diff options
Diffstat (limited to 'lib')
25 files changed, 612 insertions, 35 deletions
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index 0379b767755..5cc1b4ab72f 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -50,6 +50,7 @@ return array( 'OCP\\AppFramework\\Http\\Template\\LinkMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/LinkMenuAction.php', 'OCP\\AppFramework\\Http\\Template\\PublicTemplateResponse' => $baseDir . '/lib/public/AppFramework/Http/Template/PublicTemplateResponse.php', 'OCP\\AppFramework\\Http\\Template\\SimpleMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/SimpleMenuAction.php', + 'OCP\\AppFramework\\Http\\ZipResponse' => $baseDir . '/lib/public/AppFramework/Http/ZipResponse.php', 'OCP\\AppFramework\\IAppContainer' => $baseDir . '/lib/public/AppFramework/IAppContainer.php', 'OCP\\AppFramework\\Middleware' => $baseDir . '/lib/public/AppFramework/Middleware.php', 'OCP\\AppFramework\\OCSController' => $baseDir . '/lib/public/AppFramework/OCSController.php', @@ -73,7 +74,9 @@ return array( 'OCP\\Authentication\\TwoFactorAuth\\IDeactivatableByAdmin' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/IDeactivatableByAdmin.php', 'OCP\\Authentication\\TwoFactorAuth\\IProvider' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/IProvider.php', 'OCP\\Authentication\\TwoFactorAuth\\IProvidesCustomCSP' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/IProvidesCustomCSP.php', + 'OCP\\Authentication\\TwoFactorAuth\\IProvidesIcons' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/IProvidesIcons.php', 'OCP\\Authentication\\TwoFactorAuth\\IRegistry' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/IRegistry.php', + 'OCP\\Authentication\\TwoFactorAuth\\RegistryEvent' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => $baseDir . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php', 'OCP\\AutoloadNotAllowedException' => $baseDir . '/lib/public/AutoloadNotAllowedException.php', 'OCP\\BackgroundJob' => $baseDir . '/lib/public/BackgroundJob.php', @@ -456,6 +459,7 @@ return array( 'OC\\Authentication\\Token\\PublicKeyTokenProvider' => $baseDir . '/lib/private/Authentication/Token/PublicKeyTokenProvider.php', 'OC\\Authentication\\TwoFactorAuth\\Db\\ProviderUserAssignmentDao' => $baseDir . '/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php', 'OC\\Authentication\\TwoFactorAuth\\Manager' => $baseDir . '/lib/private/Authentication/TwoFactorAuth/Manager.php', + 'OC\\Authentication\\TwoFactorAuth\\MandatoryTwoFactor' => $baseDir . '/lib/private/Authentication/TwoFactorAuth/MandatoryTwoFactor.php', 'OC\\Authentication\\TwoFactorAuth\\ProviderLoader' => $baseDir . '/lib/private/Authentication/TwoFactorAuth/ProviderLoader.php', 'OC\\Authentication\\TwoFactorAuth\\ProviderManager' => $baseDir . '/lib/private/Authentication/TwoFactorAuth/ProviderManager.php', 'OC\\Authentication\\TwoFactorAuth\\ProviderSet' => $baseDir . '/lib/private/Authentication/TwoFactorAuth/ProviderSet.php', @@ -576,6 +580,7 @@ return array( 'OC\\Core\\Command\\TwoFactorAuth\\Cleanup' => $baseDir . '/core/Command/TwoFactorAuth/Cleanup.php', 'OC\\Core\\Command\\TwoFactorAuth\\Disable' => $baseDir . '/core/Command/TwoFactorAuth/Disable.php', 'OC\\Core\\Command\\TwoFactorAuth\\Enable' => $baseDir . '/core/Command/TwoFactorAuth/Enable.php', + 'OC\\Core\\Command\\TwoFactorAuth\\Enforce' => $baseDir . '/core/Command/TwoFactorAuth/Enforce.php', 'OC\\Core\\Command\\TwoFactorAuth\\State' => $baseDir . '/core/Command/TwoFactorAuth/State.php', 'OC\\Core\\Command\\Upgrade' => $baseDir . '/core/Command/Upgrade.php', 'OC\\Core\\Command\\User\\Add' => $baseDir . '/core/Command/User/Add.php', @@ -622,6 +627,7 @@ return array( 'OC\\Core\\Migrations\\Version14000Date20180626223656' => $baseDir . '/core/Migrations/Version14000Date20180626223656.php', 'OC\\Core\\Migrations\\Version14000Date20180710092004' => $baseDir . '/core/Migrations/Version14000Date20180710092004.php', 'OC\\Core\\Migrations\\Version14000Date20180712153140' => $baseDir . '/core/Migrations/Version14000Date20180712153140.php', + 'OC\\Core\\Migrations\\Version15000Date20180926101451' => $baseDir . '/core/Migrations/Version15000Date20180926101451.php', 'OC\\DB\\Adapter' => $baseDir . '/lib/private/DB/Adapter.php', 'OC\\DB\\AdapterMySQL' => $baseDir . '/lib/private/DB/AdapterMySQL.php', 'OC\\DB\\AdapterOCI8' => $baseDir . '/lib/private/DB/AdapterOCI8.php', @@ -796,6 +802,7 @@ return array( 'OC\\Http\\Client\\Client' => $baseDir . '/lib/private/Http/Client/Client.php', 'OC\\Http\\Client\\ClientService' => $baseDir . '/lib/private/Http/Client/ClientService.php', 'OC\\Http\\Client\\Response' => $baseDir . '/lib/private/Http/Client/Response.php', + 'OC\\Http\\CookieHelper' => $baseDir . '/lib/private/Http/CookieHelper.php', 'OC\\Installer' => $baseDir . '/lib/private/Installer.php', 'OC\\IntegrityCheck\\Checker' => $baseDir . '/lib/private/IntegrityCheck/Checker.php', 'OC\\IntegrityCheck\\Exceptions\\InvalidSignatureException' => $baseDir . '/lib/private/IntegrityCheck/Exceptions/InvalidSignatureException.