From 74277c25be2f3231e52a73a684bd14452a9ff2aa Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Thu, 19 May 2016 11:20:22 +0200 Subject: add button to invalidate browser sessions/device tokens --- lib/private/Authentication/Token/DefaultToken.php | 4 +--- lib/private/Authentication/Token/DefaultTokenMapper.php | 13 +++++++++++++ lib/private/Authentication/Token/DefaultTokenProvider.php | 10 ++++++++++ lib/private/Authentication/Token/IProvider.php | 10 +++++++++- lib/private/Authentication/Token/IToken.php | 6 ++++-- 5 files changed, 37 insertions(+), 6 deletions(-) (limited to 'lib/private/Authentication') diff --git a/lib/private/Authentication/Token/DefaultToken.php b/lib/private/Authentication/Token/DefaultToken.php index ca4c723fba3..4a64eacb247 100644 --- a/lib/private/Authentication/Token/DefaultToken.php +++ b/lib/private/Authentication/Token/DefaultToken.php @@ -22,14 +22,12 @@ namespace OC\Authentication\Token; -use JsonSerializable; use OCP\AppFramework\Db\Entity; /** * @method void setId(int $id) * @method void setUid(string $uid); * @method void setPassword(string $password) - * @method string getPassword() * @method void setName(string $name) * @method string getName() * @method void setToken(string $token) @@ -39,7 +37,7 @@ use OCP\AppFramework\Db\Entity; * @method void setLastActivity(int $lastActivity) * @method int getLastActivity() */ -class DefaultToken extends Entity implements IToken, JsonSerializable { +class DefaultToken extends Entity implements IToken { /** * @var string user UID diff --git a/lib/private/Authentication/Token/DefaultTokenMapper.php b/lib/private/Authentication/Token/DefaultTokenMapper.php index 9f173571270..970c2242dbe 100644 --- a/lib/private/Authentication/Token/DefaultTokenMapper.php +++ b/lib/private/Authentication/Token/DefaultTokenMapper.php @@ -111,4 +111,17 @@ class DefaultTokenMapper extends Mapper { return $entities; } + /** + * @param IUser $user + * @param int $id + */ + public function deleteById(IUser $user, $id) { + /* @var $qb IQueryBuilder */ + $qb = $this->db->getQueryBuilder(); + $qb->delete('authtoken') + ->where($qb->expr()->eq('id', $qb->createNamedParameter($id))) + ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID()))); + $qb->execute(); + } + } diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php index 3527f4155a9..0f7c54dab57 100644 --- a/lib/private/Authentication/Token/DefaultTokenProvider.php +++ b/lib/private/Authentication/Token/DefaultTokenProvider.php @@ -150,6 +150,16 @@ class DefaultTokenProvider implements IProvider { $this->mapper->invalidate($this->hashToken($token)); } + /** + * Invalidate (delete) the given token + * + * @param IUser $user + * @param int $id + */ + public function invalidateTokenById(IUser $user, $id) { + $this->mapper->deleteById($user, $id); + } + /** * Invalidate (delete) old session tokens */ diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php index b8648dda5b7..e4e4581e738 100644 --- a/lib/private/Authentication/Token/IProvider.php +++ b/lib/private/Authentication/Token/IProvider.php @@ -47,7 +47,7 @@ interface IProvider { * @return IToken */ public function getToken($tokenId) ; - + /** * @param string $token * @throws InvalidTokenException @@ -62,6 +62,14 @@ interface IProvider { */ public function invalidateToken($token); + /** + * Invalidate (delete) the given token + * + * @param IUser $user + * @param int $id + */ + public function invalidateTokenById(IUser $user, $id); + /** * Update token activity timestamp * diff --git a/lib/private/Authentication/Token/IToken.php b/lib/private/Authentication/Token/IToken.php index 2a01ea75ea9..b741cd4ac22 100644 --- a/lib/private/Authentication/Token/IToken.php +++ b/lib/private/Authentication/Token/IToken.php @@ -22,7 +22,9 @@ namespace OC\Authentication\Token; -interface IToken { +use JsonSerializable; + +interface IToken extends JsonSerializable { const TEMPORARY_TOKEN = 0; const PERMANENT_TOKEN = 1; @@ -30,7 +32,7 @@ interface IToken { /** * Get the token ID * - * @return string + * @return int */ public function getId(); -- cgit v1.2.3