diff options
author | Robin Appelman <icewind@owncloud.com> | 2016-01-19 12:15:20 +0100 |
---|---|---|
committer | Robin Appelman <icewind@owncloud.com> | 2016-01-29 14:50:52 +0100 |
commit | 419507c1181e8b9685ebaa4fee8973c62967ac6e (patch) | |
tree | 18f203b0ffa160966987adff8c5db78893ab0934 | |
parent | adbc5a0b41be84f741f8689fda98b9f89cfdf5f6 (diff) | |
download | nextcloud-server-419507c1181e8b9685ebaa4fee8973c62967ac6e.tar.gz nextcloud-server-419507c1181e8b9685ebaa4fee8973c62967ac6e.zip |
Add user provided credentials mechanism
-rw-r--r-- | apps/files_external/appinfo/application.php | 1 | ||||
-rw-r--r-- | apps/files_external/appinfo/routes.php | 7 | ||||
-rw-r--r-- | apps/files_external/controller/usercredentialscontroller.php | 57 | ||||
-rw-r--r-- | apps/files_external/lib/auth/password/userprovided.php | 78 |
4 files changed, 142 insertions, 1 deletions
diff --git a/apps/files_external/appinfo/application.php b/apps/files_external/appinfo/application.php index 1571178596b..1bf258c48b4 100644 --- a/apps/files_external/appinfo/application.php +++ b/apps/files_external/appinfo/application.php @@ -109,6 +109,7 @@ class Application extends App { $container->query('OCA\Files_External\Lib\Auth\Password\Password'), $container->query('OCA\Files_External\Lib\Auth\Password\SessionCredentials'), $container->query('OCA\Files_External\Lib\Auth\Password\LoginCredentials'), + $container->query('OCA\Files_External\Lib\Auth\Password\UserProvided'), // AuthMechanism::SCHEME_OAUTH1 mechanisms $container->query('OCA\Files_External\Lib\Auth\OAuth1\OAuth1'), diff --git a/apps/files_external/appinfo/routes.php b/apps/files_external/appinfo/routes.php index c3149a300cf..b30ad0a8542 100644 --- a/apps/files_external/appinfo/routes.php +++ b/apps/files_external/appinfo/routes.php @@ -44,7 +44,12 @@ namespace OCA\Files_External\AppInfo; 'url' => '/ajax/public_key.php', 'verb' => 'POST', 'requirements' => array() - ) + ), + [ + 'name' => 'UserCredentials#store', + 'url' => '/usercredentials/{storageId}', + 'verb' => 'PUT' + ] ) ) ); diff --git a/apps/files_external/controller/usercredentialscontroller.php b/apps/files_external/controller/usercredentialscontroller.php new file mode 100644 index 00000000000..2944611d8a9 --- /dev/null +++ b/apps/files_external/controller/usercredentialscontroller.php @@ -0,0 +1,57 @@ +<?php +/** + * @author Robin Appelman <icewind@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Controller; + +use OCA\Files_External\Lib\Auth\Password\UserProvided; +use OCP\AppFramework\Controller; +use OCP\IRequest; +use OCP\IUserSession; + +class UserCredentialsController extends Controller { + /** + * @var UserProvided + */ + private $authMechanism; + + /** + * @var IUserSession + */ + private $userSession; + + public function __construct($appName, IRequest $request, UserProvided $authMechanism, IUserSession $userSession) { + parent::__construct($appName, $request); + $this->authMechanism = $authMechanism; + $this->userSession = $userSession; + } + + /** + * @param int $storageId + * @param string $username + * @param string $password + * + * @NoAdminRequired + * @NoCSRFRequired + */ + public function store($storageId, $username, $password) { + $this->authMechanism->saveCredentials($this->userSession->getUser(), $storageId, $username, $password); + } +} diff --git a/apps/files_external/lib/auth/password/userprovided.php b/apps/files_external/lib/auth/password/userprovided.php new file mode 100644 index 00000000000..8854513e161 --- /dev/null +++ b/apps/files_external/lib/auth/password/userprovided.php @@ -0,0 +1,78 @@ +<?php +/** + * @author Robin Appelman <icewind@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Auth\Password; + +use OCP\IL10N; +use OCP\IUser; +use OCA\Files_External\Lib\Auth\AuthMechanism; +use OCA\Files_External\Lib\StorageConfig; +use OCP\Security\ICredentialsManager; +use OCP\Files\Storage; +use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException; + +/** + * User provided Username and Password + */ +class UserProvided extends AuthMechanism { + + const CREDENTIALS_IDENTIFIER_PREFIX = 'password::userprovided/'; + + /** @var ICredentialsManager */ + protected $credentialsManager; + + public function __construct(IL10N $l, ICredentialsManager $credentialsManager) { + $this->credentialsManager = $credentialsManager; + + $this + ->setIdentifier('password::userprovided') + ->setScheme(self::SCHEME_PASSWORD) + ->setText($l->t('User provided')) + ->addParameters([]); + } + + private function getCredentialsIdentifier($storageId) { + return self::CREDENTIALS_IDENTIFIER_PREFIX . $storageId; + } + + public function saveCredentials(IUser $user, $id, $username, $password) { + $this->credentialsManager->store($user->getUID(), $this->getCredentialsIdentifier($id), [ + 'user' => $username, + 'password' => $password + ]); + } + + public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) { + if (!isset($user)) { + throw new InsufficientDataForMeaningfulAnswerException('No credentials saved'); + } + $uid = $user->getUID(); + $credentials = $this->credentialsManager->retrieve($uid, $this->getCredentialsIdentifier($storage->getId())); + + if (!isset($credentials)) { + throw new InsufficientDataForMeaningfulAnswerException('No credentials saved'); + } + + $storage->setBackendOption('user', $credentials['user']); + $storage->setBackendOption('password', $credentials['password']); + } + +} |