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index 0456e784427..4744f204944 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -80,6 +80,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\AppFramework\\Http\\Template\\LinkMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/LinkMenuAction.php', 'OCP\\AppFramework\\Http\\Template\\PublicTemplateResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/PublicTemplateResponse.php', 'OCP\\AppFramework\\Http\\Template\\SimpleMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/SimpleMenuAction.php', + 'OCP\\AppFramework\\Http\\ZipResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/ZipResponse.php', 'OCP\\AppFramework\\IAppContainer' => __DIR__ . '/../../..' . '/lib/public/AppFramework/IAppContainer.php', 'OCP\\AppFramework\\Middleware' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Middleware.php', 'OCP\\AppFramework\\OCSController' => __DIR__ . '/../../..' . '/lib/public/AppFramework/OCSController.php', @@ -103,7 +104,9 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\Authentication\\TwoFactorAuth\\IDeactivatableByAdmin' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/IDeactivatableByAdmin.php', 'OCP\\Authentication\\TwoFactorAuth\\IProvider' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/IProvider.php', 'OCP\\Authentication\\TwoFactorAuth\\IProvidesCustomCSP' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/IProvidesCustomCSP.php', + 'OCP\\Authentication\\TwoFactorAuth\\IProvidesIcons' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/IProvidesIcons.php', 'OCP\\Authentication\\TwoFactorAuth\\IRegistry' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/IRegistry.php', + 'OCP\\Authentication\\TwoFactorAuth\\RegistryEvent' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php', 'OCP\\Authentication\\TwoFactorAuth\\TwoFactorException' => __DIR__ . '/../../..' . '/lib/public/Authentication/TwoFactorAuth/TwoFactorException.php', 'OCP\\AutoloadNotAllowedException' => __DIR__ . '/../../..' . '/lib/public/AutoloadNotAllowedException.php', 'OCP\\BackgroundJob' => __DIR__ . '/../../..' . '/lib/public/BackgroundJob.php', @@ -486,6 +489,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Authentication\\Token\\PublicKeyTokenProvider' => __DIR__ . '/../../..' . '/lib/private/Authentication/Token/PublicKeyTokenProvider.php', 'OC\\Authentication\\TwoFactorAuth\\Db\\ProviderUserAssignmentDao' => __DIR__ . '/../../..' . '/lib/private/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDao.php', 'OC\\Authentication\\TwoFactorAuth\\Manager' => __DIR__ . '/../../..' . '/lib/private/Authentication/TwoFactorAuth/Manager.php', + 'OC\\Authentication\\TwoFactorAuth\\MandatoryTwoFactor' => __DIR__ . '/../../..' . '/lib/private/Authentication/TwoFactorAuth/MandatoryTwoFactor.php', 'OC\\Authentication\\TwoFactorAuth\\ProviderLoader' => __DIR__ . '/../../..' . '/lib/private/Authentication/TwoFactorAuth/ProviderLoader.php', 'OC\\Authentication\\TwoFactorAuth\\ProviderManager' => __DIR__ . '/../../..' . '/lib/private/Authentication/TwoFactorAuth/ProviderManager.php', 'OC\\Authentication\\TwoFactorAuth\\ProviderSet' => __DIR__ . '/../../..' . '/lib/private/Authentication/TwoFactorAuth/ProviderSet.php', @@ -606,6 +610,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Core\\Command\\TwoFactorAuth\\Cleanup' => __DIR__ . '/../../..' . '/core/Command/TwoFactorAuth/Cleanup.php', 'OC\\Core\\Command\\TwoFactorAuth\\Disable' => __DIR__ . '/../../..' . '/core/Command/TwoFactorAuth/Disable.php', 'OC\\Core\\Command\\TwoFactorAuth\\Enable' => __DIR__ . '/../../..' . '/core/Command/TwoFactorAuth/Enable.php', + 'OC\\Core\\Command\\TwoFactorAuth\\Enforce' => __DIR__ . '/../../..' . '/core/Command/TwoFactorAuth/Enforce.php', 'OC\\Core\\Command\\TwoFactorAuth\\State' => __DIR__ . '/../../..' . '/core/Command/TwoFactorAuth/State.php', 'OC\\Core\\Command\\Upgrade' => __DIR__ . '/../../..' . '/core/Command/Upgrade.php', 'OC\\Core\\Command\\User\\Add' => __DIR__ . '/../../..' . '/core/Command/User/Add.php', @@ -652,6 +657,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Core\\Migrations\\Version14000Date20180626223656' => __DIR__ . '/../../..' . '/core/Migrations/Version14000Date20180626223656.php', 'OC\\Core\\Migrations\\Version14000Date20180710092004' => __DIR__ . '/../../..' . '/core/Migrations/Version14000Date20180710092004.php', 'OC\\Core\\Migrations\\Version14000Date20180712153140' => __DIR__ . '/../../..' . '/core/Migrations/Version14000Date20180712153140.php', + 'OC\\Core\\Migrations\\Version15000Date20180926101451' => __DIR__ . '/../../..' . '/core/Migrations/Version15000Date20180926101451.php', 'OC\\DB\\Adapter' => __DIR__ . '/../../..' . '/lib/private/DB/Adapter.php', 'OC\\DB\\AdapterMySQL' => __DIR__ . '/../../..' . '/lib/private/DB/AdapterMySQL.php', 'OC\\DB\\AdapterOCI8' => __DIR__ . '/../../..' . '/lib/private/DB/AdapterOCI8.php', @@ -826,6 +832,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Http\\Client\\Client' => __DIR__ . '/../../..' . '/lib/private/Http/Client/Client.php', 'OC\\Http\\Client\\ClientService' => __DIR__ . '/../../..' . '/lib/private/Http/Client/ClientService.php', 'OC\\Http\\Client\\Response' => __DIR__ . '/../../..' . '/lib/private/Http/Client/Response.php', + 'OC\\Http\\CookieHelper' => __DIR__ . '/../../..' . '/lib/private/Http/CookieHelper.php', 'OC\\Installer' => __DIR__ . '/../../..' . '/lib/private/Installer.php', 'OC\\IntegrityCheck\\Checker' => __DIR__ . '/../../..' . '/lib/private/IntegrityCheck/Checker.php', 'OC\\IntegrityCheck\\Exceptions\\InvalidSignatureException' => __DIR__ . '/../../..' . '/lib/private/IntegrityCheck/Exceptions/InvalidSignatureException.php', diff --git a/lib/l10n/sv.js b/lib/l10n/sv.js index 92bfc0326f7..494a42d8923 100644 --- a/lib/l10n/sv.js +++ b/lib/l10n/sv.js @@ -228,17 +228,32 @@ OC.L10N.register( "Check the value of \"datadirectory\" in your configuration" : "Kontrollera värdet av \"datakatalog\" i din konfiguration", "Your data directory is invalid" : "Din datamapp är ogiltig", "Ensure there is a file called \".ocdata\" in the root of the data directory." : "Säkerställ att du har filen \".ocdata\" i huvudkatalogen för din data.", + "Action \"%s\" not supported or implemented." : "Åtgärd \"%s\" stöds ej eller är inte implementerad.", + "Authentication failed, wrong token or provider ID given" : "Autentisering misslyckades, felaktig token eller leverantörs-ID", + "Parameters missing in order to complete the request. Missing Parameters: \"%s\"" : "Parametrar saknas för att slutföra förfrågan. Saknade parametrar: \"%s\"", "Could not obtain lock type %d on \"%s\"." : "Kunde inte hämta låstyp %d på \"%s\".", "Storage unauthorized. %s" : "Lagringsutrymme ej tillåtet. %s", "Storage incomplete configuration. %s" : "Lagringsutrymme felaktigt inställt. %s", "Storage connection error. %s" : "Lagringsutrymme lyckas inte ansluta. %s", "Storage is temporarily not available" : "Lagringsutrymme är för tillfället inte tillgängligt", "Storage connection timeout. %s" : "Lagringsutrymme lyckas inte ansluta \"timeout\". %s", + "Personal" : "Personlig", + "Admin" : "Administratör", "APCu" : "APCu", "Redis" : "Redis", "Encryption" : "Kryptering", "Tips & tricks" : "Tips & tricks", + "Offending command was: \"%s\"" : "Felaktigt kommando var: \"%s\"", + "Offending command was: \"%s\", name: %s, password: %s" : "Felaktigt kommando var: \"%s\", namn: %s, lösenord: %s", + "Setting permissions for %s failed, because the permissions exceed permissions granted to %s" : "Kunde inte sätta behörigheter för %s eftersom behörigheterna överskrider dom behörigheter som har beviljats %s", + "Setting permissions for %s failed, because the item was not found" : "Kunde inte sätta behörigheter för %s eftersom objektet inte hittades", + "Cannot clear expiration date. Shares are required to have an expiration date." : "Kan inte rensa utgångsdatum. Delningar måste ha ett utgångsdatum.", + "Cannot increase permissions of %s" : "Kan inte höja behörigheter för %s", + "Files can't be shared with delete permissions" : "Filer kan inte delas med rättighet att radera", + "Files can't be shared with create permissions" : "Filer kan inte delas med rättighet att skapa", "Cannot set expiration date more than %s days in the future" : "Kan inte sätta ett utgångsdatum längre fram än %s dagar", + "No app name specified" : "Inget appnamn angivet", + "App '%s' could not be installed!" : "Appen '%s' kunde inte installeras!", "Sync clients" : "Synkklienter" }, "nplurals=2; plural=(n != 1);"); diff --git a/lib/l10n/sv.json b/lib/l10n/sv.json index c62fe5199e0..3365194d44f 100644 --- a/lib/l10n/sv.json +++ b/lib/l10n/sv.json @@ -226,17 +226,32 @@ "Check the value of \"datadirectory\" in your configuration" : "Kontrollera värdet av \"datakatalog\" i din konfiguration", "Your data directory is invalid" : "Din datamapp är ogiltig", "Ensure there is a file called \".ocdata\" in the root of the data directory." : "Säkerställ att du har filen \".ocdata\" i huvudkatalogen för din data.", + "Action \"%s\" not supported or implemented." : "Åtgärd \"%s\" stöds ej eller är inte implementerad.", + "Authentication failed, wrong token or provider ID given" : "Autentisering misslyckades, felaktig token eller leverantörs-ID", + "Parameters missing in order to complete the request. Missing Parameters: \"%s\"" : "Parametrar saknas för att slutföra förfrågan. Saknade parametrar: \"%s\"", "Could not obtain lock type %d on \"%s\"." : "Kunde inte hämta låstyp %d på \"%s\".", "Storage unauthorized. %s" : "Lagringsutrymme ej tillåtet. %s", "Storage incomplete configuration. %s" : "Lagringsutrymme felaktigt inställt. %s", "Storage connection error. %s" : "Lagringsutrymme lyckas inte ansluta. %s", "Storage is temporarily not available" : "Lagringsutrymme är för tillfället inte tillgängligt", "Storage connection timeout. %s" : "Lagringsutrymme lyckas inte ansluta \"timeout\". %s", + "Personal" : "Personlig", + "Admin" : "Administratör", "APCu" : "APCu", "Redis" : "Redis", "Encryption" : "Kryptering", "Tips & tricks" : "Tips & tricks", + "Offending command was: \"%s\"" : "Felaktigt kommando var: \"%s\"", + "Offending command was: \"%s\", name: %s, password: %s" : "Felaktigt kommando var: \"%s\", namn: %s, lösenord: %s", + "Setting permissions for %s failed, because the permissions exceed permissions