Inspection of "[WIP] Add oauth code flow support" - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#4704)

by Björn

created 2017-05-12 14:15 UTC

Status

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -54,6 +54,6 @@
 block discarded – undo
 	</fieldset>
 </div>
 
-<?php if(empty($_['oauthState'])): ?>
+<?php if (empty($_['oauthState'])): ?>
 <a id="app-token-login" class="warning" href="#"><?php p($l->t('Alternative login using app token')) ?></a>
 <?php endif; ?>

Please login to merge, or discard this patch.

core/Controller/ClientFlowLoginController.php 2 patches

Indentation +240 added lines, -240 removed lines patch added patch discarded remove patch

@@ -43,267 +43,267 @@
 block discarded – undo
 use OCP\Session\Exceptions\SessionNotAvailableException;
 
 class ClientFlowLoginController extends Controller {
-	/** @var IUserSession */
-	private $userSession;
-	/** @var IL10N */
-	private $l10n;
-	/** @var Defaults */
-	private $defaults;
-	/** @var ISession */
-	private $session;
-	/** @var IProvider */
-	private $tokenProvider;
-	/** @var ISecureRandom */
-	private $random;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var ClientMapper */
-	private $clientMapper;
-	/** @var AccessTokenMapper */
-	private $accessTokenMapper;
-	/** @var ICrypto */
-	private $crypto;
+    /** @var IUserSession */
+    private $userSession;
+    /** @var IL10N */
+    private $l10n;
+    /** @var Defaults */
+    private $defaults;
+    /** @var ISession */
+    private $session;
+    /** @var IProvider */
+    private $tokenProvider;
+    /** @var ISecureRandom */
+    private $random;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var ClientMapper */
+    private $clientMapper;
+    /** @var AccessTokenMapper */
+    private $accessTokenMapper;
+    /** @var ICrypto */
+    private $crypto;
 
-	const stateName = 'client.flow.state.token';
+    const stateName = 'client.flow.state.token';
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IUserSession $userSession
-	 * @param IL10N $l10n
-	 * @param Defaults $defaults
-	 * @param ISession $session
-	 * @param IProvider $tokenProvider
-	 * @param ISecureRandom $random
-	 * @param IURLGenerator $urlGenerator
-	 * @param ClientMapper $clientMapper
-	 * @param AccessTokenMapper $accessTokenMapper
-	 * @param ICrypto $crypto
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IUserSession $userSession,
-								IL10N $l10n,
-								Defaults $defaults,
-								ISession $session,
-								IProvider $tokenProvider,
-								ISecureRandom $random,
-								IURLGenerator $urlGenerator,
-								ClientMapper $clientMapper,
-								AccessTokenMapper $accessTokenMapper,
-								ICrypto $crypto) {
-		parent::__construct($appName, $request);
-		$this->userSession = $userSession;
-		$this->l10n = $l10n;
-		$this->defaults = $defaults;
-		$this->session = $session;
-		$this->tokenProvider = $tokenProvider;
-		$this->random = $random;
-		$this->urlGenerator = $urlGenerator;
-		$this->clientMapper = $clientMapper;
-		$this->accessTokenMapper = $accessTokenMapper;
-		$this->crypto = $crypto;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IUserSession $userSession
+     * @param IL10N $l10n
+     * @param Defaults $defaults
+     * @param ISession $session
+     * @param IProvider $tokenProvider
+     * @param ISecureRandom $random
+     * @param IURLGenerator $urlGenerator
+     * @param ClientMapper $clientMapper
+     * @param AccessTokenMapper $accessTokenMapper
+     * @param ICrypto $crypto
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IUserSession $userSession,
+                                IL10N $l10n,
+                                Defaults $defaults,
+                                ISession $session,
+                                IProvider $tokenProvider,
+                                ISecureRandom $random,
+                                IURLGenerator $urlGenerator,
+                                ClientMapper $clientMapper,
+                                AccessTokenMapper $accessTokenMapper,
+                                ICrypto $crypto) {
+        parent::__construct($appName, $request);
+        $this->userSession = $userSession;
+        $this->l10n = $l10n;
+        $this->defaults = $defaults;
+        $this->session = $session;
+        $this->tokenProvider = $tokenProvider;
+        $this->random = $random;
+        $this->urlGenerator = $urlGenerator;
+        $this->clientMapper = $clientMapper;
+        $this->accessTokenMapper = $accessTokenMapper;
+        $this->crypto = $crypto;
+    }
 
-	/**
-	 * @return string
-	 */
-	private function getClientName() {
-		return $this->request->getHeader('USER_AGENT') !== null ? $this->request->getHeader('USER_AGENT') : 'unknown';
-	}
+    /**
+     * @return string
+     */
+    private function getClientName() {
+        return $this->request->getHeader('USER_AGENT') !== null ? $this->request->getHeader('USER_AGENT') : 'unknown';
+    }
 
