diff options
Diffstat (limited to 'apps/federation/lib/BackgroundJob/GetSharedSecret.php')
| -rw-r--r-- | apps/federation/lib/BackgroundJob/GetSharedSecret.php | 74 |
1 files changed, 22 insertions, 52 deletions
diff --git a/apps/federation/lib/BackgroundJob/GetSharedSecret.php b/apps/federation/lib/BackgroundJob/GetSharedSecret.php index b4ad46febc2..dc57db9fd62 100644 --- a/apps/federation/lib/BackgroundJob/GetSharedSecret.php +++ b/apps/federation/lib/BackgroundJob/GetSharedSecret.php @@ -1,31 +1,9 @@ <?php + /** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Arthur Schiwon <blizzz@arthur-schiwon.de> - * @author Bjoern Schiessle <bjoern@schiessle.org> - * @author Björn Schießle <bjoern@schiessle.org> - * @author Christoph Wurst <christoph@winzerhof-wurst.at> - * @author Joas Schilling <coding@schilljs.com> - * @author Lukas Reschke <lukas@statuscode.ch> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <robin@icewind.nl> - * @author Roeland Jago Douma <roeland@famdouma.nl> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ namespace OCA\Federation\BackgroundJob; @@ -39,6 +17,7 @@ use OCP\BackgroundJob\Job; use OCP\Http\Client\IClient; use OCP\Http\Client\IClientService; use OCP\Http\Client\IResponse; +use OCP\IConfig; use OCP\IURLGenerator; use OCP\OCS\IDiscoveryService; use Psr\Log\LoggerInterface; @@ -52,11 +31,6 @@ use Psr\Log\LoggerInterface; */ class GetSharedSecret extends Job { private IClient $httpClient; - private IJobList $jobList; - private IURLGenerator $urlGenerator; - private TrustedServers $trustedServers; - private IDiscoveryService $ocsDiscoveryService; - private LoggerInterface $logger; protected bool $retainJob = false; private string $defaultEndPoint = '/ocs/v2.php/apps/federation/api/v1/shared-secret'; /** 30 day = 2592000sec */ @@ -64,20 +38,16 @@ class GetSharedSecret extends Job { public function __construct( IClientService $httpClientService, - IURLGenerator $urlGenerator, - IJobList $jobList, - TrustedServers $trustedServers, - LoggerInterface $logger, - IDiscoveryService $ocsDiscoveryService, - ITimeFactory $timeFactory + private IURLGenerator $urlGenerator, + private IJobList $jobList, + private TrustedServers $trustedServers, + private LoggerInterface $logger, + private IDiscoveryService $ocsDiscoveryService, + ITimeFactory $timeFactory, + private IConfig $config, ) { parent::__construct($timeFactory); - $this->logger = $logger; $this->httpClient = $httpClientService->newClient(); - $this->jobList = $jobList; - $this->urlGenerator = $urlGenerator; - $this->ocsDiscoveryService = $ocsDiscoveryService; - $this->trustedServers = $trustedServers; } /** @@ -112,6 +82,7 @@ class GetSharedSecret extends Job { // kill job after 30 days of trying $deadline = $currentTime - $this->maxLifespan; if ($created < $deadline) { + $this->logger->warning("The job to get the shared secret job is too old and gets stopped now without retention. Setting server status of '{$target}' to failure."); $this->retainJob = false; $this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE); return; @@ -128,14 +99,14 @@ class GetSharedSecret extends Job { $result = $this->httpClient->get( $url, [ - 'query' => - [ - 'url' => $source, - 'token' => $token, - 'format' => 'json', - ], + 'query' => [ + 'url' => $source, + 'token' => $token, + 'format' => 'json', + ], 'timeout' => 3, 'connect_timeout' => 3, + 'verify' => !$this->config->getSystemValue('sharing.federation.allowSelfSignedCertificates', false), ] ); @@ -143,9 +114,9 @@ class GetSharedSecret extends Job { } catch (ClientException $e) { $status = $e->getCode(); if ($status === Http::STATUS_FORBIDDEN) { - $this->logger->info($target . ' refused to exchange a shared secret with you.', ['app' => 'federation']); + $this->logger->info($target . ' refused to exchange a shared secret with you.'); } else { - $this->logger->info($target . ' responded with a ' . $status . ' containing: ' . $e->getMessage(), ['app' => 'federation']); + $this->logger->info($target . ' responded with a ' . $status . ' containing: ' . $e->getMessage()); } } catch (RequestException $e) { $status = -1; // There is no status code if we could not connect @@ -177,8 +148,7 @@ class GetSharedSecret extends Job { ); } else { $this->logger->error( - 'remote server "' . $target . '"" does not return a valid shared secret. Received data: ' . $body, - ['app' => 'federation'] + 'remote server "' . $target . '"" does not return a valid shared secret. Received data: ' . $body ); $this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE); } |