granted to %s" : "Kunde inte sätta behörigheter för %s eftersom behörigheterna överskrider dom behörigheter som har beviljats %s", + "Setting permissions for %s failed, because the item was not found" : "Kunde inte sätta behörigheter för %s eftersom objektet inte hittades", + "Cannot clear expiration date. Shares are required to have an expiration date." : "Kan inte rensa utgångsdatum. Delningar måste ha ett utgångsdatum.", + "Cannot increase permissions of %s" : "Kan inte höja behörigheter för %s", + "Files can't be shared with delete permissions" : "Filer kan inte delas med rättighet att radera", + "Files can't be shared with create permissions" : "Filer kan inte delas med rättighet att skapa", "Cannot set expiration date more than %s days in the future" : "Kan inte sätta ett utgångsdatum längre fram än %s dagar", + "No app name specified" : "Inget appnamn angivet", + "App '%s' could not be installed!" : "Appen '%s' kunde inte installeras!", "Sync clients" : "Synkklienter" },"pluralForm" :"nplurals=2; plural=(n != 1);" }
\ No newline at end of file diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php index ad45303fa7c..a27a875a27f 100644 --- a/lib/private/Authentication/Token/DefaultTokenProvider.php +++ b/lib/private/Authentication/Token/DefaultTokenProvider.php @@ -338,4 +338,16 @@ class DefaultTokenProvider implements IProvider { } } + public function markPasswordInvalid(IToken $token, string $tokenId) { + if (!($token instanceof DefaultToken)) { + throw new InvalidTokenException(); + } + + //No need to mark as invalid. We just invalide default tokens + $this->invalidateToken($tokenId); + } + + public function updatePasswords(string $uid, string $password) { + // Nothing to do here + } } diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php index ab46bd12126..7ee76b7b384 100644 --- a/lib/private/Authentication/Token/IProvider.php +++ b/lib/private/Authentication/Token/IProvider.php @@ -156,4 +156,20 @@ interface IProvider { * @return IToken */ public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken; + + /** + * Marks a token as having an invalid password. + * + * @param IToken $token + * @param string $tokenId + */ + public function markPasswordInvalid(IToken $token, string $tokenId); + + /** + * Update all the passwords of $uid if required + * + * @param string $uid + * @param string $password + */ + public function updatePasswords(string $uid, string $password); } diff --git a/lib/private/Authentication/Token/Manager.php b/lib/private/Authentication/Token/Manager.php index 254a1598943..7c991eadea9 100644 --- a/lib/private/Authentication/Token/Manager.php +++ b/lib/private/Authentication/Token/Manager.php @@ -227,4 +227,16 @@ class Manager implements IProvider { } throw new InvalidTokenException(); } + + + public function markPasswordInvalid(IToken $token, string $tokenId) { + $this->getProvider($token)->markPasswordInvalid($token, $tokenId); + } + + public function updatePasswords(string $uid, string $password) { + $this->defaultTokenProvider->updatePasswords($uid, $password); + $this->publicKeyTokenProvider->updatePasswords($uid, $password); + } + + } diff --git a/lib/private/Authentication/Token/PublicKeyToken.php b/lib/private/Authentication/Token/PublicKeyToken.php index 0e793ce8c7c..b6f55146707 100644 --- a/lib/private/Authentication/Token/PublicKeyToken.php +++ b/lib/private/Authentication/Token/PublicKeyToken.php @@ -43,6 +43,7 @@ use OCP\AppFramework\Db\Entity; * @method string getPublicKey() * @method void setPublicKey(string $key) * @method void setVersion(int $version) + * @method bool getPasswordInvalid() */ class PublicKeyToken extends Entity implements IToken { @@ -90,6 +91,9 @@ class PublicKeyToken extends Entity implements IToken { /** @var int */ protected $version; + /** @var bool */ + protected $passwordInvalid; + public function __construct() { $this->addType('uid', 'string'); $this->addType('loginName', 'string'); @@ -105,6 +109,7 @@ class PublicKeyToken extends Entity implements IToken { $this->addType('publicKey', 'string'); $this->addType('privateKey', 'string'); $this->addType('version', 'int'); + $this->addType('passwordInvalid', 'bool'); } public function getId(): int { @@ -214,4 +219,8 @@ class PublicKeyToken extends Entity implements IToken { public function getExpires() { return parent::getExpires(); } + + public function setPasswordInvalid(bool $invalid) { + parent::setPasswordInvalid($invalid); + } } diff --git a/lib/private/Authentication/Token/PublicKeyTokenMapper.php b/lib/private/Authentication/Token/PublicKeyTokenMapper.php index 5e5c69dbc46..df91066c44f 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenMapper.php +++ b/lib/private/Authentication/Token/PublicKeyTokenMapper.php @@ -169,4 +169,19 @@ class PublicKeyTokenMapper extends QBMapper { $qb->execute(); } + + public function hasExpiredTokens(string $uid): bool { + $qb = $this->db->getQueryBuilder(); + $qb->select('*') + ->from('authtoken') + ->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid))) + ->andWhere($qb->expr()->eq('password_invalid', $qb->createNamedParameter(true), IQueryBuilder::PARAM_BOOL)) + ->setMaxResults(1); + + $cursor = $qb->execute(); + $data = $cursor->fetchAll(); + $cursor->closeCursor(); + + return count($data) === 1; + } } diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index 7e98ee939ce..33c0b1d59eb 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -317,4 +317,30 @@ class PublicKeyTokenProvider implements IProvider { return $dbToken; } + + public function markPasswordInvalid(IToken $token, string $tokenId) { + if (!