mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

PHPDoc and other minor fixes

This commit is contained in:
Christoph Wurst 2016-05-02 19:58:19 +02:00 committed by Thomas Müller
parent dff108e97b
commit f0f8bdd495
No known key found for this signature in database
GPG Key ID: A943788A3BBEC44C
6 changed files with 74 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/Controller/TokenController.php
View File

@ -65,15 +65,17 @@ class TokenController extends Controller {
* *
* @param string $user * @param string $user
* @param string $password * @param string $password
* @param string $name the name of the client
* @return Response
*/ */
public function generateToken($user, $password, $name = 'unknown client') { public function generateToken($user, $password, $name = 'unknown client') {
if (is_null($user) || is_null($password)) { if (is_null($user) || is_null($password)) {
$response = new Response([]); $response = new Response();
$response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY); $response->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
return $response; return $response;
} }
if ($this->userManager->checkPassword($user, $password) === false) { if ($this->userManager->checkPassword($user, $password) === false) {
$response = new Response([]); $response = new Response();
$response->setStatus(Http::STATUS_UNAUTHORIZED); $response->setStatus(Http::STATUS_UNAUTHORIZED);
return $response; return $response;
} }

14
lib/private/Authentication/Token/DefaultToken.php
View File

@ -24,6 +24,20 @@ namespace OC\Authentication\Token;
use OCP\AppFramework\Db\Entity; use OCP\AppFramework\Db\Entity;
/**
* @method void setId(int $id)
* @method void setUid(string $uid);
* @method void setPassword(string $password)
* @method string getPassword()
* @method void setName(string $name)
* @method string getName()
* @method void setToken(string $token)
* @method string getToken()
* @method void setType(string $type)
* @method int getType()
* @method void setLastActivity(int $lastActivity)
* @method int getLastActivity()
*/
class DefaultToken extends Entity implements IToken { class DefaultToken extends Entity implements IToken {
/** /**

18
lib/private/Authentication/Token/DefaultTokenProvider.php
View File

@ -24,6 +24,7 @@ namespace OC\Authentication\Token;
use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\InvalidTokenException;
use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IConfig; use OCP\IConfig;
use OCP\ILogger; use OCP\ILogger;
use OCP\Security\ICrypto; use OCP\Security\ICrypto;
@ -42,17 +43,21 @@ class DefaultTokenProvider implements IProvider {
/** @var ILogger $logger */ /** @var ILogger $logger */
private $logger; private $logger;
/** @var ITimeFactory $time */
private $time;
/** /**
* @param DefaultTokenMapper $mapper * @param DefaultTokenMapper $mapper
* @param ICrypto $crypto * @param ICrypto $crypto
* @param IConfig $config * @param IConfig $config
* @param ILogger $logger * @param ILogger $logger
*/ */
public function __construct(DefaultTokenMapper $mapper, ICrypto $crypto, IConfig $config, ILogger $logger) { public function __construct(DefaultTokenMapper $mapper, ICrypto $crypto, IConfig $config, ILogger $logger, ITimeFactory $time) {
$this->mapper = $mapper; $this->mapper = $mapper;
$this->crypto = $crypto; $this->crypto = $crypto;
$this->config = $config; $this->config = $config;
$this->logger = $logger; $this->logger = $logger;
$this->time = $time;
} }
/** /**
@ -61,7 +66,7 @@ class DefaultTokenProvider implements IProvider {
* @param string $token * @param string $token
* @param string $uid * @param string $uid
* @param string $password * @param string $password
* @apram int $type token type * @param int $type token type
* @return DefaultToken * @return DefaultToken
*/ */
public function generateToken($token, $uid, $password, $name, $type = IToken::TEMPORARY_TOKEN) { public function generateToken($token, $uid, $password, $name, $type = IToken::TEMPORARY_TOKEN) {
@ -71,7 +76,7 @@ class DefaultTokenProvider implements IProvider {
$dbToken->setName($name); $dbToken->setName($name);
$dbToken->setToken($this->hashToken($token)); $dbToken->setToken($this->hashToken($token));
$dbToken->setType($type); $dbToken->setType($type);
$dbToken->setLastActivity(time()); $dbToken->setLastActivity($this->time->getTime());
$this->mapper->insert($dbToken); $this->mapper->insert($dbToken);
@ -88,7 +93,7 @@ class DefaultTokenProvider implements IProvider {
throw new InvalidTokenException(); throw new InvalidTokenException();
} }
/** @var DefaultToken $token */ /** @var DefaultToken $token */
$token->setLastActivity(time()); $token->setLastActivity($this->time->getTime());
$this->mapper->update($token); $this->mapper->update($token);
} }
@ -126,7 +131,7 @@ class DefaultTokenProvider implements IProvider {
* Invalidate (delete) old session tokens * Invalidate (delete) old session tokens
*/ */
public function invalidateOldTokens() { public function invalidateOldTokens() {
$olderThan = time() - (int) $this->config->getSystemValue('session_lifetime', 60 * 60 * 24); $olderThan = $this->time->getTime() - (int) $this->config->getSystemValue('session_lifetime', 60 * 60 * 24);
$this->logger->info('Invalidating tokens older than ' . date('c', $olderThan)); $this->logger->info('Invalidating tokens older than ' . date('c', $olderThan));
$this->mapper->invalidateOld($olderThan); $this->mapper->invalidateOld($olderThan);
} }
@ -153,7 +158,8 @@ class DefaultTokenProvider implements IProvider {
* @return string * @return string
*/ */
private function hashToken($token) { private function hashToken($token) {
return hash('sha512', $token); $secret = $this->config->getSystemValue('secret');
return hash('sha512', $token . $secret);
} }
/** /**

