aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files_external
diff options
context:
space:
mode:
authorThomas Müller <thomas.mueller@tmit.eu>2016-01-22 13:14:14 +0100
committerThomas Müller <thomas.mueller@tmit.eu>2016-01-22 13:14:14 +0100
commit9b4c9a0357ba9a10f4e0c7c1cafb3923ba5929db (patch)
treeeb469af5c63d8df131d6e7fc00bcf42f6d4b75eb /apps/files_external
parent0bccdbc959b0b7bbce2ebdd62b6b44121e1e0b61 (diff)
parent58afddfaa585fdb9efb34c01d1a5fa6282ed2bd1 (diff)
downloadnextcloud-server-9b4c9a0357ba9a10f4e0c7c1cafb3923ba5929db.tar.gz
nextcloud-server-9b4c9a0357ba9a10f4e0c7c1cafb3923ba5929db.zip
Merge pull request #18531 from owncloud/ext-user-credentials
External storage 'Login credentials' auth mechanism
Diffstat (limited to 'apps/files_external')
-rw-r--r--apps/files_external/appinfo/application.php1
-rw-r--r--apps/files_external/appinfo/info.xml2
-rw-r--r--apps/files_external/controller/storagescontroller.php16
-rw-r--r--apps/files_external/controller/userglobalstoragescontroller.php21
-rw-r--r--apps/files_external/controller/userstoragescontroller.php20
-rw-r--r--apps/files_external/lib/auth/password/logincredentials.php92
-rw-r--r--apps/files_external/lib/auth/password/sessioncredentials.php3
-rw-r--r--apps/files_external/lib/auth/publickey/rsa.php3
-rw-r--r--apps/files_external/lib/backend/smb.php4
-rw-r--r--apps/files_external/lib/backend/smb_oc.php3
-rw-r--r--apps/files_external/lib/config/configadapter.php4
-rw-r--r--apps/files_external/lib/storagemodifiertrait.php4
-rw-r--r--apps/files_external/tests/controller/userstoragescontrollertest.php3
13 files changed, 160 insertions, 16 deletions
diff --git a/apps/files_external/appinfo/application.php b/apps/files_external/appinfo/application.php
index c755b6a29b0..1571178596b 100644
--- a/apps/files_external/appinfo/application.php
+++ b/apps/files_external/appinfo/application.php
@@ -108,6 +108,7 @@ class Application extends App {
// AuthMechanism::SCHEME_PASSWORD mechanisms
$container->query('OCA\Files_External\Lib\Auth\Password\Password'),
$container->query('OCA\Files_External\Lib\Auth\Password\SessionCredentials'),
+ $container->query('OCA\Files_External\Lib\Auth\Password\LoginCredentials'),
// AuthMechanism::SCHEME_OAUTH1 mechanisms
$container->query('OCA\Files_External\Lib\Auth\OAuth1\OAuth1'),
diff --git a/apps/files_external/appinfo/info.xml b/apps/files_external/appinfo/info.xml
index 1a9fa73de3f..1cd4f602075 100644
--- a/apps/files_external/appinfo/info.xml
+++ b/apps/files_external/appinfo/info.xml
@@ -13,7 +13,7 @@
<admin>admin-external-storage</admin>
</documentation>
<rememberlogin>false</rememberlogin>
- <version>0.5.1</version>
+ <version>0.5.2</version>
<types>
<filesystem/>
</types>
diff --git a/apps/files_external/controller/storagescontroller.php b/apps/files_external/controller/storagescontroller.php
index 07e2e69f601..64b989f0c77 100644
--- a/apps/files_external/controller/storagescontroller.php
+++ b/apps/files_external/controller/storagescontroller.php
@@ -212,6 +212,15 @@ abstract class StoragesController extends Controller {
return null;
}
+ protected function manipulateStorageConfig(StorageConfig $storage) {
+ /** @var AuthMechanism */
+ $authMechanism = $storage->getAuthMechanism();
+ $authMechanism->manipulateStorageConfig($storage);
+ /** @var Backend */
+ $backend = $storage->getBackend();
+ $backend->manipulateStorageConfig($storage);
+ }
+
/**
* Check whether the given storage is available / valid.
