Just pass uid to the Token stuff

We don't have user objects in the code everywhere

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

lib/private/Authentication/Token/DefaultTokenMapper.php

@@ -33,7 +33,6 @@ use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Db\QBMapper;
 use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
-use OCP\IUser;
 
 class DefaultTokenMapper extends QBMapper {
 
@@ -124,15 +123,15 @@ class DefaultTokenMapper extends QBMapper {
 	 * The provider may limit the number of result rows in case of an abuse
 	 * where a high number of (session) tokens is generated
 	 *
-	 * @param IUser $user
+	 * @param string $uid
 	 * @return DefaultToken[]
 	 */
-	public function getTokenByUser(IUser $user): array {
+	public function getTokenByUser(string $uid): array {
 		/* @var $qb IQueryBuilder */
 		$qb = $this->db->getQueryBuilder();
 		$qb->select('id', 'uid', 'login_name', 'password', 'name', 'token', 'type', 'remember', 'last_activity', 'last_check', 'scope', 'expires', 'version')
 			->from('authtoken')
-			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+			->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
 			->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(1, IQueryBuilder::PARAM_INT)))
 			->setMaxResults(1000);
 		$result = $qb->execute();
@@ -146,16 +145,12 @@ class DefaultTokenMapper extends QBMapper {
 		return $entities;
 	}
 
-	/**
-	 * @param IUser $user
-	 * @param int $id
-	 */
-	public function deleteById(IUser $user, int $id) {
+	public function deleteById(string $uid, int $id) {
 		/* @var $qb IQueryBuilder */
 		$qb = $this->db->getQueryBuilder();
 		$qb->delete('authtoken')
 			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
 			->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(1, IQueryBuilder::PARAM_INT)));
 		$qb->execute();
 	}

lib/private/Authentication/Token/DefaultTokenProvider.php

@@ -143,17 +143,8 @@ class DefaultTokenProvider implements IProvider {
 		}
 	}
 
-	/**
-	 * Get all tokens of a user
-	 *
-	 * The provider may limit the number of result rows in case of an abuse
-	 * where a high number of (session) tokens is generated
-	 *
-	 * @param IUser $user
-	 * @return IToken[]
-	 */
-	public function getTokenByUser(IUser $user): array {
-		return $this->mapper->getTokenByUser($user);
+	public function getTokenByUser(string $uid): array {
+		return $this->mapper->getTokenByUser($uid);
 	}
 
 	/**
@@ -265,14 +256,8 @@ class DefaultTokenProvider implements IProvider {
 		$this->mapper->invalidate($this->hashToken($token));
 	}
 
-	/**
-	 * Invalidate (delete) the given token
-	 *
-	 * @param IUser $user
-	 * @param int $id
-	 */
-	public function invalidateTokenById(IUser $user, int $id) {
-		$this->mapper->deleteById($user, $id);
+	public function invalidateTokenById(string $uid, int $id) {
+		$this->mapper->deleteById($uid, $id);
 	}
 
 	/**

lib/private/Authentication/Token/IProvider.php

@@ -28,7 +28,6 @@ namespace OC\Authentication\Token;
 
 use OC\Authentication\Exceptions\InvalidTokenException;
 use OC\Authentication\Exceptions\PasswordlessTokenException;
-use OCP\IUser;
 
 interface IProvider {
 
@@ -92,10 +91,10 @@ interface IProvider {
 	/**
 	 * Invalidate (delete) the given token
 	 *
-	 * @param IUser $user
+	 * @param string $uid
 	 * @param int $id
 	 */
-	public function invalidateTokenById(IUser $user, int $id);
+	public function invalidateTokenById(string $uid, int $id);
 
 	/**
 	 * Invalidate (delete) old session tokens
@@ -122,10 +121,10 @@ interface IProvider {
 	 * The provider may limit the number of result rows in case of an abuse
 	 * where a high number of (session) tokens is generated
 	 *
-	 * @param IUser $user
+	 * @param string $uid
 	 * @return IToken[]
 	 */
-	public function getTokenByUser(IUser $user): array;
+	public function getTokenByUser(string $uid): array;
 
