add method to query all user auth tokens

3 files changed, 54 insertions, 0 deletions

diff --git a/lib/private/Authentication/Token/DefaultTokenMapper.php b/lib/private/Authentication/Token/DefaultTokenMapper.php
index 18adbe48d78..9f173571270 100644
--- a/lib/private/Authentication/Token/DefaultTokenMapper.php
+++ b/lib/private/Authentication/Token/DefaultTokenMapper.php
@@ -26,6 +26,7 @@ use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Db\Mapper;
 use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
+use OCP\IUser;
 
 class DefaultTokenMapper extends Mapper {
 
@@ -83,4 +84,31 @@ class DefaultTokenMapper extends Mapper {
 		return DefaultToken::fromRow($data);
 	}
 
+	/**
+	 * Get all token of a user
+	 *
+	 * The provider may limit the number of result rows in case of an abuse
+	 * where a high number of (session) tokens is generated
+	 *
+	 * @param IUser $user
+	 * @return DefaultToken[]
+	 */
+	public function getTokenByUser(IUser $user) {
+		/* @var $qb IQueryBuilder */
+		$qb = $this->db->getQueryBuilder();
+		$qb->select('id', 'uid', 'password', 'name', 'type', 'token', 'last_activity')
+			->from('authtoken')
+			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+			->setMaxResults(1000);
+		$result = $qb->execute();
+		$data = $result->fetchAll();
+		$result->closeCursor();
+
+		$entities = array_map(function ($row) {
+			return DefaultToken::fromRow($row);
+		}, $data);
+
+		return $entities;
+	}
+
 }
diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php
index a335b79e332..6c69d852d7b 100644
--- a/lib/private/Authentication/Token/DefaultTokenProvider.php
+++ b/lib/private/Authentication/Token/DefaultTokenProvider.php
@@ -28,6 +28,7 @@ use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\IConfig;
 use OCP\ILogger;
+use OCP\IUser;
 use OCP\Security\ICrypto;
 
 class DefaultTokenProvider implements IProvider {
@@ -103,6 +104,19 @@ class DefaultTokenProvider implements IProvider {
 	}
 
 	/**
+	 * Get all token of a user
+	 *
+	 * The provider may limit the number of result rows in case of an abuse
+	 * where a high number of (session) tokens is generated
+	 *
+	 * @param IUser $user
+	 * @return IToken[]
+	 */
+	public function getTokenByUser(IUser $user) {
+		return $this->mapper->getTokenByUser($user);
+	}
+
+	/**
 	 * Get a token by token id
 	 *
 	 * @param string $tokenId
diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php
index 1fd3a70fbbf..a5c5faa5639 100644
--- a/lib/private/Authentication/Token/IProvider.php
+++ b/lib/private/Authentication/Token/IProvider.php
@@ -23,6 +23,7 @@
 namespace OC\Authentication\Token;
 
 use OC\Authentication\Exceptions\InvalidTokenException;
+use OCP\IUser;
 
 interface IProvider {
 
@@ -69,6 +70,17 @@ interface IProvider {
 	public function updateToken(IToken $token);
 
 	/**
+	 * Get all token of a user
+	 *
+	 * The provider may limit the number of result rows in case of an abuse
+	 * where a high number of (session) tokens is generated
+	 *
+	 * @param IUser $user
+	 * @return IToken[]
+	 */
+	public function getTokenByUser(IUser $user);
+
+	/**
 	 * Get the (unencrypted) password of the given token
 	 *
 	 * @param IToken $token