diff options
author | J0WI <J0WI@users.noreply.github.com> | 2021-04-19 15:50:30 +0200 |
---|---|---|
committer | J0WI <J0WI@users.noreply.github.com> | 2021-04-19 17:31:12 +0200 |
commit | ca7b37ce5a5c68ea4a105377754005a772c5deaa (patch) | |
tree | 2df753ec57b8f5b51324d2e0bc4a361179dc2967 /lib/private/Security | |
parent | 9a69b8839389f133db55a41e1c2ba4435fd50c19 (diff) | |
download | nextcloud-server-ca7b37ce5a5c68ea4a105377754005a772c5deaa.tar.gz nextcloud-server-ca7b37ce5a5c68ea4a105377754005a772c5deaa.zip |
Make Security module strict
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
Diffstat (limited to 'lib/private/Security')
-rw-r--r-- | lib/private/Security/Bruteforce/Capabilities.php | 5 | ||||
-rw-r--r-- | lib/private/Security/Certificate.php | 23 | ||||
-rw-r--r-- | lib/private/Security/CertificateManager.php | 22 | ||||
-rw-r--r-- | lib/private/Security/CredentialsManager.php | 17 | ||||
-rw-r--r-- | lib/private/Security/TrustedDomainHelper.php | 7 |
5 files changed, 45 insertions, 29 deletions
diff --git a/lib/private/Security/Bruteforce/Capabilities.php b/lib/private/Security/Bruteforce/Capabilities.php index 7547348ce34..7c4c2a13671 100644 --- a/lib/private/Security/Bruteforce/Capabilities.php +++ b/lib/private/Security/Bruteforce/Capabilities.php @@ -1,4 +1,7 @@ <?php + +declare(strict_types=1); + /** * @copyright Copyright (c) 2017 Roeland Jago Douma <roeland@famdouma.nl> * @@ -46,7 +49,7 @@ class Capabilities implements IPublicCapability { $this->throttler = $throttler; } - public function getCapabilities() { + public function getCapabilities(): array { if (version_compare(\OC::$server->getConfig()->getSystemValue('version', '0.0.0.0'), '12.0.0.0', '<')) { return []; } diff --git a/lib/private/Security/Certificate.php b/lib/private/Security/Certificate.php index c89122f9a4b..e299f9d2b8f 100644 --- a/lib/private/Security/Certificate.php +++ b/lib/private/Security/Certificate.php @@ -1,4 +1,7 @@ <?php + +declare(strict_types=1); + /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -49,7 +52,7 @@ class Certificate implements ICertificate { * @param string $name * @throws \Exception If the certificate could not get parsed */ - public function __construct($data, $name) { + public function __construct(string $data, string $name) { $this->name = $name; $gmt = new \DateTimeZone('GMT'); @@ -75,42 +78,42 @@ class Certificate implements ICertificate { /** * @return string */ - public function getName() { + public function getName(): string { return $this->name; } /** * @return string|null */ - public function getCommonName() { + public function getCommonName(): ?string { return $this->commonName; } /** - * @return string + * @return string|null */ - public function getOrganization() { + public function getOrganization(): ?string { return $this->organization; } /** * @return \DateTime */ - public function getIssueDate() { + public function getIssueDate(): \DateTime { return $this->issueDate; } /** * @return \DateTime */ - public function getExpireDate() { + public function getExpireDate(): \DateTime { return $this->expireDate; } /** * @return bool */ - public function isExpired() { + public function isExpired(): bool { $now = new \DateTime(); return $this->issueDate > $now or $now > $this->expireDate; } @@ -118,14 +121,14 @@ class Certificate implements ICertificate { /** * @return string|null */ - public function getIssuerName() { + public function getIssuerName(): ?string { return $this->issuerName; } /** * @return string|null */ - public function getIssuerOrganization() { + public function getIssuerOrganization(): ?string { return $this->issuerOrganization; } } diff --git a/lib/private/Security/CertificateManager.php b/lib/private/Security/CertificateManager.php index ef0c6563320..9734f9b6446 100644 --- a/lib/private/Security/CertificateManager.php +++ b/lib/private/Security/CertificateManager.php @@ -1,4 +1,7 @@ <?php + +declare(strict_types=1); + /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -30,6 +33,7 @@ namespace OC\Security; use OC\Files\Filesystem; +use OCP\ICertificate; use OCP\ICertificateManager; use OCP\IConfig; use OCP\ILogger; @@ -78,7 +82,7 @@ class CertificateManager implements ICertificateManager { * * @return \OCP\ICertificate[] */ - public function listCertificates() { + public function listCertificates(): array { if (!$this->config->getSystemValue('installed', false)) { return []; } @@ -130,7 +134,7 @@ class CertificateManager implements ICertificateManager { /** * create the certificate bundle of all trusted certificated */ - public function createCertificateBundle() { + public function createCertificateBundle(): void { $path = $this->getPathToCertificates(); $certs = $this->listCertificates(); @@ -182,7 +186,7 @@ class CertificateManager implements ICertificateManager { * @return \OCP\ICertificate * @throws \Exception If the certificate could not get added */ - public function addCertificate($certificate, $name) { + public function addCertificate(string $certificate, string $name): ICertificate { if (!Filesystem::isValidPath($name) or Filesystem::isFileBlacklisted($name)) { throw new \Exception('Filename is not valid'); } @@ -209,7 +213,7 @@ class CertificateManager implements ICertificateManager { * @param string $name * @return bool */ - public function removeCertificate($name) { + public function removeCertificate(string $name): bool { if (!Filesystem::isValidPath($name)) { return false; } @@ -226,7 +230,7 @@ class CertificateManager implements ICertificateManager { * * @return string */ - public function getCertificateBundle() { + public function getCertificateBundle(): string { return $this->getPathToCertificates() . 