mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36881 Commits
427 Branches
Tree: 202509251c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '202509251c'
${ noResults }
nextcloud/settings/Controller/AuthSettingsController.php

AuthSettingsController.php 5.1KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2016, ownCloud, Inc.

  4.  *

  5.  * @author Christoph Wurst <christoph@owncloud.com>

  6.  * @author Robin Appelman <robin@icewind.nl>

  7.  *

  8.  * @license AGPL-3.0

  9.  *

  10.  * This code is free software: you can redistribute it and/or modify

  11.  * it under the terms of the GNU Affero General Public License, version 3,

  12.  * as published by the Free Software Foundation.

  13.  *

  14.  * This program is distributed in the hope that it will be useful,

  15.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  16.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  17.  * GNU Affero General Public License for more details.

  18.  *

  19.  * You should have received a copy of the GNU Affero General Public License, version 3,

  20.  * along with this program.  If not, see <http://www.gnu.org/licenses/>

  21.  *

  22.  */

  23. 

  24. namespace OC\Settings\Controller;

  25. 

  26. use OC\AppFramework\Http;

  27. use OC\Authentication\Exceptions\InvalidTokenException;

  28. use OC\Authentication\Exceptions\PasswordlessTokenException;

  29. use OC\Authentication\Token\IProvider;

  30. use OC\Authentication\Token\IToken;

  31. use OCP\AppFramework\Controller;

  32. use OCP\AppFramework\Http\JSONResponse;

  33. use OCP\IRequest;

  34. use OCP\ISession;

  35. use OCP\IUserManager;

  36. use OCP\Security\ISecureRandom;

  37. use OCP\Session\Exceptions\SessionNotAvailableException;

  38. 

  39. class AuthSettingsController extends Controller {

  40. 

  41. 	/** @var IProvider */

  42. 	private $tokenProvider;

  43. 

  44. 	/** @var IUserManager */

  45. 	private $userManager;

  46. 

  47. 	/** @var ISession */

  48. 	private $session;

  49. 

  50. 	/** @var string */

  51. 	private $uid;

  52. 

  53. 	/** @var ISecureRandom */

  54. 	private $random;

  55. 

  56. 	/**

  57. 	 * @param string $appName

  58. 	 * @param IRequest $request

  59. 	 * @param IProvider $tokenProvider

  60. 	 * @param IUserManager $userManager

  61. 	 * @param ISession $session

  62. 	 * @param ISecureRandom $random

  63. 	 * @param string $userId

  64. 	 */

  65. 	public function __construct($appName, IRequest $request, IProvider $tokenProvider, IUserManager $userManager,

  66. 		ISession $session, ISecureRandom $random, $userId) {

  67. 		parent::__construct($appName, $request);

  68. 		$this->tokenProvider = $tokenProvider;

  69. 		$this->userManager = $userManager;

  70. 		$this->uid = $userId;

  71. 		$this->session = $session;

  72. 		$this->random = $random;

  73. 	}

  74. 

  75. 	/**

  76. 	 * @NoAdminRequired

  77. 	 * @NoSubadminRequired

  78. 	 *

  79. 	 * @return JSONResponse

  80. 	 */

  81. 	public function index() {

  82. 		$user = $this->userManager->get($this->uid);

  83. 		if (is_null($user)) {

  84. 			return [];

  85. 		}

  86. 		$tokens = $this->tokenProvider->getTokenByUser($user);

  87. 		

  88. 		try {

  89. 			$sessionId = $this->session->getId();

  90. 		} catch (SessionNotAvailableException $ex) {

  91. 			return $this->getServiceNotAvailableResponse();

  92. 		}

  93. 		try {

  94. 			$sessionToken = $this->tokenProvider->getToken($sessionId);

  95. 		} catch (InvalidTokenException $ex) {

  96. 			return $this->getServiceNotAvailableResponse();

  97. 		}

  98. 

  99. 		return array_map(function(IToken $token) use ($sessionToken) {

  100. 			$data = $token->jsonSerialize();

  101. 			if ($sessionToken->getId() === $token->getId()) {

  102. 				$data['canDelete'] = false;

  103. 				$data['current'] = true;

  104. 			} else {

  105. 				$data['canDelete'] = true;

  106. 			}

  107. 			return $data;

  108. 		}, $tokens);

  109. 	}

  110. 

  111. 	/**

  112. 	 * @NoAdminRequired

  113. 	 * @NoSubadminRequired

  114. 	 * @PasswordConfirmationRequired

  115. 	 *

  116. 	 * @param string $name

  117. 	 * @return JSONResponse

  118. 	 */

  119. 	public function create($name) {

  120. 		try {

  121. 			$sessionId = $this->session->getId();

  122. 		} catch (SessionNotAvailableException $ex) {

  123. 			return $this->getServiceNotAvailableResponse();

  124. 		}

  125. 

  126. 		try {

  127. 			$sessionToken = $this->tokenProvider->getToken($sessionId);

  128. 			$loginName = $sessionToken->getLoginName();

  129. 			try {

  130. 				$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);

  131. 			} catch (PasswordlessTokenException $ex) {

  132. 				$password = null;

  133. 			}

  134. 		} catch (InvalidTokenException $ex) {

  135. 			return $this->getServiceNotAvailableResponse();

  136. 		}

  137. 

  138. 		$token = $this->generateRandomDeviceToken();

  139. 		$deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);

  140. 		$tokenData = $deviceToken->jsonSerialize();

  141. 		$tokenData['canDelete'] = true;

  142. 

  143. 		return new JSONResponse([

  144. 			'token' => $token,

  145. 			'loginName' => $loginName,

  146. 			'deviceToken' => $tokenData,

  147. 		]);

  148. 	}

  149. 

  150. 	private function getServiceNotAvailableResponse() {

  151. 		$resp = new JSONResponse();

  152. 		$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);

  153. 		return $resp;

  154. 	}

  155. 

  156. 	/**

  157. 	 * Return a 20 digit device password

  158. 	 *

  159. 	 * Example: ABCDE-FGHIJ-KLMNO-PQRST

  160. 	 *

  161. 	 * @return string

  162. 	 */

  163. 	private function generateRandomDeviceToken() {

  164. 		$groups = [];

  165. 		for ($i = 0; $i < 4; $i++) {

  166. 			$groups[] = $this->random->generate(5, implode('', range('A', 'Z')));

  167. 		}

  168. 		return implode('-', $groups);

  169. 	}

  170. 

  171. 	/**

  172. 	 * @NoAdminRequired

  173. 	 * @NoSubadminRequired

  174. 	 *

  175. 	 * @return JSONResponse

  176. 	 */

  177. 	public function destroy($id) {

  178. 		$user = $this->userManager->get($this->uid);

  179. 		if (is_null($user)) {

  180. 			return [];

  181. 		}

  182. 

  183. 		$this->tokenProvider->invalidateTokenById($user, $id);

  184. 		return [];

  185. 	}

  186. 

  187. 	/**

  188. 	 * @NoAdminRequired

  189. 	 * @NoSubadminRequired

  190. 	 *

  191. 	 * @param int $id

  192. 	 * @param array $scope

  193. 	 */

  194. 	public function update($id, array $scope) {

  195. 		$token = $this->tokenProvider->getTokenById($id);

  196. 		$token->setScope([

  197. 			'filesystem' => $scope['filesystem']

  198. 		]);

  199. 		$this->tokenProvider->updateToken($token);

  200. 		return [];

  201. 	}

  202. }