 	/**
 	 * Get the (unencrypted) password of the given token

lib/private/Authentication/Token/Manager.php

@@ -104,8 +104,8 @@ class Manager implements IProvider {
 	 * @param IUser $user
 	 * @return IToken[]
 	 */
-	public function getTokenByUser(IUser $user): array {
-		return $this->defaultTokenProvider->getTokenByUser($user);
+	public function getTokenByUser(string $uid): array {
+		return $this->defaultTokenProvider->getTokenByUser($uid);
 	}
 
 	/**
@@ -188,9 +188,9 @@ class Manager implements IProvider {
 	 * @param IUser $user
 	 * @param int $id
 	 */
-	public function invalidateTokenById(IUser $user, int $id) {
+	public function invalidateTokenById(string $uid, int $id) {
 		//TODO find way to distinguis between tokens
-		$this->defaultTokenProvider->invalidateTokenById($user, $id);
+		$this->defaultTokenProvider->invalidateTokenById($uid, $id);
 	}
 
 	/**

lib/private/Authentication/Token/PublicKeyTokenMapper.php

@@ -28,7 +28,6 @@ use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Db\QBMapper;
 use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
-use OCP\IUser;
 
 class PublicKeyTokenMapper extends QBMapper {
 
@@ -115,15 +114,15 @@ class PublicKeyTokenMapper extends QBMapper {
 	 * The provider may limit the number of result rows in case of an abuse
 	 * where a high number of (session) tokens is generated
 	 *
-	 * @param IUser $user
+	 * @param string $uid
 	 * @return DefaultToken[]
 	 */
-	public function getTokenByUser(IUser $user): array {
+	public function getTokenByUser(string $uid): array {
 		/* @var $qb IQueryBuilder */
 		$qb = $this->db->getQueryBuilder();
 		$qb->select('*')
 			->from('authtoken')
-			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+			->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
 			->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(2, IQueryBuilder::PARAM_INT)))
 			->setMaxResults(1000);
 		$result = $qb->execute();
@@ -137,16 +136,12 @@ class PublicKeyTokenMapper extends QBMapper {
 		return $entities;
 	}
 
-	/**
-	 * @param IUser $user
-	 * @param int $id
-	 */
-	public function deleteById(IUser $user, int $id) {
+	public function deleteById(string $uid, int $id) {
 		/* @var $qb IQueryBuilder */
 		$qb = $this->db->getQueryBuilder();
 		$qb->delete('authtoken')
 			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
 			->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(2, IQueryBuilder::PARAM_INT)));
 		$qb->execute();
 	}

lib/private/Authentication/Token/PublicKeyTokenProvider.php

@@ -161,8 +161,8 @@ class PublicKeyTokenProvider implements IProvider {
 		$this->mapper->invalidate($this->hashToken($token));
 	}
 
-	public function invalidateTokenById(IUser $user, int $id) {
-		$this->mapper->deleteById($user, $id);
+	public function invalidateTokenById(string $uid, int $id) {
+		$this->mapper->deleteById($uid, $id);
 	}
 
 	public function invalidateOldTokens() {
@@ -194,8 +194,8 @@ class PublicKeyTokenProvider implements IProvider {
 		}
 	}
 
-	public function getTokenByUser(IUser $user): array {
-		return $this->mapper->getTokenByUser($user);
+	public function getTokenByUser(string $uid): array {
+		return $this->mapper->getTokenByUser($uid);
 	}
 
 	public function getPassword(IToken $token, string $tokenId): string {

settings/Controller/AuthSettingsController.php

@@ -83,11 +83,7 @@ class AuthSettingsController extends Controller {
 	 * @return JSONResponse|array
 	 */
 	public function index() {
-		$user = $this->userManager->get($this->uid);
-		if ($user === null) {
-			return [];
-		}
-		$tokens = $this->tokenProvider->getTokenByUser($user);
+		$tokens = $this->tokenProvider->getTokenByUser($this->uid);
 		