-	/**
-	 * @param string $stateToken
-	 * @return bool
-	 */
-	private function isValidToken($stateToken) {
-		$currentToken = $this->session->get(self::stateName);
-		if(!is_string($stateToken) || !is_string($currentToken)) {
-			return false;
-		}
-		return hash_equals($currentToken, $stateToken);
-	}
+    /**
+     * @param string $stateToken
+     * @return bool
+     */
+    private function isValidToken($stateToken) {
+        $currentToken = $this->session->get(self::stateName);
+        if(!is_string($stateToken) || !is_string($currentToken)) {
+            return false;
+        }
+        return hash_equals($currentToken, $stateToken);
+    }
 
-	/**
-	 * @return TemplateResponse
-	 */
-	private function stateTokenForbiddenResponse() {
-		$response = new TemplateResponse(
-			$this->appName,
-			'403',
-			[
-				'file' => $this->l10n->t('State token does not match'),
-			],
-			'guest'
-		);
-		$response->setStatus(Http::STATUS_FORBIDDEN);
-		return $response;
-	}
+    /**
+     * @return TemplateResponse
+     */
+    private function stateTokenForbiddenResponse() {
+        $response = new TemplateResponse(
+            $this->appName,
+            '403',
+            [
+                'file' => $this->l10n->t('State token does not match'),
+            ],
+            'guest'
+        );
+        $response->setStatus(Http::STATUS_FORBIDDEN);
+        return $response;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $clientIdentifier
-	 *
-	 * @return TemplateResponse
-	 */
-	public function showAuthPickerPage($clientIdentifier = '',
-									   $oauthState = '') {
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $clientIdentifier
+     *
+     * @return TemplateResponse
+     */
+    public function showAuthPickerPage($clientIdentifier = '',
+                                        $oauthState = '') {
 
 
-		$clientName = $this->getClientName();
-		$client = null;
-		if($clientIdentifier !== '') {
-			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
-			$clientName = $client->getName();
-		}
+        $clientName = $this->getClientName();
+        $client = null;
+        if($clientIdentifier !== '') {
+            $client = $this->clientMapper->getByIdentifier($clientIdentifier);
+            $clientName = $client->getName();
+        }
 
-		$validClient = $client !== null && $client->getClientIdentifier() !== null;
-		$cookieCheckSuccessful = $this->request->passesStrictCookieCheck();
+        $validClient = $client !== null && $client->getClientIdentifier() !== null;
+        $cookieCheckSuccessful = $this->request->passesStrictCookieCheck();
 
-		// no valid clientIdentifier given and no valid API Request (APIRequest header not set)
-		if ($cookieCheckSuccessful === false && $validClient === false) {
-			return new TemplateResponse(
-				$this->appName,
-				'error',
-				['errors' =>
-					[
-						['error' => 'Access Forbidden', 'hint' => 'Invalid request']
-					]
-				]
-			);
-		}
+        // no valid clientIdentifier given and no valid API Request (APIRequest header not set)
+        if ($cookieCheckSuccessful === false && $validClient === false) {
+            return new TemplateResponse(
+                $this->appName,
+                'error',
+                ['errors' =>
+                    [
+                        ['error' => 'Access Forbidden', 'hint' => 'Invalid request']
+                    ]
+                ]
+            );
+        }
 
-		$stateToken = $this->random->generate(
-			64,
-			ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
-		);
-		$this->session->set(self::stateName, $stateToken);
+        $stateToken = $this->random->generate(
+            64,
+            ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
+        );
+        $this->session->set(self::stateName, $stateToken);
 
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/authpicker',
-			[
-				'client' => $clientName,
-				'clientIdentifier' => $clientIdentifier,
-				'oauthState' => $oauthState,
-				'instanceName' => $this->defaults->getName(),
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-				'serverHost' => $this->request->getServerHost(),
-			],
-			'guest'
-		);
-	}
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/authpicker',
+            [
+                'client' => $clientName,
+                'clientIdentifier' => $clientIdentifier,
+                'oauthState' => $oauthState,
+                'instanceName' => $this->defaults->getName(),
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+                'serverHost' => $this->request->getServerHost(),
+            ],
+            'guest'
+        );
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @param string $clientIdentifier
-	 * @param string $oauthState
-	 * @return TemplateResponse
-	 */
-	public function redirectPage($stateToken = '',
-								 $clientIdentifier = '',
-								 $oauthState = '') {
-		if(!$this->isValidToken($stateToken)) {
-			return $this->stateTokenForbiddenResponse();
-		}
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @param string $clientIdentifier
+     * @param string $oauthState
+     * @return TemplateResponse
+     */
+    public function redirectPage($stateToken = '',
+                                    $clientIdentifier = '',
+                                    $oauthState = '') {
+        if(!$this->isValidToken($stateToken)) {
+            return $this->stateTokenForbiddenResponse();
+        }
 
