Mirrors
/
nextcloud-server
mirror of https://github.com/nextcloud/server
3
0
Fork 0
Code Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
35631 Commits
687 Branches
1186 Tags
4.0 GiB
Tree: 311531ecce
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '311531ecce'
${ noResults }
nextcloud-server/settings/Controller/AuthSettingsController.php

201 lines
5.0 KiB
Raw Normal View History

list user's auth tokens on the personal settings page
10 years ago
Fix others
10 years ago
list user's auth tokens on the personal settings page
10 years ago
Update with robin
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
Create session tokens for apache auth users
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
Use magic DI as much as possible Signed-off-by: Joas Schilling <coding@schilljs.com>
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to invalidate browser sessions/device tokens
10 years ago
Use magic DI as much as possible Signed-off-by: Joas Schilling <coding@schilljs.com>
10 years ago
list user's auth tokens on the personal settings page
10 years ago
Use magic DI as much as possible Signed-off-by: Joas Schilling <coding@schilljs.com>
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
list user's auth tokens on the personal settings page
10 years ago
prevent users from deleting their own session token
10 years ago
format current and sync client sessions in Personal
10 years ago
prevent users from deleting their own session token
10 years ago
list user's auth tokens on the personal settings page
10 years ago
add button to add new device tokens
10 years ago
prevent users from deleting their own session token
10 years ago
add button to add new device tokens
10 years ago
when generating browser/device token, save the login name for later password checks
10 years ago
Create session tokens for apache auth users
10 years ago
add button to add new device tokens
10 years ago
prevent users from deleting their own session token
10 years ago
add button to add new device tokens
10 years ago
when generating browser/device token, save the login name for later password checks
10 years ago
enable deleting/configuring new tokens Signed-off-by: Robin Appelman <icewind@owncloud.com>
10 years ago
add button to add new device tokens
10 years ago
show which login name to use for the new app password
10 years ago
enable deleting/configuring new tokens Signed-off-by: Robin Appelman <icewind@owncloud.com>
10 years ago
add button to add new device tokens
10 years ago
prevent users from deleting their own session token
10 years ago
add button to add new device tokens
10 years ago
add button to invalidate browser sessions/device tokens
10 years ago
allow configuring filesystem access Signed-off-by: Robin Appelman <icewind@owncloud.com>
10 years ago
list user's auth tokens on the personal settings page
10 years ago
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Christoph Wurst <christoph@owncloud.com>
  6. * @author Robin Appelman <robin@icewind.nl>
  7. *
  8. * @license AGPL-3.0
  9. *
  10. * This code is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License, version 3,
  12. * as published by the Free Software Foundation.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License, version 3,
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>
  21. *
  22. */
  24. namespace OC\Settings\Controller;
  26. use OC\AppFramework\Http;
  27. use OC\Authentication\Exceptions\InvalidTokenException;
  28. use OC\Authentication\Exceptions\PasswordlessTokenException;
  29. use OC\Authentication\Token\IProvider;
  30. use OC\Authentication\Token\IToken;
  31. use OCP\AppFramework\Controller;
  32. use OCP\AppFramework\Http\JSONResponse;
  33. use OCP\IRequest;
  34. use OCP\ISession;
  35. use OCP\IUserManager;
  36. use OCP\Security\ISecureRandom;
  37. use OCP\Session\Exceptions\SessionNotAvailableException;
  39. class AuthSettingsController extends Controller {
  41. /** @var IProvider */
  42. private $tokenProvider;
  44. /** @var IUserManager */
  45. private $userManager;
  47. /** @var ISession */
  48. private $session;
  50. /** @var string */
  51. private $uid;
