diff options
author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2016-10-31 09:36:55 +0100 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2016-11-02 13:39:16 +0100 |
commit | 6f86e468d4d9bcf50143e37905923d74ac423a7e (patch) | |
tree | d44b5584342456f3eb904aaf726b92c3ee607d64 /lib/private | |
parent | d907666232468503ab6ed2bdac44b6500be2beb6 (diff) | |
download | nextcloud-server-6f86e468d4d9bcf50143e37905923d74ac423a7e.tar.gz nextcloud-server-6f86e468d4d9bcf50143e37905923d74ac423a7e.zip |
inject ISecureRandom into user session and use injected config too
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'lib/private')
-rw-r--r-- | lib/private/Server.php | 2 | ||||
-rw-r--r-- | lib/private/User/Session.php | 29 |
2 files changed, 19 insertions, 12 deletions
diff --git a/lib/private/Server.php b/lib/private/Server.php index 7931e08074b..d911d603031 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -242,7 +242,7 @@ class Server extends ServerContainer implements IServerContainer { $defaultTokenProvider = null; } - $userSession = new \OC\User\Session($manager, $session, $timeFactory, $defaultTokenProvider, $c->getConfig()); + $userSession = new \OC\User\Session($manager, $session, $timeFactory, $defaultTokenProvider, $c->getConfig(), $c->getSecureRandom()); $userSession->listen('\OC\User', 'preCreateUser', function ($uid, $password) { \OC_Hook::emit('OC_User', 'pre_createUser', array('run' => true, 'uid' => $uid, 'password' => $password)); }); diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 68f17747a08..7215cbe4188 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -48,6 +48,7 @@ use OCP\ISession; use OCP\IUser; use OCP\IUserManager; use OCP\IUserSession; +use OCP\Security\ISecureRandom; use OCP\Session\Exceptions\SessionNotAvailableException; use OCP\Util; @@ -89,23 +90,29 @@ class Session implements IUserSession, Emitter { /** @var User $activeUser */ protected $activeUser; + /** @var ISecureRandom */ + private $random; + /** * @param IUserManager $manager * @param ISession $session * @param ITimeFactory $timeFacory * @param IProvider $tokenProvider * @param IConfig $config + * @param ISecureRandom $random */ public function __construct(IUserManager $manager, ISession $session, ITimeFactory $timeFacory, $tokenProvider, - IConfig $config) { + IConfig $config, + ISecureRandom $random) { $this->manager = $manager; $this->session = $session; $this->timeFacory = $timeFacory; $this->tokenProvider = $tokenProvider; $this->config = $config; + $this->random = $random; } /** @@ -701,7 +708,7 @@ class Session implements IUserSession, Emitter { } // replace successfully used token with a new one $this->config->deleteUserValue($uid, 'login_token', $currentToken); - $newToken = OC::$server->getSecureRandom()->generate(32); + $newToken = $this->random->generate(32); $this->config->setUserValue($uid, 'login_token', $newToken, $this->timeFacory->getTime()); try { @@ -726,8 +733,8 @@ class Session implements IUserSession, Emitter { * @param IUser $user */ public function createRememberMeToken(IUser $user) { - $token = OC::$server->getSecureRandom()->generate(32); - $this->config->setUserValue($user->getUID(), 'login_token', $token, time()); + $token = $this->random->generate(32); + $this->config->setUserValue($user->getUID(), 'login_token', $token, $this->timeFacory->getTime()); $this->setMagicInCookie($user->getUID(), $token); } @@ -763,7 +770,7 @@ class Session implements IUserSession, Emitter { $webRoot = '/'; } - $expires = $this->timeFacory->getTime() + OC::$server->getConfig()->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); + $expires = $this->timeFacory->getTime() + $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); setcookie('nc_username', $username, $expires, $webRoot, '', $secureCookie, true); setcookie('nc_token', $token, $expires, $webRoot, '', $secureCookie, true); try { @@ -783,14 +790,14 @@ class Session implements IUserSession, Emitter { unset($_COOKIE['nc_username']); //TODO: DI unset($_COOKIE['nc_token']); unset($_COOKIE['nc_session_id']); - setcookie('nc_username', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true); - setcookie('nc_token', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true); - setcookie('nc_session_id', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true); + setcookie('nc_username', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT, '', $secureCookie, true); + setcookie('nc_token', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT, '', $secureCookie, true); + setcookie('nc_session_id', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT, '', $secureCookie, true); // old cookies might be stored under /webroot/ instead of /webroot // and Firefox doesn't like it! - setcookie('nc_username', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); - setcookie('nc_token', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); - setcookie('nc_session_id', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); + setcookie('nc_username', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); + setcookie('nc_token', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); + setcookie('nc_session_id', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); } /** |