diff options
author | Maxence Lange <maxence@artificial-owl.com> | 2024-11-21 09:25:00 -0100 |
---|---|---|
committer | Maxence Lange <maxence@artificial-owl.com> | 2024-12-04 09:30:55 -0100 |
commit | 862a41111855314a9bf0d186ed02688386b70d73 (patch) | |
tree | 32c003ba203bc9af7c8c43c368975e6b8b2a0c93 /apps/cloud_federation_api/lib | |
parent | f08d0532905c211d15effdfa1a9fa4f98921e2a9 (diff) | |
download | nextcloud-server-862a41111855314a9bf0d186ed02688386b70d73.tar.gz nextcloud-server-862a41111855314a9bf0d186ed02688386b70d73.zip |
fix(ocm): simpler code
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Diffstat (limited to 'apps/cloud_federation_api/lib')
-rw-r--r-- | apps/cloud_federation_api/lib/Controller/RequestHandlerController.php | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php index b1ab1be3f88..e277b9b6389 100644 --- a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php +++ b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php @@ -336,8 +336,11 @@ class RequestHandlerController extends Controller { */ private function getSignedRequest(): ?IIncomingSignedRequest { try { - return $this->signatureManager->getIncomingSignedRequest($this->signatoryManager); + $signedRequest = $this->signatureManager->getIncomingSignedRequest($this->signatoryManager); + $this->logger->debug('signed request available', ['signedRequest' => $signedRequest]); + return $signedRequest; } catch (SignatureNotFoundException|SignatoryNotFoundException $e) { + $this->logger->debug('remote does not support signed request', ['exception' => $e]); // remote does not support signed request. // currently we still accept unsigned request until lazy appconfig // core.enforce_signed_ocm_request is set to true (default: false) @@ -346,7 +349,7 @@ class RequestHandlerController extends Controller { throw new IncomingRequestException('Unsigned request'); } } catch (SignatureException $e) { - $this->logger->notice('wrongly signed request', ['exception' => $e]); + $this->logger->warning('wrongly signed request', ['exception' => $e]); throw new IncomingRequestException('Invalid signature'); } return null; @@ -406,10 +409,17 @@ class RequestHandlerController extends Controller { $share = $provider->getShareByToken($token); try { $this->confirmShareEntry($signedRequest, $share->getSharedWith()); - } catch (IncomingRequestException) { + } catch (IncomingRequestException $e) { // notification might come from the instance that owns the share - $this->logger->debug('could not confirm origin on sharedWith (' . $share->getSharedWIth() . '); going with shareOwner (' . $share->getShareOwner() . ')'); - $this->confirmShareEntry($signedRequest, $share->getShareOwner()); + $this->logger->debug('could not confirm origin on sharedWith (' . $share->getSharedWIth() . '); going with shareOwner (' . $share->getShareOwner() . ')', ['exception' => $e]); + try { + $this->confirmShareEntry($signedRequest, $share->getShareOwner()); + } catch (IncomingRequestException $f) { + // if both entry are failing, we log first exception as warning and second exception + // will be logged as warning by the controller + $this->logger->warning('could not confirm origin on sharedWith (' . $share->getSharedWIth() . '); going with shareOwner (' . $share->getShareOwner() . ')', ['exception' => $e]); + throw $f; + } } } |