aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication/TwoFactorAuth
diff options
context:
space:
mode:
Diffstat (limited to 'lib/private/Authentication/TwoFactorAuth')
-rw-r--r--lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php8
-rw-r--r--lib/private/Authentication/TwoFactorAuth/Manager.php18
-rw-r--r--lib/private/Authentication/TwoFactorAuth/ProviderLoader.php30
3 files changed, 27 insertions, 29 deletions
diff --git a/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php b/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php
index c84b7f1af20..cc468dbeba0 100644
--- a/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php
+++ b/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php
@@ -29,7 +29,7 @@ class ProviderUserAssignmentDao {
* Get all assigned provider IDs for the given user ID
*
* @return array<string, bool> where the array key is the provider ID (string) and the
- * value is the enabled state (bool)
+ * value is the enabled state (bool)
*/
public function getState(string $uid): array {
$qb = $this->conn->getQueryBuilder();
@@ -37,7 +37,7 @@ class ProviderUserAssignmentDao {
$query = $qb->select('provider_id', 'enabled')
->from(self::TABLE_NAME)
->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)));
- $result = $query->execute();
+ $result = $query->executeQuery();
$providers = [];
foreach ($result->fetchAll() as $row) {
$providers[(string)$row['provider_id']] = (int)$row['enabled'] === 1;
@@ -95,7 +95,7 @@ class ProviderUserAssignmentDao {
return [
'provider_id' => (string)$row['provider_id'],
'uid' => (string)$row['uid'],
- 'enabled' => ((int) $row['enabled']) === 1,
+ 'enabled' => ((int)$row['enabled']) === 1,
];
}, $rows));
}
@@ -106,6 +106,6 @@ class ProviderUserAssignmentDao {
$deleteQuery = $qb->delete(self::TABLE_NAME)
->where($qb->expr()->eq('provider_id', $qb->createNamedParameter($providerId)));
- $deleteQuery->execute();
+ $deleteQuery->executeStatement();
}
}
diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index 2585646c998..07aa98610ed 100644
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -12,6 +12,7 @@ use BadMethodCallException;
use Exception;
use OC\Authentication\Token\IProvider as TokenProvider;
use OCP\Activity\IManager;
+use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Authentication\Exceptions\InvalidTokenException;
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
@@ -192,7 +193,7 @@ class Manager {
if (!empty($missing)) {
// There was at least one provider missing
- $this->logger->alert(count($missing) . " two-factor auth providers failed to load", ['app' => 'core']);
+ $this->logger->alert(count($missing) . ' two-factor auth providers failed to load', ['app' => 'core']);
return true;
}
@@ -307,8 +308,8 @@ class Manager {
// First check if the session tells us we should do 2FA (99% case)
if (!$this->session->exists(self::SESSION_UID_KEY)) {
// Check if the session tells us it is 2FA authenticated already
- if ($this->session->exists(self::SESSION_UID_DONE) &&
- $this->session->get(self::SESSION_UID_DONE) === $user->getUID()) {
+ if ($this->session->exists(self::SESSION_UID_DONE)
+ && $this->session->get(self::SESSION_UID_DONE) === $user->getUID()) {
return false;
}
@@ -322,7 +323,7 @@ class Manager {
$tokenId = $token->getId();
$tokensNeeding2FA = $this->config->getUserKeys($user->getUID(), 'login_token_2fa');
- if (!\in_array((string) $tokenId, $tokensNeeding2FA, true)) {
+ if (!\in_array((string)$tokenId, $tokensNeeding2FA, true)) {
$this->session->set(self::SESSION_UID_DONE, $user->getUID());
return false;
}
@@ -359,14 +360,19 @@ class Manager {
$id = $this->session->getId();
$token = $this->tokenProvider->getToken($id);
- $this->config->setUserValue($user->getUID(), 'login_token_2fa', (string) $token->getId(), (string)$this->timeFactory->getTime());
+ $this->config->setUserValue($user->getUID(), 'login_token_2fa', (string)$token->getId(), (string)$this->timeFactory->getTime());
}
public function clearTwoFactorPending(string $userId) {
$tokensNeeding2FA = $this->config->getUserKeys($userId, 'login_token_2fa');
foreach ($tokensNeeding2FA as $tokenId) {
- $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
+ $this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
+
+ try {
+ $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
+ } catch (DoesNotExistException $e) {
+ }
}
}
}
diff --git a/lib/private/Authentication/TwoFactorAuth/ProviderLoader.php b/lib/private/Authentication/TwoFactorAuth/ProviderLoader.php
index b9a0a97bec4..7e674a01dd8 100644
--- a/lib/private/Authentication/TwoFactorAuth/ProviderLoader.php
+++ b/lib/private/Authentication/TwoFactorAuth/ProviderLoader.php
@@ -9,8 +9,7 @@ declare(strict_types=1);
namespace OC\Authentication\TwoFactorAuth;
use Exception;
-use OC;
-use OC_App;
+use OC\AppFramework\Bootstrap\Coordinator;
use OCP\App\IAppManager;
use OCP\AppFramework\QueryException;
use OCP\Authentication\TwoFactorAuth\IProvider;
@@ -19,15 +18,10 @@ use OCP\IUser;
class ProviderLoader {
public const BACKUP_CODES_APP_ID = 'twofactor_backupcodes';
- /** @var IAppManager */
- private $appManager;
-
- /** @var OC\AppFramework\Bootstrap\Coordinator */
- private $coordinator;
-
- public function __construct(IAppManager $appManager, OC\AppFramework\Bootstrap\Coordinator $coordinator) {
- $this->appManager = $appManager;
- $this->coordinator = $coordinator;
+ public function __construct(
+ private IAppManager $appManager,
+ private Coordinator $coordinator,
+ ) {
}
/**
@@ -58,12 +52,12 @@ class ProviderLoader {
}
}
- $registeredProviders = $this->coordinator->getRegistrationContext()->getTwoFactorProviders();
+ $registeredProviders = $this->coordinator->getRegistrationContext()?->getTwoFactorProviders() ?? [];
foreach ($registeredProviders as $provider) {
try {
$this->loadTwoFactorApp($provider->getAppId());
- $provider = \OCP\Server::get($provider->getService());
- $providers[$provider->getId()] = $provider;
+ $providerInstance = \OCP\Server::get($provider->getService());
+ $providers[$providerInstance->getId()] = $providerInstance;
} catch (QueryException $exc) {
// Provider class can not be resolved
throw new Exception('Could not load two-factor auth provider ' . $provider->getService());
@@ -75,12 +69,10 @@ class ProviderLoader {
/**
* Load an app by ID if it has not been loaded yet
- *
- * @param string $appId
*/
- protected function loadTwoFactorApp(string $appId) {
- if (!OC_App::isAppLoaded($appId)) {
- OC_App::loadApp($appId);
+ protected function loadTwoFactorApp(string $appId): void {
+ if (!$this->appManager->isAppLoaded($appId)) {
+ $this->appManager->loadApp($appId);
}
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-15 08:06:07 +0000