Merge pull request #32415 from nextcloud/backport/32375/stable24

[stable24] Show user account on grant loginflow step

6 files changed, 82 insertions, 36 deletions

diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index ad8bc8eb086..d24a49ee376 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -49,6 +49,7 @@ use OCP\IL10N;
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
+use OCP\IUser;
 use OCP\IUserSession;
 use OCP\Security\ICrypto;
 use OCP\Security\ISecureRandom;
@@ -251,10 +252,15 @@ class ClientFlowLoginController extends Controller {
 			$csp->addAllowedFormActionDomain('nc://*');
 		}
 
+		/** @var IUser $user */
+		$user = $this->userSession->getUser();
+
 		$response = new StandaloneTemplateResponse(
 			$this->appName,
 			'loginflow/grant',
 			[
+				'userId' => $user->getUID(),
+				'userDisplayName' => $user->getDisplayName(),
 				'client' => $clientName,
 				'clientIdentifier' => $clientIdentifier,
 				'instanceName' => $this->defaults->getName(),
diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php
index ab46cb4b729..27585cbdb7e 100644
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@@ -42,6 +42,8 @@ use OCP\IL10N;
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
+use OCP\IUser;
+use OCP\IUserSession;
 use OCP\Security\ISecureRandom;
 
 class ClientFlowLoginV2Controller extends Controller {
@@ -54,6 +56,8 @@ class ClientFlowLoginV2Controller extends Controller {
 	private $urlGenerator;
 	/** @var ISession */
 	private $session;
+	/** @var IUserSession */
+	private $userSession;
 	/** @var ISecureRandom */
 	private $random;
 	/** @var Defaults */
@@ -68,6 +72,7 @@ class ClientFlowLoginV2Controller extends Controller {
 								LoginFlowV2Service $loginFlowV2Service,
 								IURLGenerator $urlGenerator,
 								ISession $session,
+								IUserSession $userSession,
 								ISecureRandom $random,
 								Defaults $defaults,
 								?string $userId,
@@ -76,6 +81,7 @@ class ClientFlowLoginV2Controller extends Controller {
 		$this->loginFlowV2Service = $loginFlowV2Service;
 		$this->urlGenerator = $urlGenerator;
 		$this->session = $session;
+		$this->userSession = $userSession;
 		$this->random = $random;
 		$this->defaults = $defaults;
 		$this->userId = $userId;
@@ -162,10 +168,15 @@ class ClientFlowLoginV2Controller extends Controller {
 			return $this->loginTokenForbiddenResponse();
 		}
 
