add verification dialog

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>

1 files changed, 54 insertions, 1 deletions

diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php
index b42d4faa569..c9194d85308 100644
--- a/settings/Controller/UsersController.php
+++ b/settings/Controller/UsersController.php
@@ -34,6 +34,7 @@ use OC\Accounts\AccountManager;
 use OC\AppFramework\Http;
 use OC\ForbiddenException;
 use OC\Settings\Mailer\NewUserMailHelper;
+use OC\Security\IdentityProof\Manager;
 use OCP\App\IAppManager;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\DataResponse;
@@ -82,6 +83,13 @@ class UsersController extends Controller {
 	private $secureRandom;
 	/** @var NewUserMailHelper */
 	private $newUserMailHelper;
+	/** @var ITimeFactory */
+	private $timeFactory;
+	/** @var ICrypto */
+	private $crypto;
+	/** @var Manager */
+	private $keyManager;
+
 
 	/**
 	 * @param string $appName
@@ -100,6 +108,9 @@ class UsersController extends Controller {
 	 * @param AccountManager $accountManager
 	 * @param ISecureRandom $secureRandom
 	 * @param NewUserMailHelper $newUserMailHelper
+	 * @param ITimeFactory $timeFactory
+	 * @param ICrypto $crypto
+	 * @param Manager $keyManager
 	 */
 	public function __construct($appName,
 								IRequest $request,
@@ -116,7 +127,10 @@ class UsersController extends Controller {
 								IAvatarManager $avatarManager,
 								AccountManager $accountManager,
 								ISecureRandom $secureRandom,
-								NewUserMailHelper $newUserMailHelper) {
+								NewUserMailHelper $newUserMailHelper,
+								ITimeFactory $timeFactory,
+								ICrypto $crypto,
+								Manager $keyManager) {
 		parent::__construct($appName, $request);
 		$this->userManager = $userManager;
 		$this->groupManager = $groupManager;
@@ -130,6 +144,9 @@ class UsersController extends Controller {
 		$this->accountManager = $accountManager;
 		$this->secureRandom = $secureRandom;
 		$this->newUserMailHelper = $newUserMailHelper;
+		$this->timeFactory = $timeFactory;
+		$this->crypto = $crypto;
+		$this->keyManager = $keyManager;
 
 		// check for encryption state - TODO see formatUserForIndex
 		$this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption');
@@ -493,6 +510,42 @@ class UsersController extends Controller {
 	 * @NoSubadminRequired
 	 * @PasswordConfirmationRequired
 	 *
+	 * @param string $account
+	 * @return DataResponse
+	 */
+	public function getVerificationCode($account) {
+
+		$user = $this->userSession->getUser();
+		$cloudId = $user->getCloudId();
+		$message = "Use my Federated Cloud ID to share with me: " . $cloudId;
+		$privateKey = $this->keyManager->getKey($user)->getPrivate();
+		openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512);
+		$signatureBase64 = base64_encode($signature);
+
+		$code = $message . ' ' . $signatureBase64;
+		$codeMd5 = $message . ' ' . md5($signatureBase64);
+
+		switch ($account) {
+			case 'verify-twitter':
+				$msg = $this->l10n->t('In order to verify your Twitter account post following tweet on Twitter:');
+				$code = $codeMd5;
+				break;
+			case 'verify-website':
+				$msg = $this->l10n->t('In order to verify your Website store following content in your webroot at \'CloudIdVerificationCode.txt\':');
+				break;
+			default:
+				return new DataResponse([], Http::STATUS_BAD_REQUEST);
+				break;
+		}
+
+		return new DataResponse(['msg' => $msg, 'code' => $code]);
+	}
+
+	/**
+	 * @NoAdminRequired
+	 * @NoSubadminRequired
+	 * @PasswordConfirmationRequired
+	 *
 	 * @param string $avatarScope
 	 * @param string $displayname
 	 * @param string $displaynameScope