add login credential store

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

lib/composer/composer/autoload_classmap.php

@@ -54,7 +54,10 @@ return array(
     'OCP\\App\\AppPathNotFoundException' => $baseDir . '/lib/public/App/AppPathNotFoundException.php',
     'OCP\\App\\IAppManager' => $baseDir . '/lib/public/App/IAppManager.php',
     'OCP\\App\\ManagerEvent' => $baseDir . '/lib/public/App/ManagerEvent.php',
+    'OCP\\Authentication\\Exceptions\\CredentialsUnavailableException' => $baseDir . '/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php',
     'OCP\\Authentication\\IApacheBackend' => $baseDir . '/lib/public/Authentication/IApacheBackend.php',
+    'OCP\\Authentication\\LoginCredentials\\ICredentials' => $baseDir . '/lib/public/Authentication/LoginCredentials/ICredentials.php',
+    'OCP\\Authentication\\LoginCredentials\\IStore' => $baseDir . '/lib/public/Authentication/LoginCredentials/IStore.php',
     'OCP\\Authentication\\TwoFactorAuth\\IProvider' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/IProvider.php',
     'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php',
     'OCP\\AutoloadNotAllowedException' => $baseDir . '/lib/public/AutoloadNotAllowedException.php',
@@ -320,6 +323,8 @@ return array(
     'OC\\Authentication\\Exceptions\\PasswordlessTokenException' => $baseDir . '/lib/private/Authentication/Exceptions/PasswordlessTokenException.php',
     'OC\\Authentication\\Exceptions\\TwoFactorAuthRequiredException' => $baseDir . '/lib/private/Authentication/Exceptions/TwoFactorAuthRequiredException.php',
     'OC\\Authentication\\Exceptions\\UserAlreadyLoggedInException' => $baseDir . '/lib/private/Authentication/Exceptions/UserAlreadyLoggedInException.php',
+    'OC\\Authentication\\LoginCredentials\\Credentials' => $baseDir . '/lib/private/Authentication/LoginCredentials/Credentials.php',
+    'OC\\Authentication\\LoginCredentials\\Store' => $baseDir . '/lib/private/Authentication/LoginCredentials/Store.php',
     'OC\\Authentication\\Token\\DefaultToken' => $baseDir . '/lib/private/Authentication/Token/DefaultToken.php',
     'OC\\Authentication\\Token\\DefaultTokenCleanupJob' => $baseDir . '/lib/private/Authentication/Token/DefaultTokenCleanupJob.php',
     'OC\\Authentication\\Token\\DefaultTokenMapper' => $baseDir . '/lib/private/Authentication/Token/DefaultTokenMapper.php',

lib/composer/composer/autoload_static.php

@@ -84,7 +84,10 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
         'OCP\\App\\AppPathNotFoundException' => __DIR__ . '/../../..' . '/lib/public/App/AppPathNotFoundException.php',
         'OCP\\App\\IAppManager' => __DIR__ . '/../../..' . '/lib/public/App/IAppManager.php',
         'OCP\\App\\ManagerEvent' => __DIR__ . '/../../..' . '/lib/public/App/ManagerEvent.php',
+        'OCP\\Authentication\\Exceptions\\CredentialsUnavailableException' => __DIR__ . '/../../..' . '/lib/public/Authentication/Exceptions/CredentialsUnavailableException.php',
         'OCP\\Authentication\\IApacheBackend' => __DIR__ . '/../../..' . '/lib/public/Authentication/IApacheBackend.php',
+        'OCP\\Authentication\\LoginCredentials\\ICredentials' => __DIR__ . '/../../..' . '/lib/public/Authentication/LoginCredentials/ICredentials.php',
+        'OCP\\Authentication\\LoginCredentials\\IStore' => __DIR__ . '/../../..' . '/lib/public/Authentication/LoginCredentials/IStore.php',
         'OCP\\Authentication\\TwoFactorAuth\\IProvider' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/IProvider.php',
         'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php',
         'OCP\\AutoloadNotAllowedException' => __DIR__ . '/../../..' . '/lib/public/AutoloadNotAllowedException.php',
@@ -350,6 +353,8 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
         'OC\\Authentication\\Exceptions\\PasswordlessTokenException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/PasswordlessTokenException.php',
         'OC\\Authentication\\Exceptions\\TwoFactorAuthRequiredException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/TwoFactorAuthRequiredException.php',
         'OC\\Authentication\\Exceptions\\UserAlreadyLoggedInException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/UserAlreadyLoggedInException.php',
+        'OC\\Authentication\\LoginCredentials\\Credentials' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Credentials.php',
+        'OC\\Authentication\\LoginCredentials\\Store' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Store.php',
         'OC\\Authentication\\Token\\DefaultToken' => __DIR__ . '/../../..' . '/lib/private/Authentication/Token/DefaultToken.php',
         'OC\\Authentication\\Token\\DefaultTokenCleanupJob' => __DIR__ . '/../../..' . '/lib/private/Authentication/Token/DefaultTokenCleanupJob.php',
         'OC\\Authentication\\Token\\DefaultTokenMapper' => __DIR__ . '/../../..' . '/lib/private/Authentication/Token/DefaultTokenMapper.php',

