From 06b9e580814cffdc2567686cd9aac80e7418bc26 Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 28 Jul 2017 14:50:40 +0200 Subject: expire requestSharedSecret job after 30 days Signed-off-by: Bjoern Schiessle --- .../lib/BackgroundJob/RequestSharedSecret.php | 41 ++++++++++++++++++++-- apps/federation/lib/TrustedServers.php | 7 +++- 2 files changed, 45 insertions(+), 3 deletions(-) (limited to 'apps/federation/lib') diff --git a/apps/federation/lib/BackgroundJob/RequestSharedSecret.php b/apps/federation/lib/BackgroundJob/RequestSharedSecret.php index 77d0234ef74..8a4bd8c4996 100644 --- a/apps/federation/lib/BackgroundJob/RequestSharedSecret.php +++ b/apps/federation/lib/BackgroundJob/RequestSharedSecret.php @@ -76,6 +76,9 @@ class RequestSharedSecret extends Job { private $defaultEndPoint = '/ocs/v2.php/apps/federation/api/v1/request-shared-secret'; + /** @var int 30 day = 2592000sec */ + private $maxLifespan = 2592000; + /** * RequestSharedSecret constructor. * @@ -129,8 +132,10 @@ class RequestSharedSecret extends Job { $this->parentExecute($jobList, $logger); } - if (!$this->retainJob) { - $jobList->remove($this, $this->argument); + $jobList->remove($this, $this->argument); + + if ($this->retainJob) { + $this->reAddJob($jobList, $this->argument); } } @@ -147,10 +152,20 @@ class RequestSharedSecret extends Job { protected function run($argument) { $target = $argument['url']; + $created = isset($argument['created']) ? (int)$argument['created'] : time(); + $currentTime = time(); $source = $this->urlGenerator->getAbsoluteURL('/'); $source = rtrim($source, '/'); $token = $argument['token']; + // kill job after 30 days of trying + $deadline = $currentTime - $this->maxLifespan; + if ($created < $deadline) { + $this->retainJob = false; + $this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE); + return; + } + $endPoints = $this->ocsDiscoveryService->discover($target, 'FEDERATED_SHARING'); $endPoint = isset($endPoints['shared-secret']) ? $endPoints['shared-secret'] : $this->defaultEndPoint; @@ -198,4 +213,26 @@ class RequestSharedSecret extends Job { } } + + /** + * re-add background job + * + * @param IJobList $jobList + * @param array $argument + */ + protected function reAddJob(IJobList $jobList, array $argument) { + + $url = $argument['url']; + $created = isset($argument['created']) ? (int)$argument['created'] : time(); + $token = $argument['token']; + + $jobList->add( + RequestSharedSecret::class, + [ + 'url' => $url, + 'token' => $token, + 'created' => $created + ] + ); + } } diff --git a/apps/federation/lib/TrustedServers.php b/apps/federation/lib/TrustedServers.php index 9bf1452eab3..de7d2a1df9a 100644 --- a/apps/federation/lib/TrustedServers.php +++ b/apps/federation/lib/TrustedServers.php @@ -111,7 +111,8 @@ class TrustedServers { 'OCA\Federation\BackgroundJob\RequestSharedSecret', [ 'url' => $url, - 'token' => $token + 'token' => $token, + 'created' => $this->getTimestamp() ] ); } @@ -275,4 +276,8 @@ class TrustedServers { return 'https://' . $url; } + + protected function getTimestamp() { + return time(); + } } -- cgit v1.2.3