diff options
Diffstat (limited to 'lib/private/AppFramework')
27 files changed, 94 insertions, 124 deletions
diff --git a/lib/private/AppFramework/App.php b/lib/private/AppFramework/App.php index 382425ad046..c250a6e2d5d 100644 --- a/lib/private/AppFramework/App.php +++ b/lib/private/AppFramework/App.php @@ -107,7 +107,7 @@ class App { // first try $controllerName then go for \OCA\AppName\Controller\$controllerName try { $controller = $container->query($controllerName); - } catch(QueryException $e) { + } catch (QueryException $e) { if (strpos($controllerName, '\\Controller\\') !== false) { // This is from a global registered app route that is not enabled. [/*OC(A)*/, $app, /* Controller/Name*/] = explode('\\', $controllerName, 3); @@ -137,17 +137,17 @@ class App { $io = $container[IOutput::class]; - if(!is_null($httpHeaders)) { + if (!is_null($httpHeaders)) { $io->setHeader($httpHeaders); } - foreach($responseHeaders as $name => $value) { + foreach ($responseHeaders as $name => $value) { $io->setHeader($name . ': ' . $value); } - foreach($responseCookies as $name => $value) { + foreach ($responseCookies as $name => $value) { $expireDate = null; - if($value['expireDate'] instanceof \DateTime) { + if ($value['expireDate'] instanceof \DateTime) { $expireDate = $value['expireDate']->getTimestamp(); } $io->setCookie( @@ -183,7 +183,6 @@ class App { $io->setOutput($output); } } - } /** @@ -200,7 +199,6 @@ class App { */ public static function part(string $controllerName, string $methodName, array $urlParams, DIContainer $container) { - $container['urlParams'] = $urlParams; $controller = $container[$controllerName]; @@ -209,5 +207,4 @@ class App { list(, , $output) = $dispatcher->dispatch($controller, $methodName); return $output; } - } diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index 2ce504304dc..6654d3849b2 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -278,7 +278,7 @@ class DIContainer extends SimpleContainer implements IAppContainer { $c->query(\OC\AppFramework\Middleware\AdditionalScriptsMiddleware::class) ); - foreach($this->middleWares as $middleWare) { + foreach ($this->middleWares as $middleWare) { $dispatcher->registerMiddleware($c->query($middleWare)); } @@ -298,8 +298,7 @@ class DIContainer extends SimpleContainer implements IAppContainer { /** * @return \OCP\IServerContainer */ - public function getServer() - { + public function getServer() { return $this->server; } @@ -350,7 +349,7 @@ class DIContainer extends SimpleContainer implements IAppContainer { * @return mixed */ public function log($message, $level) { - switch($level){ + switch ($level) { case 'debug': $level = ILogger::DEBUG; break; diff --git a/lib/private/AppFramework/Http.php b/lib/private/AppFramework/Http.php index 4b08812b6cf..3c4a52fe37c 100644 --- a/lib/private/AppFramework/Http.php +++ b/lib/private/AppFramework/Http.php @@ -33,7 +33,6 @@ namespace OC\AppFramework; use OCP\AppFramework\Http as BaseHttp; class Http extends BaseHttp { - private $server; private $protocolVersion; protected $headers; @@ -119,8 +118,7 @@ class Http extends BaseHttp { */ public function getStatusHeader($status, \DateTime $lastModified=null, $ETag=null) { - - if(!is_null($lastModified)) { + if (!is_null($lastModified)) { $lastModified = $lastModified->format(\DateTime::RFC2822); } @@ -133,22 +131,18 @@ class Http extends BaseHttp { (isset($this->server['HTTP_IF_MODIFIED_SINCE']) && trim($this->server['HTTP_IF_MODIFIED_SINCE']) === $lastModified)) { - $status = self::STATUS_NOT_MODIFIED; } // we have one change currently for the http 1.0 header that differs // from 1.1: STATUS_TEMPORARY_REDIRECT should be STATUS_FOUND // if this differs any more, we want to create childclasses for this - if($status === self::STATUS_TEMPORARY_REDIRECT + if ($status === self::STATUS_TEMPORARY_REDIRECT && $this->protocolVersion === 'HTTP/1.0') { - $status = self::STATUS_FOUND; } return $this->protocolVersion . ' ' . $status . ' ' . $this->headers[$status]; } - - } diff --git a/lib/private/AppFramework/Http/Dispatcher.php b/lib/private/AppFramework/Http/Dispatcher.php index 33ce8741acf..f1871e84c08 100644 --- a/lib/private/AppFramework/Http/Dispatcher.php +++ b/lib/private/AppFramework/Http/Dispatcher.php @@ -102,10 +102,10 @@ class Dispatcher { // exception and creates a response. If no response is created, it is // assumed that theres no middleware who can handle it and the error is // thrown again - } catch(\Exception $exception){ + } catch (\Exception $exception) { $response = $this->middlewareDispatcher->afterException( $controller, $methodName, $exception); - } catch(\Throwable $throwable) { + } catch (\Throwable $throwable) { $exception = new \Exception($throwable->getMessage(), $throwable->getCode(), $throwable); $response = $this->middlewareDispatcher->afterException( $controller, $methodName, $exception); @@ -141,7 +141,7 @@ class Dispatcher { // valid types that will be casted $types = ['int', 'integer', 'bool', 'boolean', 'float']; - foreach($this->reflector->getParameters() as $param => $default) { + foreach ($this->reflector->getParameters() as $param => $default) { // try to get the parameter from the request object and cast // it to the type annotated in the @param annotation @@ -150,7 +150,7 @@ class Dispatcher { // if this is submitted using GET or a POST form, 'false' should be // converted to false - if(($type === 'bool' || $type === 'boolean') && + if (($type === 'bool' || $type === 'boolean') && $value === 'false' && ( $this->request->method === 'GET' || @@ -159,8 +159,7 @@ class Dispatcher { ) ) { $value = false; - - } elseif($value !== null && \in_array($type, $types, true)) { + } elseif ($value !== null && \in_array($type, $types, true)) { settype($value, $type); } @@ -170,13 +169,13 @@ class Dispatcher { $response = \call_user_func_array([$controller, $methodName], $arguments); // format response - if($response instanceof DataResponse || !($response instanceof Response)) { + if ($response instanceof DataResponse || !($response instanceof Response)) { // get format from the url format or request format parameter $format = $this->request->getParam('format'); // if none is given try the first Accept header - if($format === null) { + if ($format === null) { $headers = $this->request->getHeader('Accept'); $format = $controller->getResponderByHTTPHeader($headers, null); } @@ -190,5 +189,4 @@ class Dispatcher { return $response; } - } diff --git a/lib/private/AppFramework/Http/Output.php b/lib/private/AppFramework/Http/Output.php index d96898b2521..fd95f370360 100644 --- a/lib/private/AppFramework/Http/Output.php +++ b/lib/private/AppFramework/Http/Output.php @@ -96,5 +96,4 @@ class Output implements IOutput { $path = $this->webRoot ? : '/'; setcookie($name, $value, $expire, $path, $domain, $secure, $httpOnly); } - } diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 5430d1ae922..1dcec3c3b98 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -64,7 +64,6 @@ use OCP\Security\ISecureRandom; * @property mixed[] server */ class Request implements \ArrayAccess, \Countable, IRequest { - const USER_AGENT_IE = '/(MSIE)|(Trident)/'; // Microsoft Edge User Agent from https://msdn.microsoft.com/en-us/library/hh869301(v=vs.85).aspx const USER_AGENT_MS_EDGE = '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+ Edge\/[0-9.]+$/'; @@ -149,11 +148,11 @@ class Request implements \ArrayAccess, \Countable, IRequest { $this->config = $config; $this->csrfTokenManager = $csrfTokenManager; - if(!array_key_exists('method', $vars)) { + if (!array_key_exists('method', $vars)) { $vars['method'] = 'GET'; } - foreach($this->allowedKeys as $name) { + foreach ($this->allowedKeys as $name) { $this->items[$name] = isset($vars[$name]) ? $vars[$name] : []; @@ -165,7 +164,6 @@ class Request implements \ArrayAccess, \Countable, IRequest { $this->items['urlParams'], $this->items['params'] ); - } /** * @param array $parameters @@ -263,12 +261,12 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return mixed|null */ public function __get($name) { - switch($name) { + switch ($name) { case 'put': case 'patch': case 'get': case 'post': - if($this->method !== strtoupper($name)) { + if ($this->method !== strtoupper($name)) { throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method)); } return $this->getContent(); @@ -318,7 +316,6 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return string */ public function getHeader(string $name): string { - $name = strtoupper(str_replace('-', '_',$name)); if (isset($this->server['HTTP_' . $name])) { return $this->server['HTTP_' . $name]; @@ -447,21 +444,20 @@ class Request implements \ArrayAccess, \Countable, IRequest { // 'application/json' must be decoded manually. if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) { $params = json_decode(file_get_contents($this->inputStream), true); - if($params !== null && \count($params) > 0) { + if ($params !== null && \count($params) > 0) { $this->items['params'] = $params; - if($this->method === 'POST') { + if ($this->method === 'POST') { $this->items['post'] = $params; } } - // Handle application/x-www-form-urlencoded for methods other than GET + // Handle application/x-www-form-urlencoded for methods other than GET // or post correctly - } elseif($this->method !