summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/private/Authentication/Token/DefaultTokenMapper.php15
-rw-r--r--lib/private/Authentication/Token/DefaultTokenProvider.php23
-rw-r--r--lib/private/Authentication/Token/IProvider.php9
-rw-r--r--lib/private/Authentication/Token/Manager.php8
-rw-r--r--lib/private/Authentication/Token/PublicKeyTokenMapper.php15
-rw-r--r--lib/private/Authentication/Token/PublicKeyTokenProvider.php8
-rw-r--r--settings/Controller/AuthSettingsController.php13
-rw-r--r--tests/Settings/Controller/AuthSettingsControllerTest.php12
-rw-r--r--tests/lib/Authentication/Token/DefaultTokenMapperTest.php28
9 files changed, 34 insertions, 97 deletions
diff --git a/lib/private/Authentication/Token/DefaultTokenMapper.php b/lib/private/Authentication/Token/DefaultTokenMapper.php
index 0a3f32ffb46..02964e3f59c 100644
--- a/lib/private/Authentication/Token/DefaultTokenMapper.php
+++ b/lib/private/Authentication/Token/DefaultTokenMapper.php
@@ -33,7 +33,6 @@ use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Db\QBMapper;
use OCP\DB\QueryBuilder\IQueryBuilder;
use OCP\IDBConnection;
-use OCP\IUser;
class DefaultTokenMapper extends QBMapper {
@@ -124,15 +123,15 @@ class DefaultTokenMapper extends QBMapper {
* The provider may limit the number of result rows in case of an abuse
* where a high number of (session) tokens is generated
*
- * @param IUser $user
+ * @param string $uid
* @return DefaultToken[]
*/
- public function getTokenByUser(IUser $user): array {
+ public function getTokenByUser(string $uid): array {
/* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder();
$qb->select('id', 'uid', 'login_name', 'password', 'name', 'token', 'type', 'remember', 'last_activity', 'last_check', 'scope', 'expires', 'version')
->from('authtoken')
- ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+ ->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(1, IQueryBuilder::PARAM_INT)))
->setMaxResults(1000);
$result = $qb->execute();
@@ -146,16 +145,12 @@ class DefaultTokenMapper extends QBMapper {
return $entities;
}
- /**
- * @param IUser $user
- * @param int $id
- */
- public function deleteById(IUser $user, int $id) {
+ public function deleteById(string $uid, int $id) {
/* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder();
$qb->delete('authtoken')
->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
- ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+ ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(1, IQueryBuilder::PARAM_INT)));
$qb->execute();
}
diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php
index 7a43dbb23e1..ed3c14c1745 100644
--- a/lib/private/Authentication/Token/DefaultTokenProvider.php
+++ b/lib/private/Authentication/Token/DefaultTokenProvider.php
@@ -143,17 +143,8 @@ class DefaultTokenProvider implements IProvider {
}
}
- /**
- * Get all tokens of a user
- *
- * The provider may limit the number of result rows in case of an abuse
- * where a high number of (session) tokens is generated
- *
- * @param IUser $user
- * @return IToken[]
- */
- public function getTokenByUser(IUser $user): array {
- return $this->mapper->getTokenByUser($user);
+ public function getTokenByUser(string $uid): array {
+ return $this->mapper->getTokenByUser($uid);
}
/**
@@ -265,14 +256,8 @@ class DefaultTokenProvider implements IProvider {
$this->mapper->invalidate($this->hashToken($token));
}
- /**
- * Invalidate (delete) the given token
- *
- * @param IUser $user
- * @param int $id
- */
- public function invalidateTokenById(IUser $user, int $id) {
- $this->mapper->deleteById($user, $id);
+ public function invalidateTokenById(string $uid, int $id) {
+ $this->mapper->deleteById($uid, $id);
}
/**
diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php
index 0efffefac68..ab46bd12126 100644
--- a/lib/private/Authentication/Token/IProvider.php
+++ b/lib/private/Authentication/Token/IProvider.php
@@ -28,7 +28,6 @@ namespace OC\Authentication\Token;
use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Exceptions\PasswordlessTokenException;
-use OCP\IUser;
interface IProvider {
@@ -92,10 +91,10 @@ interface IProvider {
/**
* Invalidate (delete) the given token
*
- * @param IUser $user