*
@@ -222,13 +231,10 @@ abstract class StoragesController extends Controller {
*/
protected function updateStorageStatus(StorageConfig &$storage) {
try {
- /** @var AuthMechanism */
- $authMechanism = $storage->getAuthMechanism();
- $authMechanism->manipulateStorageConfig($storage);
+ $this->manipulateStorageConfig($storage);
+
/** @var Backend */
$backend = $storage->getBackend();
- $backend->manipulateStorageConfig($storage);
-
// update status (can be time-consuming)
$storage->setStatus(
\OC_Mount_Config::getBackendStatus(
diff --git a/apps/files_external/controller/userglobalstoragescontroller.php b/apps/files_external/controller/userglobalstoragescontroller.php
index 5aea7875ed4..6d4548754df 100644
--- a/apps/files_external/controller/userglobalstoragescontroller.php
+++ b/apps/files_external/controller/userglobalstoragescontroller.php
@@ -21,6 +21,7 @@
namespace OCA\Files_External\Controller;
+use OCA\Files_External\Lib\Auth\AuthMechanism;
use \OCP\IRequest;
use \OCP\IL10N;
use \OCP\AppFramework\Http\DataResponse;
@@ -30,24 +31,32 @@ use \OCA\Files_external\Service\UserGlobalStoragesService;
use \OCA\Files_external\NotFoundException;
use \OCA\Files_external\Lib\StorageConfig;
use \OCA\Files_External\Lib\Backend\Backend;
+use OCP\IUserSession;
/**
* User global storages controller
*/
class UserGlobalStoragesController extends StoragesController {
/**
+ * @var IUserSession
+ */
+ private $userSession;
+
+ /**
* Creates a new user global storages controller.
*
* @param string $AppName application name
* @param IRequest $request request object
* @param IL10N $l10n l10n service
* @param UserGlobalStoragesService $userGlobalStoragesService storage service
+ * @param IUserSession $userSession
*/
public function __construct(
$AppName,
IRequest $request,
IL10N $l10n,
- UserGlobalStoragesService $userGlobalStoragesService
+ UserGlobalStoragesService $userGlobalStoragesService,
+ IUserSession $userSession
) {
parent::__construct(
$AppName,
@@ -55,6 +64,7 @@ class UserGlobalStoragesController extends StoragesController {
$l10n,
$userGlobalStoragesService
);
+ $this->userSession = $userSession;
}
/**
@@ -78,6 +88,15 @@ class UserGlobalStoragesController extends StoragesController {
);
}
+ protected function manipulateStorageConfig(StorageConfig $storage) {
+ /** @var AuthMechanism */
+ $authMechanism = $storage->getAuthMechanism();
+ $authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
+ /** @var Backend */
+ $backend = $storage->getBackend();
+ $backend->manipulateStorageConfig($storage, $this->userSession->getUser());
+ }
+
/**
* Get an external storage entry.
*
diff --git a/apps/files_external/controller/userstoragescontroller.php b/apps/files_external/controller/userstoragescontroller.php
index 345e4bf652b..741e906dec1 100644
--- a/apps/files_external/controller/userstoragescontroller.php
+++ b/apps/files_external/controller/userstoragescontroller.php
@@ -23,6 +23,7 @@
namespace OCA\Files_External\Controller;
+use OCA\Files_External\Lib\Auth\AuthMechanism;
use \OCP\IConfig;
use \OCP\IUserSession;
use \OCP\IRequest;
@@ -41,18 +42,25 @@ use \OCA\Files_External\Lib\Backend\Backend;
*/
class UserStoragesController extends StoragesController {
/**
+ * @var IUserSession
+ */
+ private $userSession;
+
+ /**
* Creates a new user storages controller.
