From e66bc4a8a74ad6071569ea707e986a0e21aca66d Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 12:09:57 +0100 Subject: Send "429 Too Many Requests" in case of brute force protection Signed-off-by: Joas Schilling --- .../Middleware/Security/BruteForceMiddleware.php | 28 +++++++++++- lib/private/Security/Bruteforce/Throttler.php | 22 +++++++++- .../AppFramework/Http/TooManyRequestsResponse.php | 51 ++++++++++++++++++++++ lib/public/Security/Bruteforce/MaxDelayReached.php | 30 +++++++++++++ 4 files changed, 129 insertions(+), 2 deletions(-) create mode 100644 lib/public/AppFramework/Http/TooManyRequestsResponse.php create mode 100644 lib/public/Security/Bruteforce/MaxDelayReached.php (limited to 'lib') diff --git a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php index 398c2f3f3a4..e9b03266462 100644 --- a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php @@ -1,4 +1,5 @@ * @@ -26,9 +27,15 @@ namespace OC\AppFramework\Middleware\Security; use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Security\Bruteforce\Throttler; +use OCP\AppFramework\Controller; +use OCP\AppFramework\Http; use OCP\AppFramework\Http\Response; +use OCP\AppFramework\Http\TooManyRequestsResponse; use OCP\AppFramework\Middleware; +use OCP\AppFramework\OCS\OCSException; +use OCP\AppFramework\OCSController; use OCP\IRequest; +use OCP\Security\Bruteforce\MaxDelayReached; /** * Class BruteForceMiddleware performs the bruteforce protection for controllers @@ -66,7 +73,7 @@ class BruteForceMiddleware extends Middleware { if ($this->reflector->hasAnnotation('BruteForceProtection')) { $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); - $this->throttler->sleepDelay($this->request->getRemoteAddress(), $action); + $this->throttler->sleepDelayOrThrowOnMax($this->request->getRemoteAddress(), $action); } } @@ -83,4 +90,23 @@ class BruteForceMiddleware extends Middleware { return parent::afterController($controller, $methodName, $response); } + + /** + * @param Controller $controller + * @param string $methodName + * @param \Exception $exception + * @throws \Exception + * @return Response + */ + public function afterException($controller, $methodName, \Exception $exception): Response { + if ($exception instanceof MaxDelayReached) { + if ($controller instanceof OCSController) { + throw new OCSException($exception->getMessage(), Http::STATUS_TOO_MANY_REQUESTS); + } + + return new TooManyRequestsResponse(); + } + + throw $exception; + } } diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index 63c6361b9ce..8e485046602 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -34,6 +34,7 @@ use OCP\AppFramework\Utility\ITimeFactory; use OCP\IConfig; use OCP\IDBConnection; use OCP\ILogger; +use OCP\Security\Bruteforce\MaxDelayReached; /** * Class Throttler implements the bruteforce protection for security actions in @@ -50,6 +51,7 @@ use OCP\ILogger; */ class Throttler { public const LOGIN_ACTION = 'login'; + public const MAX_DELAY = 25; /** @var IDBConnection */ private $db; @@ -241,7 +243,7 @@ class Throttler { return 0; } - $maxDelay = 25; + $maxDelay = self::MAX_DELAY; $firstDelay = 0.1; if ($attempts > (8 * PHP_INT_SIZE - 1)) { // Don't ever overflow. Just assume the maxDelay time:s @@ -308,4 +310,22 @@ class Throttler { usleep($delay * 1000); return $delay; } + + /** + * Will sleep for the defined amount of time unless maximum is reached + * In case of maximum a "429 Too Many Request" response is thrown + * + * @param string $ip + * @param string $action optionally filter by action + * @return int the time spent sleeping + * @throws MaxDelayReached when reached the maximum + */ + public function sleepDelayOrThrowOnMax($ip, $action = '') { + $delay = $this->getDelay($ip, $action); + if ($delay === self::MAX_DELAY * 1000) { + throw new MaxDelayReached(); + } + usleep($delay * 1000); + return $delay; + } } diff --git a/lib/public/AppFramework/Http/TooManyRequestsResponse.php