diff options
author | Joas Schilling <coding@schilljs.com> | 2023-08-16 17:40:38 +0200 |
---|---|---|
committer | Joas Schilling <coding@schilljs.com> | 2023-08-23 06:44:08 +0200 |
commit | 759fc11f39839801e75a46ea619508b587448727 (patch) | |
tree | 6299c12f21407af5ac9a043130a397c154bab240 /lib | |
parent | b5dbb4d9f2f0c3b8ccfa16704cdcb7abf231d56e (diff) | |
download | nextcloud-server-759fc11f39839801e75a46ea619508b587448727.tar.gz nextcloud-server-759fc11f39839801e75a46ea619508b587448727.zip |
fix: Make bypass function public API
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/Security/Bruteforce/Capabilities.php | 5 | ||||
-rw-r--r-- | lib/private/Security/Bruteforce/Throttler.php | 10 | ||||
-rw-r--r-- | lib/public/Security/Bruteforce/IThrottler.php | 10 |
3 files changed, 18 insertions, 7 deletions
diff --git a/lib/private/Security/Bruteforce/Capabilities.php b/lib/private/Security/Bruteforce/Capabilities.php index 4eada3d05f5..b50eea0b7af 100644 --- a/lib/private/Security/Bruteforce/Capabilities.php +++ b/lib/private/Security/Bruteforce/Capabilities.php @@ -32,11 +32,12 @@ namespace OC\Security\Bruteforce; use OCP\Capabilities\IPublicCapability; use OCP\Capabilities\IInitialStateExcludedCapability; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; class Capabilities implements IPublicCapability, IInitialStateExcludedCapability { public function __construct( private IRequest $request, - private Throttler $throttler, + private IThrottler $throttler, ) { } @@ -47,7 +48,7 @@ class Capabilities implements IPublicCapability, IInitialStateExcludedCapability return [ 'bruteforce' => [ 'delay' => $this->throttler->getDelay($this->request->getRemoteAddress()), - 'allow-listed' => $this->throttler->isIPWhitelisted($this->request->getRemoteAddress()), + 'allow-listed' => $this->throttler->isBypassListed($this->request->getRemoteAddress()), ], ]; } diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index ce70d091f7c..a0cc5ae4ecb 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -80,7 +80,7 @@ class Throttler implements IThrottler { } $ipAddress = new IpAddress($ip); - if ($this->isIPWhitelisted((string)$ipAddress)) { + if ($this->isBypassListed((string)$ipAddress)) { return; } @@ -110,7 +110,7 @@ class Throttler implements IThrottler { * @param string $ip * @return bool */ - public function isIPWhitelisted(string $ip): bool { + public function isBypassListed(string $ip): bool { if (isset($this->ipIsWhitelisted[$ip])) { return $this->ipIsWhitelisted[$ip]; } @@ -200,7 +200,7 @@ class Throttler implements IThrottler { } $ipAddress = new IpAddress($ip); - if ($this->isIPWhitelisted((string)$ipAddress)) { + if ($this->isBypassListed((string)$ipAddress)) { return 0; } @@ -245,7 +245,7 @@ class Throttler implements IThrottler { } $ipAddress = new IpAddress($ip); - if ($this->isIPWhitelisted((string)$ipAddress)) { + if ($this->isBypassListed((string)$ipAddress)) { return; } @@ -268,7 +268,7 @@ class Throttler implements IThrottler { } $ipAddress = new IpAddress($ip); - if ($this->isIPWhitelisted((string)$ipAddress)) { + if ($this->isBypassListed((string)$ipAddress)) { return; } diff --git a/lib/public/Security/Bruteforce/IThrottler.php b/lib/public/Security/Bruteforce/IThrottler.php index 03c8c56a23c..620a53fd354 100644 --- a/lib/public/Security/Bruteforce/IThrottler.php +++ b/lib/public/Security/Bruteforce/IThrottler.php @@ -66,6 +66,16 @@ interface IThrottler { */ public function registerAttempt(string $action, string $ip, array $metadata = []): void; + + /** + * Check if the IP is allowed to bypass the brute force protection + * + * @param string $ip + * @return bool + * @since 28.0.0 + */ + public function isBypassListed(string $ip): bool; + /** * Get the throttling delay (in milliseconds) * |