($token instanceof PublicKeyToken)) { + throw new InvalidTokenException(); + } + + $token->setPasswordInvalid(true); + $this->mapper->update($token); + } + + public function updatePasswords(string $uid, string $password) { + if (!$this->mapper->hasExpiredTokens($uid)) { + // Nothing to do here + return; + } + + // Update the password for all tokens + $tokens = $this->mapper->getTokenByUser($uid); + foreach ($tokens as $t) { + $publicKey = $t->getPublicKey(); + $t->setPassword($this->encryptPassword($password, $publicKey)); + $this->updateToken($t); + } + } + + } diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php index 71cc5874e5d..2307a731002 100644 --- a/lib/private/Authentication/TwoFactorAuth/Manager.php +++ b/lib/private/Authentication/TwoFactorAuth/Manager.php @@ -57,6 +57,9 @@ class Manager { /** @var IRegistry */ private $providerRegistry; + /** @var MandatoryTwoFactor */ + private $mandatoryTwoFactor; + /** @var ISession */ private $session; @@ -79,10 +82,14 @@ class Manager { private $dispatcher; public function __construct(ProviderLoader $providerLoader, - IRegistry $providerRegistry, ISession $session, IConfig $config, + IRegistry $providerRegistry, + MandatoryTwoFactor $mandatoryTwoFactor, + ISession $session, IConfig $config, IManager $activityManager, ILogger $logger, TokenProvider $tokenProvider, ITimeFactory $timeFactory, EventDispatcherInterface $eventDispatcher) { $this->providerLoader = $providerLoader; + $this->providerRegistry = $providerRegistry; + $this->mandatoryTwoFactor = $mandatoryTwoFactor; $this->session = $session; $this->config = $config; $this->activityManager = $activityManager; @@ -90,7 +97,6 @@ class Manager { $this->tokenProvider = $tokenProvider; $this->timeFactory = $timeFactory; $this->dispatcher = $eventDispatcher; - $this->providerRegistry = $providerRegistry; } /** @@ -100,6 +106,10 @@ class Manager { * @return boolean */ public function isTwoFactorAuthenticated(IUser $user): bool { + if ($this->mandatoryTwoFactor->isEnforced()) { + return true; + } + $providerStates = $this->providerRegistry->getProviderStates($user); $providers = $this->providerLoader->getProviders($user); $fixedStates = $this->fixMissingProviderStates($providerStates, $providers, $user); diff --git a/lib/private/Authentication/TwoFactorAuth/MandatoryTwoFactor.php b/lib/private/Authentication/TwoFactorAuth/MandatoryTwoFactor.php new file mode 100644 index 00000000000..a23a10a1be6 --- /dev/null +++ b/lib/private/Authentication/TwoFactorAuth/MandatoryTwoFactor.php @@ -0,0 +1,48 @@ +<?php + +declare(strict_types=1); + +/** + * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OC\Authentication\TwoFactorAuth; + +use OCP\IConfig; + +class MandatoryTwoFactor { + + /** @var IConfig */ + private $config; + + public function __construct(IConfig $config) { + $this->config = $config; + } + + public function isEnforced(): bool { + return $this->config->getSystemValue('twofactor_enforced', 'false') === 'true'; + } + + public function setEnforced(bool $enforced) { + $this->config->setSystemValue('twofactor_enforced', $enforced ? 'true' : 'false'); + } + +} diff --git a/lib/private/Authentication/TwoFactorAuth/Registry.php b/lib/private/Authentication/TwoFactorAuth/Registry.php index 2fc90e5d6d9..2f905441953 100644 --- a/lib/private/Authentication/TwoFactorAuth/Registry.php +++ b/lib/private/Authentication/TwoFactorAuth/Registry.php @@ -29,15 +29,23 @@ namespace OC\Authentication\TwoFactorAuth; use OC\Authentication\TwoFactorAuth\Db\ProviderUserAssignmentDao; use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IRegistry; +use OCP\Authentication\TwoFactorAuth\RegistryEvent; use OCP\IUser; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; +use Symfony\Component\EventDispatcher\GenericEvent; class Registry implements IRegistry { /** @var ProviderUserAssignmentDao */ private $assignmentDao; - public function __construct(ProviderUserAssignmentDao $assignmentDao) { + /** @var EventDispatcherInterface */ + private $dispatcher; + + public function __construct(ProviderUserAssignmentDao $assignmentDao, + EventDispatcherInterface $dispatcher) { $this->assignmentDao = $assignmentDao; + $this->dispatcher = $dispatcher; } public function getProviderStates(IUser $user): array { @@ -46,10 +54,16 @@ class Registry implements IRegistry { public function enableProviderFor(IProvider $provider, IUser $user) { $this->assignmentDao->persist($provider->getId(), $user->getUID(), 1); + + $event = new RegistryEvent($provider, $user); + $this->dispatcher->dispatch(self::EVENT_PROVIDER_ENABLED, $event); } public function disableProviderFor(IProvider $provider, IUser $user) { $this->assignmentDao->persist($provider->getId(), $user->getUID(), 