delete auth token when client gets deleted

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>

4 files changed, 53 insertions, 4 deletions

diff --git a/apps/oauth2/lib/Controller/SettingsController.php b/apps/oauth2/lib/Controller/SettingsController.php
index 1d376694f5a..f9ded6c0968 100644
--- a/apps/oauth2/lib/Controller/SettingsController.php
+++ b/apps/oauth2/lib/Controller/SettingsController.php
@@ -21,6 +21,8 @@
 
 namespace OCA\OAuth2\Controller;
 
+use OC\Authentication\Token\DefaultTokenMapper;
+use OCA\OAuth2\Db\AccessTokenMapper;
 use OCA\OAuth2\Db\Client;
 use OCA\OAuth2\Db\ClientMapper;
 use OCP\AppFramework\Controller;
@@ -36,6 +38,10 @@ class SettingsController extends Controller {
 	private $clientMapper;
 	/** @var ISecureRandom */
 	private $secureRandom;
+	/** @var AccessTokenMapper  */
+	private $accessTokenMapper;
+	/** @var  DefaultTokenMapper */
+	private $defaultTokenMapper;
 
 	const validChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
 
@@ -45,16 +51,23 @@ class SettingsController extends Controller {
 	 * @param IURLGenerator $urlGenerator
 	 * @param ClientMapper $clientMapper
 	 * @param ISecureRandom $secureRandom
+	 * @param AccessTokenMapper $accessTokenMapper
+	 * @param DefaultTokenMapper $defaultTokenMapper
 	 */
 	public function __construct($appName,
 								IRequest $request,
 								IURLGenerator $urlGenerator,
 								ClientMapper $clientMapper,
-								ISecureRandom $secureRandom) {
+								ISecureRandom $secureRandom,
+								AccessTokenMapper $accessTokenMapper,
+								DefaultTokenMapper $defaultTokenMapper
+	) {
 		parent::__construct($appName, $request);
 		$this->urlGenerator = $urlGenerator;
 		$this->secureRandom = $secureRandom;
 		$this->clientMapper = $clientMapper;
+		$this->accessTokenMapper = $accessTokenMapper;
+		$this->defaultTokenMapper = $defaultTokenMapper;
 	}
 
 	/**
@@ -78,8 +91,9 @@ class SettingsController extends Controller {
 	 * @return RedirectResponse
 	 */
 	public function deleteClient($id) {
-		$client = new Client();
-		$client->setId($id);
+		$client = $this->clientMapper->getByUid($id);
+		$this->accessTokenMapper->deleteByClientId($id);
+		$this->defaultTokenMapper->deleteByName($client->getName());
 		$this->clientMapper->delete($client);
 		return new RedirectResponse($this->urlGenerator->getAbsoluteURL('/index.php/settings/admin/security'));
 	}
diff --git a/apps/oauth2/lib/Db/AccessTokenMapper.php b/apps/oauth2/lib/Db/AccessTokenMapper.php
index 2751302522c..51b97bf8d7a 100644
--- a/apps/oauth2/lib/Db/AccessTokenMapper.php
+++ b/apps/oauth2/lib/Db/AccessTokenMapper.php
@@ -22,6 +22,7 @@
 namespace OCA\OAuth2\Db;
 
 use OCP\AppFramework\Db\Mapper;
+use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
 
 class AccessTokenMapper extends Mapper {
@@ -48,4 +49,17 @@ class AccessTokenMapper extends Mapper {
 		$result->closeCursor();
 		return AccessToken::fromRow($row);
 	}
+
+	/**
+	 * delete all access token from a given client
+	 *
+	 * @param int $id
+	 */
+	public function deleteByClientId($id) {
+		$qb = $this->db->getQueryBuilder();
+		$qb
+			->delete($this->tableName)
+			->where($qb->expr()->eq('client_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
+		$qb->execute();
+	}
 }
diff --git a/apps/oauth2/lib/Db/ClientMapper.php b/apps/oauth2/lib/Db/ClientMapper.php
index 38751a2e5cf..cf00afacb70 100644
--- a/apps/oauth2/lib/Db/ClientMapper.php
+++ b/apps/oauth2/lib/Db/ClientMapper.php
@@ -22,6 +22,7 @@
 namespace OCA\OAuth2\Db;
 
 use OCP\AppFramework\Db\Mapper;
+use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
 
 class ClientMapper extends Mapper {
@@ -55,6 +56,27 @@ class ClientMapper extends Mapper {
 	}
 
 	/**
+	 * @param string $uid internal uid of the client
+	 * @return Client
+	 */
+	public function getByUid($uid) {
+		$qb = $this->db->getQueryBuilder();
+		$qb
+			->select('*')
+			->from($this->tableName)
+			->where($qb->expr()->eq('id', $qb->createNamedParameter($uid, IQueryBuilder::PARAM_INT)));
+		$result = $qb->execute();
+		$row = $result->fetch();
+		$result->closeCursor();
+
+		if (!is_array($row)) {
+			$row = [];
+		}
+
+		return Client::fromRow($row);
+	}
+
+	/**
 	 * @return Client[]
 	 */
 	public function getClients() {
diff --git a/apps/oauth2/lib/Settings/Admin.php b/apps/oauth2/lib/Settings/Admin.php
index aa120bcb7d7..07c3fe733ad 100644
--- a/apps/oauth2/lib/Settings/Admin.php
+++ b/apps/oauth2/lib/Settings/Admin.php
@@ -23,7 +23,6 @@ namespace OCA\OAuth2\Settings;
 
 use OCA\OAuth2\Db\ClientMapper;
 use OCP\AppFramework\Http\TemplateResponse;
-use OCP\IConfig;
 use OCP\Settings\ISettings;
 
 class Admin implements ISettings {