diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2017-08-01 14:43:47 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-08-01 14:43:47 +0200 |
| commit | 84c22fdeef6986f9038d8563937cc234751d5147 (patch) | |
| tree | e56de337cebc2f069c5282909a89a5de29a29df4 | |
| parent | 6010c4f267f6b59e0dfd620dc928227f75dae9d1 (diff) | |
| parent | f22ab3e665124e79427f51049fea0f937b66cdbb (diff) | |
| download | nextcloud-server-84c22fdeef6986f9038d8563937cc234751d5147.tar.gz nextcloud-server-84c22fdeef6986f9038d8563937cc234751d5147.zip | |
Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call
Add metadata to \OCP\AppFramework\Http\Response::throttle
6 files changed, 28 insertions, 5 deletions
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 1c75b1f3c8b..12431571256 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -248,7 +248,7 @@ class LoginController extends Controller { $args['redirect_url'] = $redirect_url; } $response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args)); - $response->throttle(); + $response->throttle(['user' => $user]); $this->session->set('loginMessages', [ ['invalidpassword'], [] ]); diff --git a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php index 78c86442b52..b7ec137062f 100644 --- a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php @@ -76,7 +76,7 @@ class BruteForceMiddleware extends Middleware { $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); $ip = $this->request->getRemoteAddress(); $this->throttler->sleepDelay($ip, $action); - $this->throttler->registerAttempt($action, $ip); + $this->throttler->registerAttempt($action, $ip, $response->getThrottleMetadata()); } return parent::afterController($controller, $methodName, $response); diff --git a/lib/public/AppFramework/Http/Response.php b/lib/public/AppFramework/Http/Response.php index c3b81d2baf7..94f09a55737 100644 --- a/lib/public/AppFramework/Http/Response.php +++ b/lib/public/AppFramework/Http/Response.php @@ -83,6 +83,8 @@ class Response { /** @var bool */ private $throttled = false; + /** @var array */ + private $throttleMetadata = []; /** * Caches the response @@ -328,10 +330,22 @@ class Response { * Marks the response as to throttle. Will be throttled when the * @BruteForceProtection annotation is added. * + * @param array $metadata * @since 12.0.0 */ - public function throttle() { + public function throttle(array $metadata = []) { $this->throttled = true; + $this->throttleMetadata = $metadata; + } + + /** + * Returns the throttle metadata, defaults to empty array + * + * @return array + * @since 13.0.0 + */ + public function getThrottleMetadata() { + return $this->throttleMetadata; } /** diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php index bd2d0143caf..493bade9dd8 100644 --- a/tests/Core/Controller/LoginControllerTest.php +++ b/tests/Core/Controller/LoginControllerTest.php @@ -307,7 +307,7 @@ class LoginControllerTest extends TestCase { ->method('deleteUserValue'); $expected = new \OCP\AppFramework\Http\RedirectResponse($loginPageUrl); - $expected->throttle(); + $expected->throttle(['user' => 'MyUserName']); $this->assertEquals($expected, $this->loginController->tryLogin($user, $password, '/apps/files')); } @@ -634,7 +634,7 @@ class LoginControllerTest extends TestCase { ->method('createRememberMeToken'); $expected = new RedirectResponse(''); - $expected->throttle(); + $expected->throttle(['user' => 'john']); $this->assertEquals($expected, $this->loginController->tryLogin('john@doe.com', 'just wrong', null)); } } diff --git a/tests/lib/AppFramework/Http/ResponseTest.php b/tests/lib/AppFramework/Http/ResponseTest.php index d8959face89..9267d862600 100644 --- a/tests/lib/AppFramework/Http/ResponseTest.php +++ b/tests/lib/AppFramework/Http/ResponseTest.php @@ -269,4 +269,9 @@ class ResponseTest extends \Test\TestCase { $this->childResponse->throttle(); $this->assertTrue($this->childResponse->isThrottled()); } + + public function testGetThrottleMetadata() { + $this->childResponse->throttle(['foo' => 'bar']); + $this->assertSame(['foo' => 'bar'], $this->childResponse->getThrottleMetadata()); + } } diff --git a/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php index 14d3b796846..ae2345764ff 100644 --- a/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php +++ b/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php @@ -112,6 +112,10 @@ class BruteForceMiddlewareTest extends TestCase { ->expects($this->once()) ->method('isThrottled') ->willReturn(true); + $response + ->expects($this->once()) + ->method('getThrottleMetadata') + ->willReturn([]); $this->reflector ->expects($this->once()) ->method('getAnnotationParameter') |