Allow rotation of apppasswords
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
b7577b6401
commit
cd1f443804
|
@ -138,4 +138,28 @@ class AppPasswordController extends \OCP\AppFramework\OCSController {
|
|||
$this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId());
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* @NoAdminRequired
|
||||
*/
|
||||
public function rotateAppPassword(): DataResponse {
|
||||
if (!$this->session->exists('app_password')) {
|
||||
throw new OCSForbiddenException('no app password in use');
|
||||
}
|
||||
|
||||
$appPassword = $this->session->get('app_password');
|
||||
|
||||
try {
|
||||
$token = $this->tokenProvider->getToken($appPassword);
|
||||
} catch (InvalidTokenException $e) {
|
||||
throw new OCSForbiddenException('could not rotate apptoken');
|
||||
}
|
||||
|
||||
$newToken = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
|
||||
$this->tokenProvider->rotate($token, $appPassword, $newToken);
|
||||
|
||||
return new DataResponse([
|
||||
'apppassword' => $newToken,
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -107,6 +107,7 @@ $application->registerRoutes($this, [
|
|||
['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'],
|
||||
['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'],
|
||||
['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'],
|
||||
['root' => '/core', 'name' => 'AppPassword#rotateAppPassword', 'url' => '/apppassword/rotate', 'verb' => 'POST'],
|
||||
['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'],
|
||||
|
||||
['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'],
|
||||
|
|
Loading…
Reference in New Issue