+		/** @var IUser $user */
+		$user = $this->userSession->getUser();
+
 		return new StandaloneTemplateResponse(
 			$this->appName,
 			'loginflowv2/grant',
 			[
+				'userId' => $user->getUID(),
+				'userDisplayName' => $user->getDisplayName(),
 				'client' => $flow->getClientName(),
 				'instanceName' => $this->defaults->getName(),
 				'urlGenerator' => $this->urlGenerator,
diff --git a/core/templates/loginflow/grant.php b/core/templates/loginflow/grant.php
index c537c47ea64..04fdced1c62 100644
--- a/core/templates/loginflow/grant.php
+++ b/core/templates/loginflow/grant.php
@@ -30,6 +30,12 @@ $urlGenerator = $_['urlGenerator'];
 <div class="picker-window">
 	<h2><?php p($l->t('Account access')) ?></h2>
 	<p class="info">
+		<?php p($l->t('Currently logged in as %1$s (%2$s).', [
+			$_['userDisplayName'],
+			$_['userId'],
+		])) ?>
+	</p>
+	<p class="info">
 		<?php print_unescaped($l->t('You are about to grant %1$s access to your %2$s account.', [
 			'<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>',
 			\OCP\Util::sanitizeHTML($_['instanceName'])
@@ -44,7 +50,7 @@ $urlGenerator = $_['urlGenerator'];
 			<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />
 			<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
 			<input type="hidden" name="oauthState" value="<?php p($_['oauthState']) ?>" />
-			<?php if (p($_['direct'])) { ?>
+			<?php if ($_['direct']) { ?>
 			<input type="hidden" name="direct" value="1" />
 			<?php } ?>
 			<div id="submit-wrapper">
diff --git a/core/templates/loginflowv2/grant.php b/core/templates/loginflowv2/grant.php
index b036d33ad7c..19005a20e2c 100644
--- a/core/templates/loginflowv2/grant.php
+++ b/core/templates/loginflowv2/grant.php
@@ -30,6 +30,12 @@ $urlGenerator = $_['urlGenerator'];
 <div class="picker-window">
 	<h2><?php p($l->t('Account access')) ?></h2>
 	<p class="info">
+		<?php p($l->t('Currently logged in as %1$s (%2$s).', [
+			$_['userDisplayName'],
+			$_['userId'],
+		])) ?>
+	</p>
+	<p class="info">
 		<?php print_unescaped($l->t('You are about to grant %1$s access to your %2$s account.', [
 			'<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>',
 			\OCP\Util::sanitizeHTML($_['instanceName'])
@@ -41,10 +47,10 @@ $urlGenerator = $_['urlGenerator'];
 	<p id="redirect-link">
 		<form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.generateAppPassword')) ?>">
 			<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />
-			<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />	
+			<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
 			<div id="submit-wrapper">
 				<input type="submit" class="login primary icon-confirm-white" title="" value="<?php p($l->t('Grant access')); ?>" />
-			</div>	
+			</div>
 		</form>
 	</p>
 </div>
diff --git a/tests/Core/Controller/ClientFlowLoginControllerTest.php b/tests/Core/Controller/ClientFlowLoginControllerTest.php
index dae42474f41..dfd3e629dcd 100644
--- a/tests/Core/Controller/ClientFlowLoginControllerTest.php
+++ b/tests/Core/Controller/ClientFlowLoginControllerTest.php
@@ -134,15 +134,15 @@ class ClientFlowLoginControllerTest extends TestCase {
 
 	public function testShowAuthPickerPageWithOcsHeader() {
 		$this->request
-			->expects($this->at(0))
 			->method('getHeader')
-			->with('USER_AGENT')
-			->willReturn('Mac OS X Sync Client');
-		$this->request
-			->expects($this->at(1))
-			->method('getHeader')
-			->with('OCS-APIREQUEST')
-			->willReturn('true');
+			->withConsecutive(
+				['USER_AGENT'],
+				['OCS-APIREQUEST']
+			)
+			->willReturnMap([
+				['USER_AGENT', 'Mac OS X Sync Client'],
+				['OCS-APIREQUEST', 'true'],
+			]);
 		$this->random
 			->expects($this->once())
 			->method('generate')
@@ -196,10 +196,15 @@ class ClientFlowLoginControllerTest extends TestCase {
 