lib/private/AppFramework/DependencyInjection/DIContainer.php

@@ -91,6 +91,10 @@ class DIContainer extends SimpleContainer implements IAppContainer {
 			return new Output($this->getServer()->getWebRoot());
 		});
 
+		$this->registerService(\OCP\Authentication\LoginCredentials\IStore::class, function() {
+			return $this->getServer()->query(\OCP\Authentication\LoginCredentials\IStore::class);
+		});
+
 		$this->registerService('OCP\\IAvatarManager', function($c) {
 			return $this->getServer()->getAvatarManager();
 		});

lib/private/Authentication/LoginCredentials/Credentials.php

@@ -0,0 +1,72 @@
+<?php
+
+/**
+ * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Authentication\LoginCredentials;
+
+use OCP\Authentication\LoginCredentials\ICredentials;
+
+class Credentials implements ICredentials {
+
+	/** @var string */
+	private $uid;
+
+	/** @var string */
+	private $loginName;
+
+	/** @var string */
+	private $password;
+
+	/**
+	 * @param string $uid
+	 * @param string $loginName
+	 * @param string $password
+	 */
+	public function __construct($uid, $loginName, $password) {
+		$this->uid = $uid;
+		$this->loginName = $loginName;
+		$this->password = $password;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getUID() {
+		return $this->uid;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getLoginName() {
+		return $this->loginName;
+	}
+
+	/**
+	 * @return string
+	 */
+	public function getPassword() {
+		return $this->password;
+	}
+
+}

lib/private/Authentication/LoginCredentials/Store.php

@@ -0,0 +1,86 @@
+<?php
+
+/**
+ * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Authentication\LoginCredentials;
+
+use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Exceptions\PasswordlessTokenException;
+use OC\Authentication\Token\IProvider;
+use OCP\Authentication\Exceptions\CredentialsUnavailableException;
+use OCP\Authentication\LoginCredentials\ICredentials;
+use OCP\Authentication\LoginCredentials\IStore;
+use OCP\ILogger;
+use OCP\ISession;
+use OCP\Session\Exceptions\SessionNotAvailableException;
+
+class Store implements IStore {
+
+	/** @var ISession */
+	private $session;
+
+	/** @var IProvider */
+	private $tokenProvider;
+
+	/** @var ILogger */
+	private $logger;
+
+	/**
+	 * @param ISession $session
+	 * @param IProvider $tokenProvider
+	 * @param ILogger $logger
+	 */
+	public function __construct(ISession $session, IProvider $tokenProvider, ILogger $logger) {
+		$this->session = $session;
+		$this->tokenProvider = $tokenProvider;
+		$this->logger = $logger;
+	}
+
+	/**
+	 * @since 9.2
+	 *
+	 * @return ICredentials the login credentials of the current user
+	 * @throws CredentialsUnavailableException
+	 */
+	public function getLoginCredentials() {
+		try {
+			$sessionId = $this->session->getId();
+			$token = $this->tokenProvider->getToken($sessionId);
+
+			$uid = $token->getUID();
+			$user = $token->getLoginName();
+			$password = $this->tokenProvider->getPassword($token, $sessionId);
+
+			return new Credentials($uid, $user, $password);
+		} catch (SessionNotAvailableException $ex) {
+			$this->logger->debug('could not get login credentials because session is unavailable', ['app' => 'core']);
+		} catch (InvalidTokenException $ex) {
+			$this->logger->debug('could not get login credentials because the token is invalid', ['app' => 'core']);
+		} catch (PasswordlessTokenException $ex) {
+			$this->logger->debug('could not get login credentials because the token has no password', ['app' => 'core']);
+		}
+		// If we reach this line, an exception was thrown.
+		throw new CredentialsUnavailableException();
+	}
+
+}