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/redirect',
-			[
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-				'clientIdentifier' => $clientIdentifier,
-				'oauthState' => $oauthState,
-			],
-			'empty'
-		);
-	}
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/redirect',
+            [
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+                'clientIdentifier' => $clientIdentifier,
+                'oauthState' => $oauthState,
+            ],
+            'empty'
+        );
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @param string $clientIdentifier
-	 * @param string $state
-	 * @param string $oauthState
-	 * @return Http\RedirectResponse|Response
-	 */
-	public function generateAppPassword($stateToken,
-										$clientIdentifier = '',
-										$state = '',
-										$oauthState = '') {
-		if(!$this->isValidToken($stateToken)) {
-			$this->session->remove(self::stateName);
-			return $this->stateTokenForbiddenResponse();
-		}
+    /**
+     * @NoAdminRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @param string $clientIdentifier
+     * @param string $state
+     * @param string $oauthState
+     * @return Http\RedirectResponse|Response
+     */
+    public function generateAppPassword($stateToken,
+                                        $clientIdentifier = '',
+                                        $state = '',
+                                        $oauthState = '') {
+        if(!$this->isValidToken($stateToken)) {
+            $this->session->remove(self::stateName);
+            return $this->stateTokenForbiddenResponse();
+        }
 
-		$this->session->remove(self::stateName);
+        $this->session->remove(self::stateName);
 
-		try {
-			$sessionId = $this->session->getId();
-		} catch (SessionNotAvailableException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
+        try {
+            $sessionId = $this->session->getId();
+        } catch (SessionNotAvailableException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
 
-		try {
-			$sessionToken = $this->tokenProvider->getToken($sessionId);
-			$loginName = $sessionToken->getLoginName();
-			try {
-				$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
-			} catch (PasswordlessTokenException $ex) {
-				$password = null;
-			}
-		} catch (InvalidTokenException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
+        try {
+            $sessionToken = $this->tokenProvider->getToken($sessionId);
+            $loginName = $sessionToken->getLoginName();
+            try {
+                $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
+            } catch (PasswordlessTokenException $ex) {
+                $password = null;
+            }
+        } catch (InvalidTokenException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
 
-		$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
-		$uid = $this->userSession->getUser()->getUID();
-		$generatedToken = $this->tokenProvider->generateToken(
-			$token,
-			$uid,
-			$loginName,
-			$password,
-			$this->getClientName(),
-			IToken::PERMANENT_TOKEN,
-			IToken::DO_NOT_REMEMBER
-		);
+        $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+        $uid = $this->userSession->getUser()->getUID();
+        $generatedToken = $this->tokenProvider->generateToken(
+            $token,
+            $uid,
+            $loginName,
+            $password,
+            $this->getClientName(),
+            IToken::PERMANENT_TOKEN,
+            IToken::DO_NOT_REMEMBER
+        );
 
-		if($clientIdentifier !== '') {
-			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
+        if($clientIdentifier !== '') {
+            $client = $this->clientMapper->getByIdentifier($clientIdentifier);
 
-			$code = $this->random->generate(128);
-			$accessToken = new AccessToken();
-			$accessToken->setClientId($client->getId());
-			$accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
-			$accessToken->setHashedCode(hash('sha512', $code));
-			$accessToken->setTokenId($generatedToken->getId());
-			$this->accessTokenMapper->insert($accessToken);
+            $code = $this->random->generate(128);
+            $accessToken = new AccessToken();
+            $accessToken->setClientId($client->getId());
+            $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
+            $accessToken->setHashedCode(hash('sha512', $code));
+            $accessToken->setTokenId($generatedToken->getId());
+            $this->accessTokenMapper->insert($accessToken);
 
-			$redirectUri = sprintf(
-				'%s?state=%s&code=%s',
-				$client->getRedirectUri(),
-				urlencode($oauthState),
-				urlencode($code)
-			);
-		} else {
-			$redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
-		}
+            $redirectUri = sprintf(
+                '%s?state=%s&code=%s',
+                $client->getRedirectUri(),
+                urlencode($oauthState),
+                urlencode($code)
+            );
+        } else {
+            $redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
+        }
 
-		return new Http\RedirectResponse($redirectUri);
-	}
+        return new Http\RedirectResponse($redirectUri);
+    }
 }

Please login to merge, or discard this patch.

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch

@@ -118,7 +118,7 @@  discard block
 block discarded – undo
 	 */
 	private function isValidToken($stateToken) {
 		$currentToken = $this->session->get(self::stateName);
-		if(!is_string($stateToken) || !is_string($currentToken)) {
+		if (!is_string($stateToken) || !is_string($currentToken)) {
 			return false;
 		}
 		return hash_equals($currentToken, $stateToken);
@@ -155,7 +155,7 @@  discard block
 block discarded – undo
 
 		$clientName = $this->getClientName();
 		$client = null;
-		if($clientIdentifier !== '') {
+		if ($clientIdentifier !== '') {
 			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
 			$clientName = $client->getName();
 		}
@@ -211,7 +211,7 @@  discard block
 block discarded – undo
 	public function redirectPage($stateToken = '',
 								 $clientIdentifier = '',
 								 $oauthState = '') {
-		if(!$this->isValidToken($stateToken)) {
+		if (!$this->isValidToken($stateToken)) {
 			return $this->stateTokenForbiddenResponse();
 		}
 
@@ -242,7 +242,7 @@  discard block
 block discarded – undo
 										$clientIdentifier = '',
 										$state = '',
 										$oauthState = '') {
-		if(!$this->isValidToken($stateToken)) {
+		if (!$this->isValidToken($stateToken)) {
 			$this->session->remove(self::stateName);
 			return $this->stateTokenForbiddenResponse();
 		}
@@ -283,7 +283,7 @@  discard block
 block discarded – undo
 			IToken::DO_NOT_REMEMBER
 		);
 
