diff options
| author | Christoph Wurst <christoph@owncloud.com> | 2016-04-26 12:45:08 +0200 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2016-05-11 13:36:46 +0200 |
| commit | 53636c73d649514fbbfeba4741f39be1725e47fd (patch) | |
| tree | 68c783886304248a2e1f0ce20b5e855fa74d8f64 /core/Controller | |
| parent | 3ab922601a2e6b9b170007461b9e0718c70bddcd (diff) | |
| download | nextcloud-server-53636c73d649514fbbfeba4741f39be1725e47fd.tar.gz nextcloud-server-53636c73d649514fbbfeba4741f39be1725e47fd.zip | |
Add controller to generate client tokens
Diffstat (limited to 'core/Controller')
| -rw-r--r-- | core/Controller/TokenController.php | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php new file mode 100644 index 00000000000..45e33e832b1 --- /dev/null +++ b/core/Controller/TokenController.php @@ -0,0 +1,82 @@ +<?php + +/** + * @author Christoph Wurst <christoph@owncloud.com> + * + * @copyright Copyright (c) 2016, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OC\Core\Controller; + +use OC\AppFramework\Http; +use OC\Authentication\Token\DefaultTokenProvider; +use OC\User\Manager; +use OCP\AppFramework\Controller; +use OCP\AppFramework\Http\Response; +use OCP\IRequest; +use OCP\Security\ISecureRandom; + +class TokenController extends Controller { + + /** @var Manager */ + private $userManager; + + /** @var DefaultTokenProvider */ + private $tokenProvider; + + /** @var ISecureRandom */ + private $secureRandom; + + /** + * @param string $appName + * @param IRequest $request + * @param Manager $userManager + * @param DefaultTokenProvider $tokenProvider + * @param ISecureRandom $crypto + */ + public function __construct($appName, IRequest $request, Manager $userManager, DefaultTokenProvider $tokenProvider, + ISecureRandom $crypto) { + parent::__construct($appName, $request); + $this->userManager = $userManager; + $this->tokenProvider = $tokenProvider; + $this->secureRandom = $crypto; + } + + /** + * Generate a new access token clients can authenticate with + * + * @PublicPage + * @NoCSRFRequired + * + * @param string $user + * @param string $password + */ + public function generateToken($user, $password, $name = 'unknown client') { + if (is_null($user) || is_null($password)) { + return new Response([], Http::STATUS_UNPROCESSABLE_ENTITY); + } + if ($this->userManager->checkPassword($user, $password) === false) { + return new Response([], Http::STATUS_UNAUTHORIZED); + } + $token = $this->secureRandom->generate(128); + $this->tokenProvider->generateToken($token, $user, $password, $name); + return [ + 'token' => $token, + ]; + } + +} |