diff options
| author | Joas Schilling <coding@schilljs.com> | 2022-02-16 23:41:54 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2022-02-23 11:01:58 +0100 |
| commit | 07a9f34385a80570c2121f73d04bba12cfd39b3d (patch) | |
| tree | f360b0e6b1f2293dbb644d27d0d3a2cb05ea6c92 /lib/private/AppFramework | |
| parent | 98fd66b1377c50a4257f9bd185d02d79c10cba11 (diff) | |
| download | nextcloud-server-07a9f34385a80570c2121f73d04bba12cfd39b3d.tar.gz nextcloud-server-07a9f34385a80570c2121f73d04bba12cfd39b3d.zip | |
Extract request id handling to dedicated class so it can be injected manually
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib/private/AppFramework')
| -rw-r--r-- | lib/private/AppFramework/Http/Request.php | 25 | ||||
| -rw-r--r-- | lib/private/AppFramework/Http/RequestId.php | 52 |
2 files changed, 59 insertions, 18 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 21af2bc46f4..f896b825f2d 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -48,8 +48,8 @@ use OC\Security\CSRF\CsrfTokenManager; use OC\Security\TrustedDomainHelper; use OCP\IConfig; use OCP\IRequest; +use OCP\IRequestId; use OCP\Security\ICrypto; -use OCP\Security\ISecureRandom; /** * Class for accessing variables in the request. @@ -92,12 +92,10 @@ class Request implements \ArrayAccess, \Countable, IRequest { 'method', 'requesttoken', ]; - /** @var ISecureRandom */ - protected $secureRandom; + /** @var RequestId */ + protected $requestId; /** @var IConfig */ protected $config; - /** @var string */ - protected $requestId = ''; /** @var ICrypto */ protected $crypto; /** @var CsrfTokenManager|null */ @@ -117,20 +115,20 @@ class Request implements \ArrayAccess, \Countable, IRequest { * - array 'cookies' the $_COOKIE array * - string 'method' the request method (GET, POST etc) * - string|false 'requesttoken' the requesttoken or false when not available - * @param ISecureRandom $secureRandom + * @param IRequestId $requestId * @param IConfig $config * @param CsrfTokenManager|null $csrfTokenManager * @param string $stream * @see https://www.php.net/manual/en/reserved.variables.php */ public function __construct(array $vars, - ISecureRandom $secureRandom, + IRequestId $requestId, IConfig $config, CsrfTokenManager $csrfTokenManager = null, string $stream = 'php://input') { $this->inputStream = $stream; $this->items['params'] = []; - $this->secureRandom = $secureRandom; + $this->requestId = $requestId; $this->config = $config; $this->csrfTokenManager = $csrfTokenManager; @@ -571,16 +569,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return string */ public function getId(): string { - if (isset($this->server['UNIQUE_ID'])) { - return $this->server['UNIQUE_ID']; - } - - if (empty($this->requestId)) { - $validChars = ISecureRandom::CHAR_ALPHANUMERIC; - $this->requestId = $this->secureRandom->generate(20, $validChars); - } - - return $this->requestId; + return $this->requestId->getId(); } /** diff --git a/lib/private/AppFramework/Http/RequestId.php b/lib/private/AppFramework/Http/RequestId.php new file mode 100644 index 00000000000..70032873a75 --- /dev/null +++ b/lib/private/AppFramework/Http/RequestId.php @@ -0,0 +1,52 @@ +<?php + +declare(strict_types=1); +/** + * @copyright Copyright (c) 2022, Joas Schilling <coding@schilljs.com> + * + * @author Joas Schilling <coding@schilljs.com> + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ +namespace OC\AppFramework\Http; + +use OCP\IRequestId; +use OCP\Security\ISecureRandom; + +class RequestId implements IRequestId { + protected ISecureRandom $secureRandom; + protected string $requestId; + + public function __construct(string $uniqueId, + ISecureRandom $secureRandom) { + $this->requestId = $uniqueId; + $this->secureRandom = $secureRandom; + } + + /** + * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging + * If `mod_unique_id` is installed this value will be taken. + * @return string + */ + public function getId(): string { + if (empty($this->requestId)) { + $validChars = ISecureRandom::CHAR_ALPHANUMERIC; + $this->requestId = $this->secureRandom->generate(20, $validChars); + } + + return $this->requestId; + } +} |