lib/private/Server.php

@@ -46,6 +46,7 @@ use OC\App\AppStore\Fetcher\AppFetcher;
 use OC\App\AppStore\Fetcher\CategoryFetcher;
 use OC\AppFramework\Http\Request;
 use OC\AppFramework\Utility\TimeFactory;
+use OC\Authentication\LoginCredentials\Store;
 use OC\Command\AsyncBus;
 use OC\Diagnostics\EventLogger;
 use OC\Diagnostics\NullEventLogger;
@@ -89,6 +90,7 @@ use OC\Security\TrustedDomainHelper;
 use OC\Session\CryptoWrapper;
 use OC\Tagging\TagMapper;
 use OCA\Theming\ThemingDefaults;
+use OCP\Authentication\LoginCredentials\IStore;
 use OCP\IL10N;
 use OCP\IServerContainer;
 use OCP\RichObjectStrings\IValidator;
@@ -246,6 +248,13 @@ class Server extends ServerContainer implements IServerContainer {
 			});
 			return $groupManager;
 		});
+		$this->registerService(Store::class, function(Server $c) {
+			$session = $c->getSession();
+			$tokenProvider = $c->query('OC\Authentication\Token\DefaultTokenProvider');
+			$logger = $c->getLogger();
+			return new Store($session, $tokenProvider, $logger);
+		});
+		$this->registerAlias(IStore::class, Store::class);
 		$this->registerService('OC\Authentication\Token\DefaultTokenMapper', function (Server $c) {
 			$dbConnection = $c->getDatabaseConnection();
 			return new Authentication\Token\DefaultTokenMapper($dbConnection);

lib/public/Authentication/Exceptions/CredentialsUnavailableException.php

@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\Authentication\Exceptions;
+
+use Exception;
+
+/**
+ * @since 9.2
+ */
+class CredentialsUnavailableException extends Exception {
+
+}

lib/public/Authentication/LoginCredentials/ICredentials.php

@@ -0,0 +1,46 @@
+<?php
+
+/**
+ * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\Authentication\LoginCredentials;
+
+/**
+ * @since 9.2
+ */
+interface ICredentials {
+
+	/**
+	 * @return string
+	 */
+	public function getUID();
+
+	/**
+	 * @return string
+	 */
+	public function getLoginName();
+
+	/**
+	 * @return string
+	 */
+	public function getPassword();
+}

lib/public/Authentication/LoginCredentials/IStore.php

@@ -0,0 +1,42 @@
+<?php
+
+/**
+ * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCP\Authentication\LoginCredentials;
+
+use OCP\Authentication\Exceptions\CredentialsUnavailableException;
+
+/**
+ * @since 9.2
+ */
+interface IStore {
+	
+	/**
+	 * @since 9.2
+	 *
+	 * @throws CredentialsUnavailableException
+	 * @return ICredentials the login credentials of the current user
+	 */
+	public function getLoginCredentials();
+	
+}

tests/lib/Authentication/LoginCredentials/CredentialsTest.php

@@ -0,0 +1,66 @@
+<?php
+
+/**
+ * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Test\Authentication\LoginCredentials;
+
+use OC\Authentication\LoginCredentials\Credentials;
+use Test\TestCase;
+
+class CredentialsTest extends TestCase {
+
+	/** @var string */
+	private $uid;
+
+	/** @var string */
+	private $user;
+
+	/** @var string */
+	private $password;
+
+	/** @var Credentials */
+	private $credentials;
+
+	protected function setUp() {
+		parent::setUp();
+
+		$this->uid = 'user123';
+		$this->user = 'User123';
+		$this->password = '123456';
+
+		$this->credentials = new Credentials($this->uid, $this->user, $this->password);
+	}
+
+	public function testGetUID() {
+		$this->assertEquals($this->uid, $this->credentials->getUID());
+	}
+
+	public function testGetUserName() {
+		$this->assertEquals($this->user, $this->credentials->getLoginName());
+	}
+
+	public function testGetPassword() {
+		$this->assertEquals($this->password, $this->credentials->getPassword());
+	}
+
+}