b/lib/public/AppFramework/Http/TooManyRequestsResponse.php new file mode 100644 index 00000000000..160614ab33e --- /dev/null +++ b/lib/public/AppFramework/Http/TooManyRequestsResponse.php @@ -0,0 +1,51 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCP\AppFramework\Http; + +use OCP\Template; + +/** + * A generic 429 response showing an 404 error page as well to the end-user + * @since 19.0.0 + */ +class TooManyRequestsResponse extends Response { + + /** + * @since 19.0.0 + */ + public function __construct() { + parent::__construct(); + + $this->setContentSecurityPolicy(new ContentSecurityPolicy()); + $this->setStatus(429); + } + + /** + * @return string + * @since 19.0.0 + */ + public function render() { + $template = new Template('core', '429', 'blank'); + return $template->fetchPage(); + } +} diff --git a/lib/public/Security/Bruteforce/MaxDelayReached.php b/lib/public/Security/Bruteforce/MaxDelayReached.php new file mode 100644 index 00000000000..817ef0e60c3 --- /dev/null +++ b/lib/public/Security/Bruteforce/MaxDelayReached.php @@ -0,0 +1,30 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCP\Security\Bruteforce; + +/** + * Class MaxDelayReached + * @since 19.0 + */ +class MaxDelayReached extends \RuntimeException { +} -- cgit v1.2.3 From cdb36c8eadc2b9c2a864941e8d1e585c8f3e18c5 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 13:01:34 +0100 Subject: Let the database count the entries Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index 8e485046602..e5d3c3503ba 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -228,7 +228,7 @@ class Throttler { $cutoffTime = $this->getCutoffTimestamp(); $qb = $this->db->getQueryBuilder(); - $qb->select('*') + $qb->select($qb->func()->count('*', 'attempts')) ->from('bruteforce_attempts') ->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime))) ->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($ipAddress->getSubnet()))); @@ -237,7 +237,11 @@ class Throttler { $qb->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action))); } - $attempts = count($qb->execute()->fetchAll()); + $result = $qb->execute(); + $row = $result->fetch(); + $result->closeCursor(); + + $attempts = (int) $row['attempts']; if ($attempts === 0) { return 0; -- cgit v1.2.3 From c8fea66d658bf722bf0aa903b4d7eb35738a4ea5 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 13:26:24 +0100 Subject: Split delay calculation from getting the attempts Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index e5d3c3503ba..a4e0fc3e058 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -94,11 +94,12 @@ class Throttler { /** * Calculate the cut off timestamp * + * @param int $maxAgeHours * @return int */ - private function getCutoffTimestamp(): int { + private function getCutoffTimestamp(int $maxAgeHours): int { return (new \DateTime()) - ->sub($this->getCutoff(43200)) + ->sub($this->getCutoff($maxAgeHours * 3600)) ->getTimestamp(); } @@ -217,15 +218,16 @@ class Throttler { * * @param string $ip * @param string $action optionally filter by action + * @param int $maxAgeHours * @return int */ - public function getDelay($ip, $action = '') { + public function getAttempts(string $ip, string $action = '', int $maxAgeHours = 12): int { $ipAddress = new IpAddress($ip); if ($this->isIPWhitelisted((string)$ipAddress)) { return 0; } - $cutoffTime = $this->getCutoffTimestamp(); + $cutoffTime = $this->getCutoffTimestamp($maxAgeHours); $qb = $this->db->getQueryBuilder(); $qb->select($qb->func()->count('*', 'attempts')) @@ -241,8 +243,18 @@ class Throttler { $row = $result->fetch(); $result->closeCursor(); - $attempts = (int) $row['attempts']; + return (int) $row['attempts']; + } + /** + * Get the throttling delay (in milliseconds) + * + * @param string $ip + * @param string $action optionally filter by action + * @return int + */ + public function getDelay(string $ip, string $action = ''): int { + $attempts = $this->getAttempts($ip, $action); if ($attempts === 0) { return 0; } -- cgit v1.2.3 From 64539a6ee13f596260cea1a89b287a66ca9a0aed Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 13:30:15 +0100 Subject: Make Throttler strict Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index a4e0fc3e058..10e5061b9e8 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -1,4 +1,5 @@ * @@ -84,7 +85,7 @@ class Throttler { * @param int $expire * @return \DateInterval */ - private function getCutoff($expire) { + private function getCutoff(int $expire): \DateInterval { $d1 = new \DateTime(); $d2 = clone $d1; $d2->sub(new \DateInterval('PT' . $expire . 