In preparation for #9441 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>tags/v14.0.0beta1
@@ -1,4 +1,5 @@ | |||
<?php | |||
declare(strict_types=1); | |||
/** | |||
* @copyright Copyright (c) 2016, ownCloud, Inc. | |||
* | |||
@@ -28,82 +29,69 @@ use OCP\AppFramework\Db\Entity; | |||
/** | |||
* @method void setId(int $id) | |||
* @method void setUid(string $uid); | |||
* @method void setLoginName(string $loginName) | |||
* @method void setLoginName(string $loginname) | |||
* @method void setPassword(string $password) | |||
* @method void setName(string $name) | |||
* @method string getName() | |||
* @method void setName(string $name) | |||
* @method void setToken(string $token) | |||
* @method string getToken() | |||
* @method void setType(string $type) | |||
* @method void setType(int $type) | |||
* @method int getType() | |||
* @method void setRemember(int $remember) | |||
* @method int getRemember() | |||
* @method void setLastActivity(int $lastActivity) | |||
* @method void setLastActivity(int $lastactivity) | |||
* @method int getLastActivity() | |||
*/ | |||
class DefaultToken extends Entity implements IToken { | |||
/** | |||
* @var string user UID | |||
*/ | |||
/** @var string user UID */ | |||
protected $uid; | |||
/** | |||
* @var string login name used for generating the token | |||
*/ | |||
/** @var string login name used for generating the token */ | |||
protected $loginName; | |||
/** | |||
* @var string encrypted user password | |||
*/ | |||
/** @var string encrypted user password */ | |||
protected $password; | |||
/** | |||
* @var string token name (e.g. browser/OS) | |||
*/ | |||
/** @var string token name (e.g. browser/OS) */ | |||
protected $name; | |||
/** | |||
* @var string | |||
*/ | |||
/** @var string */ | |||
protected $token; | |||
/** | |||
* @var int | |||
*/ | |||
/** @var int */ | |||
protected $type; | |||
/** | |||
* @var int | |||
*/ | |||
/** @var int */ | |||
protected $remember; | |||
/** | |||
* @var int | |||
*/ | |||
/** @var int */ | |||
protected $lastActivity; | |||
/** | |||
* @var int | |||
*/ | |||
/** @var int */ | |||
protected $lastCheck; | |||
/** | |||
* @var string | |||
*/ | |||
/** @var string */ | |||
protected $scope; | |||
public function __construct() { | |||
$this->addType('uid', 'string'); | |||
$this->addType('loginName', 'string'); | |||
$this->addType('password', 'string'); | |||
$this->addType('name', 'string'); | |||
$this->addType('token', 'string'); | |||
$this->addType('type', 'int'); | |||
$this->addType('remember', 'int'); | |||
$this->addType('lastActivity', 'int'); | |||
$this->addType('lastCheck', 'int'); | |||
$this->addType('scope', 'string'); | |||
} | |||
public function getId() { | |||
public function getId(): int { | |||
return $this->id; | |||
} | |||
public function getUID() { | |||
public function getUID(): string { | |||
return $this->uid; | |||
} | |||
@@ -112,7 +100,7 @@ class DefaultToken extends Entity implements IToken { | |||
* | |||
* @return string | |||
*/ | |||
public function getLoginName() { | |||
public function getLoginName(): string { | |||
return parent::getLoginName(); | |||
} | |||
@@ -121,7 +109,7 @@ class DefaultToken extends Entity implements IToken { | |||
* | |||
* @return string | |||
*/ | |||
public function getPassword() { | |||
public function getPassword(): string { | |||
return parent::getPassword(); | |||
} | |||
@@ -140,7 +128,7 @@ class DefaultToken extends Entity implements IToken { | |||
* | |||
* @return int | |||
*/ | |||
public function getLastCheck() { | |||
public function getLastCheck(): int { | |||
return parent::getLastCheck(); | |||
} | |||
@@ -148,16 +136,17 @@ class DefaultToken extends Entity implements IToken { | |||
* Get the timestamp of the last password check | |||
* | |||
* @param int $time | |||
* @return int | |||
*/ | |||
public function setLastCheck($time) { | |||
public function setLastCheck(int $time): int { | |||
return parent::setLastCheck($time); | |||
} | |||
public function getScope() { | |||
public function getScope(): string { | |||
return parent::getScope(); | |||
} | |||
public function getScopeAsArray() { | |||
public function getScopeAsArray(): array { | |||
$scope = json_decode($this->getScope(), true); | |||
if (!$scope) { | |||
return [ | |||