+ * @param string $uid
* @param int $id
*/
- public function invalidateTokenById(IUser $user, int $id);
+ public function invalidateTokenById(string $uid, int $id);
/**
* Invalidate (delete) old session tokens
@@ -122,10 +121,10 @@ interface IProvider {
* The provider may limit the number of result rows in case of an abuse
* where a high number of (session) tokens is generated
*
- * @param IUser $user
+ * @param string $uid
* @return IToken[]
*/
- public function getTokenByUser(IUser $user): array;
+ public function getTokenByUser(string $uid): array;
/**
* Get the (unencrypted) password of the given token
diff --git a/lib/private/Authentication/Token/Manager.php b/lib/private/Authentication/Token/Manager.php
index 85fe91cdf14..7ec90e92ed0 100644
--- a/lib/private/Authentication/Token/Manager.php
+++ b/lib/private/Authentication/Token/Manager.php
@@ -104,8 +104,8 @@ class Manager implements IProvider {
* @param IUser $user
* @return IToken[]
*/
- public function getTokenByUser(IUser $user): array {
- return $this->defaultTokenProvider->getTokenByUser($user);
+ public function getTokenByUser(string $uid): array {
+ return $this->defaultTokenProvider->getTokenByUser($uid);
}
/**
@@ -188,9 +188,9 @@ class Manager implements IProvider {
* @param IUser $user
* @param int $id
*/
- public function invalidateTokenById(IUser $user, int $id) {
+ public function invalidateTokenById(string $uid, int $id) {
//TODO find way to distinguis between tokens
- $this->defaultTokenProvider->invalidateTokenById($user, $id);
+ $this->defaultTokenProvider->invalidateTokenById($uid, $id);
}
/**
diff --git a/lib/private/Authentication/Token/PublicKeyTokenMapper.php b/lib/private/Authentication/Token/PublicKeyTokenMapper.php
index 0d5657cb582..6feb176fb68 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenMapper.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenMapper.php
@@ -28,7 +28,6 @@ use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Db\QBMapper;
use OCP\DB\QueryBuilder\IQueryBuilder;
use OCP\IDBConnection;
-use OCP\IUser;
class PublicKeyTokenMapper extends QBMapper {
@@ -115,15 +114,15 @@ class PublicKeyTokenMapper extends QBMapper {
* The provider may limit the number of result rows in case of an abuse
* where a high number of (session) tokens is generated
*
- * @param IUser $user
+ * @param string $uid
* @return DefaultToken[]
*/
- public function getTokenByUser(IUser $user): array {
+ public function getTokenByUser(string $uid): array {
/* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder();
$qb->select('*')
->from('authtoken')
- ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+ ->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(2, IQueryBuilder::PARAM_INT)))
->setMaxResults(1000);
$result = $qb->execute();
@@ -137,16 +136,12 @@ class PublicKeyTokenMapper extends QBMapper {
return $entities;
}
- /**
- * @param IUser $user
- * @param int $id
- */
- public function deleteById(IUser $user, int $id) {
+ public function deleteById(string $uid, int $id) {
/* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder();
$qb->delete('authtoken')
->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
- ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+ ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(2, IQueryBuilder::PARAM_INT)));
$qb->execute();
}
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index 1c5f3da147f..926e3c678d4 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -161,8 +161,8 @@ class PublicKeyTokenProvider implements IProvider {
$this->mapper->invalidate($this->hashToken($token));
}
- public function invalidateTokenById(IUser $user, int $id) {
- $this->mapper->deleteById($user, $id);
+ public function invalidateTokenById(string $uid, int $id) {
+ $this->mapper->deleteById($uid, $id);
}
public function invalidateOldTokens() {
@@ -194,8 +194,8 @@ class PublicKeyTokenProvider implements IProvider {
}
}
- public function getTokenByUser(IUser $user): array {
- return $this->mapper->getTokenByUser($user);
+ public function getTokenByUser(string $uid): array {
+ return $this->mapper->getTokenByUser($uid);
}
public function getPassword(IToken $token, string $tokenId): string {
