diff options
| author | Joas Schilling <213943+nickvergessen@users.noreply.github.com> | 2022-03-22 12:08:45 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-22 12:08:45 +0100 |
| commit | 0acd4b5f8202be8b3f3b4e6d7481e3d23e496b86 (patch) | |
| tree | 06897c455b69be134fcd61b0f0130609ce7a75a1 /lib/private/AppFramework/Http | |
| parent | b6209d61251f7abacefb8cf3c164d39bcba29100 (diff) | |
| parent | 67452b94ca0b59a063c4364f5930bb5186db2d55 (diff) | |
| download | nextcloud-server-0acd4b5f8202be8b3f3b4e6d7481e3d23e496b86.tar.gz nextcloud-server-0acd4b5f8202be8b3f3b4e6d7481e3d23e496b86.zip | |
Merge pull request #31235 from nextcloud/techdebt/noid/extract-request-id
Extract request id handling to dedicated class so it can be injected without DB dependency
Diffstat (limited to 'lib/private/AppFramework/Http')
| -rw-r--r-- | lib/private/AppFramework/Http/Request.php | 25 | ||||
| -rw-r--r-- | lib/private/AppFramework/Http/RequestId.php | 52 |
2 files changed, 59 insertions, 18 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 21af2bc46f4..f896b825f2d 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -48,8 +48,8 @@ use OC\Security\CSRF\CsrfTokenManager; use OC\Security\TrustedDomainHelper; use OCP\IConfig; use OCP\IRequest; +use OCP\IRequestId; use OCP\Security\ICrypto; -use OCP\Security\ISecureRandom; /** * Class for accessing variables in the request. @@ -92,12 +92,10 @@ class Request implements \ArrayAccess, \Countable, IRequest { 'method', 'requesttoken', ]; - /** @var ISecureRandom */ - protected $secureRandom; + /** @var RequestId */ + protected $requestId; /** @var IConfig */ protected $config; - /** @var string */ - protected $requestId = ''; /** @var ICrypto */ protected $crypto; /** @var CsrfTokenManager|null */ @@ -117,20 +115,20 @@ class Request implements \ArrayAccess, \Countable, IRequest { * - array 'cookies' the $_COOKIE array * - string 'method' the request method (GET, POST etc) * - string|false 'requesttoken' the requesttoken or false when not available - * @param ISecureRandom $secureRandom + * @param IRequestId $requestId * @param IConfig $config * @param CsrfTokenManager|null $csrfTokenManager * @param string $stream * @see https://www.php.net/manual/en/reserved.variables.php */ public function __construct(array $vars, - ISecureRandom $secureRandom, + IRequestId $requestId, IConfig $config, CsrfTokenManager $csrfTokenManager = null, string $stream = 'php://input') { $this->inputStream = $stream; $this->items['params'] = []; - $this->secureRandom = $secureRandom; + $this->requestId = $requestId; $this->config = $config; $this->csrfTokenManager = $csrfTokenManager; @@ -571,16 +569,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return string */ public function getId(): string { - if (isset($this->server['UNIQUE_ID'])) { - return $this->server['UNIQUE_ID']; - } - - if (empty($this->requestId)) { - $validChars = ISecureRandom::CHAR_ALPHANUMERIC; - $this->requestId = $this->secureRandom->generate(20, $validChars); - } - - return $this->requestId; + return $this->requestId->getId(); } /** diff --git a/lib/private/AppFramework/Http/RequestId.php b/lib/private/AppFramework/Http/RequestId.php new file mode 100644 index 00000000000..70032873a75 --- /dev/null +++ b/lib/private/AppFramework/Http/RequestId.php @@ -0,0 +1,52 @@ +<?php + +declare(strict_types=1); +/** + * @copyright Copyright (c) 2022, Joas Schilling <coding@schilljs.com> + * + * @author Joas Schilling <coding@schilljs.com> + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ +namespace OC\AppFramework\Http; + +use OCP\IRequestId; +use OCP\Security\ISecureRandom; + +class RequestId implements IRequestId { + protected ISecureRandom $secureRandom; + protected string $requestId; + + public function __construct(string $uniqueId, + ISecureRandom $secureRandom) { + $this->requestId = $uniqueId; + $this->secureRandom = $secureRandom; + } + + /** + * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging + * If `mod_unique_id` is installed this value will be taken. + * @return string + */ + public function getId(): string { + if (empty($this->requestId)) { + $validChars = ISecureRandom::CHAR_ALPHANUMERIC; + $this->requestId = $this->secureRandom->generate(20, $validChars); + } + + return $this->requestId; + } +} |