@@ -167,11 +156,7 @@ class DefaultToken extends Entity implements IToken { | |||
return $scope; | |||
} | |||
public function setScope($scope) { | |||
if (is_array($scope)) { | |||
parent::setScope(json_encode($scope)); | |||
} else { | |||
parent::setScope((string)$scope); | |||
} | |||
public function setScope(array $scope) { | |||
parent::setScope(json_encode($scope)); | |||
} | |||
} |
@@ -1,4 +1,5 @@ | |||
<?php | |||
declare(strict_types=1); | |||
/** | |||
* @copyright Copyright (c) 2016, ownCloud, Inc. | |||
* | |||
@@ -29,7 +30,6 @@ | |||
namespace OC\Authentication\Token; | |||
use OCP\AppFramework\Db\DoesNotExistException; | |||
use OCP\AppFramework\Db\Mapper; | |||
use OCP\AppFramework\Db\QBMapper; | |||
use OCP\DB\QueryBuilder\IQueryBuilder; | |||
use OCP\IDBConnection; | |||
@@ -46,7 +46,7 @@ class DefaultTokenMapper extends QBMapper { | |||
* | |||
* @param string $token | |||
*/ | |||
public function invalidate($token) { | |||
public function invalidate(string $token) { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->delete('authtoken') | |||
@@ -59,7 +59,7 @@ class DefaultTokenMapper extends QBMapper { | |||
* @param int $olderThan | |||
* @param int $remember | |||
*/ | |||
public function invalidateOld($olderThan, $remember = IToken::DO_NOT_REMEMBER) { | |||
public function invalidateOld(int $olderThan, int $remember = IToken::DO_NOT_REMEMBER) { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->delete('authtoken') | |||
@@ -76,7 +76,7 @@ class DefaultTokenMapper extends QBMapper { | |||
* @throws DoesNotExistException | |||
* @return DefaultToken | |||
*/ | |||
public function getToken($token) { | |||
public function getToken(string $token): DefaultToken { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope') | |||
@@ -95,11 +95,11 @@ class DefaultTokenMapper extends QBMapper { | |||
/** | |||
* Get the token for $id | |||
* | |||
* @param string $id | |||
* @param int $id | |||
* @throws DoesNotExistException | |||
* @return DefaultToken | |||
*/ | |||
public function getTokenById($id) { | |||
public function getTokenById(int $id): DefaultToken { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope') | |||
@@ -124,7 +124,7 @@ class DefaultTokenMapper extends QBMapper { | |||
* @param IUser $user | |||
* @return DefaultToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user) { | |||
public function getTokenByUser(IUser $user): array { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope') | |||
@@ -146,7 +146,7 @@ class DefaultTokenMapper extends QBMapper { | |||
* @param IUser $user | |||
* @param int $id | |||
*/ | |||
public function deleteById(IUser $user, $id) { | |||
public function deleteById(IUser $user, int $id) { | |||
/* @var $qb IQueryBuilder */ | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->delete('authtoken') | |||
@@ -160,7 +160,7 @@ class DefaultTokenMapper extends QBMapper { | |||
* | |||
* @param string $name | |||
*/ | |||
public function deleteByName($name) { | |||
public function deleteByName(string $name) { | |||
$qb = $this->db->getQueryBuilder(); | |||
$qb->delete('authtoken') | |||
->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR)); |
@@ -1,4 +1,5 @@ | |||
<?php | |||
declare(strict_types=1); | |||
/** | |||
* @copyright Copyright (c) 2016, ownCloud, Inc. | |||
* @copyright Copyright (c) 2016, Christoph Wurst <christoph@winzerhof-wurst.at> | |||
@@ -85,7 +86,13 @@ class DefaultTokenProvider implements IProvider { | |||
* @param int $remember whether the session token should be used for remember-me | |||
* @return IToken | |||
*/ | |||
public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN, $remember = IToken::DO_NOT_REMEMBER) { | |||
public function generateToken(string $token, | |||
string $uid, | |||
string $loginName, | |||
$password, | |||
string $name, | |||
int $type = IToken::TEMPORARY_TOKEN, | |||
int $remember = IToken::DO_NOT_REMEMBER): IToken { | |||
$dbToken = new DefaultToken(); | |||
$dbToken->setUid($uid); | |||
$dbToken->setLoginName($loginName); | |||
@@ -145,7 +152,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @param IUser $user | |||
* @return IToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user) { | |||
public function getTokenByUser(IUser $user): array { | |||
return $this->mapper->getTokenByUser($user); | |||
} | |||
