From f6423f74e3ca925fd43c67f2669384994ccc55fe Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Mon, 29 Aug 2016 21:17:16 +0200 Subject: [PATCH] Minor cleanup in core Controllers --- core/Controller/LoginController.php | 1 - core/Controller/LostController.php | 5 ++--- core/Controller/TokenController.php | 7 ++----- core/Controller/TwoFactorChallengeController.php | 2 +- tests/Core/Controller/TokenControllerTest.php | 16 +++++++++------- 5 files changed, 14 insertions(+), 17 deletions(-) diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 67e1e21528..f63d5cd8f2 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -25,7 +25,6 @@ namespace OC\Core\Controller; -use OC\AppFramework\Utility\TimeFactory; use OC\Authentication\TwoFactorAuth\Manager; use OC\Security\Bruteforce\Throttler; use OC\User\Session; diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index fe6be1e685..b1111559a6 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -40,7 +40,6 @@ use \OCP\IConfig; use OCP\IUserManager; use OCP\Mail\IMailer; use OCP\Security\ISecureRandom; -use OCP\Security\StringUtils; /** * Class LostController @@ -144,7 +143,7 @@ class LostController extends Controller { } /** - * @param string $userId + * @param string $token * @param string $userId * @throws \Exception */ @@ -161,7 +160,7 @@ class LostController extends Controller { throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired')); } - if (!StringUtils::equals($splittedToken[1], $token)) { + if (!hash_equals($splittedToken[1], $token)) { throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid')); } } diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php index 9d4fd7c965..6e3ff50fa1 100644 --- a/core/Controller/TokenController.php +++ b/core/Controller/TokenController.php @@ -24,13 +24,10 @@ namespace OC\Core\Controller; use OC\AppFramework\Http; -use OC\AppFramework\Utility\TimeFactory; -use OC\Authentication\Token\DefaultTokenProvider; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; use OC\Authentication\TwoFactorAuth\Manager as TwoFactorAuthManager; use OC\User\Manager as UserManager; -use OCA\User_LDAP\User\Manager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\JSONResponse; use OCP\IRequest; @@ -100,9 +97,9 @@ class TokenController extends Controller { $token = $this->secureRandom->generate(128); $this->tokenProvider->generateToken($token, $user->getUID(), $loginName, $password, $name, IToken::PERMANENT_TOKEN); - return [ + return new JSONResponse([ 'token' => $token, - ]; + ]); } } diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php index b9e10b147c..c19cf52327 100644 --- a/core/Controller/TwoFactorChallengeController.php +++ b/core/Controller/TwoFactorChallengeController.php @@ -96,7 +96,7 @@ class TwoFactorChallengeController extends Controller { * * @param string $challengeProviderId * @param string $redirect_url - * @return TemplateResponse + * @return TemplateResponse|RedirectResponse */ public function showChallenge($challengeProviderId, $redirect_url) { $user = $this->userSession->getUser(); diff --git a/tests/Core/Controller/TokenControllerTest.php b/tests/Core/Controller/TokenControllerTest.php index b6b54b14fa..0e965aac2e 100644 --- a/tests/Core/Controller/TokenControllerTest.php +++ b/tests/Core/Controller/TokenControllerTest.php @@ -41,15 +41,17 @@ class TokenControllerTest extends TestCase { protected function setUp() { parent::setUp(); - $this->request = $this->getMock('\OCP\IRequest'); + $this->request = $this->getMockBuilder('\OCP\IRequest')->getMock(); $this->userManager = $this->getMockBuilder('\OC\User\Manager') ->disableOriginalConstructor() ->getMock(); - $this->tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider'); + $this->tokenProvider = $this->getMockBuilder('\OC\Authentication\Token\IProvider') + ->getMock(); $this->twoFactorAuthManager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager') ->disableOriginalConstructor() ->getMock(); - $this->secureRandom = $this->getMock('\OCP\Security\ISecureRandom'); + $this->secureRandom = $this->getMockBuilder('\OCP\Security\ISecureRandom') + ->getMock(); $this->tokenController = new TokenController('core', $this->request, $this->userManager, $this->tokenProvider, $this->twoFactorAuthManager, $this->secureRandom); } @@ -77,7 +79,7 @@ class TokenControllerTest extends TestCase { } public function testWithValidCredentials() { - $user = $this->getMock('\OCP\IUser'); + $user = $this->getMockBuilder('\OCP\IUser')->getMock(); $this->userManager->expects($this->once()) ->method('checkPassword') ->with('john', '123456') @@ -96,9 +98,9 @@ class TokenControllerTest extends TestCase { $this->tokenProvider->expects($this->once()) ->method('generateToken') ->with('verysecurerandomtoken', 'john', 'john', '123456', 'unknown client', IToken::PERMANENT_TOKEN); - $expected = [ + $expected = new JSONResponse([ 'token' => 'verysecurerandomtoken' - ]; + ]); $actual = $this->tokenController->generateToken('john', '123456'); @@ -106,7 +108,7 @@ class TokenControllerTest extends TestCase { } public function testWithValidCredentialsBut2faEnabled() { - $user = $this->getMock('\OCP\IUser'); + $user = $this->getMockBuilder('\OCP\IUser')->getMock(); $this->userManager->expects($this->once()) ->method('checkPassword') ->with('john', '123456')