 		try {
 			$sessionId = $this->session->getId();
@@ -182,12 +178,7 @@ class AuthSettingsController extends Controller {
 	 * @return array
 	 */
 	public function destroy($id) {
-		$user = $this->userManager->get($this->uid);
-		if (is_null($user)) {
-			return [];
-		}
-
-		$this->tokenProvider->invalidateTokenById($user, $id);
+		$this->tokenProvider->invalidateTokenById($this->uid, $id);
 		return [];
 	}
 

tests/Settings/Controller/AuthSettingsControllerTest.php

@@ -75,13 +75,9 @@ class AuthSettingsControllerTest extends TestCase {
 		$sessionToken = new DefaultToken();
 		$sessionToken->setId(100);
 
-		$this->userManager->expects($this->once())
-			->method('get')
-			->with($this->uid)
-			->will($this->returnValue($this->user));
 		$this->tokenProvider->expects($this->once())
 			->method('getTokenByUser')
-			->with($this->user)
+			->with($this->uid)
 			->will($this->returnValue($tokens));
 		$this->session->expects($this->once())
 			->method('getId')
@@ -192,13 +188,9 @@ class AuthSettingsControllerTest extends TestCase {
 		$id = 123;
 		$user = $this->createMock(IUser::class);
 
-		$this->userManager->expects($this->once())
-			->method('get')
-			->with($this->uid)
-			->will($this->returnValue($user));
 		$this->tokenProvider->expects($this->once())
 			->method('invalidateTokenById')
-			->with($user, $id);
+			->with($this->uid, $id);
 
 		$this->assertEquals([], $this->controller->destroy($id));
 	}

tests/lib/Authentication/Token/DefaultTokenMapperTest.php

@@ -190,23 +190,11 @@ class DefaultTokenMapperTest extends TestCase {
 	}
 
 	public function testGetTokenByUser() {
-		/** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */
-		$user = $this->createMock(IUser::class);
-		$user->expects($this->once())
-			->method('getUID')
-			->will($this->returnValue('user1'));
-
-		$this->assertCount(2, $this->mapper->getTokenByUser($user));
+		$this->assertCount(2, $this->mapper->getTokenByUser('user1'));
 	}
 
 	public function testGetTokenByUserNotFound() {
-		/** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */
-		$user = $this->createMock(IUser::class);
-		$user->expects($this->once())
-			->method('getUID')
-			->will($this->returnValue('user1000'));
-
-		$this->assertCount(0, $this->mapper->getTokenByUser($user));
+		$this->assertCount(0, $this->mapper->getTokenByUser('user1000'));
 	}
 
 	public function testDeleteById() {
@@ -218,23 +206,15 @@ class DefaultTokenMapperTest extends TestCase {
 			->where($qb->expr()->eq('token', $qb->createNamedParameter('9c5a2e661482b65597408a6bb6c4a3d1af36337381872ac56e445a06cdb7fea2b1039db707545c11027a4966919918b19d875a8b774840b18c6cbb7ae56fe206')));
 		$result = $qb->execute();
 		$id = $result->fetch()['id'];
-		$user->expects($this->once())
-			->method('getUID')
-			->will($this->returnValue('user1'));
 
-		$this->mapper->deleteById($user, $id);
+		$this->mapper->deleteById('user1', $id);
 		$this->assertEquals(2, $this->getNumberOfTokens());
 	}
 
 	public function testDeleteByIdWrongUser() {
-		/** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */
-		$user = $this->createMock(IUser::class);
 		$id = 33;
-		$user->expects($this->once())
-			->method('getUID')
-			->will($this->returnValue('user10000'));
 
-		$this->mapper->deleteById($user, $id);
+		$this->mapper->deleteById('user1000', $id);
 		$this->assertEquals(3, $this->getNumberOfTokens());
 	}