use OC\Authentication\Exceptions\TokenPasswordExpiredException;
use OC\Authentication\Exceptions\PasswordlessTokenException;
use OC\Authentication\Exceptions\WipeTokenException;
+use OCP\AppFramework\Db\TTransactional;
use OCP\Cache\CappedMemoryCache;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IConfig;
+use OCP\IDBConnection;
use OCP\Security\ICrypto;
use Psr\Log\LoggerInterface;
class PublicKeyTokenProvider implements IProvider {
+ use TTransactional;
+
/** @var PublicKeyTokenMapper */
private $mapper;
/** @var IConfig */
private $config;
+ private IDBConnection $db;
+
/** @var LoggerInterface */
private $logger;
public function __construct(PublicKeyTokenMapper $mapper,
ICrypto $crypto,
IConfig $config,
+ IDBConnection $db,
LoggerInterface $logger,
ITimeFactory $time) {
$this->mapper = $mapper;
$this->crypto = $crypto;
$this->config = $config;
+ $this->db = $db;
$this->logger = $logger;
$this->time = $time;
public function renewSessionToken(string $oldSessionId, string $sessionId): IToken {
$this->cache->clear();
- $token = $this->getToken($oldSessionId);
-
- if (!($token instanceof PublicKeyToken)) {
- throw new InvalidTokenException("Invalid token type");
- }
+ return $this->atomic(function () use ($oldSessionId, $sessionId) {
+ $token = $this->getToken($oldSessionId);
- $password = null;
- if (!is_null($token->getPassword())) {
- $privateKey = $this->decrypt($token->getPrivateKey(), $oldSessionId);
- $password = $this->decryptPassword($token->getPassword(), $privateKey);
- }
-
- $newToken = $this->generateToken(
- $sessionId,
- $token->getUID(),
- $token->getLoginName(),
- $password,
- $token->getName(),
- IToken::TEMPORARY_TOKEN,
- $token->getRemember()
- );
-
- $this->mapper->delete($token);
+ if (!($token instanceof PublicKeyToken)) {
+ throw new InvalidTokenException("Invalid token type");
+ }
- return $newToken;
+ $password = null;
+ if (!is_null($token->getPassword())) {
+ $privateKey = $this->decrypt($token->getPrivateKey(), $oldSessionId);
+ $password = $this->decryptPassword($token->getPassword(), $privateKey);
+ }
+ $newToken = $this->generateToken(
+ $sessionId,
+ $token->getUID(),
+ $token->getLoginName(),
+ $password,
+ $token->getName(),
+ IToken::TEMPORARY_TOKEN,
+ $token->getRemember()
+ );
+
+ $this->mapper->delete($token);
+
+ return $newToken;
+ }, $this->db);
}
public function invalidateToken(string $token) {
<?php
+
+declare(strict_types=1);
+
/**
* @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl>
*
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IConfig;
use OCP\Security\ICrypto;
+use PHPUnit\Framework\MockObject\MockObject;
use Psr\Log\LoggerInterface;
use Test\TestCase;
private $crypto;
/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */
private $config;
+ /** @var IDBConnection|IDBConnection|MockObject */
+ private IDBConnection $db;
/** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */
private $logger;
/** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */
['secret', '', '1f4h9s'],
['openssl', [], []],
]);
+ $this->db = $this->createMock(IDBConnection::class);
+ $this->db->method('atomic')->willReturnCallback(function ($cb) {
+ return $cb();
+ });
$this->logger = $this->createMock(LoggerInterface::class);
$this->timeFactory = $this->createMock(ITimeFactory::class);
$this->time = 1313131;
$this->timeFactory->method('getTime')
->willReturn($this->time);
- $this->tokenProvider = new PublicKeyTokenProvider($this->mapper, $this->crypto, $this->config, $this->logger,
- $this->timeFactory);
+ $this->tokenProvider = new PublicKeyTokenProvider(
+ $this->mapper,
+ $this->crypto,
+ $this->config,
+ $this->db,
+ $this->logger,
+ $this->timeFactory,
+ );
}
public function testGenerateToken() {
projects / nextcloud-server.git / commitdiff