Improve traces of invalid token exceptions

author Christoph Wurst <christoph@winzerhof-wurst.at>

Wed, 27 May 2020 07:21:47 +0000 (09:21 +0200)

committer Christoph Wurst <christoph@winzerhof-wurst.at>

Wed, 27 May 2020 07:21:47 +0000 (09:21 +0200)
author Christoph Wurst <christoph@winzerhof-wurst.at>
Wed, 27 May 2020 07:21:47 +0000 (09:21 +0200)
committer Christoph Wurst <christoph@winzerhof-wurst.at>
Wed, 27 May 2020 07:21:47 +0000 (09:21 +0200)
diff --git a/lib/private/Authentication/Exceptions/InvalidTokenException.php b/lib/private/Authentication/Exceptions/InvalidTokenException.php

index efc6096da880615a69cb7b9bd71d5860b448ed0e..000d6dee3e8e3cd0b0a2782852388b9387342afb 100644 (file)
--- a/lib/private/Authentication/Exceptions/InvalidTokenException.php
+++ b/lib/private/Authentication/Exceptions/InvalidTokenException.php
@@ -1,4 +1,7 @@
  <?php
+
+declare(strict_types=1);
+
  /**
   * @copyright Copyright (c) 2016, ownCloud, Inc.
   *
diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php

index 3556cfd24b0197b1c7a1157128d32854d4a98720..ee8a28d3cb07ffd5d3d0ed57109151de5ae59df2 100644 (file)
--- a/lib/private/Authentication/Token/DefaultTokenProvider.php
+++ b/lib/private/Authentication/Token/DefaultTokenProvider.php
@@ -117,7 +117,7 @@ class DefaultTokenProvider implements IProvider {
          */
         public function updateToken(IToken $token) {
                 if (!($token instanceof DefaultToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
                 $this->mapper->update($token);
         }
@@ -130,7 +130,7 @@ class DefaultTokenProvider implements IProvider {
          */
         public function updateTokenActivity(IToken $token) {
                 if (!($token instanceof DefaultToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
                 /** @var DefaultToken $token */
                 $now = $this->time->getTime();
@@ -157,7 +157,7 @@ class DefaultTokenProvider implements IProvider {
                 try {
                         $token = $this->mapper->getToken($this->hashToken($tokenId));
                 } catch (DoesNotExistException $ex) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Token does not exist", 0, $ex);
                 }
  
                 if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
@@ -179,7 +179,7 @@ class DefaultTokenProvider implements IProvider {
                 try {
                         $token = $this->mapper->getTokenById($tokenId);
                 } catch (DoesNotExistException $ex) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Token with ID $tokenId does not exist", 0, $ex);
                 }
  
                 if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
@@ -241,7 +241,7 @@ class DefaultTokenProvider implements IProvider {
          */
         public function setPassword(IToken $token, string $tokenId, string $password) {
                 if (!($token instanceof DefaultToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
                 /** @var DefaultToken $token */
                 $token->setPassword($this->encryptPassword($password, $tokenId));
@@ -334,13 +334,13 @@ class DefaultTokenProvider implements IProvider {
                 } catch (Exception $ex) {
                         // Delete the invalid token
                         $this->invalidateToken($token);
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Can not decrypt token password: " . $ex->getMessage(), 0, $ex);
                 }
         }
  
         public function markPasswordInvalid(IToken $token, string $tokenId) {
                 if (!($token instanceof DefaultToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
  
                 //No need to mark as invalid. We just invalide default tokens
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php

index 664440fe6bb929c4d6fe482cd6a7e1627e1e91c6..091f47d7da3fd8a22a62655c0e6b8f38d09adc27 100644 (file)
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -103,7 +103,7 @@ class PublicKeyTokenProvider implements IProvider {
                                 $token = $this->mapper->getToken($this->hashToken($tokenId));
                                 $this->cache[$token->getToken()] = $token;
                         } catch (DoesNotExistException $ex) {
-                               throw new InvalidTokenException();
+                               throw new InvalidTokenException("Token does not exist: " . $ex->getMessage(), 0, $ex);
                         }
                 }
  
@@ -127,7 +127,7 @@ class PublicKeyTokenProvider implements IProvider {
                 try {
                         $token = $this->mapper->getTokenById($tokenId);
                 } catch (DoesNotExistException $ex) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Token with ID $tokenId does not exist: " . $ex->getMessage(), 0, $ex);
                 }
  
                 if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
@@ -152,7 +152,7 @@ class PublicKeyTokenProvider implements IProvider {
                 $token = $this->getToken($oldSessionId);
  
                 if (!($token instanceof PublicKeyToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
  
                 $password = null;
@@ -203,7 +203,7 @@ class PublicKeyTokenProvider implements IProvider {
                 $this->cache->clear();
  
                 if (!($token instanceof PublicKeyToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
                 $this->mapper->update($token);
         }
@@ -212,7 +212,7 @@ class PublicKeyTokenProvider implements IProvider {
                 $this->cache->clear();
  
                 if (!($token instanceof PublicKeyToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
                 /** @var DefaultToken $token */
                 $now = $this->time->getTime();
@@ -229,7 +229,7 @@ class PublicKeyTokenProvider implements IProvider {
  
         public function getPassword(IToken $token, string $tokenId): string {
                 if (!($token instanceof PublicKeyToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
  
                 if ($token->getPassword() === null) {
@@ -247,7 +247,7 @@ class PublicKeyTokenProvider implements IProvider {
                 $this->cache->clear();
  
                 if (!($token instanceof PublicKeyToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
  
                 // When changing passwords all temp tokens are deleted
@@ -266,7 +266,7 @@ class PublicKeyTokenProvider implements IProvider {
                 $this->cache->clear();
  
                 if (!($token instanceof PublicKeyToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
  
                 // Decrypt private key with oldTokenId
@@ -295,7 +295,7 @@ class PublicKeyTokenProvider implements IProvider {
                 } catch (\Exception $ex) {
                         // Delete the invalid token
                         $this->invalidateToken($token);
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Could not decrypt token password: " . $ex->getMessage(), 0, $ex);
                 }
         }
  
@@ -399,7 +399,7 @@ class PublicKeyTokenProvider implements IProvider {
                 $this->cache->clear();
  
                 if (!($token instanceof PublicKeyToken)) {
-                       throw new InvalidTokenException();
+                       throw new InvalidTokenException("Invalid token type");
                 }
  
                 $token->setPasswordInvalid(true);
author	Christoph Wurst <christoph@winzerhof-wurst.at>
	Wed, 27 May 2020 07:21:47 +0000 (09:21 +0200)
committer	Christoph Wurst <christoph@winzerhof-wurst.at>
	Wed, 27 May 2020 07:21:47 +0000 (09:21 +0200)
lib/private/Authentication/Exceptions/InvalidTokenException.php		patch \| blob \| history
lib/private/Authentication/Token/DefaultTokenProvider.php		patch \| blob \| history
lib/private/Authentication/Token/PublicKeyTokenProvider.php		patch \| blob \| history