== 'GET' + } elseif ($this->method !== 'GET' && $this->method !== 'POST' && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) { - parse_str(file_get_contents($this->inputStream), $params); - if(\is_array($params)) { + if (\is_array($params)) { $this->items['params'] = $params; } } @@ -478,11 +474,11 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return bool true if CSRF check passed */ public function passesCSRFCheck(): bool { - if($this->csrfTokenManager === null) { + if ($this->csrfTokenManager === null) { return false; } - if(!$this->passesStrictCookieCheck()) { + if (!$this->passesStrictCookieCheck()) { return false; } @@ -510,7 +506,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { if ($this->getHeader('OCS-APIREQUEST')) { return false; } - if($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { + if ($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { return false; } @@ -535,7 +531,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { protected function getProtectedCookieName(string $name): string { $cookieParams = $this->getCookieParams(); $prefix = ''; - if($cookieParams['secure'] === true && $cookieParams['path'] === '/') { + if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') { $prefix = '__Host-'; } @@ -550,12 +546,12 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @since 9.1.0 */ public function passesStrictCookieCheck(): bool { - if(!$this->cookieCheckRequired()) { + if (!$this->cookieCheckRequired()) { return true; } $cookieName = $this->getProtectedCookieName('nc_sameSiteCookiestrict'); - if($this->getCookie($cookieName) === 'true' + if ($this->getCookie($cookieName) === 'true' && $this->passesLaxCookieCheck()) { return true; } @@ -570,12 +566,12 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @since 9.1.0 */ public function passesLaxCookieCheck(): bool { - if(!$this->cookieCheckRequired()) { + if (!$this->cookieCheckRequired()) { return true; } $cookieName = $this->getProtectedCookieName('nc_sameSiteCookielax'); - if($this->getCookie($cookieName) === 'true') { + if ($this->getCookie($cookieName) === 'true') { return true; } return false; @@ -588,11 +584,11 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return string */ public function getId(): string { - if(isset($this->server['UNIQUE_ID'])) { + if (isset($this->server['UNIQUE_ID'])) { return $this->server['UNIQUE_ID']; } - if(empty($this->requestId)) { + if (empty($this->requestId)) { $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; $this->requestId = $this->secureRandom->generate(20, $validChars); } @@ -649,15 +645,15 @@ class Request implements \ArrayAccess, \Countable, IRequest { $remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); - if(\is_array($trustedProxies) && $this->isTrustedProxy($trustedProxies, $remoteAddress)) { + if (\is_array($trustedProxies) && $this->isTrustedProxy($trustedProxies, $remoteAddress)) { $forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [ 'HTTP_X_FORWARDED_FOR' // only have one default, so we cannot ship an insecure product out of the box ]); - foreach($forwardedForHeaders as $header) { - if(isset($this->server[$header])) { - foreach(explode(',', $this->server[$header]) as $IP) { + foreach ($forwardedForHeaders as $header) { + if (isset($this->server[$header])) { + foreach (explode(',', $this->server[$header]) as $IP) { $IP = trim($IP); if (filter_var($IP, FILTER_VALIDATE_IP) !== false) { return $IP; @@ -688,7 +684,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return string Server protocol (http or https) */ public function getServerProtocol(): string { - if($this->config->getSystemValue('overwriteprotocol') !== '' + if ($this->config->getSystemValue('overwriteprotocol') !== '' && $this->isOverwriteCondition('protocol')) { return $this->config->getSystemValue('overwriteprotocol'); } @@ -734,7 +730,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { 'HTTP/2', ]; - if(\in_array($claimedProtocol, $validProtocols, true)) { + if (\in_array($claimedProtocol, $validProtocols, true)) { return $claimedProtocol; } @@ -748,7 +744,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { */ public function getRequestUri(): string { $uri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; - if($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { + if ($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { $uri = $this->getScriptName() . substr($uri, \strlen($this->server['SCRIPT_NAME'])); } return $uri; @@ -776,7 +772,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { // FIXME: Sabre does not really belong here list($path, $name) = \Sabre\Uri\split($scriptName); if (!empty($path)) { - if($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { + if ($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { $pathInfo = substr($pathInfo, \strlen($path)); } else { throw new \Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')"); @@ -792,7 +788,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { if ($name !