diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2021-06-16 17:03:33 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2021-06-18 09:42:32 +0200 |
| commit | dbed0ce6805f050d4ad08bbb073ca4b408f6a933 (patch) | |
| tree | 5f8ce58f2f44c00247d7f21b5d38722b6395d58f /lib/private/Authentication | |
| parent | ff8cfbb24e49540362c9d9683c14daa40d07f495 (diff) | |
| download | nextcloud-server-dbed0ce6805f050d4ad08bbb073ca4b408f6a933.tar.gz nextcloud-server-dbed0ce6805f050d4ad08bbb073ca4b408f6a933.zip | |
Properly cleanup entries of WebAuthn on user deletion
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Diffstat (limited to 'lib/private/Authentication')
| -rw-r--r-- | lib/private/Authentication/Listeners/UserDeletedWebAuthnCleanupListener.php | 50 | ||||
| -rw-r--r-- | lib/private/Authentication/WebAuthn/Db/PublicKeyCredentialMapper.php | 13 |
2 files changed, 63 insertions, 0 deletions
diff --git a/lib/private/Authentication/Listeners/UserDeletedWebAuthnCleanupListener.php b/lib/private/Authentication/Listeners/UserDeletedWebAuthnCleanupListener.php new file mode 100644 index 00000000000..a56ac3bd54e --- /dev/null +++ b/lib/private/Authentication/Listeners/UserDeletedWebAuthnCleanupListener.php @@ -0,0 +1,50 @@ +<?php + +declare(strict_types=1); + +/** + * @copyright Copyright (c) 2021 Morris Jobke <hey@morrisjobke.de> + * + * @author Morris Jobke <hey@morrisjobke.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OC\Authentication\Listeners; + +use OC\Authentication\WebAuthn\Db\PublicKeyCredentialMapper; +use OCP\EventDispatcher\Event; +use OCP\EventDispatcher\IEventListener; +use OCP\User\Events\UserDeletedEvent; + +class UserDeletedWebAuthnCleanupListener implements IEventListener { + + /** @var PublicKeyCredentialMapper */ + private $credentialMapper; + + public function __construct(PublicKeyCredentialMapper $credentialMapper) { + $this->credentialMapper = $credentialMapper; + } + + public function handle(Event $event): void { + if (!($event instanceof UserDeletedEvent)) { + return; + } + + $this->credentialMapper->deleteByUid($event->getUser()->getUID()); + } +} diff --git a/lib/private/Authentication/WebAuthn/Db/PublicKeyCredentialMapper.php b/lib/private/Authentication/WebAuthn/Db/PublicKeyCredentialMapper.php index 2fbf6fd375d..72c557eb53a 100644 --- a/lib/private/Authentication/WebAuthn/Db/PublicKeyCredentialMapper.php +++ b/lib/private/Authentication/WebAuthn/Db/PublicKeyCredentialMapper.php @@ -84,4 +84,17 @@ class PublicKeyCredentialMapper extends QBMapper { return $this->findEntity($qb); } + + /** + * @throws \OCP\DB\Exception + */ + public function deleteByUid(string $uid) { + $qb = $this->db->getQueryBuilder(); + + $qb->delete($this->getTableName()) + ->where( + $qb->expr()->eq('uid', $qb->createNamedParameter($uid)) + ); + $qb->executeStatement(); + } } |