'S')); @@ -111,9 +112,9 @@ class Throttler { * @param array $metadata Optional metadata logged to the database * @suppress SqlInjectionChecker */ - public function registerAttempt($action, - $ip, - array $metadata = []) { + public function registerAttempt(string $action, + string $ip, + array $metadata = []): void { // No need to log if the bruteforce protection is disabled if ($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { return; @@ -153,7 +154,7 @@ class Throttler { * @param string $ip * @return bool */ - private function isIPWhitelisted($ip) { + private function isIPWhitelisted(string $ip): bool { if ($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { return true; } @@ -280,7 +281,7 @@ class Throttler { * @param string $action * @param string $metadata */ - public function resetDelay($ip, $action, $metadata) { + public function resetDelay(string $ip, string $action, string $metadata): void { $ipAddress = new IpAddress($ip); if ($this->isIPWhitelisted((string)$ipAddress)) { return; @@ -321,7 +322,7 @@ class Throttler { * @param string $action optionally filter by action * @return int the time spent sleeping */ - public function sleepDelay($ip, $action = '') { + public function sleepDelay(string $ip, string $action = ''): int { $delay = $this->getDelay($ip, $action); usleep($delay * 1000); return $delay; @@ -336,10 +337,10 @@ class Throttler { * @return int the time spent sleeping * @throws MaxDelayReached when reached the maximum */ - public function sleepDelayOrThrowOnMax($ip, $action = '') { + public function sleepDelayOrThrowOnMax(string $ip, string $action = ''): int { $delay = $this->getDelay($ip, $action); if ($delay === self::MAX_DELAY * 1000) { - throw new MaxDelayReached(); + throw new MaxDelayReached('Reached maximum delay'); } usleep($delay * 1000); return $delay; -- cgit v1.2.3 From 6f751d01dbe84b7564c573e20e9264d53b19c48a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 13:31:07 +0100 Subject: Make the throttling O(2^n) instead of O(n^n) Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index 10e5061b9e8..f2bdd9986b6 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -53,6 +53,7 @@ use OCP\Security\Bruteforce\MaxDelayReached; class Throttler { public const LOGIN_ACTION = 'login'; public const MAX_DELAY = 25; + public const MAX_ATTEMPTS = 10; /** @var IDBConnection */ private $db; @@ -260,18 +261,17 @@ class Throttler { return 0; } - $maxDelay = self::MAX_DELAY; $firstDelay = 0.1; - if ($attempts > (8 * PHP_INT_SIZE - 1)) { + if ($attempts > self::MAX_ATTEMPTS) { // Don't ever overflow. Just assume the maxDelay time:s - $firstDelay = $maxDelay; - } else { - $firstDelay *= pow(2, $attempts); - if ($firstDelay > $maxDelay) { - $firstDelay = $maxDelay; - } + return self::MAX_DELAY; + } + + $delay = $firstDelay * 2**$attempts; + if ($delay > self::MAX_DELAY) { + return self::MAX_DELAY; } - return (int) \ceil($firstDelay * 1000); + return (int) \ceil($delay * 1000); } /** -- cgit v1.2.3 From 8376c4891f84d24469bd14b1462baf637862e922 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 13:42:31 +0100 Subject: Only throw when also the last 30 mins were attacking Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index f2bdd9986b6..059f15e89fd 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -96,12 +96,12 @@ class Throttler { /** * Calculate the cut off timestamp * - * @param int $maxAgeHours + * @param float $maxAgeHours * @return int */ - private function getCutoffTimestamp(int $maxAgeHours): int { + private function getCutoffTimestamp(float $maxAgeHours): int { return (new \DateTime()) - ->sub($this->getCutoff($maxAgeHours * 3600)) + ->sub($this->getCutoff((int) ($maxAgeHours * 3600))) ->getTimestamp(); } @@ -220,10 +220,10 @@ class Throttler { * * @param string $ip * @param string $action optionally filter by action - * @param int $maxAgeHours + * @param float $maxAgeHours * @return int */ - public function getAttempts(string $ip, string $action = '', int $maxAgeHours = 12): int { + public function getAttempts(string $ip, string $action = '', float $maxAgeHours = 12): int { $ipAddress = new IpAddress($ip); if ($this->isIPWhitelisted((string)$ipAddress)) { return 0; @@ -329,8 +329,8 @@ class Throttler { } /** - * Will sleep for the defined amount of time unless maximum is reached - * In case of maximum a "429 Too Many Request" response is thrown + * Will sleep for the defined amount of time unless maximum was reached in the last 30 minutes + * In this case a "429 Too Many Request" exception is thrown * * @param string $ip * @param string $action optionally filter by action @@ -339,7 +339,8 @@ class Throttler { */ public function sleepDelayOrThrowOnMax(string $ip, string $action = ''): int { $delay = $this->getDelay($ip, $action); - if ($delay === self::MAX_DELAY * 1000) { + if (($delay === self::MAX_DELAY * 1000) && $this->getAttempts($ip, $action, 0.5) > self::MAX_ATTEMPTS) { + // If the ip made too many attempts within the last 30 mins we don't execute anymore throw new MaxDelayReached('Reached maximum delay'); } usleep($delay * 1000); -- cgit v1.2.3 From dfeee3b85095c86f9077d00129d8717781f65c99 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 14:13:52 +0100 Subject: Fix wrong doc + type hint Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index 059f15e89fd..1e92eeed3b2 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -279,9 +279,9 @@ class Throttler { * * @param string $ip * @param string $action - * @param string $metadata + * @param array $metadata */ - public function resetDelay(string $ip, string $action, string $metadata): void { + public function resetDelay(string $ip, string $action, array $metadata): void { $ipAddress = new IpAddress($ip); if ($this->isIPWhitelisted((string)$ipAddress)) { return; -- cgit v1.2.3 From d9c4c9eb99943d642034ac88c11e399d5461f13a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 19 Mar 2020 14:14:37 +0100 Subject: Simplify array filter Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index 1e92eeed3b2..ef870f4b99a 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -162,8 +162,7 @@ class Throttler { $keys = $this->config->getAppKeys('bruteForce'); $keys = array_filter($keys, function ($key) { - $regex = '/^whitelist_/S'; - return preg_match($regex, $key) === 1; + return 0 === strpos($key, 'whitelist_'); }); if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { -- cgit v1.2.3 From 931aca2fee00d6bf55273512212bb21a0300b03e Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 3 Jun 2020 08:33:05 +0200 Subject: Add missing default Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index ef870f4b99a..b490c6a4012 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -99,7 +99,7 @@ class Throttler { * @param float $maxAgeHours * @return int */ - private function getCutoffTimestamp(float $maxAgeHours): int { + private function getCutoffTimestamp(float $maxAgeHours = 12.0): int { return (new \DateTime()) ->sub($this->getCutoff((int) ($maxAgeHours * 3600))) ->getTimestamp(); -- cgit v1.2.3 From 770381c0c69f43e0efa7e9e803b40a2d0d1b6496 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 9 Jul 2020 12:16:52 +0200 Subject: Correctly return ms delay when at max Signed-off-by: Joas Schilling --- lib/private/Security/Bruteforce/Throttler.