*
* @param string $AppName application name
* @param IRequest $request request object
* @param IL10N $l10n l10n service
* @param UserStoragesService $userStoragesService storage service
+ * @param IUserSession $userSession
*/
public function __construct(
$AppName,
IRequest $request,
IL10N $l10n,
- UserStoragesService $userStoragesService
+ UserStoragesService $userStoragesService,
+ IUserSession $userSession
) {
parent::__construct(
$AppName,
@@ -60,6 +68,16 @@ class UserStoragesController extends StoragesController {
$l10n,
$userStoragesService
);
+ $this->userSession = $userSession;
+ }
+
+ protected function manipulateStorageConfig(StorageConfig $storage) {
+ /** @var AuthMechanism */
+ $authMechanism = $storage->getAuthMechanism();
+ $authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
+ /** @var Backend */
+ $backend = $storage->getBackend();
+ $backend->manipulateStorageConfig($storage, $this->userSession->getUser());
}
/**
diff --git a/apps/files_external/lib/auth/password/logincredentials.php b/apps/files_external/lib/auth/password/logincredentials.php
new file mode 100644
index 00000000000..99cac3f4202
--- /dev/null
+++ b/apps/files_external/lib/auth/password/logincredentials.php
@@ -0,0 +1,92 @@
+<?php
+/**
+ * @author Robin McCorkell <rmccorkell@owncloud.com>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth\Password;
+
+use \OCP\IL10N;
+use \OCP\IUser;
+use \OCA\Files_External\Lib\DefinitionParameter;
+use \OCA\Files_External\Lib\Auth\AuthMechanism;
+use \OCA\Files_External\Lib\StorageConfig;
+use \OCP\ISession;
+use \OCP\Security\ICredentialsManager;
+use \OCP\Files\Storage;
+use \OCA\Files_External\Lib\SessionStorageWrapper;
+use \OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
+
+/**
+ * Username and password from login credentials, saved in DB
+ */
+class LoginCredentials extends AuthMechanism {
+
+ const CREDENTIALS_IDENTIFIER = 'password::logincredentials/credentials';
+
+ /** @var ISession */
+ protected $session;
+
+ /** @var ICredentialsManager */
+ protected $credentialsManager;
+
+ public function __construct(IL10N $l, ISession $session, ICredentialsManager $credentialsManager) {
+ $this->session = $session;
+ $this->credentialsManager = $credentialsManager;
+
+ $this
+ ->setIdentifier('password::logincredentials')
+ ->setScheme(self::SCHEME_PASSWORD)
+ ->setText($l->t('Login credentials'))
+ ->addParameters([
+ ])
+ ;
+
+ \OCP\Util::connectHook('OC_User', 'post_login', $this, 'authenticate');
+ }
+
+ /**
+ * Hook listener on post login
+ *
+ * @param array $params
+ */
+ public function authenticate(array $params) {
+ $userId = $params['uid'];
+ $credentials = [
+ 'user' => $this->session->get('loginname'),
+ 'password' => $params['password']
+ ];
+ $this->credentialsManager->store($userId, self::CREDENTIALS_IDENTIFIER, $credentials);
+ }
+
+ public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
+ if (!isset($user)) {
+ throw new InsufficientDataForMeaningfulAnswerException('No login credentials saved');
+ }
+ $uid = $user->getUID();
+ $credentials = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER);
+
+ if (!isset($credentials)) {
+ throw new InsufficientDataForMeaningfulAnswerException('No login credentials saved');
+ }
+
+ $storage->setBackendOption('user', $credentials['user']);
+ $storage->setBackendOption('password', $credentials['password']);
+ }
+
+}
diff --git a/apps/files_external/lib/auth/password/sessioncredentials.php b/apps/files_external/lib/auth/password/sessioncredentials.php
index 4f7d24c2f60..3fb8b8526cc 100644
--- a/apps/files_external/lib/auth/password/sessioncredentials.php
+++ b/apps/files_external/lib/auth/password/sessioncredentials.php
@@ -21,6 +21,7 @@
namespace OCA\Files_External\Lib\Auth\Password;
+use \OCP\IUser;
use \OCP\IL10N;
use \OCA\Files_External\Lib\DefinitionParameter;
use \OCA\Files_External\Lib\Auth\AuthMechanism;
@@ -66,7 +67,7 @@ class SessionCredentials extends AuthMechanism {
$this->session->set('password::sessioncredentials/credentials', $this->crypto->encrypt(json_encode($params)));
}
- public function manipulateStorageConfig(StorageConfig &$storage) {
+ public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
$encrypted = $this->session->get('password::sessioncredentials/credentials');
if (!isset($encrypted)) {
throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved');
diff --git a/apps/files_external/lib/auth/publickey/rsa.php b/apps/files_external/lib/auth/publickey/rsa.php
index 131b3f36526..9045f6818f9 100644