0); + + $event = new RegistryEvent($provider, $user); + $this->dispatcher->dispatch(self::EVENT_PROVIDER_DISABLED, $event); } public function cleanUp(string $providerId) { diff --git a/lib/private/DB/ConnectionFactory.php b/lib/private/DB/ConnectionFactory.php index 9fc2ed42c33..d6526a14b7a 100644 --- a/lib/private/DB/ConnectionFactory.php +++ b/lib/private/DB/ConnectionFactory.php @@ -38,6 +38,12 @@ use OC\SystemConfig; * Takes care of creating and configuring Doctrine connections. */ class ConnectionFactory { + /** @var string default database name */ + const DEFAULT_DBNAME = 'owncloud'; + + /** @var string default database table prefix */ + const DEFAULT_DBTABLEPREFIX = 'oc_'; + /** * @var array * @@ -186,7 +192,7 @@ class ConnectionFactory { 'user' => $this->config->getValue('dbuser', ''), 'password' => $this->config->getValue('dbpassword', ''), ]; - $name = $this->config->getValue('dbname', 'owncloud'); + $name = $this->config->getValue('dbname', self::DEFAULT_DBNAME); if ($this->normalizeType($type) === 'sqlite3') { $dataDir = $this->config->getValue("datadirectory", \OC::$SERVERROOT . '/data'); @@ -197,7 +203,7 @@ class ConnectionFactory { $connectionParams['dbname'] = $name; } - $connectionParams['tablePrefix'] = $this->config->getValue('dbtableprefix', 'oc_'); + $connectionParams['tablePrefix'] = $this->config->getValue('dbtableprefix', self::DEFAULT_DBTABLEPREFIX); $connectionParams['sqlite.journal_mode'] = $this->config->getValue('sqlite.journal_mode', 'WAL'); //additional driver options, eg. for mysql ssl diff --git a/lib/private/Http/CookieHelper.php b/lib/private/Http/CookieHelper.php new file mode 100644 index 00000000000..91a8256dc1a --- /dev/null +++ b/lib/private/Http/CookieHelper.php @@ -0,0 +1,75 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl> + * + * @author Roeland Jago Douma <roeland@famdouma.nl> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OC\Http; + +class CookieHelper { + + const SAMESITE_NONE = 0; + const SAMESITE_LAX = 1; + const SAMESITE_STRICT = 2; + + public static function setCookie(string $name, + string $value = '', + int $maxAge = 0, + string $path = '', + string $domain = '', + bool $secure = false, + bool $httponly = false, + int $samesite = self::SAMESITE_NONE) { + $header = sprintf( + 'Set-Cookie: %s=%s', + $name, + urlencode($value) + ); + + if ($path !== '') { + $header .= sprintf('; Path=%s', $path); + } + + if ($domain !== '') { + $header .= sprintf('; Domain=%s', $domain); + } + + if ($maxAge > 0) { + $header .= sprintf('; Max-Age=%d', $maxAge); + } + + if ($secure) { + $header .= '; Secure'; + } + + if ($httponly) { + $header .= '; HttpOnly'; + } + + if ($samesite === self::SAMESITE_LAX) { + $header .= '; SameSite=Lax'; + } else if ($samesite === self::SAMESITE_STRICT) { + $header .= '; SameSite=Strict'; + } + + header($header, false); + } +} diff --git a/lib/private/Log/File.php b/lib/private/Log/File.php index c881c6dd9de..6810e2598cf 100644 --- a/lib/private/Log/File.php +++ b/lib/private/Log/File.php @@ -50,6 +50,8 @@ use OCP\ILogger; class File implements IWriter, IFileBased { /** @var string */ protected $logFile; + /** @var int */ + protected $logFileMode; /** @var SystemConfig */ private $config; @@ -67,6 +69,7 @@ class File implements IWriter, IFileBased { } } $this->config = $config; + $this->logFileMode = $config->getValue('logfilemode', 0640); } /** @@ -134,8 +137,8 @@ class File implements IWriter, IFileBased { } $entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR); $handle = @fopen($this->logFile, 'a'); - if ((fileperms($this->logFile) & 0777) != 0640) { - @chmod($this->logFile, 0640); + if ($this->logFileMode > 0 && (fileperms($this->logFile) & 0777) != $this->logFileMode) { + @chmod($this->logFile, $this->logFileMode); } if ($handle) { fwrite($handle, $entry."\n"); diff --git a/lib/private/Setup.php b/lib/private/Setup.php index 9f5403b8318..7e235d03fdc 100644 --- a/lib/private/Setup.php +++ b/lib/private/Setup.php @@ -52,6 +52,7 @@ use OC\Preview\BackgroundCleanupJob; use OCP\Defaults; use OCP\IL10N; use OCP\ILogger; +use OCP\IUser; use OCP\Security\ISecureRandom; class Setup { @@ -412,6 +413,11 @@ class Setup { $userSession->setTokenProvider($defaultTokenProvider); $userSession->login($username, $password); $userSession->createSessionToken($request, $userSession->getUser()->getUID(), $username, $password); + + // Set email for admin + if (!empty($options['adminemail'])) { + $config->setUserValue($user->getUID(), 'settings', 'email', $options['adminemail']); + } } return $error; diff --git a/lib/private/Setup/Sqlite.php b/lib/private/Setup/Sqlite.php index d95e70c8b0c..0debb3464ac 100644 --- a/lib/private/Setup/Sqlite.php +++ b/lib/private/Setup/Sqlite.php @@ -20,8 +20,11 @@ * along with this program. If not, see <http://www.gnu.org/licenses/> * */ + namespace OC\Setup; +use OC\DB\ConnectionFactory; + class Sqlite extends AbstractDatabase { public $dbprettyname = 'Sqlite'; @@ -30,16 +33,43 @@ class Sqlite extends AbstractDatabase { } public function initialize($config) { + /* + * Web: When using web based installer its not possible to set dbname + * or dbtableprefix. Defaults used from ConnectionFactory and dbtype = 'sqlite' + * is written to config.php. + * + * Cli: When --database-name or --database-table-prefix empty or default + * dbtype = 'sqlite' is written to config.php. If you choose a value different + * from default these values are written to config.php. This is required because + * in connection factory configuration is obtained from config.php. + */ + + $this->dbName = empty($config['dbname']) + ? ConnectionFactory::DEFAULT_DBNAME + : $config['dbname']; + + $this->tablePrefix = empty($config['dbtableprefix']) + ? ConnectionFactory::DEFAULT_DBTABLEPREFIX + : $config['dbtableprefix']; + + if ($this->dbName !