techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25

Signed-off-by: Joas Schilling <coding@schilljs.com>
author: Joas Schilling <coding@schilljs.com> 2023-08-28 15:50:45 +0200
committer: Joas Schilling <coding@schilljs.com> 2023-08-28 15:50:45 +0200
commit: 25309bcb45232bf30fe719bac1776f0136f7cd7a (patch)
tree: 7cfa6dacd42f22a854b895c2ae5853ff1725d96b /lib
parent: ac3d7e3a7e9848c5e134b79f481d73416cc810f4 (diff)
download: nextcloud-server-25309bcb45232bf30fe719bac1776f0136f7cd7a.tar.gz
nextcloud-server-25309bcb45232bf30fe719bac1776f0136f7cd7a.zip
7 files changed, 20 insertions, 24 deletions
diff --git a/lib/base.php b/lib/base.php
index b328165fdfa..7153e481eda 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -74,6 +74,7 @@ use OCP\ILogger;
 use OCP\IRequest;
 use OCP\IURLGenerator;
 use OCP\IUserSession;
+use OCP\Security\Bruteforce\IThrottler;
 use OCP\Server;
 use OCP\Share;
 use OCP\User\Events\UserChangedEvent;
@@ -871,7 +872,7 @@ class OC {
 					// reset brute force delay for this IP address and username
 					$uid = $userSession->getUser()->getUID();
 					$request = Server::get(IRequest::class);
-					$throttler = Server::get(\OC\Security\Bruteforce\Throttler::class);
+					$throttler = Server::get(IThrottler::class);
 					$throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]);
 				}
 
@@ -1149,7 +1150,7 @@ class OC {
 			&& $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) {
 			return true;
 		}
-		if ($userSession->tryBasicAuthLogin($request, Server::get(\OC\Security\Bruteforce\Throttler::class))) {
+		if ($userSession->tryBasicAuthLogin($request, Server::get(IThrottler::class))) {
 			return true;
 		}
 		return false;
diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php
index 9a9740b7bcc..a012d1e8ea6 100644
--- a/lib/private/AppFramework/DependencyInjection/DIContainer.php
+++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php
@@ -72,6 +72,7 @@ use OCP\IServerContainer;
 use OCP\ISession;
 use OCP\IURLGenerator;
 use OCP\IUserSession;
+use OCP\Security\Bruteforce\IThrottler;
 use Psr\Container\ContainerInterface;
 use Psr\Log\LoggerInterface;
 
@@ -233,7 +234,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
 					$c->get(IRequest::class),
 					$c->get(IControllerMethodReflector::class),
 					$c->get(IUserSession::class),
-					$c->get(OC\Security\Bruteforce\Throttler::class)
+					$c->get(IThrottler::class)
 				)
 			);
 			$dispatcher->registerMiddleware(
@@ -291,7 +292,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
 			$dispatcher->registerMiddleware(
 				new OC\AppFramework\Middleware\Security\BruteForceMiddleware(
 					$c->get(IControllerMethodReflector::class),
-					$c->get(OC\Security\Bruteforce\Throttler::class),
+					$c->get(IThrottler::class),
 					$c->get(IRequest::class),
 					$c->get(LoggerInterface::class)
 				)
@@ -309,7 +310,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
 					$c->get(IRequest::class),
 					$c->get(ISession::class),
 					$c->get(\OCP\IConfig::class),
-					$c->get(OC\Security\Bruteforce\Throttler::class)
+					$c->get(IThrottler::class)
 				)
 			);
 			$dispatcher->registerMiddleware(
diff --git a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
index f20bd333452..7acb579938b 100644
--- a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
+++ b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
@@ -24,7 +24,6 @@
 namespace OC\AppFramework\Middleware\PublicShare;
 
 use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException;
-use OC\Security\Bruteforce\Throttler;
 use OCP\AppFramework\AuthPublicShareController;
 use OCP\AppFramework\Http\NotFoundResponse;
 use OCP\AppFramework\Middleware;
@@ -33,6 +32,7 @@ use OCP\Files\NotFoundException;
 use OCP\IConfig;
 use OCP\IRequest;
 use OCP\ISession;
+use OCP\Security\Bruteforce\IThrottler;
 
 class PublicShareMiddleware extends Middleware {
 	/** @var IRequest */
@@ -44,10 +44,10 @@ class PublicShareMiddleware extends Middleware {
 	/** @var IConfig */
 	private $config;
 
-	/** @var Throttler */
+	/** @var IThrottler */
 	private $throttler;
 