'rootcerts.crt'; } @@ -235,7 +239,7 @@ class CertificateManager implements ICertificateManager { * * @return string */ - public function getAbsoluteBundlePath() { + public function getAbsoluteBundlePath(): string { if (!$this->hasCertificates()) { return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; } @@ -250,7 +254,7 @@ class CertificateManager implements ICertificateManager { /** * @return string */ - private function getPathToCertificates() { + private function getPathToCertificates(): string { return '/files_external/'; } @@ -259,7 +263,7 @@ class CertificateManager implements ICertificateManager { * * @return bool */ - private function needsRebundling() { + private function needsRebundling(): bool { $targetBundle = $this->getCertificateBundle(); if (!$this->view->file_exists($targetBundle)) { return true; @@ -274,7 +278,7 @@ class CertificateManager implements ICertificateManager { * * @return int */ - protected function getFilemtimeOfCaBundle() { + protected function getFilemtimeOfCaBundle(): int { return filemtime(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); } } diff --git a/lib/private/Security/CredentialsManager.php b/lib/private/Security/CredentialsManager.php index 7ba8a0020ff..4688bea8dcf 100644 --- a/lib/private/Security/CredentialsManager.php +++ b/lib/private/Security/CredentialsManager.php @@ -1,4 +1,7 @@ <?php + +declare(strict_types=1); + /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -59,11 +62,11 @@ class CredentialsManager implements ICredentialsManager { * @param string $identifier * @param mixed $credentials */ - public function store($userId, $identifier, $credentials) { + public function store(string $userId, string $identifier, $credentials): void { $value = $this->crypto->encrypt(json_encode($credentials)); $this->dbConnection->setValues(self::DB_TABLE, [ - 'user' => (string)$userId, + 'user' => $userId, 'identifier' => $identifier, ], [ 'credentials' => $value, @@ -77,7 +80,7 @@ class CredentialsManager implements ICredentialsManager { * @param string $identifier * @return mixed */ - public function retrieve($userId, $identifier) { + public function retrieve(string $userId, string $identifier) { $qb = $this->dbConnection->getQueryBuilder(); $qb->select('credentials') ->from(self::DB_TABLE) @@ -86,7 +89,7 @@ class CredentialsManager implements ICredentialsManager { if ($userId === '') { $qb->andWhere($qb->expr()->emptyString('user')); } else { - $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId))); + $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter($userId))); } $qResult = $qb->execute(); @@ -108,7 +111,7 @@ class CredentialsManager implements ICredentialsManager { * @param string $identifier * @return int rows removed */ - public function delete($userId, $identifier) { + public function delete(string $userId, string $identifier): int { $qb = $this->dbConnection->getQueryBuilder(); $qb->delete(self::DB_TABLE) ->where($qb->expr()->eq('identifier', $qb->createNamedParameter($identifier))); @@ -116,7 +119,7 @@ class CredentialsManager implements ICredentialsManager { if ($userId === '') { $qb->andWhere($qb->expr()->emptyString('user')); } else { - $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter((string)$userId))); + $qb->andWhere($qb->expr()->eq('user', $qb->createNamedParameter($userId))); } return $qb->execute(); @@ -128,7 +131,7 @@ class CredentialsManager implements ICredentialsManager { * @param string $userId * @return int rows removed */ - public function erase($userId) { + public function erase(string $userId): int { $qb = $this->dbConnection->getQueryBuilder(); $qb->delete(self::DB_TABLE) ->where($qb->expr()->eq('user', $qb->createNamedParameter($userId))) diff --git a/lib/private/Security/TrustedDomainHelper.php b/lib/private/Security/TrustedDomainHelper.php index 8004bf7dc6f..f99b505157a 100644 --- a/lib/private/Security/TrustedDomainHelper.php +++ b/lib/private/Security/TrustedDomainHelper.php @@ -1,4 +1,7 @@ <?php + +declare(strict_types=1); + /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -51,7 +54,7 @@ class TrustedDomainHelper { * @param string $host * @return string $host without appended port */ - private function getDomainWithoutPort($host) { + private function getDomainWithoutPort(string $host): string { $pos = strrpos($host, ':'); if ($pos !== false) { $port = substr($host, $pos + 1); @@ -71,7 +74,7 @@ class TrustedDomainHelper { * @return bool true if the given domain is trusted or if no trusted domains * have been configured */ - public function isTrustedDomain($domainWithPort) { + public function isTrustedDomain(string $domainWithPort): bool { // overwritehost is always trusted if ($this->config->getSystemValue('overwritehost') !== '') { return true; |