6
lib/private/Server.php
View File

@ -218,11 +218,13 @@ class Server extends ServerContainer implements IServerContainer {
$crypto = $c->getCrypto(); $crypto = $c->getCrypto();
$config = $c->getConfig(); $config = $c->getConfig();
$logger = $c->getLogger(); $logger = $c->getLogger();
return new \OC\Authentication\Token\DefaultTokenProvider($mapper, $crypto, $config, $logger); $timeFactory = new TimeFactory();
return new \OC\Authentication\Token\DefaultTokenProvider($mapper, $crypto, $config, $logger, $timeFactory);
}); });
$this->registerService('UserSession', function (Server $c) { $this->registerService('UserSession', function (Server $c) {
$manager = $c->getUserManager(); $manager = $c->getUserManager();
$session = new \OC\Session\Memory(''); $session = new \OC\Session\Memory('');
$timeFactory = new TimeFactory();
// Token providers might require a working database. This code // Token providers might require a working database. This code
// might however be called when ownCloud is not yet setup. // might however be called when ownCloud is not yet setup.
if (\OC::$server->getSystemConfig()->getValue('installed', false)) { if (\OC::$server->getSystemConfig()->getValue('installed', false)) {
@ -235,7 +237,7 @@ class Server extends ServerContainer implements IServerContainer {
$tokenProviders = []; $tokenProviders = [];
} }
$userSession = new \OC\User\Session($manager, $session, $defaultTokenProvider, $tokenProviders); $userSession = new \OC\User\Session($manager, $session, $timeFactory, $defaultTokenProvider, $tokenProviders);
$userSession->listen('\OC\User', 'preCreateUser', function ($uid, $password) { $userSession->listen('\OC\User', 'preCreateUser', function ($uid, $password) {
\OC_Hook::emit('OC_User', 'pre_createUser', array('run' => true, 'uid' => $uid, 'password' => $password)); \OC_Hook::emit('OC_User', 'pre_createUser', array('run' => true, 'uid' => $uid, 'password' => $password));
}); });