== '' && strpos($pathInfo, $name) === 0) { $pathInfo = substr($pathInfo, \strlen($name)); } - if($pathInfo === false || $pathInfo === '/'){ + if ($pathInfo === false || $pathInfo === '/') { return ''; } else { return $pathInfo; @@ -810,7 +806,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { $pathInfo = rawurldecode($pathInfo); $encoding = mb_detect_encoding($pathInfo, ['UTF-8', 'ISO-8859-1']); - switch($encoding) { + switch ($encoding) { case 'ISO-8859-1': $pathInfo = utf8_encode($pathInfo); } @@ -921,7 +917,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { * isn't met */ private function getOverwriteHost() { - if($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { + if ($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { return $this->config->getSystemValue('overwritehost'); } return null; diff --git a/lib/private/AppFramework/Middleware/AdditionalScriptsMiddleware.php b/lib/private/AppFramework/Middleware/AdditionalScriptsMiddleware.php index 605422ffefe..b9f238eecb3 100644 --- a/lib/private/AppFramework/Middleware/AdditionalScriptsMiddleware.php +++ b/lib/private/AppFramework/Middleware/AdditionalScriptsMiddleware.php @@ -66,5 +66,4 @@ class AdditionalScriptsMiddleware extends Middleware { return $response; } - } diff --git a/lib/private/AppFramework/Middleware/MiddlewareDispatcher.php b/lib/private/AppFramework/Middleware/MiddlewareDispatcher.php index 47b9a62af81..388e86c1e15 100644 --- a/lib/private/AppFramework/Middleware/MiddlewareDispatcher.php +++ b/lib/private/AppFramework/Middleware/MiddlewareDispatcher.php @@ -91,7 +91,7 @@ class MiddlewareDispatcher { // we need to count so that we know which middlewares we have to ask in // case there is an exception $middlewareCount = \count($this->middlewares); - for($i = 0; $i < $middlewareCount; $i++){ + for ($i = 0; $i < $middlewareCount; $i++) { $this->middlewareCounter++; $middleware = $this->middlewares[$i]; $middleware->beforeController($controller, $methodName); @@ -115,11 +115,11 @@ class MiddlewareDispatcher { * @throws \Exception the passed in exception if it can't handle it */ public function afterException(Controller $controller, string $methodName, \Exception $exception): Response { - for($i=$this->middlewareCounter-1; $i>=0; $i--){ + for ($i=$this->middlewareCounter-1; $i>=0; $i--) { $middleware = $this->middlewares[$i]; try { return $middleware->afterException($controller, $methodName, $exception); - } catch(\Exception $exception){ + } catch (\Exception $exception) { continue; } } @@ -138,7 +138,7 @@ class MiddlewareDispatcher { * @return Response a Response object */ public function afterController(Controller $controller, string $methodName, Response $response): Response { - for($i= \count($this->middlewares)-1; $i>=0; $i--){ + for ($i= \count($this->middlewares)-1; $i>=0; $i--) { $middleware = $this->middlewares[$i]; $response = $middleware->afterController($controller, $methodName, $response); } @@ -157,11 +157,10 @@ class MiddlewareDispatcher { * @return string the output that should be printed */ public function beforeOutput(Controller $controller, string $methodName, string $output): string { - for($i= \count($this->middlewares)-1; $i>=0; $i--){ + for ($i= \count($this->middlewares)-1; $i>=0; $i--) { $middleware = $this->middlewares[$i]; $output = $middleware->beforeOutput($controller, $methodName, $output); } return $output; } - } diff --git a/lib/private/AppFramework/Middleware/OCSMiddleware.php b/lib/private/AppFramework/Middleware/OCSMiddleware.php index fe0f58c1ab5..875c743e972 100644 --- a/lib/private/AppFramework/Middleware/OCSMiddleware.php +++ b/lib/private/AppFramework/Middleware/OCSMiddleware.php @@ -102,7 +102,6 @@ class OCSMiddleware extends Middleware { if ($controller instanceof OCSController && !