== ConnectionFactory::DEFAULT_DBNAME) { + $this->config->setValue('dbname', $this->dbName); + } + + if ($this->tablePrefix !== ConnectionFactory::DEFAULT_DBTABLEPREFIX) { + $this->config->setValue('dbtableprefix', $this->tablePrefix); + } } public function setupDatabase($username) { - $datadir = $this->config->getValue('datadirectory', \OC::$SERVERROOT . '/data'); + $datadir = $this->config->getValue( + 'datadirectory', + \OC::$SERVERROOT . '/data' + ); - //delete the old sqlite database first, might cause infinte loops otherwise - if(file_exists("$datadir/owncloud.db")) { - unlink("$datadir/owncloud.db"); + $sqliteFile = $datadir . '/' . $this->dbName . 'db'; + if (file_exists($sqliteFile)) { + unlink($sqliteFile); } - //in case of sqlite, we can always fill the database - error_log("creating sqlite db"); } } diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index fbd6a0a78e3..a9c638dca93 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -694,12 +694,19 @@ class Session implements IUserSession, Emitter { return true; } - if ($this->manager->checkPassword($dbToken->getLoginName(), $pwd) === false - || (!is_null($this->activeUser) && !$this->activeUser->isEnabled())) { + // Invalidate token if the user is no longer active + if (!is_null($this->activeUser) && !$this->activeUser->isEnabled()) { $this->tokenProvider->invalidateToken($token); - // Password has changed or user was disabled -> log user out return false; } + + // If the token password is no longer valid mark it as such + if ($this->manager->checkPassword($dbToken->getLoginName(), $pwd) === false) { + $this->tokenProvider->markPasswordInvalid($dbToken, $token); + // User is logged out + return false; + } + $dbToken->setLastCheck($now); return true; } @@ -869,11 +876,38 @@ class Session implements IUserSession, Emitter { $webRoot = '/'; } - $expires = $this->timeFactory->getTime() + $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); - setcookie('nc_username', $username, $expires, $webRoot, '', $secureCookie, true); - setcookie('nc_token', $token, $expires, $webRoot, '', $secureCookie, true); + $maxAge = $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); + \OC\Http\CookieHelper::setCookie( + 'nc_username', + $username, + $maxAge, + $webRoot, + '', + $secureCookie, + true, + \OC\Http\CookieHelper::SAMESITE_LAX + ); + \OC\Http\CookieHelper::setCookie( + 'nc_token', + $token, + $maxAge, + $webRoot, + '', + $secureCookie, + true, + \OC\Http\CookieHelper::SAMESITE_LAX + ); try { - setcookie('nc_session_id', $this->session->getId(), $expires, $webRoot, '', $secureCookie, true); + \OC\Http\CookieHelper::setCookie( + 'nc_session_id', + $this->session->getId(), + $maxAge, + $webRoot, + '', + $secureCookie, + true, + \OC\Http\CookieHelper::SAMESITE_LAX + ); } catch (SessionNotAvailableException $ex) { // ignore } @@ -916,5 +950,9 @@ class Session implements IUserSession, Emitter { } } + public function updateTokens(string $uid, string $password) { + $this->tokenProvider->updatePasswords($uid, $password); + } + } diff --git a/lib/private/legacy/helper.php b/lib/private/legacy/helper.php index 8373c191dce..5a05e147c2b 100644 --- a/lib/private/legacy/helper.php +++ b/lib/private/legacy/helper.php @@ -505,20 +505,7 @@ class OC_Helper { if (self::is_function_enabled('exec')) { $exeSniffer = new ExecutableFinder(); // Returns null if nothing is found - $result = $exeSniffer->find($program); - if (empty($result)) { - $paths = getenv('PATH'); - if (empty($paths)) { - $paths = '/usr/local/bin /usr/bin /opt/bin /bin'; - } else { - $paths = str_replace(':',' ',getenv('PATH')); - } - $command = 'find ' . $paths . ' -name ' . escapeshellarg($program) . ' 2> /dev/null'; - exec($command, $output, $returnCode); - if (count($output) > 0) { - $result = escapeshellcmd($output[0]); - } - } + $result = $exeSniffer->find($program, null, ['/usr/local/sbin', '/usr/local/bin', '/usr/sbin', '/usr/bin', '/sbin', '/bin', '/opt/bin']); } // store the value for 5 minutes $memcache->set($program, $result, 300); diff --git a/lib/public/AppFramework/Db/QBMapper.php b/lib/public/AppFramework/Db/QBMapper.php index a9b38732a30..dbc47d2d43d 100644 --- a/lib/public/AppFramework/Db/QBMapper.php +++ b/lib/public/AppFramework/Db/QBMapper.php @@ -24,6 +24,7 @@ declare(strict_types=1); namespace OCP\AppFramework\Db; +use Doctrine\DBAL\Exception\UniqueConstraintViolationException; use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\IDBConnection; @@ -123,7 +124,24 @@ abstract class QBMapper { return $entity; } - + /** + * Tries to creates a new entry in the db from an entity and + * updates an existing entry if duplicate keys are detected + * by the database + * + * @param Entity $entity the entity that should be created/updated + * @return Entity the saved entity with the (new) id + * @throws \InvalidArgumentException if entity has no id + * @since 15.0.0 + * @suppress SqlInjectionChecker + */ + public function insertOrUpdate(Entity $entity): Entity { + try { + return $this->insert($entity); + } catch (UniqueConstraintViolationException $ex) { + return $this->update($entity); + } + } /** * Updates an entry in the db from an entity diff --git a/lib/public/AppFramework/Http/ZipResponse.php b/lib/public/AppFramework/Http/ZipResponse.php new file mode 100644 index 00000000000..630efb38c7d --- /dev/null +++ b/lib/public/AppFramework/Http/ZipResponse.php @@ -0,0 +1,87 @@ +<?php +declare(strict_types=1); + +/** + * @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl> + * + * @author Jakob Sack <mail@jakobsack.de> + * @author Roeland Jago Douma <roeland@famdouma.nl> + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCP\AppFramework\Http; + +use OCP\IRequest; +use OC\Streamer; + +/** + * Public library to send several files in one zip archive. + * + * @since 15.0.0 + */ +class ZipResponse extends Response implements ICallbackResponse { + /** @var resource[] Files to be added to the zip response */ + private $resources; + /** @var string Filename that the zip file should have */ + private $name; + private $request; + + /** + * @since 15.0.0 + */ + public function __construct(IRequest $request, string $name = 'output') { + $this->name = $name; + $this->request = $request; + } + + /** + * @since 15.0.0 + */ + public function addResource($r, string $internalName, int $size, int $time = -1) { + if (!\is_resource($r)) { + throw new \InvalidArgumentException('No resource provided'); + } + + $this->resources[] = [ + 'resource' => $r, + 'internalName' => $internalName, + 'size' => $size, + 'time' => $time, + ]; + } + + /** + * @since 15.0.0 + */ + public function callback(IOutput $output) { + $size = 0; + $files = count($this->resources); + + foreach ($this->resources as $resource) { + $size += $resource['size']; + } + + $zip = new Streamer($this->request, $size, $files); + $zip->sendHeaders($this->name); + + foreach ($this->resources as $resource) { + $zip->addFileFromStream($resource['resource'], $resource['internalName'], $resource['size'], $resource['time']); + } + + $zip->finalize(); + } +} diff --git a/lib/public/Authentication/TwoFactorAuth/IProvidesIcons.php b/lib/public/Authentication/TwoFactorAuth/IProvidesIcons.php new file mode 100644 index 00000000000..4c9c809ae42 --- /dev/null +++ b/lib/public/Authentication/TwoFactorAuth/IProvidesIcons.php @@ -0,0 +1,55 @@ +<?php + +declare(strict_types=1); + +/** + * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\Authentication\TwoFactorAuth; + +/** + * Interface for two-factor providers that provide dark and light provider + * icons + * + * @since 15.0.0 + */ +interface IProvidesIcons extends IProvider { + + /** + * Get the path to the light (white) icon of this provider + * + * @return String + * + * @since 15.0.0 + */ + public function getLightIcon(): String; + + /** + * Get the path to the dark (black) icon of this provider + * + * @return String + * + * @since 15.0.0 + */ + public function getDarkIcon(): String; + +} diff --git a/lib/public/Authentication/TwoFactorAuth/IRegistry.php b/lib/public/Authentication/TwoFactorAuth/IRegistry.php index 5d97c57bcf2..c033ad91245 100644 --- a/lib/public/Authentication/TwoFactorAuth/IRegistry.php +++ b/lib/public/Authentication/TwoFactorAuth/IRegistry.php @@ -39,6 +39,10 @@ use OCP\IUser; */ interface IRegistry { + + const EVENT_PROVIDER_ENABLED = self::class . '::enable'; + const EVENT_PROVIDER_DISABLED = self::class . '::disable'; + /** * Get a key-value map of providers and their enabled/disabled state for * the given user. diff --git a/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php b/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php new file mode 100644 index 00000000000..9a005c9cd5d --- /dev/null +++ b/lib/public/Authentication/TwoFactorAuth/RegistryEvent.php @@ -0,0 +1,62 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl> + * + * @author Roeland Jago Douma <roeland@famdouma.nl> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\Authentication\TwoFactorAuth; + +use OCP\IUser; +use Symfony\Component\EventDispatcher\Event; + +/** + * @since 15.0.0 + */ +class RegistryEvent extends Event { + + /** @var IProvider */ + private $provider; + + /** @IUser */ + private $user; + + /** + * @since 15.0.0 + */ + public function __construct(IProvider $provider, IUser $user) { + $this->provider = $provider; + $this->user = $user; + } + + /** + * @since 15.0.0 + */ + public function getProvider(): IProvider { + return $this->provider; + } + + /** + * @since 15.0.0 + */ + public function getUser(): IUser { + return $this->user; + } +} |