diff options
| author | Lucas Azevedo <lhs_azevedo@hotmail.com> | 2023-08-25 02:07:57 -0300 |
|---|---|---|
| committer | Lucas Azevedo <lhs_azevedo@hotmail.com> | 2023-08-25 02:07:57 -0300 |
| commit | fe9b9c1955cb33c5026928a9f753bb6bde6e65ab (patch) | |
| tree | 923b13c0b4dc10426720bd734083ee4b9d569b72 /lib/private/Authentication | |
| parent | a49a220fca751ba946da0a1439429933ad56a93b (diff) | |
| download | nextcloud-server-fe9b9c1955cb33c5026928a9f753bb6bde6e65ab.tar.gz nextcloud-server-fe9b9c1955cb33c5026928a9f753bb6bde6e65ab.zip | |
Add last-used-before option
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
Diffstat (limited to 'lib/private/Authentication')
4 files changed, 24 insertions, 0 deletions
diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php index b5af3f3a5ee..a12d3ba34d9 100644 --- a/lib/private/Authentication/Token/IProvider.php +++ b/lib/private/Authentication/Token/IProvider.php @@ -110,6 +110,11 @@ interface IProvider { public function invalidateOldTokens(); /** + * Invalidate (delete) tokens last used before a given date + */ + public function invalidateLastUsedBefore(string $uid, int $before): void; + + /** * Save the updated token * * @param IToken $token diff --git a/lib/private/Authentication/Token/Manager.php b/lib/private/Authentication/Token/Manager.php index 761e799d298..6a1c7d4c1e7 100644 --- a/lib/private/Authentication/Token/Manager.php +++ b/lib/private/Authentication/Token/Manager.php @@ -204,6 +204,10 @@ class Manager implements IProvider, OCPIProvider { $this->publicKeyTokenProvider->invalidateOldTokens(); } + public function invalidateLastUsedBefore(string $uid, int $before): void { + $this->publicKeyTokenProvider->invalidateLastUsedBefore($uid, $before); + } + /** * @param IToken $token * @param string $oldTokenId diff --git a/lib/private/Authentication/Token/PublicKeyTokenMapper.php b/lib/private/Authentication/Token/PublicKeyTokenMapper.php index 8feb275b3b7..f150576a623 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenMapper.php +++ b/lib/private/Authentication/Token/PublicKeyTokenMapper.php @@ -69,6 +69,15 @@ class PublicKeyTokenMapper extends QBMapper { ->execute(); } + public function invalidateLastUsedBefore(string $uid, int $before): int { + $qb = $this->db->getQueryBuilder(); + return $qb->delete($this->tableName) + ->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid))) + ->andWhere($qb->expr()->lt('last_activity', $qb->createNamedParameter($before, IQueryBuilder::PARAM_INT))) + ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT))) + ->executeStatement(); + } + /** * Get the user UID for the given token * diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index f5fcd4dcef2..3fb11611076 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -273,6 +273,12 @@ class PublicKeyTokenProvider implements IProvider { $this->mapper->invalidateOld($rememberThreshold, IToken::REMEMBER); } + public function invalidateLastUsedBefore(string $uid, int $before): void { + $this->cache->clear(); + + $this->mapper->invalidateLastUsedBefore($uid, $before); + } + public function updateToken(IToken $token) { $this->cache->clear(); |