($response instanceof BaseResponse)) { if ($response->getStatus() === Http::STATUS_UNAUTHORIZED || $response->getStatus() === Http::STATUS_FORBIDDEN) { - $message = ''; if ($response instanceof JSONResponse) { /** @var DataResponse $response */ @@ -145,7 +144,7 @@ class OCSMiddleware extends Middleware { $format = $this->request->getParam('format'); // if none is given try the first Accept header - if($format === null) { + if ($format === null) { $headers = $this->request->getHeader('Accept'); $format = $controller->getResponderByHTTPHeader($headers, 'xml'); } diff --git a/lib/private/AppFramework/Middleware/PublicShare/Exceptions/NeedAuthenticationException.php b/lib/private/AppFramework/Middleware/PublicShare/Exceptions/NeedAuthenticationException.php index cd6337470b9..b362a38bc74 100644 --- a/lib/private/AppFramework/Middleware/PublicShare/Exceptions/NeedAuthenticationException.php +++ b/lib/private/AppFramework/Middleware/PublicShare/Exceptions/NeedAuthenticationException.php @@ -24,5 +24,4 @@ namespace OC\AppFramework\Middleware\PublicShare\Exceptions; class NeedAuthenticationException extends \Exception { - } diff --git a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php index b6e2611179f..4b2dd25a257 100644 --- a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php +++ b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php @@ -89,7 +89,6 @@ class PublicShareMiddleware extends Middleware { } throw new NotFoundException(); - } public function afterException($controller, $methodName, \Exception $exception) { @@ -123,7 +122,7 @@ class PublicShareMiddleware extends Middleware { } // Check whether public sharing is enabled - if($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') { + if ($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') { return false; } diff --git a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php index 46c33083e42..c2d1d7783ed 100644 --- a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php @@ -63,7 +63,7 @@ class BruteForceMiddleware extends Middleware { public function beforeController($controller, $methodName) { parent::beforeController($controller, $methodName); - if($this->reflector->hasAnnotation('BruteForceProtection')) { + if ($this->reflector->hasAnnotation('BruteForceProtection')) { $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); $this->throttler->sleepDelay($this->request->getRemoteAddress(), $action); } @@ -73,7 +73,7 @@ class BruteForceMiddleware extends Middleware { * {@inheritDoc} */ public function afterController($controller, $methodName, Response $response) { - if($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) { + if ($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) { $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); $ip = $this->request->getRemoteAddress(); $this->throttler->sleepDelay($ip, $action); diff --git a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php index acfbab25ed4..af6d3de6570 100644 --- a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php @@ -84,7 +84,7 @@ class CORSMiddleware extends Middleware { // ensure that @CORS annotated API routes are not used in conjunction // with session authentication since this enables CSRF attack vectors if ($this->reflector->hasAnnotation('CORS') && - !$this->reflector->hasAnnotation('PublicPage')) { + !$this->reflector->hasAnnotation('PublicPage')) { $user = $this->request->server['PHP_AUTH_USER']; $pass = $this->request->server['PHP_AUTH_PW']; @@ -113,13 +113,13 @@ class CORSMiddleware extends Middleware { public function afterController($controller, $methodName, Response $response) { // only react if its a CORS request and if the request sends origin and - if(isset($this->request->server['HTTP_ORIGIN']) && + if (isset($this->request->server['HTTP_ORIGIN']) && $this->reflector->hasAnnotation('CORS')) { // allow credentials headers must not be true or CSRF is possible // otherwise - foreach($response->getHeaders() as $header => $value) { - if(strtolower($header) === 'access-control-allow-credentials' && + foreach ($response->getHeaders() as $header => $value) { + if (strtolower($header) === 'access-control-allow-credentials' && strtolower(trim($value)) === 'true') { $msg = 'Access-Control-Allow-Credentials must not be '. 'set to true in order to prevent CSRF'; @@ -144,9 +144,9 @@ class CORSMiddleware extends Middleware { * @return Response a Response object or null in case that the exception could not be handled */ public function afterException($controller, $methodName, \Exception $exception) { - if($exception instanceof SecurityException){ + if ($exception instanceof SecurityException) { $response = new JSONResponse(['message' => $exception->getMessage()]); - if($exception->getCode() !== 0) { + if ($exception->getCode() !