-		if($clientIdentifier !== '') {
+		if ($clientIdentifier !== '') {
 			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
 
 			$code = $this->random->generate(128);
@@ -301,7 +301,7 @@  discard block
 block discarded – undo
 				urlencode($code)
 			);
 		} else {
-			$redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
+			$redirectUri = 'nc://login/server:'.$this->request->getServerHost().'&user:'.urlencode($loginName).'&password:'.urlencode($token);
 		}
 
 		return new Http\RedirectResponse($redirectUri);

Please login to merge, or discard this patch.

apps/oauth2/appinfo/routes.php 1 patch

Indentation +22 added lines, -22 removed lines patch added patch discarded remove patch

@@ -20,26 +20,26 @@
 block discarded – undo
  */
 
 return [
-	'routes' => [
-		[
-			'name' => 'Settings#addClient',
-			'url' => '/settings',
-			'verb' => 'POST',
-		],
-		[
-			'name' => 'Settings#deleteClient',
-			'url' => '/clients/{id}/delete',
-			'verb' => 'POST'
-		],
-		[
-			'name' => 'LoginRedirector#authorize',
-			'url' => '/authorize',
-			'verb' => 'GET',
-		],
-		[
-			'name' => 'OauthApi#getToken',
-			'url' => '/api/v1/token',
-			'verb' => 'POST'
-		],
-	],
+    'routes' => [
+        [
+            'name' => 'Settings#addClient',
+            'url' => '/settings',
+            'verb' => 'POST',
+        ],
+        [
+            'name' => 'Settings#deleteClient',
+            'url' => '/clients/{id}/delete',
+            'verb' => 'POST'
+        ],
+        [
+            'name' => 'LoginRedirector#authorize',
+            'url' => '/authorize',
+            'verb' => 'GET',
+        ],
+        [
+            'name' => 'OauthApi#getToken',
+            'url' => '/api/v1/token',
+            'verb' => 'POST'
+        ],
+    ],
 ];
\ No newline at end of file

Please login to merge, or discard this patch.

apps/oauth2/lib/Db/Client.php 1 patch

Indentation +15 added lines, -15 removed lines patch added patch discarded remove patch

@@ -34,20 +34,20 @@
 block discarded – undo
  * @method void setName(string $name)
  */
 class Client extends Entity {
-	/** @var string */
-	protected $name;
-	/** @var string */
-	protected $redirectUri;
-	/** @var string */
-	protected $clientIdentifier;
-	/** @var string */
-	protected $secret;
+    /** @var string */
+    protected $name;
+    /** @var string */
+    protected $redirectUri;
+    /** @var string */
+    protected $clientIdentifier;
+    /** @var string */
+    protected $secret;
 
-	public function __construct() {
-		$this->addType('id', 'int');
-		$this->addType('name', 'string');
-		$this->addType('redirect_uri', 'string');
-		$this->addType('client_identifier', 'string');
-		$this->addType('secret', 'string');
-	}
+    public function __construct() {
+        $this->addType('id', 'int');
+        $this->addType('name', 'string');
+        $this->addType('redirect_uri', 'string');
+        $this->addType('client_identifier', 'string');
+        $this->addType('secret', 'string');
+    }
 }

Please login to merge, or discard this patch.

apps/oauth2/lib/Db/AccessToken.php 1 patch

Indentation +15 added lines, -15 removed lines patch added patch discarded remove patch

@@ -34,20 +34,20 @@
 block discarded – undo
  * @method void setHashedCode(string $token)
  */
 class AccessToken extends Entity {
-	/** @var int */
-	protected $tokenId;
-	/** @var int */
-	protected $clientId;
-	/** @var string */
-	protected $hashedCode;
-	/** @var string */
-	protected $encryptedToken;
+    /** @var int */
+    protected $tokenId;
+    /** @var int */
+    protected $clientId;
+    /** @var string */
+    protected $hashedCode;
+    /** @var string */
+    protected $encryptedToken;
 
-	public function __construct() {
-		$this->addType('id', 'int');
-		$this->addType('token_id', 'int');
-		$this->addType('client_id', 'int');
-		$this->addType('hashed_code', 'string');
-		$this->addType('encrypted_token', 'string');
-	}
+    public function __construct() {
+        $this->addType('id', 'int');
+        $this->addType('token_id', 'int');
+        $this->addType('client_id', 'int');
+        $this->addType('hashed_code', 'string');
+        $this->addType('encrypted_token', 'string');
+    }
 }

Please login to merge, or discard this patch.

apps/oauth2/lib/Db/ClientMapper.php 1 patch

Indentation +34 added lines, -34 removed lines patch added patch discarded remove patch

@@ -26,43 +26,43 @@
 block discarded – undo
 
 class ClientMapper extends Mapper {
 
-	/**
-	 * @param IDBConnection $db
-	 */
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'oauth2_clients');
-	}
+    /**
+     * @param IDBConnection $db
+     */
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'oauth2_clients');
+    }
 