35
lib/private/User/Session.php
View File

@ -40,7 +40,9 @@ use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken; use OC\Authentication\Token\IToken;
use OC\Hooks\Emitter; use OC\Hooks\Emitter;
use OC_User; use OC_User;
use OC_Util;
use OCA\DAV\Connector\Sabre\Auth; use OCA\DAV\Connector\Sabre\Auth;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\IUser; use OCP\IUser;
@ -78,6 +80,11 @@ class Session implements IUserSession, Emitter {
private $session; private $session;
/* /*
* @var ITimeFactory
*/
private $timeFacory;
/**
* @var DefaultTokenProvider * @var DefaultTokenProvider
*/ */
private $tokenProvider; private $tokenProvider;
@ -96,9 +103,11 @@ class Session implements IUserSession, Emitter {
* @param ISession $session * @param ISession $session
* @param IProvider[] $tokenProviders * @param IProvider[] $tokenProviders
*/ */
public function __construct(IUserManager $manager, ISession $session, $tokenProvider, array $tokenProviders = []) { public function __construct(IUserManager $manager, ISession $session, ITimeFactory $timeFacory, $tokenProvider,
array $tokenProviders = []) {
$this->manager = $manager; $this->manager = $manager;
$this->session = $session; $this->session = $session;
$this->timeFacory = $timeFacory;
$this->tokenProvider = $tokenProvider; $this->tokenProvider = $tokenProvider;
$this->tokenProviders = $tokenProviders; $this->tokenProviders = $tokenProviders;
} }
@ -199,8 +208,7 @@ class Session implements IUserSession, Emitter {
} }
protected function validateSession(IUser $user) { protected function validateSession(IUser $user) {
// TODO: use ISession::getId(), https://github.com/owncloud/core/pull/24229 $sessionId = $this->session->getId();
$sessionId = session_id();
try { try {
$token = $this->tokenProvider->getToken($sessionId); $token = $this->tokenProvider->getToken($sessionId);
} catch (InvalidTokenException $ex) { } catch (InvalidTokenException $ex) {
@ -212,14 +220,15 @@ class Session implements IUserSession, Emitter {
// Check whether login credentials are still valid // Check whether login credentials are still valid
// This check is performed each 5 minutes // This check is performed each 5 minutes
$lastCheck = $this->session->get('last_login_check') ? : 0; $lastCheck = $this->session->get('last_login_check') ? : 0;
if ($lastCheck < (time() - 60 * 5)) { $now = $this->timeFacory->getTime();
if ($lastCheck < ($now - 60 * 5)) {
$pwd = $this->tokenProvider->getPassword($token, $sessionId); $pwd = $this->tokenProvider->getPassword($token, $sessionId);
if ($this->manager->checkPassword($user->getUID(), $pwd) === false) { if ($this->manager->checkPassword($user->getUID(), $pwd) === false) {
// Password has changed -> log user out // Password has changed -> log user out
$this->logout(); $this->logout();
return false; return false;
} }
$this->session->set('last_login_check', time()); $this->session->set('last_login_check', $now);
} }
// Session is valid, so the token can be refreshed // Session is valid, so the token can be refreshed
@ -323,7 +332,7 @@ class Session implements IUserSession, Emitter {
\OC::$server->getCsrfTokenManager()->refreshToken(); \OC::$server->getCsrfTokenManager()->refreshToken();
//we need to pass the user name, which may differ from login name //we need to pass the user name, which may differ from login name
$user = $this->getUser()->getUID(); $user = $this->getUser()->getUID();
\OC_Util::setupFS($user); OC_Util::setupFS($user);
//trigger creation of user home and /files folder //trigger creation of user home and /files folder
\OC::$server->getUserFolder($user); \OC::$server->getUserFolder($user);
} }
@ -383,10 +392,9 @@ class Session implements IUserSession, Emitter {
return false; return false;
} }
$name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown browser'; $name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown browser';
// TODO: use ISession::getId(), https://github.com/owncloud/core/pull/24229
$loggedIn = $this->login($uid, $password); $loggedIn = $this->login($uid, $password);
if ($loggedIn) { if ($loggedIn) {
$sessionId = session_id(); $sessionId = $this->session->getId();
$this->tokenProvider->generateToken($sessionId, $uid, $password, $name); $this->tokenProvider->generateToken($sessionId, $uid, $password, $name);
} }
return $loggedIn; return $loggedIn;
@ -423,9 +431,10 @@ class Session implements IUserSession, Emitter {
private function updateToken(IProvider $provider, IToken $token) { private function updateToken(IProvider $provider, IToken $token) {
// To save unnecessary DB queries, this is only done once a minute // To save unnecessary DB queries, this is only done once a minute
$lastTokenUpdate = $this->session->get('last_token_update') ? : 0; $lastTokenUpdate = $this->session->get('last_token_update') ? : 0;
if ($lastTokenUpdate < (time() - 60)) { $now = $this->timeFacory->getTime();
if ($lastTokenUpdate < ($now - 60)) {
$provider->updateToken($token); $provider->updateToken($token);
$this->session->set('last_token_update', time()); $this->session->set('last_token_update', $now);
} }
} }
@ -438,8 +447,7 @@ class Session implements IUserSession, Emitter {
$authHeader = $request->getHeader('Authorization'); $authHeader = $request->getHeader('Authorization');
if (strpos($authHeader, 'token ') === false) { if (strpos($authHeader, 'token ') === false) {
// No auth header, let's try session id // No auth header, let's try session id
// TODO: use ISession::getId(), https://github.com/owncloud/core/pull/24229 $sessionId = $this->session->getId();
$sessionId = session_id();
return $this->validateToken($request, $sessionId); return $this->validateToken($request, $sessionId);
} else { } else {
$token = substr($authHeader, 6); $token = substr($authHeader, 6);
@ -488,8 +496,7 @@ class Session implements IUserSession, Emitter {
$this->manager->emit('\OC\User', 'logout'); $this->manager->emit('\OC\User', 'logout');
$user = $this->getUser(); $user = $this->getUser();
if (!is_null($user)) { if (!is_null($user)) {
// TODO: use ISession::getId(), https://github.com/owncloud/core/pull/24229 $this->tokenProvider->invalidateToken($this->session->getId());
$this->tokenProvider->invalidateToken(session_id());
} }
$this->setUser(null); $this->setUser(null);
$this->setLoginName(null); $this->setLoginName(null);