diff --git a/settings/Controller/AuthSettingsController.php b/settings/Controller/AuthSettingsController.php
index 6eaa64cfac2..06cabd00b07 100644
--- a/settings/Controller/AuthSettingsController.php
+++ b/settings/Controller/AuthSettingsController.php
@@ -83,11 +83,7 @@ class AuthSettingsController extends Controller {
* @return JSONResponse|array
*/
public function index() {
- $user = $this->userManager->get($this->uid);
- if ($user === null) {
- return [];
- }
- $tokens = $this->tokenProvider->getTokenByUser($user);
+ $tokens = $this->tokenProvider->getTokenByUser($this->uid);
try {
$sessionId = $this->session->getId();
@@ -182,12 +178,7 @@ class AuthSettingsController extends Controller {
* @return array
*/
public function destroy($id) {
- $user = $this->userManager->get($this->uid);
- if (is_null($user)) {
- return [];
- }
-
- $this->tokenProvider->invalidateTokenById($user, $id);
+ $this->tokenProvider->invalidateTokenById($this->uid, $id);
return [];
}
diff --git a/tests/Settings/Controller/AuthSettingsControllerTest.php b/tests/Settings/Controller/AuthSettingsControllerTest.php
index 461b32b7a48..1c957299e39 100644
--- a/tests/Settings/Controller/AuthSettingsControllerTest.php
+++ b/tests/Settings/Controller/AuthSettingsControllerTest.php
@@ -75,13 +75,9 @@ class AuthSettingsControllerTest extends TestCase {
$sessionToken = new DefaultToken();
$sessionToken->setId(100);
- $this->userManager->expects($this->once())
- ->method('get')
- ->with($this->uid)
- ->will($this->returnValue($this->user));
$this->tokenProvider->expects($this->once())
->method('getTokenByUser')
- ->with($this->user)
+ ->with($this->uid)
->will($this->returnValue($tokens));
$this->session->expects($this->once())
->method('getId')
@@ -192,13 +188,9 @@ class AuthSettingsControllerTest extends TestCase {
$id = 123;
$user = $this->createMock(IUser::class);
- $this->userManager->expects($this->once())
- ->method('get')
- ->with($this->uid)
- ->will($this->returnValue($user));
$this->tokenProvider->expects($this->once())
->method('invalidateTokenById')
- ->with($user, $id);
+ ->with($this->uid, $id);
$this->assertEquals([], $this->controller->destroy($id));
}
diff --git a/tests/lib/Authentication/Token/DefaultTokenMapperTest.php b/tests/lib/Authentication/Token/DefaultTokenMapperTest.php
index b5d24a7ab5e..ab09c005297 100644
--- a/tests/lib/Authentication/Token/DefaultTokenMapperTest.php
+++ b/tests/lib/Authentication/Token/DefaultTokenMapperTest.php
@@ -190,23 +190,11 @@ class DefaultTokenMapperTest extends TestCase {
}
public function testGetTokenByUser() {
- /** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */
- $user = $this->createMock(IUser::class);
- $user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user1'));
-
- $this->assertCount(2, $this->mapper->getTokenByUser($user));
+ $this->assertCount(2, $this->mapper->getTokenByUser('user1'));
}
public function testGetTokenByUserNotFound() {
- /** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */
- $user = $this->createMock(IUser::class);
- $user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user1000'));
-
- $this->assertCount(0, $this->mapper->getTokenByUser($user));
+ $this->assertCount(0, $this->mapper->getTokenByUser('user1000'));
}
public function testDeleteById() {
@@ -218,23 +206,15 @@ class DefaultTokenMapperTest extends TestCase {
->where($qb->expr()->eq('token', $qb->createNamedParameter('9c5a2e661482b65597408a6bb6c4a3d1af36337381872ac56e445a06cdb7fea2b1039db707545c11027a4966919918b19d875a8b774840b18c6cbb7ae56fe206')));
$result = $qb->execute();
$id = $result->fetch()['id'];
- $user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user1'));
- $this->mapper->deleteById($user, $id);
+ $this->mapper->deleteById('user1', $id);
$this->assertEquals(2, $this->getNumberOfTokens());
}
public function testDeleteByIdWrongUser() {
- /** @var IUser|\PHPUnit_Framework_MockObject_MockObject $user */
- $user = $this->createMock(IUser::class);
$id = 33;
- $user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user10000'));
- $this->mapper->deleteById($user, $id);
+ $this->mapper->deleteById('user1000', $id);
$this->assertEquals(3, $this->getNumberOfTokens());
}