-	/**
-	 * @param string $clientIdentifier
-	 * @return Client
-	 */
-	public function getByIdentifier($clientIdentifier) {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName)
-			->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
-		$result = $qb->execute();
-		$row = $result->fetch();
-		$result->closeCursor();
+    /**
+     * @param string $clientIdentifier
+     * @return Client
+     */
+    public function getByIdentifier($clientIdentifier) {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName)
+            ->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
+        $result = $qb->execute();
+        $row = $result->fetch();
+        $result->closeCursor();
 
-		if (!is_array($row)) {
-			$row = [];
-		}
+        if (!is_array($row)) {
+            $row = [];
+        }
 
-		return Client::fromRow($row);
-	}
+        return Client::fromRow($row);
+    }
 
-	/**
-	 * @return Client[]
-	 */
-	public function getClients() {
-		$qb = $this->db->getQueryBuilder();
-		$qb
-			->select('*')
-			->from($this->tableName);
+    /**
+     * @return Client[]
+     */
+    public function getClients() {
+        $qb = $this->db->getQueryBuilder();
+        $qb
+            ->select('*')
+            ->from($this->tableName);
 
-		return $this->findEntities($qb->getSQL());
-	}
+        return $this->findEntities($qb->getSQL());
+    }
 }

Please login to merge, or discard this patch.

apps/oauth2/lib/Controller/LoginRedirectorController.php 2 patches

Indentation +43 added lines, -43 removed lines patch added patch discarded remove patch

@@ -28,51 +28,51 @@
 block discarded – undo
 use OCP\IURLGenerator;
 
 class LoginRedirectorController extends Controller {
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var ClientMapper */
-	private $clientMapper;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var ClientMapper */
+    private $clientMapper;
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IURLGenerator $urlGenerator
-	 * @param ClientMapper $clientMapper
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IURLGenerator $urlGenerator,
-								ClientMapper $clientMapper) {
-		parent::__construct($appName, $request);
-		$this->urlGenerator = $urlGenerator;
-		$this->clientMapper = $clientMapper;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IURLGenerator $urlGenerator
+     * @param ClientMapper $clientMapper
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IURLGenerator $urlGenerator,
+                                ClientMapper $clientMapper) {
+        parent::__construct($appName, $request);
+        $this->urlGenerator = $urlGenerator;
+        $this->clientMapper = $clientMapper;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $client_id
-	 * @param string $redirect_uri
-	 * @param string $state
-	 * @return RedirectResponse
-	 */
-	public function authorize($client_id,
-							  $redirect_uri,
-							  $state) {
-		$client = $this->clientMapper->getByIdentifier($client_id);
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $client_id
+     * @param string $redirect_uri
+     * @param string $state
+     * @return RedirectResponse
+     */
+    public function authorize($client_id,
+                                $redirect_uri,
+                                $state) {
+        $client = $this->clientMapper->getByIdentifier($client_id);
 
-		if($client->getRedirectUri() !== $redirect_uri) {
-			throw new \Exception('Redirect URI does not match');
-		}
+        if($client->getRedirectUri() !== $redirect_uri) {
+            throw new \Exception('Redirect URI does not match');
+        }
 
-		$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
-			'core.ClientFlowLogin.showAuthPickerPage',
-			[
-				'clientIdentifier' => $client->getClientIdentifier(),
-				'oauthState' => $state,
-			]
-		);
-		return new RedirectResponse($targetUrl);
-	}
+        $targetUrl = $this->urlGenerator->linkToRouteAbsolute(
+            'core.ClientFlowLogin.showAuthPickerPage',
+            [
+                'clientIdentifier' => $client->getClientIdentifier(),
+                'oauthState' => $state,
+            ]
+        );
+        return new RedirectResponse($targetUrl);
+    }
 }

Please login to merge, or discard this patch.

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -62,7 +62,7 @@
 block discarded – undo
 							  $state) {
 		$client = $this->clientMapper->getByIdentifier($client_id);
 
-		if($client->getRedirectUri() !== $redirect_uri) {
+		if ($client->getRedirectUri() !== $redirect_uri) {
 			throw new \Exception('Redirect URI does not match');
 		}
 

Please login to merge, or discard this patch.

apps/oauth2/lib/Controller/OauthApiController.php 1 patch

Indentation +52 added lines, -52 removed lines patch added patch discarded remove patch

@@ -30,59 +30,59 @@
 block discarded – undo
 use OCP\Security\ISecureRandom;
 