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index b490c6a4012..d7eb8b44c8a 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -53,6 +53,7 @@ use OCP\Security\Bruteforce\MaxDelayReached; class Throttler { public const LOGIN_ACTION = 'login'; public const MAX_DELAY = 25; + public const MAX_DELAY_MS = 25000; // in milliseconds public const MAX_ATTEMPTS = 10; /** @var IDBConnection */ @@ -263,12 +264,12 @@ class Throttler { $firstDelay = 0.1; if ($attempts > self::MAX_ATTEMPTS) { // Don't ever overflow. Just assume the maxDelay time:s - return self::MAX_DELAY; + return self::MAX_DELAY_MS; } $delay = $firstDelay * 2**$attempts; if ($delay > self::MAX_DELAY) { - return self::MAX_DELAY; + return self::MAX_DELAY_MS; } return (int) \ceil($delay * 1000); } @@ -338,7 +339,7 @@ class Throttler { */ public function sleepDelayOrThrowOnMax(string $ip, string $action = ''): int { $delay = $this->getDelay($ip, $action); - if (($delay === self::MAX_DELAY * 1000) && $this->getAttempts($ip, $action, 0.5) > self::MAX_ATTEMPTS) { + if (($delay === self::MAX_DELAY_MS) && $this->getAttempts($ip, $action, 0.5) > self::MAX_ATTEMPTS) { // If the ip made too many attempts within the last 30 mins we don't execute anymore throw new MaxDelayReached('Reached maximum delay'); } -- cgit v1.2.3 From 35a851959195ed4a2674e02208c75c4f27199b08 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Thu, 9 Jul 2020 12:25:57 +0200 Subject: Fix CS Signed-off-by: Joas Schilling --- lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php | 1 + lib/private/Security/Bruteforce/Throttler.php | 1 + lib/public/AppFramework/Http/TooManyRequestsResponse.php | 1 + lib/public/Security/Bruteforce/MaxDelayReached.php | 1 + 4 files changed, 4 insertions(+) (limited to 'lib') diff --git a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php index e9b03266462..e6c511537a0 100644 --- a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php @@ -1,4 +1,5 @@ diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php index d7eb8b44c8a..169ad0c0623 100644 --- a/lib/private/Security/Bruteforce/Throttler.php +++ b/lib/private/Security/Bruteforce/Throttler.php @@ -1,4 +1,5 @@ diff --git a/lib/public/AppFramework/Http/TooManyRequestsResponse.php b/lib/public/AppFramework/Http/TooManyRequestsResponse.php index 160614ab33e..b15df303bfe 100644 --- a/lib/public/AppFramework/Http/TooManyRequestsResponse.php +++ b/lib/public/AppFramework/Http/TooManyRequestsResponse.php @@ -1,4 +1,5 @@ diff --git a/lib/public/Security/Bruteforce/MaxDelayReached.php b/lib/public/Security/Bruteforce/MaxDelayReached.php index 817ef0e60c3..3aaa7d05159 100644 --- a/lib/public/Security/Bruteforce/MaxDelayReached.php +++ b/lib/public/Security/Bruteforce/MaxDelayReached.php @@ -1,4 +1,5 @@ -- cgit v1.2.3 From 6f5f71d1003c7ede6060d11efc293e536c39684e Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 19 Aug 2020 11:21:02 +0200 Subject: Update autoloader Signed-off-by: Joas Schilling --- lib/composer/composer/autoload_classmap.php | 2 ++ lib/composer/composer/autoload_static.php | 2 ++ 2 files changed, 4 insertions(+) (limited to 'lib') diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index e063fe0b715..549b11c05ec 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -64,6 +64,7 @@ return array( 'OCP\\AppFramework\\Http\\Template\\LinkMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/LinkMenuAction.php', 'OCP\\AppFramework\\Http\\Template\\PublicTemplateResponse' => $baseDir . '/lib/public/AppFramework/Http/Template/PublicTemplateResponse.php', 'OCP\\AppFramework\\Http\\Template\\SimpleMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/SimpleMenuAction.php', + 'OCP\\AppFramework\\Http\\TooManyRequestsResponse' => $baseDir . '/lib/public/AppFramework/Http/TooManyRequestsResponse.php', 'OCP\\AppFramework\\Http\\ZipResponse' => $baseDir . '/lib/public/AppFramework/Http/ZipResponse.php', 'OCP\\AppFramework\\IAppContainer' => $baseDir . '/lib/public/AppFramework/IAppContainer.php', 'OCP\\AppFramework\\Middleware' => $baseDir . '/lib/public/AppFramework/Middleware.php', @@ -448,6 +449,7 @@ return array( 'OCP\\Search\\Result' => $baseDir . '/lib/public/Search/Result.php', 'OCP\\Search\\SearchResult' => $baseDir . '/lib/public/Search/SearchResult.php', 'OCP\\Search\\SearchResultEntry' => $baseDir . '/lib/public/Search/SearchResultEntry.php', + 'OCP\\Security\\Bruteforce\\MaxDelayReached' => $baseDir . '/lib/public/Security/Bruteforce/MaxDelayReached.php', 'OCP\\Security\\CSP\\AddContentSecurityPolicyEvent' => $baseDir . '/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php', 'OCP\\Security\\Events\\GenerateSecurePasswordEvent' => $baseDir . '/lib/public/Security/Events/GenerateSecurePasswordEvent.php', 'OCP\\Security\\Events\\ValidatePasswordPolicyEvent' => $baseDir . '/lib/public/Security/Events/ValidatePasswordPolicyEvent.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index 20394b4ae30..1a771332437 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -93,6 +93,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\AppFramework\\Http\\Template\\LinkMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/LinkMenuAction.php', 'OCP\\AppFramework\\Http\\Template\\PublicTemplateResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/PublicTemplateResponse.php', 'OCP\\AppFramework\\Http\\Template\\SimpleMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/SimpleMenuAction.php', + 'OCP\\AppFramework\\Http\\TooManyRequestsResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/TooManyRequestsResponse.php', 'OCP\\AppFramework\\Http\\ZipResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/ZipResponse.php', 'OCP\\AppFramework\\IAppContainer' => __DIR__ . '/../../..' . '/lib/public/AppFramework/IAppContainer.php', 'OCP\\AppFramework\\Middleware' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Middleware.php', @@ -477,6 +478,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\Search\\Result' => __DIR__ . '/../../..' . '/lib/public/Search/Result.php', 'OCP\\Search\\SearchResult' => __DIR__ . '/../../..' . '/lib/public/Search/SearchResult.php', 'OCP\\Search\\SearchResultEntry' => __DIR__ . '/../../..' . '/lib/public/Search/SearchResultEntry.php', + 'OCP\\Security\\Bruteforce\\MaxDelayReached' => __DIR__ . '/../../..' . '/lib/public/Security/Bruteforce/MaxDelayReached.php', 'OCP\\Security\\CSP\\AddContentSecurityPolicyEvent' => __DIR__ . '/../../..' . '/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php', 'OCP\\Security\\Events\\GenerateSecurePasswordEvent' => __DIR__ . '/../../..' . '/lib/public/Security/Events/GenerateSecurePasswordEvent.php', 'OCP\\Security\\Events\\ValidatePasswordPolicyEvent' => __DIR__ . '/../../..' . '/lib/public/Security/Events/ValidatePasswordPolicyEvent.php', -- cgit v1.2.3 From e93bf713690047da6e48f882848c7f1ba832db4e Mon Sep 17 00:00:00 2001 From: Morris Jobke Date: Wed, 19 Aug 2020 16:48:06 +0200 Subject: Fix the return type of OC_Template->fetchPage() to be string only Signed-off-by: Morris Jobke --- build/psalm-baseline.xml | 13 ------------- lib/private/legacy/OC_Template.php | 2 +- 2 files changed, 1 insertion(+), 14 deletions(-) (limited to 'lib') diff --git a/build/psalm-baseline.xml b/build/psalm-baseline.xml index cf9f21d0918..efbe3480788 100644 --- a/build/psalm-baseline.xml +++ b/build/psalm-baseline.xml @@ -6069,11 +6069,6 @@ OC_User::getUser() - - - boolean|string - - \Test\Util\User\Dummy @@ -6155,14 +6150,6 @@ - - - $template->fetchPage($this->params) - - - string - - $resource['size'] diff --git a/lib/private/legacy/OC_Template.php b/lib/private/legacy/OC_Template.php index 18a15ad1d43..54c203a3ab6 100644 --- a/lib/private/legacy/OC_Template.php +++ b/lib/private/legacy/OC_Template.php @@ -171,7 +171,7 @@ class OC_Template extends \OC\Template\Base { /** * Process the template - * @return boolean|string + * @return string * * This function process the template. If $this->renderAs is set, it * will produce a full page. -- cgit v1.2.3