@@ -154,9 +161,9 @@ class DefaultTokenProvider implements IProvider { | |||
* | |||
* @param string $tokenId | |||
* @throws InvalidTokenException | |||
* @return DefaultToken | |||
* @return IToken | |||
*/ | |||
public function getToken($tokenId) { | |||
public function getToken(string $tokenId): IToken { | |||
try { | |||
return $this->mapper->getToken($this->hashToken($tokenId)); | |||
} catch (DoesNotExistException $ex) { | |||
@@ -169,9 +176,9 @@ class DefaultTokenProvider implements IProvider { | |||
* | |||
* @param string $tokenId | |||
* @throws InvalidTokenException | |||
* @return DefaultToken | |||
* @return IToken | |||
*/ | |||
public function getTokenById($tokenId) { | |||
public function getTokenById(string $tokenId): IToken { | |||
try { | |||
return $this->mapper->getTokenById($tokenId); | |||
} catch (DoesNotExistException $ex) { | |||
@@ -184,7 +191,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @param string $sessionId | |||
* @throws InvalidTokenException | |||
*/ | |||
public function renewSessionToken($oldSessionId, $sessionId) { | |||
public function renewSessionToken(string $oldSessionId, string $sessionId) { | |||
$token = $this->getToken($oldSessionId); | |||
$newToken = new DefaultToken(); | |||
@@ -210,7 +217,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @throws PasswordlessTokenException | |||
* @return string | |||
*/ | |||
public function getPassword(IToken $savedToken, $tokenId) { | |||
public function getPassword(IToken $savedToken, string $tokenId): string { | |||
$password = $savedToken->getPassword(); | |||
if (is_null($password)) { | |||
throw new PasswordlessTokenException(); | |||
@@ -226,7 +233,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @param string $password | |||
* @throws InvalidTokenException | |||
*/ | |||
public function setPassword(IToken $token, $tokenId, $password) { | |||
public function setPassword(IToken $token, string $tokenId, string $password) { | |||
if (!($token instanceof DefaultToken)) { | |||
throw new InvalidTokenException(); | |||
} | |||
@@ -240,7 +247,7 @@ class DefaultTokenProvider implements IProvider { | |||
* | |||
* @param string $token | |||
*/ | |||
public function invalidateToken($token) { | |||
public function invalidateToken(string $token) { | |||
$this->mapper->invalidate($this->hashToken($token)); | |||
} | |||
@@ -250,7 +257,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @param IUser $user | |||
* @param int $id | |||
*/ | |||
public function invalidateTokenById(IUser $user, $id) { | |||
public function invalidateTokenById(IUser $user, int $id) { | |||
$this->mapper->deleteById($user, $id); | |||
} | |||
@@ -270,7 +277,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @param string $token | |||
* @return string | |||
*/ | |||
private function hashToken($token) { | |||
private function hashToken(string $token) { | |||
$secret = $this->config->getSystemValue('secret'); | |||
return hash('sha512', $token . $secret); | |||
} | |||
@@ -284,7 +291,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @param string $token | |||
* @return string encrypted password | |||
*/ | |||
private function encryptPassword($password, $token) { | |||
private function encryptPassword(string $password, string $token): string { | |||
$secret = $this->config->getSystemValue('secret'); | |||
return $this->crypto->encrypt($password, $token . $secret); | |||
} | |||
@@ -299,7 +306,7 @@ class DefaultTokenProvider implements IProvider { | |||
* @throws InvalidTokenException | |||
* @return string the decrypted key | |||
*/ | |||
private function decryptPassword($password, $token) { | |||
private function decryptPassword(string $password, string $token): string { | |||
$secret = $this->config->getSystemValue('secret'); | |||
try { | |||
return $this->crypto->decrypt($password, $token . $secret); |
@@ -1,4 +1,5 @@ | |||
<?php | |||
declare(strict_types=1); | |||
/** | |||
* @copyright Copyright (c) 2016, ownCloud, Inc. | |||
* | |||
@@ -44,7 +45,13 @@ interface IProvider { | |||
* @param int $remember whether the session token should be used for remember-me | |||
* @return IToken | |||
*/ | |||
public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN, $remember = IToken::DO_NOT_REMEMBER); | |||
public function generateToken(string $token, | |||
string $uid, | |||
string $loginName, | |||
