diff options
-rw-r--r-- | apps/oauth2/lib/Controller/OauthApiController.php | 6 | ||||
-rw-r--r-- | apps/oauth2/lib/Db/AccessToken.php | 8 | ||||
-rw-r--r-- | apps/oauth2/lib/Db/AccessTokenMapper.php | 2 | ||||
-rw-r--r-- | apps/oauth2/lib/Migration/Version011603Date20230620111039.php | 6 | ||||
-rw-r--r-- | apps/oauth2/tests/Controller/OauthApiControllerTest.php | 18 | ||||
-rw-r--r-- | core/Controller/ClientFlowLoginController.php | 2 |
6 files changed, 21 insertions, 21 deletions
diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php index ecf0062918b..bb0f180bff9 100644 --- a/apps/oauth2/lib/Controller/OauthApiController.php +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -126,15 +126,15 @@ class OauthApiController extends Controller { // check authorization code expiration $now = $this->timeFactory->now()->getTimestamp(); - $tokenCreatedAt = $accessToken->getCreatedAt(); - if ($tokenCreatedAt < $now - self::AUTHORIZATION_CODE_EXPIRES_AFTER) { + $codeCreatedAt = $accessToken->getCodeCreatedAt(); + if ($codeCreatedAt < $now - self::AUTHORIZATION_CODE_EXPIRES_AFTER) { // we know this token is not useful anymore $this->accessTokenMapper->delete($accessToken); $response = new JSONResponse([ 'error' => 'invalid_request', ], Http::STATUS_BAD_REQUEST); - $expiredSince = $now - self::AUTHORIZATION_CODE_EXPIRES_AFTER - $tokenCreatedAt; + $expiredSince = $now - self::AUTHORIZATION_CODE_EXPIRES_AFTER - $codeCreatedAt; $response->throttle(['invalid_request' => 'authorization_code_expired', 'expired_since' => $expiredSince]); return $response; } diff --git a/apps/oauth2/lib/Db/AccessToken.php b/apps/oauth2/lib/Db/AccessToken.php index 5fbfb87bc8b..1a31b4c2504 100644 --- a/apps/oauth2/lib/Db/AccessToken.php +++ b/apps/oauth2/lib/Db/AccessToken.php @@ -34,8 +34,8 @@ use OCP\AppFramework\Db\Entity; * @method void setEncryptedToken(string $token) * @method string getHashedCode() * @method void setHashedCode(string $token) - * @method int getCreatedAt() - * @method void setCreatedAt(int $createdAt) + * @method int getCodeCreatedAt() + * @method void setCodeCreatedAt(int $createdAt) * @method int getTokenCount() * @method void setTokenCount(int $tokenCount) */ @@ -49,7 +49,7 @@ class AccessToken extends Entity { /** @var string */ protected $encryptedToken; /** @var int */ - protected $createdAt; + protected $codeCreatedAt; /** @var int */ protected $tokenCount; @@ -59,7 +59,7 @@ class AccessToken extends Entity { $this->addType('clientId', 'int'); $this->addType('hashedCode', 'string'); $this->addType('encryptedToken', 'string'); - $this->addType('created_at', 'int'); + $this->addType('code_created_at', 'int'); $this->addType('token_count', 'int'); } } diff --git a/apps/oauth2/lib/Db/AccessTokenMapper.php b/apps/oauth2/lib/Db/AccessTokenMapper.php index c62fc4d2b5f..0347a43d7c6 100644 --- a/apps/oauth2/lib/Db/AccessTokenMapper.php +++ b/apps/oauth2/lib/Db/AccessTokenMapper.php @@ -99,7 +99,7 @@ class AccessTokenMapper extends QBMapper { $qb ->delete($this->tableName) ->where($qb->expr()->eq('token_count', $qb->createNamedParameter(0, IQueryBuilder::PARAM_INT))) - ->andWhere($qb->expr()->lt('created_at', $qb->createNamedParameter($maxTokenCreationTs, IQueryBuilder::PARAM_INT))); + ->andWhere($qb->expr()->lt('code_created_at', $qb->createNamedParameter($maxTokenCreationTs, IQueryBuilder::PARAM_INT))); $qb->executeStatement(); } } diff --git a/apps/oauth2/lib/Migration/Version011603Date20230620111039.php b/apps/oauth2/lib/Migration/Version011603Date20230620111039.php index 06cc4db5ab3..02dd8a38aab 100644 --- a/apps/oauth2/lib/Migration/Version011603Date20230620111039.php +++ b/apps/oauth2/lib/Migration/Version011603Date20230620111039.php @@ -47,8 +47,8 @@ class Version011603Date20230620111039 extends SimpleMigrationStep { if ($schema->hasTable('oauth2_access_tokens')) { $table = $schema->getTable('oauth2_access_tokens'); $dbChanged = false; - if (!$table->hasColumn('created_at')) { - $table->addColumn('created_at', Types::BIGINT, [ + if (!