-	public function __construct(IRequest $request, ISession $session, IConfig $config, Throttler $throttler) {
+	public function __construct(IRequest $request, ISession $session, IConfig $config, IThrottler $throttler) {
 		$this->request = $request;
 		$this->session = $session;
 		$this->config = $config;
diff --git a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php
index a0b915588ad..574e86a9ca2 100644
--- a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php
@@ -29,7 +29,6 @@ declare(strict_types=1);
 namespace OC\AppFramework\Middleware\Security;
 
 use OC\AppFramework\Utility\ControllerMethodReflector;
-use OC\Security\Bruteforce\Throttler;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\BruteForceProtection;
@@ -39,6 +38,7 @@ use OCP\AppFramework\Middleware;
 use OCP\AppFramework\OCS\OCSException;
 use OCP\AppFramework\OCSController;
 use OCP\IRequest;
+use OCP\Security\Bruteforce\IThrottler;
 use OCP\Security\Bruteforce\MaxDelayReached;
 use Psr\Log\LoggerInterface;
 use ReflectionMethod;
@@ -55,7 +55,7 @@ class BruteForceMiddleware extends Middleware {
 
 	public function __construct(
 		protected ControllerMethodReflector $reflector,
-		protected Throttler $throttler,
+		protected IThrottler $throttler,
 		protected IRequest $request,
 		protected LoggerInterface $logger,
 	) {
diff --git a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php
index e177a612d96..8bdacf550b6 100644
--- a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php
+++ b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php
@@ -29,7 +29,6 @@ namespace OC\AppFramework\Middleware\Security;
 use OC\AppFramework\Middleware\Security\Exceptions\SecurityException;
 use OC\AppFramework\Utility\ControllerMethodReflector;
 use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
-use OC\Security\Bruteforce\Throttler;
 use OC\User\Session;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
@@ -39,6 +38,7 @@ use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Middleware;
 use OCP\IRequest;
+use OCP\Security\Bruteforce\IThrottler;
 use ReflectionMethod;
 
 /**
@@ -54,19 +54,13 @@ class CORSMiddleware extends Middleware {
 	private $reflector;
 	/** @var Session */
 	private $session;
-	/** @var Throttler */
+	/** @var IThrottler */
 	private $throttler;
 
-	/**
-	 * @param IRequest $request
-	 * @param ControllerMethodReflector $reflector
-	 * @param Session $session
-	 * @param Throttler $throttler
-	 */
 	public function __construct(IRequest $request,
 								ControllerMethodReflector $reflector,
 								Session $session,
-								Throttler $throttler) {
+								IThrottler $throttler) {
 		$this->request = $request;
 		$this->reflector = $reflector;
 		$this->session = $session;
diff --git a/lib/private/Server.php b/lib/private/Server.php
index 7a2987759a4..e8ade23d8fe 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -2106,7 +2106,7 @@ class Server extends ServerContainer implements IServerContainer {
 	}
 
 	/**
-	 * @return Throttler
+	 * @return IThrottler
 	 * @deprecated 20.0.0
 	 */
 	public function getBruteForceThrottler() {
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index e7075bce47a..82887f8d029 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -419,7 +419,7 @@ class Session implements IUserSession, Emitter {
 	 * @param string $user
 	 * @param string $password
 	 * @param IRequest $request
-	 * @param OC\Security\Bruteforce\Throttler $throttler
+	 * @param IThrottler $throttler
 	 * @throws LoginException
 	 * @throws PasswordLoginForbiddenException
 	 * @return boolean
@@ -427,7 +427,7 @@ class Session implements IUserSession, Emitter {
 	public function logClientIn($user,
 								$password,
 								IRequest $request,
-								OC\Security\Bruteforce\Throttler $throttler) {
+								IThrottler $throttler) {
 		$remoteAddress = $request->getRemoteAddress();
 		$currentDelay = $throttler->sleepDelayOrThrowOnMax($remoteAddress, 'login');
 
@@ -572,11 +572,11 @@ class Session implements IUserSession, Emitter {
 	 *
 	 * @todo do not allow basic auth if the user is 2FA enforced
 	 * @param IRequest $request
-	 * @param OC\Security\Bruteforce\Throttler $throttler
+	 * @param IThrottler $throttler
 	 * @return boolean if the login was successful
 	 */
 	public function tryBasicAuthLogin(IRequest $request,
-									  OC\Security\Bruteforce\Throttler $throttler) {
+									  IThrottler $throttler) {
 		if (!empty($request->server['PHP_AUTH_USER']) && !empty($request->server['PHP_AUTH_PW'])) {
 			try {
 				if ($this->logClientIn($request->server['PHP_AUTH_USER'], $request->server['PHP_AUTH_PW'], $request, $throttler)) {
author	Joas Schilling <coding@schilljs.com>	2023-08-28 15:50:45 +0200
committer	Joas Schilling <coding@schilljs.com>	2023-08-28 15:50:45 +0200
commit	25309bcb45232bf30fe719bac1776f0136f7cd7a (patch)
tree	7cfa6dacd42f22a854b895c2ae5853ff1725d96b /lib
parent	ac3d7e3a7e9848c5e134b79f481d73416cc810f4 (diff)
download	nextcloud-server-25309bcb45232bf30fe719bac1776f0136f7cd7a.tar.gz nextcloud-server-25309bcb45232bf30fe719bac1776f0136f7cd7a.zip