--- a/apps/files_external/lib/auth/publickey/rsa.php
+++ b/apps/files_external/lib/auth/publickey/rsa.php
@@ -26,6 +26,7 @@ use \OCA\Files_External\Lib\DefinitionParameter;
use \OCA\Files_External\Lib\Auth\AuthMechanism;
use \OCA\Files_External\Lib\StorageConfig;
use \OCP\IConfig;
+use OCP\IUser;
use \phpseclib\Crypt\RSA as RSACrypt;
/**
@@ -55,7 +56,7 @@ class RSA extends AuthMechanism {
;
}
- public function manipulateStorageConfig(StorageConfig &$storage) {
+ public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
$auth = new RSACrypt();
$auth->setPassword($this->config->getSystemValue('secret', ''));
if (!$auth->loadKey($storage->getBackendOption('private_key'))) {
diff --git a/apps/files_external/lib/backend/smb.php b/apps/files_external/lib/backend/smb.php
index aaf7658751f..9b71636936a 100644
--- a/apps/files_external/lib/backend/smb.php
+++ b/apps/files_external/lib/backend/smb.php
@@ -30,6 +30,7 @@ use \OCA\Files_External\Lib\StorageConfig;
use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill;
use \OCA\Files_External\Lib\Auth\Password\Password;
+use OCP\IUser;
class SMB extends Backend {
@@ -56,8 +57,9 @@ class SMB extends Backend {
/**
* @param StorageConfig $storage
+ * @param IUser $user
*/
- public function manipulateStorageConfig(StorageConfig &$storage) {
+ public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
$user = $storage->getBackendOption('user');
if ($domain = $storage->getBackendOption('domain')) {
$storage->setBackendOption('user', $domain.'\\'.$user);
diff --git a/apps/files_external/lib/backend/smb_oc.php b/apps/files_external/lib/backend/smb_oc.php
index 57fdfc30ff3..ba38754ce5a 100644
--- a/apps/files_external/lib/backend/smb_oc.php
+++ b/apps/files_external/lib/backend/smb_oc.php
@@ -30,6 +30,7 @@ use \OCA\Files_External\Lib\Auth\Password\SessionCredentials;
use \OCA\Files_External\Lib\StorageConfig;
use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill;
use \OCA\Files_External\Lib\Backend\SMB;
+use OCP\IUser;
/**
* Deprecated SMB_OC class - use SMB with the password::sessioncredentials auth mechanism
@@ -59,7 +60,7 @@ class SMB_OC extends Backend {
;
}
- public function manipulateStorageConfig(StorageConfig &$storage) {
+ public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
$username_as_share = ($storage->getBackendOption('username_as_share') === true);
if ($username_as_share) {
diff --git a/apps/files_external/lib/config/configadapter.php b/apps/files_external/lib/config/configadapter.php
index 0cd1381c815..2bf39bcaa4f 100644
--- a/apps/files_external/lib/config/configadapter.php
+++ b/apps/files_external/lib/config/configadapter.php
@@ -85,8 +85,8 @@ class ConfigAdapter implements IMountProvider {
$storage->setBackendOption('objectstore', new $objectClass($objectStore));
}
- $storage->getAuthMechanism()->manipulateStorageConfig($storage);
- $storage->getBackend()->manipulateStorageConfig($storage);
+ $storage->getAuthMechanism()->manipulateStorageConfig($storage, $user);
+ $storage->getBackend()->manipulateStorageConfig($storage, $user);
}
/**
diff --git a/apps/files_external/lib/storagemodifiertrait.php b/apps/files_external/lib/storagemodifiertrait.php
index ec2b0a14ab1..30c2108feec 100644
--- a/apps/files_external/lib/storagemodifiertrait.php
+++ b/apps/files_external/lib/storagemodifiertrait.php
@@ -21,6 +21,7 @@
namespace OCA\Files_External\Lib;
+use \OCP\IUser;
use \OCP\Files\Storage;
use \OCA\Files_External\Lib\StorageConfig;
use \OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
@@ -45,10 +46,11 @@ trait StorageModifierTrait {
* Modify a StorageConfig parameters
*
* @param StorageConfig $storage
+ * @param IUser $user User the storage is being used as
* @throws InsufficientDataForMeaningfulAnswerException
* @throws StorageNotAvailableException
*/
- public function manipulateStorageConfig(StorageConfig &$storage) {
+ public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) {
}
/**
diff --git a/apps/files_external/tests/controller/userstoragescontrollertest.php b/apps/files_external/tests/controller/userstoragescontrollertest.php
index dd761fa9767..671e019fea0 100644
--- a/apps/files_external/tests/controller/userstoragescontrollertest.php
+++ b/apps/files_external/tests/controller/userstoragescontrollertest.php
@@ -48,7 +48,8 @@ class UserStoragesControllerTest extends StoragesControllerTest {
'files_external',
$this->getMock('\OCP\IRequest'),
$this->getMock('\OCP\IL10N'),
- $this->service
+ $this->service,
+ $this->getMock('\OCP\IUserSession')
);
}