== 0) { $response->setStatus($exception->getCode()); } else { $response->setStatus(Http::STATUS_INTERNAL_SERVER_ERROR); @@ -156,5 +156,4 @@ class CORSMiddleware extends Middleware { throw $exception; } - } diff --git a/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php b/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php index 3b9723cb6b9..057aa1529dc 100644 --- a/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php @@ -71,7 +71,7 @@ class CSPMiddleware extends Middleware { $defaultPolicy = $this->contentSecurityPolicyManager->getDefaultPolicy(); $defaultPolicy = $this->contentSecurityPolicyManager->mergePolicies($defaultPolicy, $policy); - if($this->cspNonceManager->browserSupportsCspV3()) { + if ($this->cspNonceManager->browserSupportsCspV3()) { $defaultPolicy->useJsNonce($this->csrfTokenManager->getToken()->getEncryptedValue()); } diff --git a/lib/private/AppFramework/Middleware/Security/Exceptions/ReloadExecutionException.php b/lib/private/AppFramework/Middleware/Security/Exceptions/ReloadExecutionException.php index 46673a7e5ee..934cae991b4 100644 --- a/lib/private/AppFramework/Middleware/Security/Exceptions/ReloadExecutionException.php +++ b/lib/private/AppFramework/Middleware/Security/Exceptions/ReloadExecutionException.php @@ -27,5 +27,4 @@ declare(strict_types=1); namespace OC\AppFramework\Middleware\Security\Exceptions; class ReloadExecutionException extends SecurityException { - } diff --git a/lib/private/AppFramework/Middleware/Security/Exceptions/SecurityException.php b/lib/private/AppFramework/Middleware/Security/Exceptions/SecurityException.php index e55f8e3f50a..bfa4116d12e 100644 --- a/lib/private/AppFramework/Middleware/Security/Exceptions/SecurityException.php +++ b/lib/private/AppFramework/Middleware/Security/Exceptions/SecurityException.php @@ -30,4 +30,5 @@ namespace OC\AppFramework\Middleware\Security\Exceptions; * * @package OC\AppFramework\Middleware\Security\Exceptions */ -class SecurityException extends \Exception {} +class SecurityException extends \Exception { +} diff --git a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php index c7bf8e2c947..2a7cf982ff8 100644 --- a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php @@ -86,7 +86,7 @@ class RateLimitingMiddleware extends Middleware { $userLimit = $this->reflector->getAnnotationParameter('UserRateThrottle', 'limit'); $userPeriod = $this->reflector->getAnnotationParameter('UserRateThrottle', 'period'); $rateLimitIdentifier = get_class($controller) . '::' . $methodName; - if($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { + if ($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { $this->limiter->registerUserRequest( $rateLimitIdentifier, $userLimit, @@ -107,7 +107,7 @@ class RateLimitingMiddleware extends Middleware { * {@inheritDoc} */ public function afterException($controller, $methodName, \Exception $exception) { - if($exception instanceof RateLimitExceededException) { + if ($exception instanceof RateLimitExceededException) { if (stripos($this->request->getHeader('Accept'),'html') === false) { $response = new JSONResponse( [ @@ -116,7 +116,7 @@ class RateLimitingMiddleware extends Middleware { $exception->getCode() ); } else { - $response = new TemplateResponse( + $response = new TemplateResponse( 'core', '403', [ @@ -124,7 +124,7 @@ class RateLimitingMiddleware extends Middleware { ], 'guest' ); - $response->setStatus($exception->getCode()); + $response->setStatus($exception->getCode()); } return $response; diff --git a/lib/private/AppFramework/Middleware/Security/ReloadExecutionMiddleware.php b/lib/private/AppFramework/Middleware/Security/ReloadExecutionMiddleware.php index af34ed57182..12b0ef4e27a 100644 --- a/lib/private/AppFramework/Middleware/Security/ReloadExecutionMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/ReloadExecutionMiddleware.php @@ -65,6 +65,4 @@ class ReloadExecutionMiddleware extends Middleware { return parent::afterException($controller, $methodName, $exception); } - - } diff --git a/lib/private/AppFramework/Middleware/Security/SameSiteCookieMiddleware.php b/lib/private/AppFramework/Middleware/Security/SameSiteCookieMiddleware.php index 5519b8705d9..70d4d4b88df 100644 --- a/lib/private/AppFramework/Middleware/Security/SameSiteCookieMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/SameSiteCookieMiddleware.php @@ -87,11 +87,11 @@ class SameSiteCookieMiddleware extends Middleware { // Append __Host to the cookie if it meets the requirements $cookiePrefix = ''; - if($cookieParams['secure'] === true && $cookieParams['path'] === '/') { + if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') { $cookiePrefix = '__Host-'; } - foreach($policies as $policy) { + foreach ($policies as $policy) { header( sprintf( 'Set-Cookie: %snc_sameSiteCookie%s=true; path=%s; httponly;' . $secureCookie . 'expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=%s', diff --git a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php index 0ae2d37b374..5eb1d7f30be 100644 --- a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php @@ -137,17 +137,17 @@ class SecurityMiddleware extends Middleware { // security checks $isPublicPage = $this->reflector->hasAnnotation('PublicPage'); - if(!