|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* @copyright Copyright (c) 2017 Joas Schilling <[email protected]> |
|
4
|
|
|
* |
|
5
|
|
|
* @license GNU AGPL version 3 or any later version |
|
6
|
|
|
* |
|
7
|
|
|
* This program is free software: you can redistribute it and/or modify |
|
8
|
|
|
* it under the terms of the GNU Affero General Public License as |
|
9
|
|
|
* published by the Free Software Foundation, either version 3 of the |
|
10
|
|
|
* License, or (at your option) any later version. |
|
11
|
|
|
* |
|
12
|
|
|
* This program is distributed in the hope that it will be useful, |
|
13
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
14
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
15
|
|
|
* GNU Affero General Public License for more details. |
|
16
|
|
|
* |
|
17
|
|
|
* You should have received a copy of the GNU Affero General Public License |
|
18
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
19
|
|
|
* |
|
20
|
|
|
*/ |
|
21
|
|
|
|
|
22
|
|
|
namespace OCA\Notifications; |
|
23
|
|
|
|
|
24
|
|
|
|
|
25
|
|
|
use OC\Authentication\Exceptions\InvalidTokenException; |
|
26
|
|
|
use OC\Authentication\Token\IProvider; |
|
27
|
|
|
use OC\Security\IdentityProof\Key; |
|
28
|
|
|
use OC\Security\IdentityProof\Manager; |
|
29
|
|
|
use OCP\AppFramework\Http; |
|
30
|
|
|
use OCP\DB\QueryBuilder\IQueryBuilder; |
|
31
|
|
|
use OCP\Http\Client\IClientService; |
|
32
|
|
|
use OCP\IConfig; |
|
33
|
|
|
use OCP\IDBConnection; |
|
34
|
|
|
use OCP\ILogger; |
|
35
|
|
|
use OCP\IUser; |
|
36
|
|
|
use OCP\IUserManager; |
|
37
|
|
|
use OCP\Notification\IManager as INotificationManager; |
|
38
|
|
|
use OCP\Notification\INotification; |
|
39
|
|
|
|
|
40
|
|
|
class Push { |
|
41
|
|
|
/** @var IDBConnection */ |
|
42
|
|
|
protected $db; |
|
43
|
|
|
/** @var INotificationManager */ |
|
44
|
|
|
protected $notificationManager; |
|
45
|
|
|
/** @var IConfig */ |
|
46
|
|
|
protected $config; |
|
47
|
|
|
/** @var IProvider */ |
|
48
|
|
|
protected $tokenProvider; |
|
49
|
|
|
/** @var Manager */ |
|
50
|
|
|
private $keyManager; |
|
51
|
|
|
/** @var IUserManager */ |
|
52
|
|
|
private $userManager; |
|
53
|
|
|
/** @var IClientService */ |
|
54
|
|
|
protected $clientService; |
|
55
|
|
|
/** @var ILogger */ |
|
56
|
|
|
protected $log; |
|
57
|
|
|
|
|
58
|
11 |
|
public function __construct(IDBConnection $connection, INotificationManager $notificationManager, IConfig $config, IProvider $tokenProvider, Manager $keyManager, IUserManager $userManager, IClientService $clientService, ILogger $log) { |
|
59
|
11 |
|
$this->db = $connection; |
|
60
|
11 |
|
$this->notificationManager = $notificationManager; |
|
61
|
11 |
|
$this->config = $config; |
|
62
|
11 |
|
$this->tokenProvider = $tokenProvider; |
|
63
|
11 |
|
$this->keyManager = $keyManager; |
|
64
|
11 |
|
$this->userManager = $userManager; |
|
65
|
11 |
|
$this->clientService = $clientService; |
|
66
|
11 |
|
$this->log = $log; |
|
67
|
11 |
|
} |
|
68
|
|
|
|
|
69
|
|
|
/** |
|
70
|
|
|
* @param INotification $notification |
|
71
|
|
|
*/ |
|
72
|
7 |
|
public function pushToDevice(INotification $notification) { |
|
73
|
7 |
|
$user = $this->userManager->get($notification->getUser()); |
|
74
|
7 |
|
if (!($user instanceof IUser)) { |
|
|
|
|
|
|
