Merge pull request #22320 from owncloud/files_external-crypt
encrypt passwords for files_external
This commit is contained in:
commit
e3a67d0505
|
@ -23,6 +23,7 @@ namespace OCA\Files_External\Service;
|
|||
|
||||
use OCP\DB\QueryBuilder\IQueryBuilder;
|
||||
use OCP\IDBConnection;
|
||||
use OCP\Security\ICrypto;
|
||||
|
||||
/**
|
||||
* Stores the mount config in the database
|
||||
|
@ -40,13 +41,20 @@ class DBConfigService {
|
|||
*/
|
||||
private $connection;
|
||||
|
||||
/**
|
||||
* @var ICrypto
|
||||
*/
|
||||
private $crypto;
|
||||
|
||||
/**
|
||||
* DBConfigService constructor.
|
||||
*
|
||||
* @param IDBConnection $connection
|
||||
* @param ICrypto $crypto
|
||||
*/
|
||||
public function __construct(IDBConnection $connection) {
|
||||
public function __construct(IDBConnection $connection, ICrypto $crypto) {
|
||||
$this->connection = $connection;
|
||||
$this->crypto = $crypto;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -246,6 +254,9 @@ class DBConfigService {
|
|||
* @param string $value
|
||||
*/
|
||||
public function setConfig($mountId, $key, $value) {
|
||||
if ($key === 'password') {
|
||||
$value = $this->encryptValue($value);
|
||||
}
|
||||
$count = $this->connection->insertIfNotExist('*PREFIX*external_config', [
|
||||
'mount_id' => $mountId,
|
||||
'key' => $key,
|
||||
|
@ -267,6 +278,7 @@ class DBConfigService {
|
|||
* @param string $value
|
||||
*/
|
||||
public function setOption($mountId, $key, $value) {
|
||||
|
||||
$count = $this->connection->insertIfNotExist('*PREFIX*external_options', [
|
||||
'mount_id' => $mountId,
|
||||
'key' => $key,
|
||||
|
@ -398,13 +410,31 @@ class DBConfigService {
|
|||
* @return array ['key1' => $value1, ...]
|
||||
*/
|
||||
private function createKeyValueMap(array $keyValuePairs) {
|
||||
$decryptedPairts = array_map(function ($pair) {
|
||||
if ($pair['key'] === 'password') {
|
||||
$pair['value'] = $this->decryptValue($pair['value']);
|
||||
}
|
||||
return $pair;
|
||||
}, $keyValuePairs);
|
||||
$keys = array_map(function ($pair) {
|
||||
return $pair['key'];
|
||||
}, $keyValuePairs);
|
||||
}, $decryptedPairts);
|
||||
$values = array_map(function ($pair) {
|
||||
return $pair['value'];
|
||||
}, $keyValuePairs);
|
||||
}, $decryptedPairts);
|
||||
|
||||
return array_combine($keys, $values);
|
||||
}
|
||||
|
||||
private function encryptValue($value) {
|
||||
return $this->crypto->encrypt($value);
|
||||
}
|
||||
|
||||
private function decryptValue($value) {
|
||||
try {
|
||||
return $this->crypto->decrypt($value);
|
||||
} catch (\Exception $e) {
|
||||
return $value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -45,7 +45,7 @@ class DBConfigServiceTest extends TestCase {
|
|||
public function setUp() {
|
||||
parent::setUp();
|
||||
$this->connection = \OC::$server->getDatabaseConnection();
|
||||
$this->dbConfig = new DBConfigService($this->connection);
|
||||
$this->dbConfig = new DBConfigService($this->connection, \OC::$server->getCrypto());
|
||||
}
|
||||
|
||||
public function tearDown() {
|
||||
|
|
|
@ -83,7 +83,7 @@ abstract class StoragesServiceTest extends \Test\TestCase {
|
|||
|
||||
public function setUp() {
|
||||
parent::setUp();
|
||||
$this->dbConfig = new CleaningDBConfig(\OC::$server->getDatabaseConnection());
|
||||
$this->dbConfig = new CleaningDBConfig(\OC::$server->getDatabaseConnection(), \OC::$server->getCrypto());
|
||||
self::$hookCalls = array();
|
||||
$config = \OC::$server->getConfig();
|
||||
$this->dataDir = $config->getSystemValue(
|
||||
|
|
Loading…
Reference in New Issue