diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-01-14 11:47:00 +0100 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2018-01-14 21:08:23 +0100 |
| commit | cf0a3399970eb00621e822923f17d3d52845e0a6 (patch) | |
| tree | c7d0603711f70b29341e802e98821ca9089fa25c /lib/private/Security | |
| parent | 60f38d37fe5ca505258510adc1e106da54426510 (diff) | |
| download | nextcloud-server-cf0a3399970eb00621e822923f17d3d52845e0a6.tar.gz nextcloud-server-cf0a3399970eb00621e822923f17d3d52845e0a6.zip | |
Make OC\Security\RateLimiting strict
* Add return types
* Add scalar argument types
* Made strict
* Cleaned up phpstorm inspections
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib/private/Security')
4 files changed, 39 insertions, 30 deletions
diff --git a/lib/private/Security/RateLimiting/Backend/IBackend.php b/lib/private/Security/RateLimiting/Backend/IBackend.php index b20d27af42b..88c10fbbc8d 100644 --- a/lib/private/Security/RateLimiting/Backend/IBackend.php +++ b/lib/private/Security/RateLimiting/Backend/IBackend.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch> * @@ -39,9 +40,9 @@ interface IBackend { * @param int $seconds Seconds to look back at * @return int */ - public function getAttempts($methodIdentifier, - $userIdentifier, - $seconds); + public function getAttempts(string $methodIdentifier, + string $userIdentifier, + int $seconds): int; /** * Registers an attempt @@ -50,7 +51,7 @@ interface IBackend { * @param string $userIdentifier Identifier for the user * @param int $period Period in seconds how long this attempt should be stored */ - public function registerAttempt($methodIdentifier, - $userIdentifier, - $period); + public function registerAttempt(string $methodIdentifier, + string $userIdentifier, + int $period); } diff --git a/lib/private/Security/RateLimiting/Backend/MemoryCache.php b/lib/private/Security/RateLimiting/Backend/MemoryCache.php index 700fa624ed4..a8fb7b87d10 100644 --- a/lib/private/Security/RateLimiting/Backend/MemoryCache.php +++ b/lib/private/Security/RateLimiting/Backend/MemoryCache.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch> * @@ -54,8 +55,8 @@ class MemoryCache implements IBackend { * @param string $userIdentifier * @return string */ - private function hash($methodIdentifier, - $userIdentifier) { + private function hash(string $methodIdentifier, + string $userIdentifier): string { return hash('sha512', $methodIdentifier . $userIdentifier); } @@ -63,9 +64,14 @@ class MemoryCache implements IBackend { * @param string $identifier * @return array */ - private function getExistingAttempts($identifier) { - $cachedAttempts = json_decode($this->cache->get($identifier), true); - if(is_array($cachedAttempts)) { + private function getExistingAttempts(string $identifier): array { + $cachedAttempts = $this->cache->get($identifier); + if ($cachedAttempts === null) { + return []; + } + + $cachedAttempts = json_decode($cachedAttempts, true); + if(\is_array($cachedAttempts)) { return $cachedAttempts; } @@ -75,9 +81,9 @@ class MemoryCache implements IBackend { /** * {@inheritDoc} */ - public function getAttempts($methodIdentifier, - $userIdentifier, - $seconds) { + public function getAttempts(string $methodIdentifier, + string $userIdentifier, + int $seconds): int { $identifier = $this->hash($methodIdentifier, $userIdentifier); $existingAttempts = $this->getExistingAttempts($identifier); @@ -96,9 +102,9 @@ class MemoryCache implements IBackend { /** * {@inheritDoc} */ - public function registerAttempt($methodIdentifier, - $userIdentifier, - $period) { + public function registerAttempt(string $methodIdentifier, + string $userIdentifier, + int $period) { $identifier = $this->hash($methodIdentifier, $userIdentifier); $existingAttempts = $this->getExistingAttempts($identifier); $currentTime = $this->timeFactory->getTime(); diff --git a/lib/private/Security/RateLimiting/Exception/RateLimitExceededException.php b/lib/private/Security/RateLimiting/Exception/RateLimitExceededException.php index ffe9b534fed..ae4fa1d6c26 100644 --- a/lib/private/Security/RateLimiting/Exception/RateLimitExceededException.php +++ b/lib/private/Security/RateLimiting/Exception/RateLimitExceededException.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch> * diff --git a/lib/private/Security/RateLimiting/Limiter.php b/lib/private/Security/RateLimiting/Limiter.php index 6a4176a0d50..5267497f86f 100644 --- a/lib/private/Security/RateLimiting/Limiter.php +++ b/lib/private/Security/RateLimiting/Limiter.php @@ -1,4 +1,5 @@ <?php +declare(strict_types=1); /** * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch> * @@ -58,12 +59,12 @@ class Limiter { * @param int $limit * @throws RateLimitExceededException */ - private function register($methodIdentifier, - $userIdentifier, - $period, - $limit) { - $existingAttempts = $this->backend->getAttempts($methodIdentifier, $userIdentifier, (int)$period); - if ($existingAttempts >= (int)$limit) { + private function register(string $methodIdentifier, + string $userIdentifier, + int $period, + int $limit) { + $existingAttempts = $this->backend->getAttempts($methodIdentifier, $userIdentifier, $period); + if ($existingAttempts >= $limit) { throw new RateLimitExceededException(); } @@ -79,10 +80,10 @@ class Limiter { * @param string $ip * @throws RateLimitExceededException */ - public function registerAnonRequest($identifier, - $anonLimit, - $anonPeriod, - $ip) { + public function registerAnonRequest(string $identifier, + int $anonLimit, + int $anonPeriod, + string $ip) { $ipSubnet = (new IpAddress($ip))->getSubnet(); $anonHashIdentifier = hash('sha512', 'anon::' . $identifier . $ipSubnet); @@ -98,9 +99,9 @@ class Limiter { * @param IUser $user * @throws RateLimitExceededException */ - public function registerUserRequest($identifier, - $userLimit, - $userPeriod, + public function registerUserRequest(string $identifier, + int $userLimit, + int $userPeriod, IUser $user) { $userHashIdentifier = hash('sha512', 'user::' . $identifier . $user->getUID()); $this->register($identifier, $userHashIdentifier, $userPeriod, $userLimit); |