75
|
1 |
|
return; |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
6 |
|
$devices = $this->getDevicesForUser($notification->getUser()); |
|
79
|
6 |
|
if (empty($devices)) { |
|
80
|
1 |
|
return; |
|
81
|
|
|
} |
|
82
|
|
|
|
|
83
|
5 |
|
$language = $this->config->getUserValue($notification->getUser(), 'core', 'lang', 'en'); |
|
84
|
|
|
try { |
|
85
|
5 |
|
$notification = $this->notificationManager->prepare($notification, $language); |
|
86
|
1 |
|
} catch (\InvalidArgumentException $e) { |
|
87
|
1 |
|
return; |
|
88
|
|
|
} |
|
89
|
|
|
|
|
90
|
4 |
|
$userKey = $this->keyManager->getKey($user); |
|
91
|
|
|
|
|
92
|
4 |
|
$pushNotifications = []; |
|
93
|
4 |
|
foreach ($devices as $device) { |
|
94
|
|
|
try { |
|
95
|
4 |
|
$payload = json_encode($this->encryptAndSign($userKey, $device, $notification)); |
|
96
|
|
|
|
|
97
|
2 |
|
$proxyServer = rtrim($device['proxyserver'], '/'); |
|
98
|
2 |
|
if (!isset($pushNotifications[$proxyServer])) { |
|
99
|
2 |
|
$pushNotifications[$proxyServer] = []; |
|
100
|
|
|
} |
|
101
|
2 |
|
$pushNotifications[$proxyServer][] = $payload; |
|
102
|
2 |
|
} catch (InvalidTokenException $e) { |
|
|
|
|
|
|
103
|
|
|
// Token does not exist anymore, should drop the push device entry |
|
104
|
1 |
|
$this->deletePushToken($device['token']); |
|
105
|
1 |
|
} catch (\InvalidArgumentException $e) { |
|
106
|
|
|
// Failed to encrypt message for device: public key is invalid |
|
107
|
4 |
|
$this->deletePushToken($device['token']); |
|
108
|
|
|
} |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
4 |
|
if (empty($pushNotifications)) { |
|
112
|
2 |
|
return; |
|
113
|
|
|
} |
|
114
|
|
|
|
|
115
|
2 |
|
$client = $this->clientService->newClient(); |
|
116
|
2 |
|
foreach ($pushNotifications as $proxyServer => $notifications) { |
|
117
|
|
|
try { |
|
118
|
2 |
|
$response = $client->post($proxyServer . '/notifications', [ |
|
119
|
|
|
'body' => [ |
|
120
|
2 |
|
'notifications' => $notifications, |
|
121
|
|
|
], |
|
122
|
|
|
]); |
|
123
|
2 |
|
} catch (\Exception $e) { |
|
124
|
2 |
|
$this->log->logException($e, [ |
|
125
|
2 |
|
'app' => 'notifications', |
|
126
|
|
|
]); |
|
127
|
2 |
|
continue; |
|
128
|
|
|
} |
|
129
|
|
|
|
|
130
|
2 |
|
$status = $response->getStatusCode(); |
|
131
|
2 |
|
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_SERVICE_UNAVAILABLE) { |
|
132
|
2 |
|
$body = $response->getBody(); |
|
133
|
2 |
|
$this->log->error('Could not send notification to push server [{url}]: {error}',[ |
|
134
|
2 |
|
'error' => is_string($body) ? $body : 'no reason given', |
|
135
|
2 |
|
'url' => $proxyServer, |
|
136
|
2 |
|
'app' => 'notifications', |
|
137
|
|
|
]); |
|
138
|
2 |
|
} else if ($status === Http::STATUS_SERVICE_UNAVAILABLE && $this->config->getSystemValue('debug', false)) { |
|
139
|
1 |
|
$body = $response->getBody(); |
|
140
|
1 |
|
$this->log->debug('Could not send notification to push server [{url}]: {error}',[ |
|
141
|
1 |
|
'error' => is_string($body) ? $body : 'no reason given', |
|
142
|
1 |
|
'url' => $proxyServer, |
|
143
|
2 |
|
'app' => 'notifications', |
|
144
|
|
|
]); |
|
145
|
|
|
} |
|
146
|
|
|
} |
|
147
|
2 |
|
} |
|
148
|
|
|
|
|
149
|
|
|
/** |
|
150
|
|
|
* @param Key $userKey |
|
151
|
|
|
* @param array $device |
|
152
|
|
|
