check right location to verify web page and query lookup server for exact cloud id to check if the email address was verified correctly
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This commit is contained in:
parent
7c309c253b
commit
f3c433af7b
|
@ -27,6 +27,7 @@ use OC\Accounts\AccountManager;
|
||||||
use OC\BackgroundJob\Job;
|
use OC\BackgroundJob\Job;
|
||||||
use OC\BackgroundJob\JobList;
|
use OC\BackgroundJob\JobList;
|
||||||
use OCP\AppFramework\Http;
|
use OCP\AppFramework\Http;
|
||||||
|
use OCP\BackgroundJob\IJobList;
|
||||||
use OCP\Http\Client\IClientService;
|
use OCP\Http\Client\IClientService;
|
||||||
use OCP\IConfig;
|
use OCP\IConfig;
|
||||||
use OCP\ILogger;
|
use OCP\ILogger;
|
||||||
|
@ -135,7 +136,7 @@ class VerifyUserData extends Job {
|
||||||
|
|
||||||
$result = false;
|
$result = false;
|
||||||
|
|
||||||
$url = rtrim($argument['data'], '/') . '/' . 'CloudIdVerificationCode.txt';
|
$url = rtrim($argument['data'], '/') . '/well-known/' . 'CloudIdVerificationCode.txt';
|
||||||
|
|
||||||
$client = $this->httpClientService->newClient();
|
$client = $this->httpClientService->newClient();
|
||||||
try {
|
try {
|
||||||
|
@ -147,6 +148,8 @@ class VerifyUserData extends Job {
|
||||||
if ($response->getStatusCode() === Http::STATUS_OK) {
|
if ($response->getStatusCode() === Http::STATUS_OK) {
|
||||||
$result = true;
|
$result = true;
|
||||||
$publishedCode = $response->getBody();
|
$publishedCode = $response->getBody();
|
||||||
|
// remove new lines and spaces
|
||||||
|
$publishedCodeSanitized = $string = trim(preg_replace('/\s\s+/', ' ', $publishedCode));
|
||||||
$user = $this->userManager->get($argument['uid']);
|
$user = $this->userManager->get($argument['uid']);
|
||||||
// we don't check a valid user -> give up
|
// we don't check a valid user -> give up
|
||||||
if ($user === null) {
|
if ($user === null) {
|
||||||
|
@ -155,11 +158,10 @@ class VerifyUserData extends Job {
|
||||||
}
|
}
|
||||||
$userData = $this->accountManager->getUser($user);
|
$userData = $this->accountManager->getUser($user);
|
||||||
|
|
||||||
if ($publishedCode === $argument['verificationCode']) {
|
if ($publishedCodeSanitized === $argument['verificationCode']) {
|
||||||
|
$userData[AccountManager::PROPERTY_WEBSITE]['verified'] = AccountManager::VERIFIED;
|
||||||
$userData[AccountManager::PROPERTY_WEBSITE]['verified'] === AccountManager::VERIFIED;
|
|
||||||
} else {
|
} else {
|
||||||
$userData[AccountManager::PROPERTY_WEBSITE]['verified'] === AccountManager::NOT_VERIFIED;
|
$userData[AccountManager::PROPERTY_WEBSITE]['verified'] = AccountManager::NOT_VERIFIED;
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->accountManager->updateUser($user, $userData);
|
$this->accountManager->updateUser($user, $userData);
|
||||||
|
@ -202,11 +204,11 @@ class VerifyUserData extends Job {
|
||||||
}
|
}
|
||||||
|
|
||||||
// lookup server hasn't verified the email address so far, try again later
|
// lookup server hasn't verified the email address so far, try again later
|
||||||
if ($lookupServerData[$dataType]['verified'] === AccountManager::VERIFICATION_IN_PROGRESS) {
|
if ($lookupServerData[$dataType]['verified'] === AccountManager::NOT_VERIFIED) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$localUserData[$dataType]['verified'] === $lookupServerData[$dataType]['verified'];
|
$localUserData[$dataType]['verified'] = AccountManager::VERIFIED;
|
||||||
$this->accountManager->updateUser($user, $localUserData);
|
$this->accountManager->updateUser($user, $localUserData);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
@ -218,9 +220,9 @@ class VerifyUserData extends Job {
|
||||||
*/
|
*/
|
||||||
protected function queryLookupServer($cloudId) {
|
protected function queryLookupServer($cloudId) {
|
||||||
try {
|
try {
|
||||||
$client = $this->clientService->newClient();
|
$client = $this->httpClientService->newClient();
|
||||||
$response = $client->get(
|
$response = $client->get(
|
||||||
$this->lookupServerUrl . '/users?search=' . urlencode($cloudId),
|
$this->lookupServerUrl . '/users?search=' . urlencode($cloudId) . '&exactCloudId=1',
|
||||||
[
|
[
|
||||||
'timeout' => 10,
|
'timeout' => 10,
|
||||||
'connect_timeout' => 3,
|
'connect_timeout' => 3,
|
||||||
|
@ -229,10 +231,8 @@ class VerifyUserData extends Job {
|
||||||
|
|
||||||
$body = json_decode($response->getBody(), true);
|
$body = json_decode($response->getBody(), true);
|
||||||
|
|
||||||
foreach ($body as $lookup) {
|
if ($body['federationId'] === $cloudId) {
|
||||||
if ($lookup['federationId'] === $cloudId) {
|
return $body;
|
||||||
return $lookup;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
|
|
Loading…
Reference in New Issue