diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-08-13 15:53:17 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-09-09 14:03:29 +0200 |
| commit | 19cc757531959a14df40a79d550c82b39e4bc5a2 (patch) | |
| tree | ff8742a5038b7999898b62d68eb8716cbbed9d4b /lib/public/Security | |
| parent | 9be939300ae0e426d9818756f83f6f09733307fe (diff) | |
| download | nextcloud-server-19cc757531959a14df40a79d550c82b39e4bc5a2.tar.gz nextcloud-server-19cc757531959a14df40a79d550c82b39e4bc5a2.zip | |
move verification token logic out of lost password controller
- to make it reusable
- needed for local email verification
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'lib/public/Security')
| -rw-r--r-- | lib/public/Security/VerificationToken/IVerificationToken.php | 55 | ||||
| -rw-r--r-- | lib/public/Security/VerificationToken/InvalidTokenException.php | 74 |
2 files changed, 129 insertions, 0 deletions
diff --git a/lib/public/Security/VerificationToken/IVerificationToken.php b/lib/public/Security/VerificationToken/IVerificationToken.php new file mode 100644 index 00000000000..12c03178fb6 --- /dev/null +++ b/lib/public/Security/VerificationToken/IVerificationToken.php @@ -0,0 +1,55 @@ +<?php + +declare(strict_types=1); + +/** + * @copyright Copyright (c) 2021 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + * + */ + +namespace OCP\Security\VerificationToken; + +use OCP\IUser; + +/** + * @since 23.0.0 + */ +interface IVerificationToken { + + /** + * Checks whether the a provided tokent matches a stored token and its + * constraints. An InvalidTokenException is thrown on issues, otherwise + * the check is successful. + * + * null can be passed as $user, but mind that this is for conveniently + * passing the return of IUserManager::getUser() to this method. When + * $user is null, InvalidTokenException is thrown for all the issued + * tokens are user related. + * + * @throws InvalidTokenException + * @since 23.0.0 + */ + public function check(string $token, ?IUser $user, string $subject, string $passwordPrefix = ''): void; + + /** + * @since 23.0.0 + */ + public function create(IUser $user, string $subject, string $passwordPrefix = ''): string; +} diff --git a/lib/public/Security/VerificationToken/InvalidTokenException.php b/lib/public/Security/VerificationToken/InvalidTokenException.php new file mode 100644 index 00000000000..5c8144c5c74 --- /dev/null +++ b/lib/public/Security/VerificationToken/InvalidTokenException.php @@ -0,0 +1,74 @@ +<?php + +declare(strict_types=1); + +/** + * @copyright Copyright (c) 2021 Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @author Arthur Schiwon <blizzz@arthur-schiwon.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/>. + * + */ + +namespace OCP\Security\VerificationToken; + +/** @since 23.0.0 */ +class InvalidTokenException extends \Exception { + + /** + * @since 23.0.0 + */ + public function __construct(int $code) { + parent::__construct('', $code); + } + + /** + * @var int + * @since 23.0.0 + */ + public const USER_UNKNOWN = 1; + + /** + * @var int + * @since 23.0.0 + */ + public const TOKEN_NOT_FOUND = 2; + + /** + * @var int + * @since 23.0.0 + */ + public const TOKEN_DECRYPTION_ERROR = 3; + + /** + * @var int + * @since 23.0.0 + */ + public const TOKEN_INVALID_FORMAT = 4; + + /** + * @var int + * @since 23.0.0 + */ + public const TOKEN_EXPIRED = 5; + + /** + * @var int + * @since 23.0.0 + */ + public const TOKEN_MISMATCH = 6; +} |