  53. /** @var ISecureRandom */
  54. private $random;
  56. /**
  57. * @param string $appName
  58. * @param IRequest $request
  59. * @param IProvider $tokenProvider
  60. * @param IUserManager $userManager
  61. * @param ISession $session
  62. * @param ISecureRandom $random
  63. * @param string $userId
  64. */
  65. public function __construct($appName, IRequest $request, IProvider $tokenProvider, IUserManager $userManager,
  66. ISession $session, ISecureRandom $random, $userId) {
  67. parent::__construct($appName, $request);
  68. $this->tokenProvider = $tokenProvider;
  69. $this->userManager = $userManager;
  70. $this->uid = $userId;
  71. $this->session = $session;
  72. $this->random = $random;
  73. }
  75. /**
  76. * @NoAdminRequired
  77. * @NoSubadminRequired
  78. *
  79. * @return JSONResponse
  80. */
  81. public function index() {
  82. $user = $this->userManager->get($this->uid);
  83. if (is_null($user)) {
  84. return [];
  85. }
  86. $tokens = $this->tokenProvider->getTokenByUser($user);
  88. try {
  89. $sessionId = $this->session->getId();
  90. } catch (SessionNotAvailableException $ex) {
  91. return $this->getServiceNotAvailableResponse();
  92. }
  93. try {
  94. $sessionToken = $this->tokenProvider->getToken($sessionId);
  95. } catch (InvalidTokenException $ex) {
  96. return $this->getServiceNotAvailableResponse();
  97. }
  99. return array_map(function(IToken $token) use ($sessionToken) {
  100. $data = $token->jsonSerialize();
  101. if ($sessionToken->getId() === $token->getId()) {
  102. $data['canDelete'] = false;
  103. $data['current'] = true;
  104. } else {
  105. $data['canDelete'] = true;
  106. }
  107. return $data;
  108. }, $tokens);
  109. }
  111. /**
  112. * @NoAdminRequired
  113. * @NoSubadminRequired
  114. *
  115. * @return JSONResponse
  116. */
  117. public function create($name) {
  118. try {
  119. $sessionId = $this->session->getId();
  120. } catch (SessionNotAvailableException $ex) {
  121. return $this->getServiceNotAvailableResponse();
  122. }
  124. try {
  125. $sessionToken = $this->tokenProvider->getToken($sessionId);
  126. $loginName = $sessionToken->getLoginName();
  127. try {
  128. $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
  129. } catch (PasswordlessTokenException $ex) {
  130. $password = null;
  131. }
  132. } catch (InvalidTokenException $ex) {
  133. return $this->getServiceNotAvailableResponse();
  134. }
  136. $token = $this->generateRandomDeviceToken();
  137. $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
  138. $tokenData = $deviceToken->jsonSerialize();
  139. $tokenData['canDelete'] = true;
  141. return [
  142. 'token' => $token,
  143. 'loginName' => $loginName,
  144. 'deviceToken' => $tokenData
  145. ];
  146. }
  148. private function getServiceNotAvailableResponse() {
  149. $resp = new JSONResponse();
  150. $resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
  151. return $resp;
  152. }
  154. /**
  155. * Return a 20 digit device password
  156. *
  157. * Example: ABCDE-FGHIJ-KLMNO-PQRST
  158. *
  159. * @return string
  160. */
  161. private function generateRandomDeviceToken() {
  162. $groups = [];
  163. for ($i = 0; $i < 4; $i++) {
  164. $groups[] = $this->random->generate(5, implode('', range('A', 'Z')));
  165. }
  166. return implode('-', $groups);
  167. }
  169. /**
  170. * @NoAdminRequired
  171. * @NoSubadminRequired
  172. *
  173. * @return JSONResponse
  174. */
  175. public function destroy($id) {
  176. $user = $this->userManager->get($this->uid);
  177. if (is_null($user)) {
  178. return [];
  179. }
  181. $this->tokenProvider->invalidateTokenById($user, $id);
  182. return [];
  183. }
  185. /**
  186. * @NoAdminRequired
  187. * @NoSubadminRequired
  188. *
  189. * @param int $id
  190. * @param array $scope
  191. */
  192. public function update($id, array $scope) {
  193. $token = $this->tokenProvider->getTokenById($id);
  194. $token->setScope([
  195. 'filesystem' => $scope['filesystem'],
  196. 'app' => array_values($scope['apps'])
  197. ]);
  198. $this->tokenProvider->updateToken($token);
  199. return [];
  200. }
  201. }