aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Security
diff options
context:
space:
mode:
authorJ0WI <J0WI@users.noreply.github.com>2021-04-19 15:50:30 +0200
committerJ0WI <J0WI@users.noreply.github.com>2021-04-19 17:31:12 +0200
commitca7b37ce5a5c68ea4a105377754005a772c5deaa (patch)
tree2df753ec57b8f5b51324d2e0bc4a361179dc2967 /lib/private/Security
parent9a69b8839389f133db55a41e1c2ba4435fd50c19 (diff)
downloadnextcloud-server-ca7b37ce5a5c68ea4a105377754005a772c5deaa.tar.gz
nextcloud-server-ca7b37ce5a5c68ea4a105377754005a772c5deaa.zip
Make Security module strict
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
Diffstat (limited to 'lib/private/Security')
-rw-r--r--lib/private/Security/Bruteforce/Capabilities.php5
-rw-r--r--lib/private/Security/Certificate.php23
-rw-r--r--lib/private/Security/CertificateManager.php22
-rw-r--r--lib/private/Security/CredentialsManager.php17
-rw-r--r--lib/private/Security/TrustedDomainHelper.php7
5 files changed, 45 insertions, 29 deletions
diff --git a/lib/private/Security/Bruteforce/Capabilities.php b/lib/private/Security/Bruteforce/Capabilities.php
index 7547348ce34..7c4c2a13671 100644
--- a/lib/private/Security/Bruteforce/Capabilities.php
+++ b/lib/private/Security/Bruteforce/Capabilities.php
@@ -1,4 +1,7 @@
<?php
+
+declare(strict_types=1);
+
/**
* @copyright Copyright (c) 2017 Roeland Jago Douma <roeland@famdouma.nl>
*
@@ -46,7 +49,7 @@ class Capabilities implements IPublicCapability {
$this->throttler = $throttler;
}
- public function getCapabilities() {
+ public function getCapabilities(): array {
if (version_compare(\OC::$server->getConfig()->getSystemValue('version', '0.0.0.0'), '12.0.0.0', '<')) {
return [];
}
diff --git a/lib/private/Security/Certificate.php b/lib/private/Security/Certificate.php
index c89122f9a4b..e299f9d2b8f 100644
--- a/lib/private/Security/Certificate.php
+++ b/lib/private/Security/Certificate.php
@@ -1,4 +1,7 @@
<?php
+
+declare(strict_types=1);
+
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
*
@@ -49,7 +52,7 @@ class Certificate implements ICertificate {
* @param string $name
* @throws \Exception If the certificate could not get parsed
*/
- public function __construct($data, $name) {
+ public function __construct(string $data, string $name) {
$this->name = $name;
$gmt = new \DateTimeZone('GMT');
@@ -75,42 +78,42 @@ class Certificate implements ICertificate {
/**
* @return string
*/
- public function getName() {
+ public function getName(): string {
return $this->name;
}
/**
* @return string|null
*/
- public function getCommonName() {
+ public function getCommonName(): ?string {
return $this->commonName;
}
/**
- * @return string
+ * @return string|null
*/
- public function getOrganization() {
+ public function getOrganization(): ?string {
return $this->organization;
}
/**
* @return \DateTime
*/
- public function getIssueDate() {
+ public function getIssueDate(): \DateTime {
return $this->issueDate;
}
/**
* @return \DateTime
*/
- public function getExpireDate() {
+ public function getExpireDate(): \DateTime {
return $this->expireDate;
}
/**
* @return bool
*/
- public function isExpired() {
+ public function isExpired(): bool {
$now = new \DateTime();
return $this->issueDate > $now or $now > $this->expireDate;
}
@@ -118,14 +121,14 @@ class Certificate implements ICertificate {
/**
* @return string|null
*/
- public function getIssuerName() {
+ public function getIssuerName(): ?string {
return $this->issuerName;
}
/**
* @return string|null
*/
- public function getIssuerOrganization() {
+ public function getIssuerOrganization(): ?string {
return $this->issuerOrganization;
}
}
diff --git a/lib/private/Security/CertificateManager.php b/lib/private/Security/CertificateManager.php
index ef0c6563320..9734f9b6446 100644
--- a/lib/private/Security/CertificateManager.php
+++ b/lib/private/Security/CertificateManager.php
@@ -1,4 +1,7 @@
<?php
+
+declare(strict_types=1);
+
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
*
@@ -30,6 +33,7 @@
namespace OC\Security;
use OC\Files\Filesystem;
+use OCP\ICertificate;
use OCP\ICertificateManager;
use OCP\IConfig;
use OCP\ILogger;
@@ -78,7 +82,7 @@ class CertificateManager implements ICertificateManager {
*
* @return \OCP\ICertificate[]
*/
- public function listCertificates() {
+ public function listCertificates(): array {
if (!$this->config->getSystemValue('installed', false)) {
return [];
}
@@ -130,7 +134,7 @@ class CertificateManager implements ICertificateManager {
/**
* create the certificate bundle of all trusted certificated
*/
- public function createCertificateBundle() {
+ public function createCertificateBundle(): void {
$path = $this->getPathToCertificates();
$certs = $this->listCertificates();
@@ -182,7 +186,7 @@ class CertificateManager implements ICertificateManager {
* @return \OCP\ICertificate
* @throws \Exception If the certificate could not get added
*/
- public function addCertificate($certificate, $name) {
+ public function addCertificate(string $certificate, string $name): ICertificate {
if (!Filesystem::isValidPath($name) or Filesystem::isFileBlacklisted($name)) {
throw new \Exception('Filename is not valid');
}
@@ -209,7 +213,7 @@ class CertificateManager implements ICertificateManager {