$table->hasColumn('code_created_at')) { + $table->addColumn('code_created_at', Types::BIGINT, [ 'notnull' => true, 'default' => 0, ]); @@ -62,7 +62,7 @@ class Version011603Date20230620111039 extends SimpleMigrationStep { $dbChanged = true; } if (!$table->hasIndex('oauth2_tk_c_created_idx')) { - $table->addIndex(['token_count', 'created_at'], 'oauth2_tk_c_created_idx'); + $table->addIndex(['token_count', 'code_created_at'], 'oauth2_tk_c_created_idx'); $dbChanged = true; } if ($dbChanged) { diff --git a/apps/oauth2/tests/Controller/OauthApiControllerTest.php b/apps/oauth2/tests/Controller/OauthApiControllerTest.php index 2ff49b92fa7..eec38890e05 100644 --- a/apps/oauth2/tests/Controller/OauthApiControllerTest.php +++ b/apps/oauth2/tests/Controller/OauthApiControllerTest.php @@ -127,7 +127,7 @@ class OauthApiControllerTest extends TestCase { } public function testGetTokenExpiredCode() { - $tokenCreatedAt = 100; + $codeCreatedAt = 100; $expiredSince = 123; $expected = new JSONResponse([ @@ -137,13 +137,13 @@ class OauthApiControllerTest extends TestCase { $accessToken = new AccessToken(); $accessToken->setClientId(42); - $accessToken->setCreatedAt($tokenCreatedAt); + $accessToken->setCodeCreatedAt($codeCreatedAt); $this->accessTokenMapper->method('getByCode') ->with('validcode') ->willReturn($accessToken); - $tsNow = $tokenCreatedAt + OauthApiController::AUTHORIZATION_CODE_EXPIRES_AFTER + $expiredSince; + $tsNow = $codeCreatedAt + OauthApiController::AUTHORIZATION_CODE_EXPIRES_AFTER + $expiredSince; $dateNow = (new \DateTimeImmutable())->setTimestamp($tsNow); $this->timeFactory->method('now') ->willReturn($dateNow); @@ -154,7 +154,7 @@ class OauthApiControllerTest extends TestCase { public function testGetTokenWithCodeForActiveToken() { // if a token has already delivered oauth tokens, // it should not be possible to get a new oauth token from a valid authorization code - $tokenCreatedAt = 100; + $codeCreatedAt = 100; $expected = new JSONResponse([ 'error' => 'invalid_request', @@ -163,14 +163,14 @@ class OauthApiControllerTest extends TestCase { $accessToken = new AccessToken(); $accessToken->setClientId(42); - $accessToken->setCreatedAt($tokenCreatedAt); + $accessToken->setCodeCreatedAt($codeCreatedAt); $accessToken->setTokenCount(1); $this->accessTokenMapper->method('getByCode') ->with('validcode') ->willReturn($accessToken); - $tsNow = $tokenCreatedAt + 1; + $tsNow = $codeCreatedAt + 1; $dateNow = (new \DateTimeImmutable())->setTimestamp($tsNow); $this->timeFactory->method('now') ->willReturn($dateNow); @@ -181,7 +181,7 @@ class OauthApiControllerTest extends TestCase { public function testGetTokenClientDoesNotExist() { // In this test, the token's authorization code is valid and has not expired // and we check what happens when the associated Oauth client does not exist - $tokenCreatedAt = 100; + $codeCreatedAt = 100; $expected = new JSONResponse([ 'error' => 'invalid_request', @@ -190,14 +190,14 @@ class OauthApiControllerTest extends TestCase { $accessToken = new AccessToken(); $accessToken->setClientId(42); - $accessToken->setCreatedAt($tokenCreatedAt); + $accessToken->setCodeCreatedAt($codeCreatedAt); $this->accessTokenMapper->method('getByCode') ->with('validcode') ->willReturn($accessToken); // 'now' is before the token's authorization code expiration - $tsNow = $tokenCreatedAt + OauthApiController::AUTHORIZATION_CODE_EXPIRES_AFTER - 1; + $tsNow = $codeCreatedAt + OauthApiController::AUTHORIZATION_CODE_EXPIRES_AFTER - 1; $dateNow = (new \DateTimeImmutable())->setTimestamp($tsNow); $this->timeFactory->method('now') ->willReturn($dateNow); diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index 05321c9222a..0a073a586e4 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -289,7 +289,7 @@ class ClientFlowLoginController extends Controller { $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code)); $accessToken->setHashedCode(hash('sha512', $code)); $accessToken->setTokenId($generatedToken->getId()); - $accessToken->setCreatedAt($this->timeFactory->now()->getTimestamp()); + $accessToken->setCodeCreatedAt($this->timeFactory->now()->getTimestamp()); $this->accessTokenMapper->insert($accessToken); $redirectUri = $client->getRedirectUri(); |