diff options
author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2018-03-05 19:28:10 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-03-05 19:28:10 +0100 |
commit | 545737340711d1622ee18474b1f56feb76f96f3d (patch) | |
tree | 58dce611478ce43a9df052741d0622c1e3dece93 /lib/private/Security | |
parent | f72e9ae8a69bdc43738552c89eeee8aafb7b9d0f (diff) | |
parent | d1791864303f97011318fc41d2cc0914e2aa1c11 (diff) | |
download | nextcloud-server-545737340711d1622ee18474b1f56feb76f96f3d.tar.gz nextcloud-server-545737340711d1622ee18474b1f56feb76f96f3d.zip |
Merge pull request #8659 from nextcloud/csrf_token_strict
Make \OC\Security\CSRF strict
Diffstat (limited to 'lib/private/Security')
-rw-r--r-- | lib/private/Security/CSRF/CsrfToken.php | 11 | ||||
-rw-r--r-- | lib/private/Security/CSRF/CsrfTokenGenerator.php | 3 | ||||
-rw-r--r-- | lib/private/Security/CSRF/CsrfTokenManager.php | 9 | ||||
-rw-r--r-- | lib/private/Security/CSRF/TokenStorage/SessionStorage.php | 7 |
4 files changed, 17 insertions, 13 deletions
diff --git a/lib/private/Security/CSRF/CsrfToken.php b/lib/private/Security/CSRF/CsrfToken.php index d9e27ff80e3..643e58e1d53 100644 --- a/lib/private/Security/CSRF/CsrfToken.php +++ b/lib/private/Security/CSRF/CsrfToken.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -40,7 +41,7 @@ class CsrfToken { /** * @param string $value Value of the token. Can be encrypted or not encrypted. */ - public function __construct($value) { + public function __construct(string $value) { $this->value = $value; } @@ -50,9 +51,9 @@ class CsrfToken { * * @return string */ - public function getEncryptedValue() { + public function getEncryptedValue(): string { if($this->encryptedValue === '') { - $sharedSecret = random_bytes(strlen($this->value)); + $sharedSecret = random_bytes(\strlen($this->value)); $this->encryptedValue = base64_encode($this->value ^ $sharedSecret) . ':' . base64_encode($sharedSecret); } @@ -65,9 +66,9 @@ class CsrfToken { * * @return string */ - public function getDecryptedValue() { + public function getDecryptedValue(): string { $token = explode(':', $this->value); - if (count($token) !== 2) { + if (\count($token) !== 2) { return ''; } $obfuscatedToken = $token[0]; diff --git a/lib/private/Security/CSRF/CsrfTokenGenerator.php b/lib/private/Security/CSRF/CsrfTokenGenerator.php index 85207956e1a..be628ea176c 100644 --- a/lib/private/Security/CSRF/CsrfTokenGenerator.php +++ b/lib/private/Security/CSRF/CsrfTokenGenerator.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -47,7 +48,7 @@ class CsrfTokenGenerator { * @param int $length Length of the token in characters. * @return string */ - public function generateToken($length = 32) { + public function generateToken(int $length = 32): string { return $this->random->generate($length); } } diff --git a/lib/private/Security/CSRF/CsrfTokenManager.php b/lib/private/Security/CSRF/CsrfTokenManager.php index b43ca3d3679..deacd1f512c 100644 --- a/lib/private/Security/CSRF/CsrfTokenManager.php +++ b/lib/private/Security/CSRF/CsrfTokenManager.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -52,8 +53,8 @@ class CsrfTokenManager { * * @return CsrfToken */ - public function getToken() { - if(!is_null($this->csrfToken)) { + public function getToken(): CsrfToken { + if(!\is_null($this->csrfToken)) { return $this->csrfToken; } @@ -73,7 +74,7 @@ class CsrfTokenManager { * * @return CsrfToken */ - public function refreshToken() { + public function refreshToken(): CsrfToken { $value = $this->tokenGenerator->generateToken(); $this->sessionStorage->setToken($value); $this->csrfToken = new CsrfToken($value); @@ -94,7 +95,7 @@ class CsrfTokenManager { * @param CsrfToken $token * @return bool */ - public function isTokenValid(CsrfToken $token) { + public function isTokenValid(CsrfToken $token): bool { if(!$this->sessionStorage->hasToken()) { return false; } diff --git a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php index 946330b0c8c..b35e148c7ce 100644 --- a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php +++ b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2016, ownCloud, Inc. * @@ -54,7 +55,7 @@ class SessionStorage { * @return string * @throws \Exception */ - public function getToken() { + public function getToken(): string { $token = $this->session->get('requesttoken'); if(empty($token)) { throw new \Exception('Session does not contain a requesttoken'); @@ -68,7 +69,7 @@ class SessionStorage { * * @param string $value */ - public function setToken($value) { + public function setToken(string $value) { $this->session->set('requesttoken', $value); } @@ -83,7 +84,7 @@ class SessionStorage { * * @return bool */ - public function hasToken() { + public function hasToken(): bool { return $this->session->exists('requesttoken'); } } |