 class OauthApiController extends Controller {
-	/** @var AccessTokenMapper */
-	private $accessTokenMapper;
-	/** @var ICrypto */
-	private $crypto;
-	/** @var DefaultTokenMapper */
-	private $defaultTokenMapper;
-	/** @var ISecureRandom */
-	private $secureRandom;
+    /** @var AccessTokenMapper */
+    private $accessTokenMapper;
+    /** @var ICrypto */
+    private $crypto;
+    /** @var DefaultTokenMapper */
+    private $defaultTokenMapper;
+    /** @var ISecureRandom */
+    private $secureRandom;
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param ICrypto $crypto
-	 * @param AccessTokenMapper $accessTokenMapper
-	 * @param DefaultTokenMapper $defaultTokenMapper
-	 * @param ISecureRandom $secureRandom
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								ICrypto $crypto,
-								AccessTokenMapper $accessTokenMapper,
-								DefaultTokenMapper $defaultTokenMapper,
-								ISecureRandom $secureRandom) {
-		parent::__construct($appName, $request);
-		$this->crypto = $crypto;
-		$this->accessTokenMapper = $accessTokenMapper;
-		$this->defaultTokenMapper = $defaultTokenMapper;
-		$this->secureRandom = $secureRandom;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param ICrypto $crypto
+     * @param AccessTokenMapper $accessTokenMapper
+     * @param DefaultTokenMapper $defaultTokenMapper
+     * @param ISecureRandom $secureRandom
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                ICrypto $crypto,
+                                AccessTokenMapper $accessTokenMapper,
+                                DefaultTokenMapper $defaultTokenMapper,
+                                ISecureRandom $secureRandom) {
+        parent::__construct($appName, $request);
+        $this->crypto = $crypto;
+        $this->accessTokenMapper = $accessTokenMapper;
+        $this->defaultTokenMapper = $defaultTokenMapper;
+        $this->secureRandom = $secureRandom;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $code
-	 * @return JSONResponse
-	 */
-	public function getToken($code) {
-		$accessToken = $this->accessTokenMapper->getByCode($code);
-		$decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code);
-		$newCode = $this->secureRandom->generate(128);
-		$accessToken->setHashedCode(hash('sha512', $newCode));
-		$accessToken->setEncryptedToken($this->crypto->encrypt($decryptedToken, $newCode));
-		$this->accessTokenMapper->update($accessToken);
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $code
+     * @return JSONResponse
+     */
+    public function getToken($code) {
+        $accessToken = $this->accessTokenMapper->getByCode($code);
+        $decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code);
+        $newCode = $this->secureRandom->generate(128);
+        $accessToken->setHashedCode(hash('sha512', $newCode));
+        $accessToken->setEncryptedToken($this->crypto->encrypt($decryptedToken, $newCode));
+        $this->accessTokenMapper->update($accessToken);
 
-		return new JSONResponse(
-			[
-				'access_token' => $decryptedToken,
-				'token_type' => 'Bearer',
-				'expires_in' => 3600,
-				'refresh_token' => $newCode,
-				'user_id' => ($this->defaultTokenMapper->getTokenById($accessToken->getTokenId()))->getUID(),
-			]
-		);
-	}
+        return new JSONResponse(
+            [
+                'access_token' => $decryptedToken,
+                'token_type' => 'Bearer',
+                'expires_in' => 3600,
+                'refresh_token' => $newCode,
+                'user_id' => ($this->defaultTokenMapper->getTokenById($accessToken->getTokenId()))->getUID(),
+            ]
+        );
+    }
 }

Please login to merge, or discard this patch.

apps/oauth2/lib/Settings/Admin.php 1 patch

Indentation +33 added lines, -33 removed lines patch added patch discarded remove patch

@@ -27,41 +27,41 @@
 block discarded – undo
 use OCP\Settings\ISettings;
 
 class Admin implements ISettings {
-	/** @var ClientMapper */
-	private $clientMapper;
+    /** @var ClientMapper */
+    private $clientMapper;
 
-	/**
-	 * @param ClientMapper $clientMapper
-	 */
-	public function __construct(ClientMapper $clientMapper) {
-		$this->clientMapper = $clientMapper;
-	}
+    /**
+     * @param ClientMapper $clientMapper
+     */
+    public function __construct(ClientMapper $clientMapper) {
+        $this->clientMapper = $clientMapper;
+    }
 
-	/**
-	 * @return TemplateResponse
-	 */
-	public function getForm() {
-		return new TemplateResponse(
-			'oauth2',
-			'admin',
-			[
-				'clients' => $this->clientMapper->getClients(),
-			],
-			''
-		);
-	}
+    /**
+     * @return TemplateResponse
+     */
+    public function getForm() {
+        return new TemplateResponse(
+            'oauth2',
+            'admin',
+            [
+                'clients' => $this->clientMapper->getClients(),
+            ],
+            ''
+        );
+    }
 
-	/**
-	 * {@inheritdoc}
-	 */
-	public function getSection() {
-		return 'security';
-	}
+    /**
+     * {@inheritdoc}
+     */
+    public function getSection() {
+        return 'security';
+    }
 
-	/**
-	 * {@inheritdoc}
-	 */
-	public function getPriority() {
-		return 0;
-	}
+    /**
+     * {@inheritdoc}
+     */
+    public function getPriority() {
+        return 0;
+    }
 }

Please login to merge, or discard this patch.

