Start with webauthn

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>

3 files changed, 169 insertions, 11 deletions

diff --git a/lib/private/Authentication/Login/CreateSessionTokenCommand.php b/lib/private/Authentication/Login/CreateSessionTokenCommand.php
index fbc8215e67f..05b6c27f565 100644
--- a/lib/private/Authentication/Login/CreateSessionTokenCommand.php
+++ b/lib/private/Authentication/Login/CreateSessionTokenCommand.php
@@ -51,17 +51,31 @@ class CreateSessionTokenCommand extends ALoginCommand {
 			$tokenType = IToken::DO_NOT_REMEMBER;
 		}
 
-		$this->userSession->createSessionToken(
-			$loginData->getRequest(),
-			$loginData->getUser()->getUID(),
-			$loginData->getUsername(),
-			$loginData->getPassword(),
-			$tokenType
-		);
-		$this->userSession->updateTokens(
-			$loginData->getUser()->getUID(),
-			$loginData->getPassword()
-		);
+		if ($loginData->getPassword() === '') {
+			$this->userSession->createSessionToken(
+				$loginData->getRequest(),
+				$loginData->getUser()->getUID(),
+				$loginData->getUsername(),
+				null,
+				$tokenType
+			);
+			$this->userSession->updateTokens(
+				$loginData->getUser()->getUID(),
+				''
+			);
+		} else {
+			$this->userSession->createSessionToken(
+				$loginData->getRequest(),
+				$loginData->getUser()->getUID(),
+				$loginData->getUsername(),
+				$loginData->getPassword(),
+				$tokenType
+			);
+			$this->userSession->updateTokens(
+				$loginData->getUser()->getUID(),
+				$loginData->getPassword()
+			);
+		}
 
 		return $this->processNextOrFinishSuccessfully($loginData);
 	}
diff --git a/lib/private/Authentication/Login/WebAuthnChain.php b/lib/private/Authentication/Login/WebAuthnChain.php
new file mode 100644
index 00000000000..dfc6943e853
--- /dev/null
+++ b/lib/private/Authentication/Login/WebAuthnChain.php
@@ -0,0 +1,96 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2020, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Authentication\Login;
+
+class WebAuthnChain {
+	/** @var UserDisabledCheckCommand */
+	private $userDisabledCheckCommand;
+
+	/** @var LoggedInCheckCommand */
+	private $loggedInCheckCommand;
+
+	/** @var CompleteLoginCommand */
+	private $completeLoginCommand;
+
+	/** @var CreateSessionTokenCommand */
+	private $createSessionTokenCommand;
+
+	/** @var ClearLostPasswordTokensCommand */
+	private $clearLostPasswordTokensCommand;
+
+	/** @var UpdateLastPasswordConfirmCommand */
+	private $updateLastPasswordConfirmCommand;
+
+	/** @var SetUserTimezoneCommand */
+	private $setUserTimezoneCommand;
+
+	/** @var TwoFactorCommand */
+	private $twoFactorCommand;
+
+	/** @var FinishRememberedLoginCommand */
+	private $finishRememberedLoginCommand;
+
+	/** @var WebAuthnLoginCommand */
+	private $webAuthnLoginCommand;
+
+	public function __construct(UserDisabledCheckCommand $userDisabledCheckCommand,
+								WebAuthnLoginCommand $webAuthnLoginCommand,
+								LoggedInCheckCommand $loggedInCheckCommand,
+								CompleteLoginCommand $completeLoginCommand,
+								CreateSessionTokenCommand $createSessionTokenCommand,
+								ClearLostPasswordTokensCommand $clearLostPasswordTokensCommand,
+								UpdateLastPasswordConfirmCommand $updateLastPasswordConfirmCommand,
+								SetUserTimezoneCommand $setUserTimezoneCommand,
+								TwoFactorCommand $twoFactorCommand,
+								FinishRememberedLoginCommand $finishRememberedLoginCommand
+	) {
+		$this->userDisabledCheckCommand = $userDisabledCheckCommand;
+		$this->webAuthnLoginCommand = $webAuthnLoginCommand;
+		$this->loggedInCheckCommand = $loggedInCheckCommand;
+		$this->completeLoginCommand = $completeLoginCommand;
+		$this->createSessionTokenCommand = $createSessionTokenCommand;
+		$this->clearLostPasswordTokensCommand = $clearLostPasswordTokensCommand;
+		$this->updateLastPasswordConfirmCommand = $updateLastPasswordConfirmCommand;
+		$this->setUserTimezoneCommand = $setUserTimezoneCommand;
+		$this->twoFactorCommand = $twoFactorCommand;
+		$this->finishRememberedLoginCommand = $finishRememberedLoginCommand;
+	}
+
+	public function process(LoginData $loginData): LoginResult {
+		$chain = $this->userDisabledCheckCommand;
+		$chain
+			->setNext($this->webAuthnLoginCommand)
+			->setNext($this->loggedInCheckCommand)
+			->setNext($this->completeLoginCommand)
+			->setNext($this->createSessionTokenCommand)
+			->setNext($this->clearLostPasswordTokensCommand)
+			->setNext($this->updateLastPasswordConfirmCommand)
+			->setNext($this->setUserTimezoneCommand)
+			->setNext($this->twoFactorCommand)
+			->setNext($this->finishRememberedLoginCommand);
+
+		return $chain->process($loginData);
+	}
+}
diff --git a/lib/private/Authentication/Login/WebAuthnLoginCommand.php b/lib/private/Authentication/Login/WebAuthnLoginCommand.php
new file mode 100644
index 00000000000..e477a243c56
--- /dev/null
+++ b/lib/private/Authentication/Login/WebAuthnLoginCommand.php
@@ -0,0 +1,48 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2020, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Authentication\Login;
+
+use OCP\IUserManager;
+
+class WebAuthnLoginCommand extends ALoginCommand {
+
+	/** @var IUserManager */
+	private $userManager;
+
+	public function __construct(IUserManager $userManager) {
+		$this->userManager = $userManager;
+	}
+
+	public function process(LoginData $loginData): LoginResult {
+		$user = $this->userManager->get($loginData->getUsername());
+		$loginData->setUser($user);
+		if ($user === null) {
+			$loginData->setUser(false);
+		}
+
+		return $this->processNextOrFinishSuccessfully($loginData);
+	}
+
+}