aboutsummaryrefslogtreecommitdiffstats
path: root/core/Controller
diff options
context:
space:
mode:
authorChristoph Wurst <ChristophWurst@users.noreply.github.com>2023-01-27 16:59:14 +0100
committerGitHub <noreply@github.com>2023-01-27 16:59:14 +0100
commit7269766e05a8c56bac22ed354677dfad8951326d (patch)
tree9aa7fb8fe65cedd555ef3d97ec9510c32c936086 /core/Controller
parentdf0bb9165dd3cc83decdba1115c599f51924d60b (diff)
parent20e00cdf17f45f811135fe5fb61c133ce9021144 (diff)
downloadnextcloud-server-7269766e05a8c56bac22ed354677dfad8951326d.tar.gz
nextcloud-server-7269766e05a8c56bac22ed354677dfad8951326d.zip
Merge pull request #36363 from nextcloud/feat/app-framework/usesession-attribute
feat(app-framework): Add UseSession attribute to replace annotation
Diffstat (limited to 'core/Controller')
-rw-r--r--core/Controller/ClientFlowLoginController.php7
-rw-r--r--core/Controller/ClientFlowLoginV2Controller.php9
-rw-r--r--core/Controller/LoginController.php9
-rw-r--r--core/Controller/TwoFactorChallengeController.php5
-rw-r--r--core/Controller/WebAuthnController.php5
5 files changed, 20 insertions, 15 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index 4c262714fe6..85a793bd92b 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -41,6 +41,7 @@ use OCA\OAuth2\Db\AccessTokenMapper;
use OCA\OAuth2\Db\ClientMapper;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\UseSession;
use OCP\AppFramework\Http\Response;
use OCP\AppFramework\Http\StandaloneTemplateResponse;
use OCP\Defaults;
@@ -126,8 +127,8 @@ class ClientFlowLoginController extends Controller {
/**
* @PublicPage
* @NoCSRFRequired
- * @UseSession
*/
+ #[UseSession]
public function showAuthPickerPage(string $clientIdentifier = '', string $user = '', int $direct = 0): StandaloneTemplateResponse {
$clientName = $this->getClientName();
$client = null;
@@ -193,8 +194,8 @@ class ClientFlowLoginController extends Controller {
* @NoAdminRequired
* @NoCSRFRequired
* @NoSameSiteCookieRequired
- * @UseSession
*/
+ #[UseSession]
public function grantPage(string $stateToken = '',
string $clientIdentifier = '',
int $direct = 0): StandaloneTemplateResponse {
@@ -243,10 +244,10 @@ class ClientFlowLoginController extends Controller {
/**
* @NoAdminRequired
- * @UseSession
*
* @return Http\RedirectResponse|Response
*/
+ #[UseSession]
public function generateAppPassword(string $stateToken,
string $clientIdentifier = '') {
if (!$this->isValidToken($stateToken)) {
diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php
index 4df94a28d6a..d476b0cdc03 100644
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@@ -33,6 +33,7 @@ use OC\Core\Exception\LoginFlowV2NotFoundException;
use OC\Core\Service\LoginFlowV2Service;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\UseSession;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\Response;
@@ -97,8 +98,8 @@ class ClientFlowLoginV2Controller extends Controller {
/**
* @NoCSRFRequired
* @PublicPage
- * @UseSession
*/
+ #[UseSession]
public function landing(string $token, $user = ''): Response {
if (!$this->loginFlowV2Service->startLoginFlow($token)) {
return $this->loginTokenForbiddenResponse();
@@ -114,8 +115,8 @@ class ClientFlowLoginV2Controller extends Controller {
/**
* @NoCSRFRequired
* @PublicPage
- * @UseSession
*/
+ #[UseSession]
public function showAuthPickerPage($user = ''): StandaloneTemplateResponse {
try {
$flow = $this->getFlowByLoginToken();
@@ -145,10 +146,10 @@ class ClientFlowLoginV2Controller extends Controller {
/**
* @NoAdminRequired
- * @UseSession
* @NoCSRFRequired
* @NoSameSiteCookieRequired
*/
+ #[UseSession]
public function grantPage(string $stateToken): StandaloneTemplateResponse {
if (!$this->isValidStateToken($stateToken)) {
return $this->stateTokenForbiddenResponse();
@@ -222,8 +223,8 @@ class ClientFlowLoginV2Controller extends Controller {
/**
* @NoAdminRequired
- * @UseSession
*/
+ #[UseSession]
public function generateAppPassword(string $stateToken): Response {
if (!$this->isValidStateToken($stateToken)) {
return $this->stateTokenForbiddenResponse();
diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index 8fd994ae648..b93c6002ed5 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -43,6 +43,7 @@ use OC\User\Session;
use OC_App;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\UseSession;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
@@ -105,10 +106,10 @@ class LoginController extends Controller {
/**
* @NoAdminRequired
- * @UseSession
*
* @return RedirectResponse
*/
+ #[UseSession]
public function logout() {
$loginToken = $this->request->getCookie('nc_token');
if (!is_null($loginToken)) {
@@ -134,13 +135,13 @@ class LoginController extends Controller {
/**
* @PublicPage
* @NoCSRFRequired
- * @UseSession
*
* @param string $user
* @param string $redirect_url
*
* @return TemplateResponse|RedirectResponse
*/
+ #[UseSession]
public function showLoginForm(string $user = null, string $redirect_url = null): Http\Response {
if ($this->userSession->isLoggedIn()) {
return new RedirectResponse($this->urlGenerator->linkToDefaultPageUrl());
@@ -283,12 +284,12 @@ class LoginController extends Controller {
/**
* @PublicPage
- * @UseSession
* @NoCSRFRequired
* @BruteForceProtection(action=login)
*
* @return RedirectResponse
*/
+ #[UseSession]
public function tryLogin(Chain $loginChain,
string $user,
string $password,
@@ -368,12 +369,12 @@ class LoginController extends Controller {
/**
* @NoAdminRequired
- * @UseSession
* @BruteForceProtection(action=sudo)
*
* @license GNU AGPL version 3 or any later version
*
*/
+ #[UseSession]
public function confirmPassword(string $password): DataResponse {
$loginName = $this->userSession->getLoginName();
$loginResult = $this->userManager->checkPassword($loginName, $password);
diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php
index deebeb21d32..7a57d5eeb1a 100644
--- a/core/Controller/TwoFactorChallengeController.php
+++ b/core/Controller/TwoFactorChallengeController.php
@@ -28,6 +28,7 @@ namespace OC\Core\Controller;
use OC\Authentication\TwoFactorAuth\Manager;
use OC_User;
use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\UseSession;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\StandaloneTemplateResponse;
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
@@ -110,13 +111,13 @@ class TwoFactorChallengeController extends Controller {
/**
* @NoAdminRequired
* @NoCSRFRequired
- * @UseSession
* @TwoFactorSetUpDoneRequired
*
* @param string $challengeProviderId
* @param string $redirect_url
* @return StandaloneTemplateResponse|RedirectResponse
*/
+ #[UseSession]
public function showChallenge($challengeProviderId, $redirect_url) {
$user = $this->userSession->getUser();
$providerSet = $this->twoFactorManager->getProviderSet($user);
@@ -161,7 +162,6 @@ class TwoFactorChallengeController extends Controller {
/**
* @NoAdminRequired
* @NoCSRFRequired
- * @UseSession
* @TwoFactorSetUpDoneRequired
*
* @UserRateThrottle(limit=5, period=100)
@@ -171,6 +171,7 @@ class TwoFactorChallengeController extends Controller {
* @param string $redirect_url
* @return RedirectResponse
*/
+ #[UseSession]
public function solveChallenge($challengeProviderId, $challenge, $redirect_url = null) {
$user = $this->userSession->getUser();
$provider = $this->twoFactorManager->getProvider($user, $challengeProviderId);
diff --git a/core/Controller/WebAuthnController.php b/core/Controller/WebAuthnController.php
index 81e6daf51c7..bd0726d2aa2 100644
--- a/core/Controller/WebAuthnController.php
+++ b/core/Controller/WebAuthnController.php
@@ -33,6 +33,7 @@ use OC\Authentication\WebAuthn\Manager;
use OC\URLGenerator;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\UseSession;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IRequest;
use OCP\ISession;
@@ -63,8 +64,8 @@ class WebAuthnController extends Controller {
/**
* @NoAdminRequired
* @PublicPage
- * @UseSession
*/
+ #[UseSession]
public function startAuthentication(string $loginName): JSONResponse {
$this->logger->debug('Starting WebAuthn login');
@@ -87,8 +88,8 @@ class WebAuthnController extends Controller {
/**
* @NoAdminRequired
* @PublicPage
- * @UseSession
*/
+ #[UseSession]
public function finishAuthentication(string $data): JSONResponse {
$this->logger->debug('Validating WebAuthn login');