		@@ -118,7 +118,7 @@ discard block
		block discarded – undo
118	118	*/
119	119	private function isValidToken($stateToken) {
120	120	$currentToken = $this->session->get(self::stateName);
121		- if(!is_string($stateToken) \|\| !is_string($currentToken)) {
	121	+ if (!is_string($stateToken) \|\| !is_string($currentToken)) {
122	122	return false;
123	123	}
124	124	return hash_equals($currentToken, $stateToken);
		@@ -155,7 +155,7 @@ discard block
		block discarded – undo
155	155
156	156	$clientName = $this->getClientName();
157	157	$client = null;
158		- if($clientIdentifier !== '') {
	158	+ if ($clientIdentifier !== '') {
159	159	$client = $this->clientMapper->getByIdentifier($clientIdentifier);
160	160	$clientName = $client->getName();
161	161	}
		@@ -211,7 +211,7 @@ discard block
		block discarded – undo
211	211	public function redirectPage($stateToken = '',
212	212	$clientIdentifier = '',
213	213	$oauthState = '') {
214		- if(!$this->isValidToken($stateToken)) {
	214	+ if (!$this->isValidToken($stateToken)) {
215	215	return $this->stateTokenForbiddenResponse();
216	216	}
217	217
		@@ -242,7 +242,7 @@ discard block
		block discarded – undo
242	242	$clientIdentifier = '',
243	243	$state = '',
244	244	$oauthState = '') {
245		- if(!$this->isValidToken($stateToken)) {
	245	+ if (!$this->isValidToken($stateToken)) {
246	246	$this->session->remove(self::stateName);
247	247	return $this->stateTokenForbiddenResponse();
248	248	}
		@@ -283,7 +283,7 @@ discard block
		block discarded – undo
283	283	IToken::DO_NOT_REMEMBER
284	284	);
285	285
286		- if($clientIdentifier !== '') {
	286	+ if ($clientIdentifier !== '') {
287	287	$client = $this->clientMapper->getByIdentifier($clientIdentifier);
288	288
289	289	$code = $this->random->generate(128);
		@@ -301,7 +301,7 @@ discard block
		block discarded – undo
301	301	urlencode($code)
302	302	);
303	303	} else {
304		- $redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
	304	+ $redirectUri = 'nc://login/server:'.$this->request->getServerHost().'&user:'.urlencode($loginName).'&password:'.urlencode($token);
305	305	}
306	306
307	307	return new Http\RedirectResponse($redirectUri);

		@@ -54,6 +54,6 @@
		block discarded – undo
54	54	</fieldset>
55	55	</div>
56	56
57		-<?php if(empty($_['oauthState'])): ?>
	57	+<?php if (empty($_['oauthState'])): ?>
58	58	<a id="app-token-login" class="warning" href="#"><?php p($l->t('Alternative login using app token')) ?></a>
59	59	<?php endif; ?>