 	public function testShowAuthPickerPageWithOauth() {
 		$this->request
-			->expects($this->at(0))
 			->method('getHeader')
-			->with('USER_AGENT')
-			->willReturn('Mac OS X Sync Client');
+			->withConsecutive(
+				['USER_AGENT'],
+				['OCS-APIREQUEST']
+			)
+			->willReturnMap([
+				['USER_AGENT', 'Mac OS X Sync Client'],
+				['OCS-APIREQUEST', 'false'],
+			]);
 		$client = new Client();
 		$client->setName('My external service');
 		$client->setRedirectUri('https://example.com/redirect.php');
@@ -413,23 +418,21 @@ class ClientFlowLoginControllerTest extends TestCase {
 	 */
 	public function testGeneratePasswordWithPasswordForOauthClient($redirectUri, $redirectUrl) {
 		$this->session
-			->expects($this->at(0))
 			->method('get')
-			->with('client.flow.state.token')
-			->willReturn('MyStateToken');
-		$this->session
-			->expects($this->at(1))
-			->method('remove')
-			->with('client.flow.state.token');
-		$this->session
-			->expects($this->at(3))
-			->method('get')
-			->with('oauth.state')
-			->willReturn('MyOauthState');
+			->withConsecutive(
+				['client.flow.state.token'],
+				['oauth.state']
+			)
+			->willReturnMap([
+				['client.flow.state.token', 'MyStateToken'],
+				['oauth.state', 'MyOauthState'],
+			]);
 		$this->session
-			->expects($this->at(4))
 			->method('remove')
-			->with('oauth.state');
+			->withConsecutive(
+				['client.flow.state.token'],
+				['oauth.state']
+			);
 		$this->session
 			->expects($this->once())
 			->method('getId')
@@ -450,15 +453,15 @@ class ClientFlowLoginControllerTest extends TestCase {
 			->with($myToken, 'SessionId')
 			->willReturn('MyPassword');
 		$this->random
-			->expects($this->at(0))
 			->method('generate')
-			->with(72)
-			->willReturn('MyGeneratedToken');
-		$this->random
-			->expects($this->at(1))
-			->method('generate')
-			->with(128)
-			->willReturn('MyAccessCode');
+			->withConsecutive(
+				[72],
+				[128]
+			)
+			->willReturnMap([
+				[72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS, 'MyGeneratedToken'],
+				[128, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS, 'MyAccessCode'],
+			]);
 		$user = $this->createMock(IUser::class);
 		$user
 			->expects($this->once())
diff --git a/tests/Core/Controller/ClientFlowLoginV2ControllerTest.php b/tests/Core/Controller/ClientFlowLoginV2ControllerTest.php
index 1e35dc71c3f..53d5f392ac6 100644
--- a/tests/Core/Controller/ClientFlowLoginV2ControllerTest.php
+++ b/tests/Core/Controller/ClientFlowLoginV2ControllerTest.php
@@ -36,6 +36,8 @@ use OCP\IL10N;
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
+use OCP\IUser;
+use OCP\IUserSession;
 use OCP\Security\ISecureRandom;
 use PHPUnit\Framework\MockObject\MockObject;
 use Test\TestCase;
@@ -50,6 +52,8 @@ class ClientFlowLoginV2ControllerTest extends TestCase {
 	private $urlGenerator;
 	/** @var ISession|MockObject */
 	private $session;
+	/** @var IUserSession|MockObject */
+	private $userSession;
 	/** @var ISecureRandom|MockObject */
 	private $random;
 	/** @var Defaults|MockObject */
@@ -66,6 +70,7 @@ class ClientFlowLoginV2ControllerTest extends TestCase {
 		$this->loginFlowV2Service = $this->createMock(LoginFlowV2Service::class);
 		$this->urlGenerator = $this->createMock(IURLGenerator::class);
 		$this->session = $this->createMock(ISession::class);
+		$this->userSession = $this->createMock(IUserSession::class);
 		$this->random = $this->createMock(ISecureRandom::class);
 		$this->defaults = $this->createMock(Defaults::class);
 		$this->l = $this->createMock(IL10N::class);
@@ -75,6 +80,7 @@ class ClientFlowLoginV2ControllerTest extends TestCase {
 			$this->loginFlowV2Service,
 			$this->urlGenerator,
 			$this->session,
+			$this->userSession,
 			$this->random,
 			$this->defaults,
 			'user',
@@ -224,6 +230,14 @@ class ClientFlowLoginV2ControllerTest extends TestCase {
 				return null;
 			});
 
+		$user = $this->createMock(IUser::class);
+		$user->method('getUID')
+			->willReturn('uid');
+		$user->method('getDisplayName')
+			->willReturn('display name');
+		$this->userSession->method('getUser')
+			->willReturn($user);
+
 		$flow = new LoginFlowV2();
 		$this->loginFlowV2Service->method('getByLoginToken')
 			->with('loginToken')