aboutsummaryrefslogtreecommitdiffstats
path: root/apps/cloud_federation_api/lib
diff options
context:
space:
mode:
authorMaxence Lange <maxence@artificial-owl.com>2024-11-21 09:25:00 -0100
committerMaxence Lange <maxence@artificial-owl.com>2024-12-04 09:30:55 -0100
commit862a41111855314a9bf0d186ed02688386b70d73 (patch)
tree32c003ba203bc9af7c8c43c368975e6b8b2a0c93 /apps/cloud_federation_api/lib
parentf08d0532905c211d15effdfa1a9fa4f98921e2a9 (diff)
downloadnextcloud-server-862a41111855314a9bf0d186ed02688386b70d73.tar.gz
nextcloud-server-862a41111855314a9bf0d186ed02688386b70d73.zip
fix(ocm): simpler code
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Diffstat (limited to 'apps/cloud_federation_api/lib')
-rw-r--r--apps/cloud_federation_api/lib/Controller/RequestHandlerController.php20
1 files changed, 15 insertions, 5 deletions
diff --git a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
index b1ab1be3f88..e277b9b6389 100644
--- a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
+++ b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php
@@ -336,8 +336,11 @@ class RequestHandlerController extends Controller {
*/
private function getSignedRequest(): ?IIncomingSignedRequest {
try {
- return $this->signatureManager->getIncomingSignedRequest($this->signatoryManager);
+ $signedRequest = $this->signatureManager->getIncomingSignedRequest($this->signatoryManager);
+ $this->logger->debug('signed request available', ['signedRequest' => $signedRequest]);
+ return $signedRequest;
} catch (SignatureNotFoundException|SignatoryNotFoundException $e) {
+ $this->logger->debug('remote does not support signed request', ['exception' => $e]);
// remote does not support signed request.
// currently we still accept unsigned request until lazy appconfig
// core.enforce_signed_ocm_request is set to true (default: false)
@@ -346,7 +349,7 @@ class RequestHandlerController extends Controller {
throw new IncomingRequestException('Unsigned request');
}
} catch (SignatureException $e) {
- $this->logger->notice('wrongly signed request', ['exception' => $e]);
+ $this->logger->warning('wrongly signed request', ['exception' => $e]);
throw new IncomingRequestException('Invalid signature');
}
return null;
@@ -406,10 +409,17 @@ class RequestHandlerController extends Controller {
$share = $provider->getShareByToken($token);
try {
$this->confirmShareEntry($signedRequest, $share->getSharedWith());
- } catch (IncomingRequestException) {
+ } catch (IncomingRequestException $e) {
// notification might come from the instance that owns the share
- $this->logger->debug('could not confirm origin on sharedWith (' . $share->getSharedWIth() . '); going with shareOwner (' . $share->getShareOwner() . ')');
- $this->confirmShareEntry($signedRequest, $share->getShareOwner());
+ $this->logger->debug('could not confirm origin on sharedWith (' . $share->getSharedWIth() . '); going with shareOwner (' . $share->getShareOwner() . ')', ['exception' => $e]);
+ try {
+ $this->confirmShareEntry($signedRequest, $share->getShareOwner());
+ } catch (IncomingRequestException $f) {
+ // if both entry are failing, we log first exception as warning and second exception
+ // will be logged as warning by the controller
+ $this->logger->warning('could not confirm origin on sharedWith (' . $share->getSharedWIth() . '); going with shareOwner (' . $share->getShareOwner() . ')', ['exception' => $e]);
+ throw $f;
+ }
}
}