$password, | |||
string $name, | |||
int $type = IToken::TEMPORARY_TOKEN, | |||
int $remember = IToken::DO_NOT_REMEMBER): IToken; | |||
/** | |||
* Get a token by token id | |||
@@ -53,16 +60,16 @@ interface IProvider { | |||
* @throws InvalidTokenException | |||
* @return IToken | |||
*/ | |||
public function getToken($tokenId); | |||
public function getToken(string $tokenId): IToken; | |||
/** | |||
* Get a token by token id | |||
* | |||
* @param string $tokenId | |||
* @throws InvalidTokenException | |||
* @return DefaultToken | |||
* @return IToken | |||
*/ | |||
public function getTokenById($tokenId); | |||
public function getTokenById(string $tokenId): IToken; | |||
/** | |||
* Duplicate an existing session token | |||
@@ -71,14 +78,14 @@ interface IProvider { | |||
* @param string $sessionId | |||
* @throws InvalidTokenException | |||
*/ | |||
public function renewSessionToken($oldSessionId, $sessionId); | |||
public function renewSessionToken(string $oldSessionId, string $sessionId); | |||
/** | |||
* Invalidate (delete) the given session token | |||
* | |||
* @param string $token | |||
*/ | |||
public function invalidateToken($token); | |||
public function invalidateToken(string $token); | |||
/** | |||
* Invalidate (delete) the given token | |||
@@ -86,7 +93,7 @@ interface IProvider { | |||
* @param IUser $user | |||
* @param int $id | |||
*/ | |||
public function invalidateTokenById(IUser $user, $id); | |||
public function invalidateTokenById(IUser $user, int $id); | |||
/** | |||
* Invalidate (delete) old session tokens | |||
@@ -116,7 +123,7 @@ interface IProvider { | |||
* @param IUser $user | |||
* @return IToken[] | |||
*/ | |||
public function getTokenByUser(IUser $user); | |||
public function getTokenByUser(IUser $user): array; | |||
/** | |||
* Get the (unencrypted) password of the given token | |||
@@ -127,7 +134,7 @@ interface IProvider { | |||
* @throws PasswordlessTokenException | |||
* @return string | |||
*/ | |||
public function getPassword(IToken $token, $tokenId); | |||
public function getPassword(IToken $token, string $tokenId): string; | |||
/** | |||
* Encrypt and set the password of the given token | |||
@@ -137,5 +144,5 @@ interface IProvider { | |||
* @param string $password | |||
* @throws InvalidTokenException | |||
*/ | |||
public function setPassword(IToken $token, $tokenId, $password); | |||
public function setPassword(IToken $token, string $tokenId, string $password); | |||
} |
@@ -1,4 +1,5 @@ | |||
<?php | |||
declare(strict_types=1); | |||
/** | |||
* @copyright Copyright (c) 2016, ownCloud, Inc. | |||
* | |||
@@ -37,61 +38,65 @@ interface IToken extends JsonSerializable { | |||
* | |||
* @return int | |||
*/ | |||
public function getId(); | |||
public function getId(): int; | |||
/** | |||
* Get the user UID | |||
* | |||
* @return string | |||
*/ | |||
public function getUID(); | |||
public function getUID(): string; | |||
/** | |||
* Get the login name used when generating the token | |||
* | |||
* @return string | |||
*/ | |||
public function getLoginName(); | |||
public function getLoginName(): string; | |||
/** | |||
* Get the (encrypted) login password | |||
* | |||
* @return string | |||
*/ | |||
public function getPassword(); | |||
public function getPassword(): string; | |||
/** | |||
* Get the timestamp of the last password check | |||
* | |||
* @return int | |||
*/ | |||
public function getLastCheck(); | |||
public function getLastCheck(): int; | |||
/** | |||
* Set the timestamp of the last password check | |||
* | |||
* @param int $time | |||
*/ | |||
public function setLastCheck($time); | |||
public function setLastCheck(int $time); | |||
/** | |||
* Get the authentication scope for this token | |||
* | |||
* @return string | |||
*/ | |||
public function getScope(); | |||
public function getScope(): string; | |||
/** | |||
* Get the authentication scope for this token | |||
* | |||
* @return array | |||
*/ | |||
public function getScopeAsArray(); | |||
public function getScopeAsArray(): array; | |||
/** | |||
* Set the authentication scope for this token | |||
* | |||
* @param array $scope | |||
*/ | |||
public function setScope($scope); | |||
public function setScope(array $scope); | |||
public function getName(): string; | |||
public function getRemember(): int; | |||
} |