summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorVincent Petry <pvince81@owncloud.com>2016-05-18 16:31:53 +0200
committerVincent Petry <pvince81@owncloud.com>2016-05-18 16:31:53 +0200
commit6231b72e250f275c30228d0738155b78c2333576 (patch)
treea90bf06e5ad4418c92c698f65b05fcdac6b402d6 /lib
parenteea3c99af6444bba68245da4ac43775145e93977 (diff)
parent98b465a8b9c6900f12ca2efa5d51036b6ccc4b8b (diff)
downloadnextcloud-server-6231b72e250f275c30228d0738155b78c2333576.tar.gz
nextcloud-server-6231b72e250f275c30228d0738155b78c2333576.zip
Merge pull request #24677 from owncloud/single-token-provider
a single token provider suffices
Diffstat (limited to 'lib')
-rw-r--r--lib/private/Authentication/Token/DefaultToken.php9
-rw-r--r--lib/private/Authentication/Token/DefaultTokenProvider.php16
-rw-r--r--lib/private/Authentication/Token/IProvider.php37
-rw-r--r--lib/private/Authentication/Token/IToken.php10
-rw-r--r--lib/private/Server.php6
-rw-r--r--lib/private/User/Session.php65
6 files changed, 85 insertions, 58 deletions
diff --git a/lib/private/Authentication/Token/DefaultToken.php b/lib/private/Authentication/Token/DefaultToken.php
index 25caf675a43..08451a46151 100644
--- a/lib/private/Authentication/Token/DefaultToken.php
+++ b/lib/private/Authentication/Token/DefaultToken.php
@@ -77,5 +77,14 @@ class DefaultToken extends Entity implements IToken {
public function getUID() {
return $this->uid;
}
+
+ /**
+ * Get the (encrypted) login password
+ *
+ * @return string
+ */
+ public function getPassword() {
+ return parent::getPassword();
+ }
}
diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php
index deca5b409e8..a335b79e332 100644
--- a/lib/private/Authentication/Token/DefaultTokenProvider.php
+++ b/lib/private/Authentication/Token/DefaultTokenProvider.php
@@ -103,25 +103,27 @@ class DefaultTokenProvider implements IProvider {
}
/**
- * @param string $token
+ * Get a token by token id
+ *
+ * @param string $tokenId
* @throws InvalidTokenException
* @return DefaultToken
*/
- public function getToken($token) {
+ public function getToken($tokenId) {
try {
- return $this->mapper->getToken($this->hashToken($token));
+ return $this->mapper->getToken($this->hashToken($tokenId));
} catch (DoesNotExistException $ex) {
throw new InvalidTokenException();
}
}
/**
- * @param DefaultToken $savedToken
- * @param string $token session token
+ * @param IToken $savedToken
+ * @param string $tokenId session token
* @return string
*/
- public function getPassword(DefaultToken $savedToken, $token) {
- return $this->decryptPassword($savedToken->getPassword(), $token);
+ public function getPassword(IToken $savedToken, $tokenId) {
+ return $this->decryptPassword($savedToken->getPassword(), $tokenId);
}
/**
diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php
index f8a3262ca8b..1fd3a70fbbf 100644
--- a/lib/private/Authentication/Token/IProvider.php
+++ b/lib/private/Authentication/Token/IProvider.php
@@ -27,6 +27,27 @@ use OC\Authentication\Exceptions\InvalidTokenException;
interface IProvider {
/**
+ * Create and persist a new token
+ *
+ * @param string $token
+ * @param string $uid
+ * @param string $password
+ * @param string $name
+ * @param int $type token type
+ * @return DefaultToken
+ */
+ public function generateToken($token, $uid, $password, $name, $type = IToken::TEMPORARY_TOKEN);
+
+ /**
+ * Get a token by token id
+ *
+ * @param string $tokenId
+ * @throws InvalidTokenException
+ * @return IToken
+ */
+ public function getToken($tokenId) ;
+
+ /**
* @param string $token
* @throws InvalidTokenException
* @return IToken
@@ -34,9 +55,25 @@ interface IProvider {
public function validateToken($token);
/**
+ * Invalidate (delete) the given session token
+ *
+ * @param string $token
+ */
+ public function invalidateToken($token);
+
+ /**
* Update token activity timestamp
*
* @param IToken $token
*/
public function updateToken(IToken $token);
+
+ /**
+ * Get the (unencrypted) password of the given token
+ *
+ * @param IToken $token
+ * @param string $tokenId
+ * @return string
+ */
+ public function getPassword(IToken $token, $tokenId);
}
diff --git a/lib/private/Authentication/Token/IToken.php b/lib/private/Authentication/Token/IToken.php
index 9b2bd18f83b..2a01ea75ea9 100644
--- a/lib/private/Authentication/Token/IToken.php
+++ b/lib/private/Authentication/Token/IToken.php
@@ -22,9 +22,6 @@
namespace OC\Authentication\Token;
-/**
- * @since 9.1.0
- */
interface IToken {
const TEMPORARY_TOKEN = 0;
@@ -43,4 +40,11 @@ interface IToken {
* @return string
*/
public function getUID();
+
+ /**
+ * Get the (encrypted) login password
+ *
+ * @return string
+ */
+ public function getPassword();
}
diff --git a/lib/private/Server.php b/lib/private/Server.php
index 8ece9addd3d..a4294ee2c88 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -231,15 +231,11 @@ class Server extends ServerContainer implements IServerContainer {
// might however be called when ownCloud is not yet setup.