* @param INotification $notification |
|
153
|
|
|
* @return array |
|
154
|
|
|
* @throws InvalidTokenException |
|
155
|
|
|
* @throws \InvalidArgumentException |
|
156
|
|
|
*/ |
|
157
|
|
|
protected function encryptAndSign(Key $userKey, array $device, INotification $notification) { |
|
158
|
|
|
// Check if the token is still valid... |
|
159
|
|
|
$this->tokenProvider->getTokenById($device['token']); |
|
160
|
|
|
|
|
161
|
|
|
$data = [ |
|
162
|
|
|
'app' => $notification->getApp(), |
|
163
|
|
|
'subject' => $notification->getParsedSubject(), |
|
164
|
|
|
]; |
|
165
|
|
|
|
|
166
|
|
|
if (!openssl_public_encrypt(json_encode($data), $encryptedSubject, $device['devicepublickey'], OPENSSL_PKCS1_PADDING)) { |
|
167
|
|
|
$this->log->error(openssl_error_string(), ['app' => 'notifications']); |
|
168
|
|
|
throw new \InvalidArgumentException('Failed to encrypt message for device'); |
|
169
|
|
|
} |
|
170
|
|
|
|
|
171
|
|
|
openssl_sign($encryptedSubject, $signature, $userKey->getPrivate(), OPENSSL_ALGO_SHA512); |
|
172
|
|
|
$base64EncryptedSubject = base64_encode(hash('sha512', $encryptedSubject, true)); |
|
173
|
|
|
$base64Signature = base64_encode($signature); |
|
174
|
|
|
|
|
175
|
|
|
return [ |
|
176
|
|
|
'deviceIdentifier' => $device['deviceidentifier'], |
|
177
|
|
|
'pushTokenHash' => $device['pushtokenhash'], |
|
178
|
|
|
'subject' => $base64EncryptedSubject, |
|
179
|
|
|
'signature' => $base64Signature, |
|
180
|
|
|
]; |
|
181
|
|
|
} |
|
182
|
|
|
|
|
183
|
|
|
/** |
|
184
|
|
|
* @param string $uid |
|
185
|
|
|
* @return array[] |
|
186
|
|
|
*/ |
|
187
|
|
|
protected function getDevicesForUser($uid) { |
|
188
|
|
|
$query = $this->db->getQueryBuilder(); |
|
189
|
|
|
$query->select('*') |
|
190
|
|
|
->from('notifications_pushtokens') |
|
191
|
|
|
->where($query->expr()->eq('uid', $query->createNamedParameter($uid))); |
|
192
|
|
|
|
|
193
|
|
|
$result = $query->execute(); |
|
194
|
|
|
$devices = $result->fetchAll(); |
|
195
|
|
|
$result->closeCursor(); |
|
196
|
|
|
|
|
197
|
|
|
return $devices; |
|
198
|
|
|
} |
|
199
|
|
|
|
|
200
|
|
|
/** |
|
201
|
|
|
* @param int $tokenId |
|
202
|
|
|
* @return bool |
|
203
|
|
|
*/ |
|
204
|
|
|
protected function deletePushToken($tokenId) { |
|
205
|
|
|
$query = $this->db->getQueryBuilder(); |
|
206
|
|
|
$query->delete('notifications_pushtokens') |
|
207
|
|
|
->where($query->expr()->eq('token', $query->createNamedParameter($tokenId, IQueryBuilder::PARAM_INT))); |
|
208
|
|
|
|
|
209
|
|
|
return $query->execute() !== 0; |
|
210
|
|
|
} |
|
211
|
|
|
} |
|
212
|
|
|
|
nextcloud /
notifications
Loading history...
This error could be the result of:
1. Missing dependencies
PHP Analyzer uses your
composer.jsonfile (if available) to determine the dependencies of your project and to determine all the available classes and functions. It expects thecomposer.jsonto be in the root folder of your repository.Are you sure this class is defined by one of your dependencies, or did you maybe not list a dependency in either the
requireorrequire-devsection?2. Missing use statement
PHP does not complain about undefined classes in
ìnstanceofchecks. For example, the following PHP code will work perfectly fine:If you have not tested against this specific condition, such errors might go unnoticed.