Merge pull request #12910 from nextcloud/td/oauth/strict
Make OAuth2 app strict
This commit is contained in:
commit
f7e4718779
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||||
*
|
*
|
||||||
|
@ -50,7 +51,7 @@ class LoginRedirectorController extends Controller {
|
||||||
* @param ISession $session
|
* @param ISession $session
|
||||||
* @param IL10N $l
|
* @param IL10N $l
|
||||||
*/
|
*/
|
||||||
public function __construct($appName,
|
public function __construct(string $appName,
|
||||||
IRequest $request,
|
IRequest $request,
|
||||||
IURLGenerator $urlGenerator,
|
IURLGenerator $urlGenerator,
|
||||||
ClientMapper $clientMapper,
|
ClientMapper $clientMapper,
|
||||||
|
@ -75,7 +76,7 @@ class LoginRedirectorController extends Controller {
|
||||||
*/
|
*/
|
||||||
public function authorize($client_id,
|
public function authorize($client_id,
|
||||||
$state,
|
$state,
|
||||||
$response_type) {
|
$response_type): Response {
|
||||||
try {
|
try {
|
||||||
$client = $this->clientMapper->getByIdentifier($client_id);
|
$client = $this->clientMapper->getByIdentifier($client_id);
|
||||||
} catch (ClientNotFoundException $e) {
|
} catch (ClientNotFoundException $e) {
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||||
*
|
*
|
||||||
|
@ -53,18 +54,7 @@ class OauthApiController extends Controller {
|
||||||
/** @var Throttler */
|
/** @var Throttler */
|
||||||
private $throttler;
|
private $throttler;
|
||||||
|
|
||||||
/**
|
public function __construct(string $appName,
|
||||||
* @param string $appName
|
|
||||||
* @param IRequest $request
|
|
||||||
* @param ICrypto $crypto
|
|
||||||
* @param AccessTokenMapper $accessTokenMapper
|
|
||||||
* @param ClientMapper $clientMapper
|
|
||||||
* @param TokenProvider $tokenProvider
|
|
||||||
* @param ISecureRandom $secureRandom
|
|
||||||
* @param ITimeFactory $time
|
|
||||||
* @param Throttler $throttler
|
|
||||||
*/
|
|
||||||
public function __construct($appName,
|
|
||||||
IRequest $request,
|
IRequest $request,
|
||||||
ICrypto $crypto,
|
ICrypto $crypto,
|
||||||
AccessTokenMapper $accessTokenMapper,
|
AccessTokenMapper $accessTokenMapper,
|
||||||
|
@ -94,7 +84,7 @@ class OauthApiController extends Controller {
|
||||||
* @param string $client_secret
|
* @param string $client_secret
|
||||||
* @return JSONResponse
|
* @return JSONResponse
|
||||||
*/
|
*/
|
||||||
public function getToken($grant_type, $code, $refresh_token, $client_id, $client_secret) {
|
public function getToken($grant_type, $code, $refresh_token, $client_id, $client_secret): JSONResponse {
|
||||||
|
|
||||||
// We only handle two types
|
// We only handle two types
|
||||||
if ($grant_type !== 'authorization_code' && $grant_type !== 'refresh_token') {
|
if ($grant_type !== 'authorization_code' && $grant_type !== 'refresh_token') {
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||||
*
|
*
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
* @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
|
||||||
*
|
*
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
/**
|
/**
|
||||||
* @copyright Copyright 2018, Roeland Jago Douma <roeland@famdouma.nl>
|
* @copyright Copyright 2018, Roeland Jago Douma <roeland@famdouma.nl>
|
||||||
*
|
*
|
||||||
|
@ -50,7 +51,7 @@ class SetTokenExpiration implements IRepairStep {
|
||||||
$this->tokenProvider = $tokenProvider;
|
$this->tokenProvider = $tokenProvider;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getName() {
|
public function getName(): string {
|
||||||
return 'Update OAuth token expiration times';
|
return 'Update OAuth token expiration times';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue