diff options
author | Thomas Müller <thomas.mueller@tmit.eu> | 2016-02-16 16:08:21 +0100 |
---|---|---|
committer | Thomas Müller <thomas.mueller@tmit.eu> | 2016-02-16 16:08:21 +0100 |
commit | c6b24573066cfc87b73b1b61b41032b8c5a406cf (patch) | |
tree | adb9325a3ef5185822d7c1f986d83653d46f2cfa /apps/files_external | |
parent | 6c0e9211e93abfe48d187b91f9d2e9c30566aebc (diff) | |
parent | 176fb191b7ec1c742b70295ca2a315d8cc1f1ea0 (diff) | |
download | nextcloud-server-c6b24573066cfc87b73b1b61b41032b8c5a406cf.tar.gz nextcloud-server-c6b24573066cfc87b73b1b61b41032b8c5a406cf.zip |
Merge pull request #22432 from owncloud/files_external-backends
remove login credentails and user provided backends
Diffstat (limited to 'apps/files_external')
4 files changed, 4 insertions, 185 deletions
diff --git a/apps/files_external/appinfo/application.php b/apps/files_external/appinfo/application.php index d6552fa680c..df7ba357489 100644 --- a/apps/files_external/appinfo/application.php +++ b/apps/files_external/appinfo/application.php @@ -108,8 +108,6 @@ class Application extends App { // AuthMechanism::SCHEME_PASSWORD mechanisms $container->query('OCA\Files_External\Lib\Auth\Password\Password'), $container->query('OCA\Files_External\Lib\Auth\Password\SessionCredentials'), - $container->query('OCA\Files_External\Lib\Auth\Password\LoginCredentials'), - $container->query('OCA\Files_External\Lib\Auth\Password\UserProvided'), $container->query('OCA\Files_External\Lib\Auth\Password\GlobalAuth'), // AuthMechanism::SCHEME_OAUTH1 mechanisms diff --git a/apps/files_external/lib/auth/password/logincredentials.php b/apps/files_external/lib/auth/password/logincredentials.php deleted file mode 100644 index 25bd66fb41a..00000000000 --- a/apps/files_external/lib/auth/password/logincredentials.php +++ /dev/null @@ -1,92 +0,0 @@ -<?php -/** - * @author Robin McCorkell <rmccorkell@owncloud.com> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OCA\Files_External\Lib\Auth\Password; - -use \OCP\IL10N; -use \OCP\IUser; -use \OCA\Files_External\Lib\DefinitionParameter; -use \OCA\Files_External\Lib\Auth\AuthMechanism; -use \OCA\Files_External\Lib\StorageConfig; -use \OCP\ISession; -use \OCP\Security\ICredentialsManager; -use \OCP\Files\Storage; -use \OCA\Files_External\Lib\SessionStorageWrapper; -use \OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException; - -/** - * Username and password from login credentials, saved in DB - */ -class LoginCredentials extends AuthMechanism { - - const CREDENTIALS_IDENTIFIER = 'password::logincredentials/credentials'; - - /** @var ISession */ - protected $session; - - /** @var ICredentialsManager */ - protected $credentialsManager; - - public function __construct(IL10N $l, ISession $session, ICredentialsManager $credentialsManager) { - $this->session = $session; - $this->credentialsManager = $credentialsManager; - - $this - ->setIdentifier('password::logincredentials') - ->setScheme(self::SCHEME_PASSWORD) - ->setText($l->t('Log-in credentials, save in database')) - ->addParameters([ - ]) - ; - - \OCP\Util::connectHook('OC_User', 'post_login', $this, 'authenticate'); - } - - /** - * Hook listener on post login - * - * @param array $params - */ - public function authenticate(array $params) { - $userId = $params['uid']; - $credentials = [ - 'user' => $this->session->get('loginname'), - 'password' => $params['password'] - ]; - $this->credentialsManager->store($userId, self::CREDENTIALS_IDENTIFIER, $credentials); - } - - public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) { - if (!isset($user)) { - throw new InsufficientDataForMeaningfulAnswerException('No login credentials saved'); - } - $uid = $user->getUID(); - $credentials = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER); - - if (!isset($credentials)) { - throw new InsufficientDataForMeaningfulAnswerException('No login credentials saved'); - } - - $storage->setBackendOption('user', $credentials['user']); - $storage->setBackendOption('password', $credentials['password']); - } - -} diff --git a/apps/files_external/lib/auth/password/userprovided.php b/apps/files_external/lib/auth/password/userprovided.php deleted file mode 100644 index 2f277163184..00000000000 --- a/apps/files_external/lib/auth/password/userprovided.php +++ /dev/null @@ -1,88 +0,0 @@ -<?php -/** - * @author Robin Appelman <icewind@owncloud.com> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OCA\Files_External\Lib\Auth\Password; - -use OCA\Files_External\Lib\Auth\IUserProvided; -use OCA\Files_External\Lib\DefinitionParameter; -use OCA\Files_External\Service\BackendService; -use OCP\IL10N; -use OCP\IUser; -use OCA\Files_External\Lib\Auth\AuthMechanism; -use OCA\Files_External\Lib\StorageConfig; -use OCP\Security\ICredentialsManager; -use OCP\Files\Storage; -use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException; - -/** - * User provided Username and Password - */ -class UserProvided extends AuthMechanism implements IUserProvided { - - const CREDENTIALS_IDENTIFIER_PREFIX = 'password::userprovided/'; - - /** @var ICredentialsManager */ - protected $credentialsManager; - - public function __construct(IL10N $l, ICredentialsManager $credentialsManager) { - $this->credentialsManager = $credentialsManager; - - $this - ->setIdentifier('password::userprovided') - ->setVisibility(BackendService::VISIBILITY_ADMIN) - ->setScheme(self::SCHEME_PASSWORD) - ->setText($l->t('User entered, store in database')) - ->addParameters([ - (new DefinitionParameter('user', $l->t('Username'))) - ->setFlag(DefinitionParameter::FLAG_USER_PROVIDED), - (new DefinitionParameter('password', $l->t('Password'))) - ->setType(DefinitionParameter::VALUE_PASSWORD) - ->setFlag(DefinitionParameter::FLAG_USER_PROVIDED), - ]); - } - - private function getCredentialsIdentifier($storageId) { - return self::CREDENTIALS_IDENTIFIER_PREFIX . $storageId; - } - - public function saveBackendOptions(IUser $user, $id, array $options) { - $this->credentialsManager->store($user->getUID(), $this->getCredentialsIdentifier($id), [ - 'user' => $options['user'], // explicitly copy the fields we want instead of just passing the entire $options array - 'password' => $options['password'] // this way we prevent users from being able to modify any other field - ]); - } - - public function manipulateStorageConfig(StorageConfig &$storage, IUser $user = null) { - if (!isset($user)) { - throw new InsufficientDataForMeaningfulAnswerException('No credentials saved'); - } - $uid = $user->getUID(); - $credentials = $this->credentialsManager->retrieve($uid, $this->getCredentialsIdentifier($storage->getId())); - - if (!isset($credentials)) { - throw new InsufficientDataForMeaningfulAnswerException('No credentials saved'); - } - - $storage->setBackendOption('user', $credentials['user']); - $storage->setBackendOption('password', $credentials['password']); - } - -} diff --git a/apps/files_external/tests/command/listcommandtest.php b/apps/files_external/tests/command/listcommandtest.php index 338ddb7593e..3098906bcc6 100644 --- a/apps/files_external/tests/command/listcommandtest.php +++ b/apps/files_external/tests/command/listcommandtest.php @@ -24,7 +24,7 @@ namespace OCA\Files_External\Tests\Command; use OCA\Files_External\Command\ListCommand; use OCA\Files_External\Lib\Auth\NullMechanism; use OCA\Files_External\Lib\Auth\Password\Password; -use OCA\Files_External\Lib\Auth\Password\UserProvided; +use OCA\Files_External\Lib\Auth\Password\SessionCredentials; use OCA\Files_External\Lib\Backend\Local; use OCA\Files_external\Lib\StorageConfig; use Symfony\Component\Console\Output\BufferedOutput; @@ -48,13 +48,14 @@ class ListCommandTest extends CommandTest { public function testListAuthIdentifier() { $l10n = $this->getMock('\OC_L10N', null, [], '', false); - $credentialsManager = $this->getMock('\OCP\Security\ICredentialsManager'); + $session = $this->getMock('\OCP\ISession'); + $crypto = $this->getMock('\OCP\Security\ICrypto'); $instance = $this->getInstance(); $mount1 = new StorageConfig(); $mount1->setAuthMechanism(new Password($l10n)); $mount1->setBackend(new Local($l10n, new NullMechanism($l10n))); $mount2 = new StorageConfig(); - $mount2->setAuthMechanism(new UserProvided($l10n, $credentialsManager)); + $mount2->setAuthMechanism(new SessionCredentials($l10n, $session, $crypto)); $mount2->setBackend(new Local($l10n, new NullMechanism($l10n))); $input = $this->getInput($instance, [], [ 'output' => 'json' |