Add controller to generate client tokens

core/Application.php

@@ -32,6 +32,7 @@ use OC\AppFramework\Utility\TimeFactory;
 use OC\Core\Controller\AvatarController;
 use OC\Core\Controller\LoginController;
 use OC\Core\Controller\LostController;
+use OC\Core\Controller\TokenController;
 use OC\Core\Controller\UserController;
 use OC_Defaults;
 use OCP\AppFramework\App;
@@ -103,6 +104,15 @@ class Application extends App {
 				$c->query('URLGenerator')
 			);
 		});
+		$container->registerService('TokenController', function(SimpleContainer $c) {
+			return new TokenController(
+				$c->query('AppName'),
+				$c->query('Request'),
+				$c->query('UserManager'),
+				$c->query('OC\Authentication\Token\DefaultTokenProvider'),
+				$c->query('SecureRandom')
+			);
+		});
 
 		/**
 		 * Core class wrappers

core/Controller/TokenController.php

@@ -0,0 +1,82 @@
+<?php
+
+/**
+ * @author Christoph Wurst <christoph@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OC\Core\Controller;
+
+use OC\AppFramework\Http;
+use OC\Authentication\Token\DefaultTokenProvider;
+use OC\User\Manager;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Response;
+use OCP\IRequest;
+use OCP\Security\ISecureRandom;
+
+class TokenController extends Controller {
+
+	/** @var Manager */
+	private $userManager;
+
+	/** @var DefaultTokenProvider */
+	private $tokenProvider;
+
+	/** @var ISecureRandom */
+	private $secureRandom;
+
+	/**
+	 * @param string $appName
+	 * @param IRequest $request
+	 * @param Manager $userManager
+	 * @param DefaultTokenProvider $tokenProvider
+	 * @param ISecureRandom $crypto
+	 */
+	public function __construct($appName, IRequest $request, Manager $userManager, DefaultTokenProvider $tokenProvider,
+			ISecureRandom $crypto) {
+		parent::__construct($appName, $request);
+		$this->userManager = $userManager;
+		$this->tokenProvider = $tokenProvider;
+		$this->secureRandom = $crypto;
+	}
+
+	/**
+	 * Generate a new access token clients can authenticate with
+	 *
+	 * @PublicPage
+	 * @NoCSRFRequired
+	 *
+	 * @param string $user
+	 * @param string $password
+	 */
+	public function generateToken($user, $password, $name = 'unknown client') {
+		if (is_null($user) || is_null($password)) {
+			return new Response([], Http::STATUS_UNPROCESSABLE_ENTITY);
+		}
+		if ($this->userManager->checkPassword($user, $password) === false) {
+			return new Response([], Http::STATUS_UNAUTHORIZED);
+		}
+		$token = $this->secureRandom->generate(128);
+		$this->tokenProvider->generateToken($token, $user, $password, $name);
+		return [
+			'token' => $token,
+		];
+	}
+
+}

core/routes.php

@@ -45,6 +45,7 @@ $application->registerRoutes($this, [
 		['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
 		['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
 		['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
+		['name' => 'token#generateToken', 'url' => '/token/generate', 'verb' => 'POST'],
 	],
 ]);
 

lib/private/User/Session.php

@@ -353,7 +353,7 @@ class Session implements IUserSession, Emitter {
 			// User does not exist
 			return false;
 		}
-		$name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown device';
+		$name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown browser';
 		// TODO: use ISession::getId(), https://github.com/owncloud/core/pull/24229
 		$sessionId = session_id();
 		$token = $this->tokenProvider->generateToken($sessionId, $uid, $password, $name);