* @param string $name
* @return bool
*/
- public function removeCertificate($name) {
+ public function removeCertificate(string $name): bool {
if (!Filesystem::isValidPath($name)) {
return false;
}
@@ -226,7 +230,7 @@ class CertificateManager implements ICertificateManager {
*
* @return string
*/
- public function getCertificateBundle() {
+ public function getCertificateBundle(): string {
return $this->getPathToCertificates() . 'rootcerts.crt';
}
@@ -235,7 +239,7 @@ class CertificateManager implements ICertificateManager {
*
* @return string
*/
- public function getAbsoluteBundlePath() {
+ public function getAbsoluteBundlePath(): string {
if (!$this->hasCertificates()) {
return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt';
}
@@ -250,7 +254,7 @@ class CertificateManager implements ICertificateManager {
/**
* @return string
*/
- private function getPathToCertificates() {
+ private function getPathToCertificates(): string {
return '/files_external/';
}
@@ -259,7 +263,7 @@ class CertificateManager implements ICertificateManager {
*
* @return bool
*/
- private function needsRebundling() {
+ private function needsRebundling(): bool {
$targetBundle = $this->getCertificateBundle();
if (!$this->view->file_exists($targetBundle)) {
return true;
@@ -274,7 +278,7 @@ class CertificateManager implements ICertificateManager {
*
* @return int
*/
- protected function getFilemtimeOfCaBundle() {
+ protected function getFilemtimeOfCaBundle(): int {
return filemtime(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt');
}
}
diff --git a/lib/private/Security/CredentialsManager.php b/lib/private/Security/CredentialsManager.php
index 7ba8a0020ff..4688bea8dcf 100644
--- a/lib/private/Security/CredentialsManager.php
+++ b/lib/private/Security/CredentialsManager.php
@@ -1,4 +1,7 @@
<?php
+
+declare(strict_types=1);
+
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
*
@@ -59,11 +62,11 @@ class CredentialsManager implements ICredentialsManager {
* @param string $identifier
* @param mixed $credentials
*/
- public function store($userId, $identifier, $credentials) {
+ public function store(string $userId, string $identifier, $credentials): void {
$value = $this->crypto->encrypt(json_encode($credentials));
$this->dbConnection->setValues(self::DB_TABLE, [
- 'user' => (string)$userId,
+ 'user' => $userId,
'identifier' => $identifier,
], [
'credentials' => $value,
@@ -77,7 +80,7 @@ class CredentialsManager implements ICredentialsManager {
* @param string $identifier
* @return mixed
*/
- public function retrieve($userId, $identifier) {
+ public function retrieve(string $userId, string $identifier) {
$qb = $this->dbConnection->getQueryBuilder();
$qb->select('credentials')
->from(self::DB_TABLE)
@@ -86,7 +89,7 @@ class CredentialsManager implements ICredentialsManager {
if ($userId === '') {
$qb->andWhere($qb->expr()->emptyString('user'));
} else {
- $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)));
+ $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter($userId)));
}
$qResult = $qb->execute();
@@ -108,7 +111,7 @@ class CredentialsManager implements ICredentialsManager {
* @param string $identifier
* @return int rows removed
*/
- public function delete($userId, $identifier) {
+ public function delete(string $userId, string $identifier): int {
$qb = $this->dbConnection->getQueryBuilder();
$qb->delete(self::DB_TABLE)
->where($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier)));
@@ -116,7 +119,7 @@ class CredentialsManager implements ICredentialsManager {
if ($userId === '') {
$qb->andWhere($qb->expr()->emptyString('user'));
} else {
- $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId)));
+ $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter($userId)));
}
return $qb->execute();
@@ -128,7 +131,7 @@ class CredentialsManager implements ICredentialsManager {
* @param string $userId
* @return int rows removed
*/
- public function erase($userId) {
+ public function erase(string $userId): int {
$qb = $this->dbConnection->getQueryBuilder();
$qb->delete(self::DB_TABLE)
->where($qb->expr()->eq('user', $qb->createNamedParameter($userId)))
diff --git a/lib/private/Security/TrustedDomainHelper.php b/lib/private/Security/TrustedDomainHelper.php
index 8004bf7dc6f..f99b505157a 100644
--- a/lib/private/Security/TrustedDomainHelper.php
+++ b/lib/private/Security/TrustedDomainHelper.php
@@ -1,4 +1,7 @@
<?php
+
+declare(strict_types=1);
+
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
*
@@ -51,7 +54,7 @@ class TrustedDomainHelper {
* @param string $host
* @return string $host without appended port
*/
- private function getDomainWithoutPort($host) {
+ private function getDomainWithoutPort(string $host): string {
$pos = strrpos($host, ':');
if ($pos !== false) {
$port = substr($host, $pos + 1);
@@ -71,7 +74,7 @@ class TrustedDomainHelper {
* @return bool true if the given domain is trusted or if no trusted domains
* have been configured
*/
- public function isTrustedDomain($domainWithPort) {
+ public function isTrustedDomain(string $domainWithPort): bool {
// overwritehost is always trusted
if ($this->config->getSystemValue('overwritehost') !== '') {
return true;