Fixes #15480 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>tags/v17.0.0beta1
namespace OC\Core\Controller; | namespace OC\Core\Controller; | ||||
use OC\Authentication\Exceptions\InvalidTokenException; | |||||
use OC\Authentication\Token\IProvider; | use OC\Authentication\Token\IProvider; | ||||
use OC\Authentication\Token\IToken; | use OC\Authentication\Token\IToken; | ||||
use OCP\AppFramework\Http\DataResponse; | use OCP\AppFramework\Http\DataResponse; | ||||
'apppassword' => $token | 'apppassword' => $token | ||||
]); | ]); | ||||
} | } | ||||
/** | |||||
* @NoAdminRequired | |||||
* | |||||
* @return DataResponse | |||||
*/ | |||||
public function deleteAppPassword() { | |||||
if (!$this->session->exists('app_password')) { | |||||
throw new OCSForbiddenException('no app password in use'); | |||||
} | |||||
$appPassword = $this->session->get('app_password'); | |||||
try { | |||||
$token = $this->tokenProvider->getToken($appPassword); | |||||
} catch (InvalidTokenException $e) { | |||||
throw new OCSForbiddenException('could not remove apptoken'); | |||||
} | |||||
$this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId()); | |||||
return new DataResponse(); | |||||
} | |||||
} | } |
['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'], | ['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'], | ||||
['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'], | ['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'], | ||||
['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'], | ['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'], | ||||
['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'], | |||||
['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'], | ['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'], | ||||
['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'], | ['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'], |
namespace Tests\Core\Controller; | namespace Tests\Core\Controller; | ||||
use OC\Authentication\Exceptions\InvalidTokenException; | |||||
use OC\Authentication\Token\IProvider; | use OC\Authentication\Token\IProvider; | ||||
use OC\Authentication\Token\IToken; | use OC\Authentication\Token\IToken; | ||||
use OC\Core\Controller\AppPasswordController; | use OC\Core\Controller\AppPasswordController; | ||||
use OCP\AppFramework\Http\DataResponse; | |||||
use OCP\AppFramework\OCS\OCSForbiddenException; | use OCP\AppFramework\OCS\OCSForbiddenException; | ||||
use OCP\Authentication\Exceptions\CredentialsUnavailableException; | use OCP\Authentication\Exceptions\CredentialsUnavailableException; | ||||
use OCP\Authentication\Exceptions\PasswordUnavailableException; | use OCP\Authentication\Exceptions\PasswordUnavailableException; | ||||
$this->controller->getAppPassword(); | $this->controller->getAppPassword(); | ||||
} | } | ||||
public function testDeleteAppPasswordNoAppPassword() { | |||||
$this->session->method('exists') | |||||
->with('app_password') | |||||
->willReturn(false); | |||||
$this->expectException(OCSForbiddenException::class); | |||||
$this->controller->deleteAppPassword(); | |||||
} | |||||
public function testDeleteAppPasswordFails() { | |||||
$this->session->method('exists') | |||||
->with('app_password') | |||||
->willReturn(true); | |||||
$this->session->method('get') | |||||
->with('app_password') | |||||
->willReturn('myAppPassword'); | |||||
$this->tokenProvider->method('getToken') | |||||
->with('myAppPassword') | |||||
->willThrowException(new InvalidTokenException()); | |||||
$this->expectException(OCSForbiddenException::class); | |||||
$this->controller->deleteAppPassword(); | |||||
} | |||||
public function testDeleteAppPasswordSuccess() { | |||||
$this->session->method('exists') | |||||
->with('app_password') | |||||
->willReturn(true); | |||||
$this->session->method('get') | |||||
->with('app_password') | |||||
->willReturn('myAppPassword'); | |||||
$token = $this->createMock(IToken::class); | |||||
$this->tokenProvider->method('getToken') | |||||
->with('myAppPassword') | |||||
->willReturn($token); | |||||
$token->method('getUID') | |||||
->willReturn('myUID'); | |||||
$token->method('getId') | |||||
->willReturn(42); | |||||
$this->tokenProvider->expects($this->once()) | |||||
->method('invalidateTokenById') | |||||
->with( | |||||
'myUID', | |||||
42 | |||||
); | |||||
$result = $this->controller->deleteAppPassword(); | |||||
$this->assertEquals(new DataResponse(), $result); | |||||
} | |||||
} | } |