31
tests/lib/user/session.php
View File

@ -18,12 +18,19 @@ use OC\User\User;
*/ */
class Session extends \Test\TestCase { class Session extends \Test\TestCase {
/** @var \OCP\AppFramework\Utility\ITimeFactory */
private $timeFactory;
/** @var \OC\Authentication\Token\DefaultTokenProvider */ /** @var \OC\Authentication\Token\DefaultTokenProvider */
protected $defaultProvider; protected $defaultProvider;
protected function setUp() { protected function setUp() {
parent::setUp(); parent::setUp();
$this->timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory');
$this->timeFactory->expects($this->any())
->method('getTime')
->will($this->returnValue(10000));
$this->defaultProvider = $this->getMockBuilder('\OC\Authentication\Token\DefaultTokenProvider') $this->defaultProvider = $this->getMockBuilder('\OC\Authentication\Token\DefaultTokenProvider')
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
@ -59,7 +66,7 @@ class Session extends \Test\TestCase {
->will($this->returnValue(true)); ->will($this->returnValue(true));
$session->expects($this->at(2)) $session->expects($this->at(2))
->method('set') ->method('set')
->with('last_login_check', $this->equalTo(time(), 10)); ->with('last_login_check', 10000);
$session->expects($this->at(3)) $session->expects($this->at(3))
->method('get') ->method('get')
@ -77,7 +84,7 @@ class Session extends \Test\TestCase {
->with($expectedUser->getUID()) ->with($expectedUser->getUID())
->will($this->returnValue($expectedUser)); ->will($this->returnValue($expectedUser));
$userSession = new \OC\User\Session($manager, $session, $this->defaultProvider, [$this->defaultProvider]); $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);
$user = $userSession->getUser(); $user = $userSession->getUser();
$this->assertSame($expectedUser, $user); $this->assertSame($expectedUser, $user);
} }
@ -100,7 +107,7 @@ class Session extends \Test\TestCase {
->getMock(); ->getMock();
$userSession = $this->getMockBuilder('\OC\User\Session') $userSession = $this->getMockBuilder('\OC\User\Session')
->setConstructorArgs([$manager, $session, $this->defaultProvider, [$this->defaultProvider]]) ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]])
->setMethods([ ->setMethods([
'getUser' 'getUser'
]) ])
@ -127,7 +134,7 @@ class Session extends \Test\TestCase {
->method('getUID') ->method('getUID')
->will($this->returnValue('foo')); ->will($this->returnValue('foo'));
$userSession = new \OC\User\Session($manager, $session, $this->defaultProvider, [$this->defaultProvider]); $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);
$userSession->setUser($user); $userSession->setUser($user);
} }
@ -179,7 +186,7 @@ class Session extends \Test\TestCase {
->will($this->returnValue($user)); ->will($this->returnValue($user));
$userSession = $this->getMockBuilder('\OC\User\Session') $userSession = $this->getMockBuilder('\OC\User\Session')
->setConstructorArgs([$manager, $session, $this->defaultProvider, [$this->defaultProvider]]) ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]])
->setMethods([ ->setMethods([
'prepareUserLogin' 'prepareUserLogin'
]) ])
@ -223,7 +230,7 @@ class Session extends \Test\TestCase {
->with('foo', 'bar') ->with('foo', 'bar')
->will($this->returnValue($user)); ->will($this->returnValue($user));
