From 149a98edf69558ade2176467fd1d78919ee0b8c7 Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Sun, 17 Feb 2019 23:49:54 +0100 Subject: Publish activity for app token created by client login flow Signed-off-by: Daniel Kesselberg --- core/Controller/ClientFlowLoginController.php | 31 ++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) (limited to 'core/Controller/ClientFlowLoginController.php') diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index f73e3f260a7..9ca530184af 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -26,19 +26,23 @@ namespace OC\Core\Controller; +use BadMethodCallException; use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; +use OC\Settings\Activity\Provider; use OCA\OAuth2\Db\AccessToken; use OCA\OAuth2\Db\AccessTokenMapper; use OCA\OAuth2\Db\ClientMapper; +use OCP\Activity\IManager as IActivityManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\StandaloneTemplateResponse; use OCP\Defaults; use OCP\IL10N; +use OCP\ILogger; use OCP\IRequest; use OCP\ISession; use OCP\IURLGenerator; @@ -68,6 +72,10 @@ class ClientFlowLoginController extends Controller { private $accessTokenMapper; /** @var ICrypto */ private $crypto; + /** @var IActivityManager */ + private $activityManager; + /** @var ILogger */ + private $logger; const stateName = 'client.flow.state.token'; @@ -84,6 +92,8 @@ class ClientFlowLoginController extends Controller { * @param ClientMapper $clientMapper * @param AccessTokenMapper $accessTokenMapper * @param ICrypto $crypto + * @param IActivityManager $activityManager + * @param ILogger $logger */ public function __construct($appName, IRequest $request, @@ -96,7 +106,9 @@ class ClientFlowLoginController extends Controller { IURLGenerator $urlGenerator, ClientMapper $clientMapper, AccessTokenMapper $accessTokenMapper, - ICrypto $crypto) { + ICrypto $crypto, + IActivityManager $activityManager, + ILogger $logger) { parent::__construct($appName, $request); $this->userSession = $userSession; $this->l10n = $l10n; @@ -108,6 +120,8 @@ class ClientFlowLoginController extends Controller { $this->clientMapper = $clientMapper; $this->accessTokenMapper = $accessTokenMapper; $this->crypto = $crypto; + $this->activityManager = $activityManager; + $this->logger = $logger; } /** @@ -324,6 +338,21 @@ class ClientFlowLoginController extends Controller { $this->tokenProvider->invalidateToken($sessionId); } + $event = $this->activityManager->generateEvent(); + $event->setApp('settings') + ->setType('security') + ->setAffectedUser($uid) + ->setAuthor($uid) + ->setSubject(Provider::APP_TOKEN_CREATED, ['name' => $generatedToken->getName()]) + ->setObject('app_token', $generatedToken->getId(), 'App Password'); + + try { + $this->activityManager->publish($event); + } catch (BadMethodCallException $e) { + $this->logger->warning('could not publish activity'); + $this->logger->logException($e); + } + return new Http\RedirectResponse($redirectUri); } -- cgit v1.2.3