$isPublicPage) { - if(!$this->isLoggedIn) { + if (!$isPublicPage) { + if (!$this->isLoggedIn) { throw new NotLoggedInException(); } - if($this->reflector->hasAnnotation('SubAdminRequired') + if ($this->reflector->hasAnnotation('SubAdminRequired') && !$this->isSubAdmin && !$this->isAdminUser) { throw new NotAdminException($this->l10n->t('Logged in user must be an admin or sub admin')); } - if(!$this->reflector->hasAnnotation('SubAdminRequired') + if (!$this->reflector->hasAnnotation('SubAdminRequired') && !$this->reflector->hasAnnotation('NoAdminRequired') && !$this->isAdminUser) { throw new NotAdminException($this->l10n->t('Logged in user must be an admin')); @@ -155,14 +155,14 @@ class SecurityMiddleware extends Middleware { } // Check for strict cookie requirement - if($this->reflector->hasAnnotation('StrictCookieRequired') || !$this->reflector->hasAnnotation('NoCSRFRequired')) { - if(!$this->request->passesStrictCookieCheck()) { + if ($this->reflector->hasAnnotation('StrictCookieRequired') || !$this->reflector->hasAnnotation('NoCSRFRequired')) { + if (!$this->request->passesStrictCookieCheck()) { throw new StrictCookieMissingException(); } } // CSRF check - also registers the CSRF token since the session may be closed later Util::callRegister(); - if(!$this->reflector->hasAnnotation('NoCSRFRequired')) { + if (!$this->reflector->hasAnnotation('NoCSRFRequired')) { /* * Only allow the CSRF check to fail on OCS Requests. This kind of * hacks around that we have no full token auth in place yet and we @@ -171,7 +171,7 @@ class SecurityMiddleware extends Middleware { * Additionally we allow Bearer authenticated requests to pass on OCS routes. * This allows oauth apps (e.g. moodle) to use the OCS endpoints */ - if(!$this->request->passesCSRFCheck() && !( + if (!$this->request->passesCSRFCheck() && !( $controller instanceof OCSController && ( $this->request->getHeader('OCS-APIREQUEST') === 'true' || strpos($this->request->getHeader('Authorization'), 'Bearer ') === 0 @@ -209,8 +209,8 @@ class SecurityMiddleware extends Middleware { * @return Response a Response object or null in case that the exception could not be handled */ public function afterException($controller, $methodName, \Exception $exception): Response { - if($exception instanceof SecurityException) { - if($exception instanceof StrictCookieMissingException) { + if ($exception instanceof SecurityException) { + if ($exception instanceof StrictCookieMissingException) { return new RedirectResponse(\OC::$WEBROOT); } if (stripos($this->request->getHeader('Accept'),'html') === false) { @@ -219,7 +219,7 @@ class SecurityMiddleware extends Middleware { $exception->getCode() ); } else { - if($exception instanceof NotLoggedInException) { + if ($exception instanceof NotLoggedInException) { $params = []; if (isset($this->request->server['REQUEST_URI'])) { $params['redirect_url'] = $this->request->server['REQUEST_URI']; @@ -241,5 +241,4 @@ class SecurityMiddleware extends Middleware { throw $exception; } - } diff --git a/lib/private/AppFramework/Middleware/SessionMiddleware.php b/lib/private/AppFramework/Middleware/SessionMiddleware.php index d2787dde745..88b85468252 100644 --- a/lib/private/AppFramework/Middleware/SessionMiddleware.php +++ b/lib/private/AppFramework/Middleware/SessionMiddleware.php @@ -69,5 +69,4 @@ class SessionMiddleware extends Middleware { } return $response; } - } diff --git a/lib/private/AppFramework/OCS/BaseResponse.php b/lib/private/AppFramework/OCS/BaseResponse.php index 6c49a685985..55410c8910b 100644 --- a/lib/private/AppFramework/OCS/BaseResponse.php +++ b/lib/private/AppFramework/OCS/BaseResponse.php @@ -30,7 +30,7 @@ use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\Response; -abstract class BaseResponse extends Response { +abstract class BaseResponse extends Response { /** @var array */ protected $data; @@ -118,7 +118,6 @@ abstract class BaseResponse extends Response { $this->toXML($response, $writer); $writer->endDocument(); return $writer->outputMemory(true); - } /** diff --git a/lib/private/AppFramework/OCS/V2Response.php b/lib/private/AppFramework/OCS/V2Response.php index 693d58a4d43..1d4eb741210 100644 --- a/lib/private/AppFramework/OCS/V2Response.php +++ b/lib/private/AppFramework/OCS/V2Response.php @@ -35,7 +35,6 @@ class V2Response extends BaseResponse { * @return int */ public function getStatus() { - $status = parent::getStatus(); if ($status === API::RESPOND_UNAUTHORISED) { return