Make magic strings of ClientFlowLogin and v2 publicly available

Signed-off-by: Joas Schilling <coding@schilljs.com>

diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index 80cf94a79007dd4e07862c894d040be4a098e0ac..12c01cba651c42ce5facd2223375a08cbb08869b 100644 (file)
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -78,7 +78,7 @@ class ClientFlowLoginController extends Controller {
        /** @var EventDispatcherInterface */
        private $eventDispatcher;
 
-       public const stateName = 'client.flow.state.token';
+       public const STATE_NAME = 'client.flow.state.token';
 
        /**
         * @param string $appName
@@ -135,7 +135,7 @@ class ClientFlowLoginController extends Controller {
         * @return bool
         */
        private function isValidToken($stateToken) {
-               $currentToken = $this->session->get(self::stateName);
+               $currentToken = $this->session->get(self::STATE_NAME);
                if (!is_string($stateToken) || !is_string($currentToken)) {
                        return false;
                }
@@ -198,7 +198,7 @@ class ClientFlowLoginController extends Controller {
                        64,
                        ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
                );
-               $this->session->set(self::stateName, $stateToken);
+               $this->session->set(self::STATE_NAME, $stateToken);
 
                $csp = new Http\ContentSecurityPolicy();
                if ($client) {
@@ -286,11 +286,11 @@ class ClientFlowLoginController extends Controller {
        public function generateAppPassword($stateToken,
                                                                                $clientIdentifier = '') {
                if (!$this->isValidToken($stateToken)) {
-                       $this->session->remove(self::stateName);
+                       $this->session->remove(self::STATE_NAME);
                        return $this->stateTokenForbiddenResponse();
                }
 
-               $this->session->remove(self::stateName);
+               $this->session->remove(self::STATE_NAME);
 
                try {
                        $sessionId = $this->session->getId();
@@ -343,7 +343,7 @@ class ClientFlowLoginController extends Controller {
                        $this->accessTokenMapper->insert($accessToken);
 
                        $redirectUri = $client->getRedirectUri();
-                       
+
                        if (parse_url($redirectUri, PHP_URL_QUERY)) {
                                $redirectUri .= '&';
                        } else {

diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php
index d5b50dd413ce8e16d47a3f42e60c3a4aa3b4b2c8..e3644531393607fb0de25e50531039c99470d740 100644 (file)
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@@ -44,8 +44,8 @@ use OCP\IURLGenerator;
 use OCP\Security\ISecureRandom;
 
 class ClientFlowLoginV2Controller extends Controller {
-       private const tokenName = 'client.flow.v2.login.token';
-       private const stateName = 'client.flow.v2.state.token';
+       public const TOKEN_NAME = 'client.flow.v2.login.token';
+       public const STATE_NAME = 'client.flow.v2.state.token';
 
        /** @var LoginFlowV2Service */
        private $loginFlowV2Service;
@@ -105,7 +105,7 @@ class ClientFlowLoginV2Controller extends Controller {
                        return $this->loginTokenForbiddenResponse();
                }
 
-               $this->session->set(self::tokenName, $token);
+               $this->session->set(self::TOKEN_NAME, $token);
 
                return new RedirectResponse(
                        $this->urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.showAuthPickerPage')
@@ -128,7 +128,7 @@ class ClientFlowLoginV2Controller extends Controller {
                        64,
                        ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
                );
-               $this->session->set(self::stateName, $stateToken);
+               $this->session->set(self::STATE_NAME, $stateToken);
 
                return new StandaloneTemplateResponse(
                        $this->appName,
@@ -188,11 +188,11 @@ class ClientFlowLoginV2Controller extends Controller {
                        return $this->loginTokenForbiddenResponse();
                }
 
-               $loginToken = $this->session->get(self::tokenName);
+               $loginToken = $this->session->get(self::TOKEN_NAME);
 
                // Clear session variables
-               $this->session->remove(self::tokenName);
-               $this->session->remove(self::stateName);
+               $this->session->remove(self::TOKEN_NAME);
+               $this->session->remove(self::STATE_NAME);
                $sessionId = $this->session->getId();
 
                $result = $this->loginFlowV2Service->flowDone($loginToken, $sessionId, $this->getServerPath(), $this->userId);
@@ -240,7 +240,7 @@ class ClientFlowLoginV2Controller extends Controller {
        }
 
        private function isValidStateToken(string $stateToken): bool {
-               $currentToken = $this->session->get(self::stateName);
+               $currentToken = $this->session->get(self::STATE_NAME);
                if (!is_string($stateToken) || !is_string($currentToken)) {
                        return false;
                }
@@ -265,7 +265,7 @@ class ClientFlowLoginV2Controller extends Controller {
         * @throws LoginFlowV2NotFoundException
         */
        private function getFlowByLoginToken(): LoginFlowV2 {
-               $currentToken = $this->session->get(self::tokenName);
+               $currentToken = $this->session->get(self::TOKEN_NAME);
                if (!is_string($currentToken)) {
                        throw new LoginFlowV2NotFoundException('Login token not set in session');
                }