diff options
| author | Bjoern Schiessle <bjoern@schiessle.org> | 2017-04-21 12:09:42 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2017-04-28 23:41:36 -0300 |
| commit | cbf5acca45388a44e22410abcd25a19d86fa68ee (patch) | |
| tree | f0400c78fe1104d3d664a3442528bc9d6f6c3fa6 /settings/Controller/UsersController.php | |
| parent | 6f41a3edc0bb7a297a28f3e5fa81fb68e3d71a1f (diff) | |
| download | nextcloud-server-cbf5acca45388a44e22410abcd25a19d86fa68ee.tar.gz nextcloud-server-cbf5acca45388a44e22410abcd25a19d86fa68ee.zip | |
check verification proof and update account table
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
Diffstat (limited to 'settings/Controller/UsersController.php')
| -rw-r--r-- | settings/Controller/UsersController.php | 62 |
1 files changed, 54 insertions, 8 deletions
diff --git a/settings/Controller/UsersController.php b/settings/Controller/UsersController.php index e80c4956bcb..41433ea8363 100644 --- a/settings/Controller/UsersController.php +++ b/settings/Controller/UsersController.php @@ -38,6 +38,8 @@ use OC\Security\IdentityProof\Manager; use OCP\App\IAppManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\Utility\ITimeFactory; +use OCP\BackgroundJob\IJobList; use OCP\IConfig; use OCP\IGroupManager; use OCP\IL10N; @@ -49,6 +51,7 @@ use OCP\IUserManager; use OCP\IUserSession; use OCP\Mail\IMailer; use OCP\IAvatarManager; +use OCP\Security\ICrypto; use OCP\Security\ISecureRandom; /** @@ -89,7 +92,8 @@ class UsersController extends Controller { private $crypto; /** @var Manager */ private $keyManager; - + /** @var IJobList */ + private $jobList; /** * @param string $appName @@ -111,6 +115,7 @@ class UsersController extends Controller { * @param ITimeFactory $timeFactory * @param ICrypto $crypto * @param Manager $keyManager + * @param IJobList $jobList */ public function __construct($appName, IRequest $request, @@ -130,7 +135,8 @@ class UsersController extends Controller { NewUserMailHelper $newUserMailHelper, ITimeFactory $timeFactory, ICrypto $crypto, - Manager $keyManager) { + Manager $keyManager, + IJobList $jobList) { parent::__construct($appName, $request); $this->userManager = $userManager; $this->groupManager = $groupManager; @@ -147,6 +153,7 @@ class UsersController extends Controller { $this->timeFactory = $timeFactory; $this->crypto = $crypto; $this->keyManager = $keyManager; + $this->jobList = $jobList; // check for encryption state - TODO see formatUserForIndex $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('encryption'); @@ -524,22 +531,24 @@ class UsersController extends Controller { $accountData = $this->accountManager->getUser($user); $cloudId = $user->getCloudId(); $message = "Use my Federated Cloud ID to share with me: " . $cloudId; - $privateKey = $this->keyManager->getKey($user)->getPrivate(); - openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512); - $signatureBase64 = base64_encode($signature); + $signature = $this->signMessage($user, $message); - $code = $message . ' ' . $signatureBase64; - $codeMd5 = $message . ' ' . md5($signatureBase64); + $code = $message . ' ' . $signature; + $codeMd5 = $message . ' ' . md5($signature); switch ($account) { case 'verify-twitter': $accountData[AccountManager::PROPERTY_TWITTER]['verified'] = AccountManager::VERIFICATION_IN_PROGRESS; $msg = $this->l10n->t('In order to verify your Twitter account post following tweet on Twitter:'); $code = $codeMd5; + $type = AccountManager::PROPERTY_TWITTER; + $data = $accountData[AccountManager::PROPERTY_TWITTER]['value']; break; case 'verify-website': $accountData[AccountManager::PROPERTY_WEBSITE]['verified'] = AccountManager::VERIFICATION_IN_PROGRESS; - $msg = $this->l10n->t('In order to verify your Website store following content in your webroot at \'CloudIdVerificationCode.txt\':'); + $msg = $this->l10n->t('In order to verify your Website store following content in your web-root at \'CloudIdVerificationCode.txt\':'); + $type = AccountManager::PROPERTY_WEBSITE; + $data = $accountData[AccountManager::PROPERTY_WEBSITE]['value']; break; default: return new DataResponse([], Http::STATUS_BAD_REQUEST); @@ -547,10 +556,47 @@ class UsersController extends Controller { $this->accountManager->updateUser($user, $accountData); + + $this->jobList->add('OC\Settings\BackgroundJobs\VerifyUserData', + [ + 'verificationCode' => $code, + 'data' => $data, + 'type' => $type, + 'uid' => $user->getUID(), + 'try' => 0, + 'lastRun' => $this->getCurrentTime() + ] + ); + return new DataResponse(['msg' => $msg, 'code' => $code]); } /** + * get current timestamp + * + * @return int + */ + protected function getCurrentTime() { + return time(); + } + + /** + * sign message with users private key + * + * @param IUser $user + * @param string $message + * + * @return string base64 encoded signature + */ + protected function signMessage(IUser $user, $message) { + $privateKey = $this->keyManager->getKey($user)->getPrivate(); + openssl_sign(json_encode($message), $signature, $privateKey, OPENSSL_ALGO_SHA512); + $signatureBase64 = base64_encode($signature); + + return $signatureBase64; + } + + /** * @NoAdminRequired * @NoSubadminRequired * @PasswordConfirmationRequired |