Http::STATUS_UNAUTHORIZED; diff --git a/lib/private/AppFramework/Routing/RouteConfig.php b/lib/private/AppFramework/Routing/RouteConfig.php index 999412979b0..eb9991fbe69 100644 --- a/lib/private/AppFramework/Routing/RouteConfig.php +++ b/lib/private/AppFramework/Routing/RouteConfig.php @@ -125,13 +125,13 @@ class RouteConfig { // optionally register requirements for route. This is used to // tell the route parser how url parameters should be matched - if(array_key_exists('requirements', $ocsRoute)) { + if (array_key_exists('requirements', $ocsRoute)) { $router->requirements($ocsRoute['requirements']); } // optionally register defaults for route. This is used to // tell the route parser how url parameters should be default valued - if(array_key_exists('defaults', $ocsRoute)) { + if (array_key_exists('defaults', $ocsRoute)) { $router->defaults($ocsRoute['defaults']); } } @@ -183,13 +183,13 @@ class RouteConfig { // optionally register requirements for route. This is used to // tell the route parser how url parameters should be matched - if(array_key_exists('requirements', $simpleRoute)) { + if (array_key_exists('requirements', $simpleRoute)) { $router->requirements($simpleRoute['requirements']); } // optionally register defaults for route. This is used to // tell the route parser how url parameters should be default valued - if(array_key_exists('defaults', $simpleRoute)) { + if (array_key_exists('defaults', $simpleRoute)) { $router->defaults($simpleRoute['defaults']); } } @@ -220,7 +220,7 @@ class RouteConfig { $root = $config['root'] ?? '/apps/' . $this->appName; // the url parameter used as id to the resource - foreach($actions as $action) { + foreach ($actions as $action) { $url = $root . $config['url']; $method = $action['name']; $verb = strtoupper($action['verb'] ?? 'GET'); @@ -270,7 +270,7 @@ class RouteConfig { foreach ($resources as $resource => $config) { // the url parameter used as id to the resource - foreach($actions as $action) { + foreach ($actions as $action) { $url = $config['url']; $method = $action['name']; $verb = strtoupper($action['verb'] ?? 'GET'); diff --git a/lib/private/AppFramework/Utility/ControllerMethodReflector.php b/lib/private/AppFramework/Utility/ControllerMethodReflector.php index 31f1892772f..2b7420cd41b 100644 --- a/lib/private/AppFramework/Utility/ControllerMethodReflector.php +++ b/lib/private/AppFramework/Utility/ControllerMethodReflector.php @@ -82,7 +82,7 @@ class ControllerMethodReflector implements IControllerMethodReflector { } $default = null; - if($param->isOptional()) { + if ($param->isOptional()) { $default = $param->getDefaultValue(); } $this->parameters[$param->name] = $default; @@ -97,7 +97,7 @@ class ControllerMethodReflector implements IControllerMethodReflector { * would return int or null if not existing */ public function getType(string $parameter) { - if(array_key_exists($parameter, $this->types)) { + if (array_key_exists($parameter, $this->types)) { return $this->types[$parameter]; } @@ -128,7 +128,7 @@ class ControllerMethodReflector implements IControllerMethodReflector { * @return string */ public function getAnnotationParameter(string $name, string $key): string { - if(isset($this->annotations[$name][$key])) { + if (isset($this->annotations[$name][$key])) { return $this->annotations[$name][$key]; } diff --git a/lib/private/AppFramework/Utility/SimpleContainer.php b/lib/private/AppFramework/Utility/SimpleContainer.php index 1703df3ea73..44bda1c3e6b 100644 --- a/lib/private/AppFramework/Utility/SimpleContainer.php +++ b/lib/private/AppFramework/Utility/SimpleContainer.php @@ -102,7 +102,7 @@ class SimpleContainer extends Container implements IContainer { throw new QueryException($baseMsg . ' Class can not be instantiated'); } - } catch(ReflectionException $e) { + } catch (ReflectionException $e) { throw new QueryException($baseMsg . ' ' . $e->getMessage()); } } @@ -140,7 +140,7 @@ class SimpleContainer extends Container implements IContainer { */ public function registerService($name, Closure $closure, $shared = true) { $name = $this->sanitizeName($name); - if (isset($this[$name])) { + if (isset($this[$name])) { unset($this[$name]); } if ($shared) { diff --git a/lib/private/AppFramework/Utility/TimeFactory.php b/lib/private/AppFramework/Utility/TimeFactory.php index b3d5ec831d1..30ab9bd3098 100644 --- a/lib/private/AppFramework/Utility/TimeFactory.php +++ b/lib/private/AppFramework/Utility/TimeFactory.php @@ -52,5 +52,4 @@ class TimeFactory implements ITimeFactory { public function getDateTime(string $time = 'now', \DateTimeZone $timezone = null): \DateTime { return new \DateTime($time, $timezone); } - } |