
$this->assertEquals($expected, $actual);
}
}