tests/lib/Authentication/LoginCredentials/StoreTest.php

@@ -0,0 +1,127 @@
+<?php
+
+/**
+ * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Test\Authentication\LoginCredentials;
+
+use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Exceptions\PasswordlessTokenException;
+use OC\Authentication\LoginCredentials\Credentials;
+use OC\Authentication\LoginCredentials\Store;
+use OC\Authentication\Token\IProvider;
+use OC\Authentication\Token\IToken;
+use OCP\Authentication\Exceptions\CredentialsUnavailableException;
+use OCP\ILogger;
+use OCP\ISession;
+use OCP\Session\Exceptions\SessionNotAvailableException;
+use Test\TestCase;
+
+class StoreTest extends TestCase {
+
+	/** @var ISession|PHPUnit_Framework_MockObject_MockObject */
+	private $session;
+
+	/** @var IProvider|PHPUnit_Framework_MockObject_MockObject */
+	private $tokenProvider;
+
+	/** @var ILogger|PHPUnit_Framework_MockObject_MockObject */
+	private $logger;
+
+	/** @var Store */
+	private $store;
+
+	protected function setUp() {
+		parent::setUp();
+
+		$this->session = $this->createMock(ISession::class);
+		$this->tokenProvider = $this->createMock(IProvider::class);
+		$this->logger = $this->createMock(ILogger::class);
+
+		$this->store = new Store($this->session, $this->tokenProvider, $this->logger);
+	}
+
+	public function testGetLoginCredentials() {
+		$uid = 'uid';
+		$user = 'user123';
+		$password = 'passme';
+		$token = $this->createMock(IToken::class);
+		$this->session->expects($this->once())
+			->method('getId')
+			->will($this->returnValue('sess2233'));
+		$this->tokenProvider->expects($this->once())
+			->method('getToken')
+			->with('sess2233')
+			->will($this->returnValue($token));
+		$token->expects($this->once())
+			->method('getUID')
+			->will($this->returnValue($uid));
+		$token->expects($this->once())
+			->method('getLoginName')
+			->will($this->returnValue($user));
+		$this->tokenProvider->expects($this->once())
+			->method('getPassword')
+			->with($token, 'sess2233')
+			->will($this->returnValue($password));
+		$expected = new Credentials($uid, $user, $password);
+
+		$creds = $this->store->getLoginCredentials();
+
+		$this->assertEquals($expected, $creds);
+	}
+
+	public function testGetLoginCredentialsSessionNotAvailable() {
+		$this->session->expects($this->once())
+			->method('getId')
+			->will($this->throwException(new SessionNotAvailableException()));
+		$this->expectException(CredentialsUnavailableException::class);
+
+		$this->store->getLoginCredentials();
+	}
+
+	public function testGetLoginCredentialsInvalidToken() {
+		$this->session->expects($this->once())
+			->method('getId')
+			->will($this->returnValue('sess2233'));
+		$this->tokenProvider->expects($this->once())
+			->method('getToken')
+			->with('sess2233')
+			->will($this->throwException(new InvalidTokenException()));
+		$this->expectException(CredentialsUnavailableException::class);
+
+		$this->store->getLoginCredentials();
+	}
+	
+	public function testGetLoginCredentialsPasswordlessToken() {
+		$this->session->expects($this->once())
+			->method('getId')
+			->will($this->returnValue('sess2233'));
+		$this->tokenProvider->expects($this->once())
+			->method('getToken')
+			->with('sess2233')
+			->will($this->throwException(new PasswordlessTokenException()));
+		$this->expectException(CredentialsUnavailableException::class);
+
+		$this->store->getLoginCredentials();
+	}
+
+}