$userSession = new \OC\User\Session($manager, $session, $this->defaultProvider, [$this->defaultProvider]); $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);
$userSession->login('foo', 'bar'); $userSession->login('foo', 'bar');
} }
@ -259,7 +266,7 @@ class Session extends \Test\TestCase {
->with('foo', 'bar') ->with('foo', 'bar')
->will($this->returnValue(false)); ->will($this->returnValue(false));
$userSession = new \OC\User\Session($manager, $session, $this->defaultProvider, [$this->defaultProvider]); $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);
$userSession->login('foo', 'bar'); $userSession->login('foo', 'bar');
} }
@ -279,7 +286,7 @@ class Session extends \Test\TestCase {
->with('foo', 'bar') ->with('foo', 'bar')
->will($this->returnValue(false)); ->will($this->returnValue(false));
$userSession = new \OC\User\Session($manager, $session, $this->defaultProvider, [$this->defaultProvider]); $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);
$userSession->login('foo', 'bar'); $userSession->login('foo', 'bar');
} }
@ -334,7 +341,7 @@ class Session extends \Test\TestCase {
//override, otherwise tests will fail because of setcookie() //override, otherwise tests will fail because of setcookie()
array('setMagicInCookie'), array('setMagicInCookie'),
//there are passed as parameters to the constructor //there are passed as parameters to the constructor
array($manager, $session, $this->defaultProvider, [$this->defaultProvider])); array($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]));
$granted = $userSession->loginWithCookie('foo', $token); $granted = $userSession->loginWithCookie('foo', $token);
@ -379,7 +386,7 @@ class Session extends \Test\TestCase {
$token = 'goodToken'; $token = 'goodToken';
\OC::$server->getConfig()->setUserValue('foo', 'login_token', $token, time()); \OC::$server->getConfig()->setUserValue('foo', 'login_token', $token, time());
$userSession = new \OC\User\Session($manager, $session, $this->defaultProvider, [$this->defaultProvider]); $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);
$granted = $userSession->loginWithCookie('foo', 'badToken'); $granted = $userSession->loginWithCookie('foo', 'badToken');
$this->assertSame($granted, false); $this->assertSame($granted, false);
@ -422,7 +429,7 @@ class Session extends \Test\TestCase {
$token = 'goodToken'; $token = 'goodToken';
\OC::$server->getConfig()->setUserValue('foo', 'login_token', $token, time()); \OC::$server->getConfig()->setUserValue('foo', 'login_token', $token, time());
$userSession = new \OC\User\Session($manager, $session, $this->defaultProvider, [$this->defaultProvider]); $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);
$granted = $userSession->loginWithCookie('foo', $token); $granted = $userSession->loginWithCookie('foo', $token);
$this->assertSame($granted, false); $this->assertSame($granted, false);
@ -447,7 +454,7 @@ class Session extends \Test\TestCase {
$session = new Memory(''); $session = new Memory('');
$session->set('user_id', 'foo'); $session->set('user_id', 'foo');
$userSession = $this->getMockBuilder('\OC\User\Session') $userSession = $this->getMockBuilder('\OC\User\Session')
->setConstructorArgs([$manager, $session, $this->defaultProvider, [$this->defaultProvider]]) ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]])
->setMethods([ ->setMethods([
'validateSession' 'validateSession'
]) ])