if (\OC::$server->getSystemConfig()->getValue('installed', false)) {
$defaultTokenProvider = $c->query('OC\Authentication\Token\DefaultTokenProvider');
- $tokenProviders = [
- $defaultTokenProvider,
- ];
} else {
$defaultTokenProvider = null;
- $tokenProviders = [];
}
- $userSession = new \OC\User\Session($manager, $session, $timeFactory, $defaultTokenProvider, $tokenProviders);
+ $userSession = new \OC\User\Session($manager, $session, $timeFactory, $defaultTokenProvider);
$userSession->listen('\OC\User', 'preCreateUser', function ($uid, $password) {
\OC_Hook::emit('OC_User', 'pre_createUser', array('run' => true, 'uid' => $uid, 'password' => $password));
});
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index c9f42d7e414..3f074fa8adf 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -35,7 +35,6 @@ namespace OC\User;
use OC;
use OC\Authentication\Exceptions\InvalidTokenException;
-use OC\Authentication\Token\DefaultTokenProvider;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OC\Hooks\Emitter;
@@ -69,35 +68,20 @@ use OCP\Session\Exceptions\SessionNotAvailableException;
* @package OC\User
*/
class Session implements IUserSession, Emitter {
- /*
- * @var Manager $manager
- */
-
+
+ /** @var Manager $manager */
private $manager;
- /*
- * @var ISession $session
- */
+ /** @var ISession $session */
private $session;
- /*
- * @var ITimeFactory
- */
+ /** @var ITimeFactory */
private $timeFacory;
- /**
- * @var DefaultTokenProvider
- */
+ /** @var IProvider */
private $tokenProvider;
- /**
- * @var IProvider[]
- */
- private $tokenProviders;
-
- /**
- * @var User $activeUser
- */
+ /** @var User $activeUser */
protected $activeUser;
/**
@@ -105,20 +89,18 @@ class Session implements IUserSession, Emitter {
* @param ISession $session
* @param ITimeFactory $timeFacory
* @param IProvider $tokenProvider
- * @param IProvider[] $tokenProviders
*/
- public function __construct(IUserManager $manager, ISession $session, ITimeFactory $timeFacory, $tokenProvider, array $tokenProviders = []) {
+ public function __construct(IUserManager $manager, ISession $session, ITimeFactory $timeFacory, $tokenProvider) {
$this->manager = $manager;
$this->session = $session;
$this->timeFacory = $timeFacory;
$this->tokenProvider = $tokenProvider;
- $this->tokenProviders = $tokenProviders;
}
/**
- * @param DefaultTokenProvider $provider
+ * @param IProvider $provider
*/
- public function setTokenProvider(DefaultTokenProvider $provider) {
+ public function setTokenProvider(IProvider $provider) {
$this->tokenProvider = $provider;
}
@@ -246,7 +228,7 @@ class Session implements IUserSession, Emitter {
}
// Session is valid, so the token can be refreshed
- $this->updateToken($this->tokenProvider, $token);
+ $this->updateToken($token);
}
/**
@@ -418,34 +400,31 @@ class Session implements IUserSession, Emitter {
* @return boolean
*/
private function validateToken($token) {
- foreach ($this->tokenProviders as $provider) {
- try {
- $token = $provider->validateToken($token);
- if (!is_null($token)) {
- $result = $this->loginWithToken($token->getUID());
- if ($result) {
- // Login success
- $this->updateToken($provider, $token);
- return true;
- }
+ try {
+ $token = $this->tokenProvider->validateToken($token);
+ if (!is_null($token)) {
+ $result = $this->loginWithToken($token->getUID());
+ if ($result) {
+ // Login success
+ $this->updateToken($token);
+ return true;
}
- } catch (InvalidTokenException $ex) {
-
}
+ } catch (InvalidTokenException $ex) {
+
}
return false;
}
/**
- * @param IProvider $provider
* @param IToken $token
*/
- private function updateToken(IProvider $provider, IToken $token) {
+ private function updateToken(IToken $token) {
// To save unnecessary DB queries, this is only done once a minute
$lastTokenUpdate = $this->session->get('last_token_update') ? : 0;
$now = $this->timeFacory->getTime();
if ($lastTokenUpdate < ($now - 60)) {
- $provider->updateToken($token);
+ $this->tokenProvider->updateToken($token);
$this->session->set('last_token_update', $now);
}
}