		@@ -43,267 +43,267 @@
		block discarded – undo
43	43	use OCP\Session\Exceptions\SessionNotAvailableException;
44	44
45	45	class ClientFlowLoginController extends Controller {
46		- /** @var IUserSession */
47		- private $userSession;
48		- /** @var IL10N */
49		- private $l10n;
50		- /** @var Defaults */
51		- private $defaults;
52		- /** @var ISession */
53		- private $session;
54		- /** @var IProvider */
55		- private $tokenProvider;
56		- /** @var ISecureRandom */
57		- private $random;
58		- /** @var IURLGenerator */
59		- private $urlGenerator;
60		- /** @var ClientMapper */
61		- private $clientMapper;
62		- /** @var AccessTokenMapper */
63		- private $accessTokenMapper;
64		- /** @var ICrypto */
65		- private $crypto;
	46	+ /** @var IUserSession */
	47	+ private $userSession;
	48	+ /** @var IL10N */
	49	+ private $l10n;
	50	+ /** @var Defaults */
	51	+ private $defaults;
	52	+ /** @var ISession */
	53	+ private $session;
	54	+ /** @var IProvider */
	55	+ private $tokenProvider;
	56	+ /** @var ISecureRandom */
	57	+ private $random;
	58	+ /** @var IURLGenerator */
	59	+ private $urlGenerator;
	60	+ /** @var ClientMapper */
	61	+ private $clientMapper;
	62	+ /** @var AccessTokenMapper */
	63	+ private $accessTokenMapper;
	64	+ /** @var ICrypto */
	65	+ private $crypto;
66	66
67		- const stateName = 'client.flow.state.token';
	67	+ const stateName = 'client.flow.state.token';
68	68
69		- /**
70		- * @param string $appName
71		- * @param IRequest $request
72		- * @param IUserSession $userSession
73		- * @param IL10N $l10n
74		- * @param Defaults $defaults
75		- * @param ISession $session
76		- * @param IProvider $tokenProvider
77		- * @param ISecureRandom $random
78		- * @param IURLGenerator $urlGenerator
79		- * @param ClientMapper $clientMapper
80		- * @param AccessTokenMapper $accessTokenMapper
81		- * @param ICrypto $crypto
82		- */
83		- public function __construct($appName,
84		- IRequest $request,
85		- IUserSession $userSession,
86		- IL10N $l10n,
87		- Defaults $defaults,
88		- ISession $session,
89		- IProvider $tokenProvider,
90		- ISecureRandom $random,
91		- IURLGenerator $urlGenerator,
92		- ClientMapper $clientMapper,
93		- AccessTokenMapper $accessTokenMapper,
94		- ICrypto $crypto) {
95		- parent::__construct($appName, $request);
96		- $this->userSession = $userSession;
97		- $this->l10n = $l10n;
98		- $this->defaults = $defaults;
99		- $this->session = $session;
100		- $this->tokenProvider = $tokenProvider;
101		- $this->random = $random;
102		- $this->urlGenerator = $urlGenerator;
103		- $this->clientMapper = $clientMapper;
104		- $this->accessTokenMapper = $accessTokenMapper;
105		- $this->crypto = $crypto;
106		- }
	69	+ /**
	70	+ * @param string $appName
	71	+ * @param IRequest $request
	72	+ * @param IUserSession $userSession
	73	+ * @param IL10N $l10n
	74	+ * @param Defaults $defaults
	75	+ * @param ISession $session
	76	+ * @param IProvider $tokenProvider
	77	+ * @param ISecureRandom $random
	78	+ * @param IURLGenerator $urlGenerator
	79	+ * @param ClientMapper $clientMapper
	80	+ * @param AccessTokenMapper $accessTokenMapper
	81	+ * @param ICrypto $crypto
	82	+ */
	83	+ public function __construct($appName,
	84	+ IRequest $request,
	85	+ IUserSession $userSession,
	86	+ IL10N $l10n,
	87	+ Defaults $defaults,
	88	+ ISession $session,
	89	+ IProvider $tokenProvider,
	90	+ ISecureRandom $random,
	91	+ IURLGenerator $urlGenerator,
	92	+ ClientMapper $clientMapper,
	93	+ AccessTokenMapper $accessTokenMapper,
	94	+ ICrypto $crypto) {
	95	+ parent::__construct($appName, $request);
	96	+ $this->userSession = $userSession;
	97	+ $this->l10n = $l10n;
	98	+ $this->defaults = $defaults;
	99	+ $this->session = $session;
	100	+ $this->tokenProvider = $tokenProvider;
	101	+ $this->random = $random;
	102	+ $this->urlGenerator = $urlGenerator;
	103	+ $this->clientMapper = $clientMapper;
	104	+ $this->accessTokenMapper = $accessTokenMapper;
	105	+ $this->crypto = $crypto;
	106	+ }
107	107
108		- /**
109		- * @return string
110		- */
111		- private function getClientName() {
112		- return $this->request->getHeader('USER_AGENT') !== null ? $this->request->getHeader('USER_AGENT') : 'unknown';
113		- }
	108	+ /**
	109	+ * @return string
	110	+ */
	111	+ private function getClientName() {
	112	+ return $this->request->getHeader('USER_AGENT') !== null ? $this->request->getHeader('USER_AGENT') : 'unknown';
	113	+ }
114	114
115		- /**
116		- * @param string $stateToken
117		- * @return bool
118		- */
119		- private function isValidToken($stateToken) {
120		- $currentToken = $this->session->get(self::stateName);
121		- if(!is_string($stateToken) \|\| !is_string($currentToken)) {
122		- return false;
123		- }
124		- return hash_equals($currentToken, $stateToken);
125		- }
	115	+ /**
	116	+ * @param string $stateToken
	117	+ * @return bool
	118	+ */
	119	+ private function isValidToken($stateToken) {
	120	+ $currentToken = $this->session->get(self::stateName);
	121	+ if(!is_string($stateToken) \|\| !is_string($currentToken)) {
	122	+ return false;
	123	+ }
	124	+ return hash_equals($currentToken, $stateToken);
	125	+ }
126	126
127		- /**
128		- * @return TemplateResponse
129		- */
130		- private function stateTokenForbiddenResponse() {
131		- $response = new TemplateResponse(
132		- $this->appName,
133		- '403',
134		- [
135		- 'file' => $this->l10n->t('State token does not match'),
136		- ],
137		- 'guest'
138		- );
139		- $response->setStatus(Http::STATUS_FORBIDDEN);
140		- return $response;
141		- }
	127	+ /**
	128	+ * @return TemplateResponse
	129	+ */
	130	+ private function stateTokenForbiddenResponse() {
	131	+ $response = new TemplateResponse(
	132	+ $this->appName,
	133	+ '403',
	134	+ [
	135	+ 'file' => $this->l10n->t('State token does not match'),
	136	+ ],
	137	+ 'guest'
	138	+ );
	139	+ $response->setStatus(Http::STATUS_FORBIDDEN);
	140	+ return $response;
	141	+ }
142	142
143		- /**
144		- * @PublicPage
145		- * @NoCSRFRequired
146		- * @UseSession
147		- *
148		- * @param string $clientIdentifier
149		- *
150		- * @return TemplateResponse
151		- */
152		- public function showAuthPickerPage($clientIdentifier = '',
153		- $oauthState = '') {
	143	+ /**
	144	+ * @PublicPage
	145	+ * @NoCSRFRequired
	146	+ * @UseSession
	147	+ *
	148	+ * @param string $clientIdentifier
	149	+ *
	150	+ * @return TemplateResponse
	151	+ */
	152	+ public function showAuthPickerPage($clientIdentifier = '',
	153	+ $oauthState = '') {
154	154
155	155
156		- $clientName = $this->getClientName();
157		- $client = null;
158		- if($clientIdentifier !== '') {
159		- $client = $this->clientMapper->getByIdentifier($clientIdentifier);
160		- $clientName = $client->getName();
161		- }
	156	+ $clientName = $this->getClientName();
	157	+ $client = null;
	158	+ if($clientIdentifier !== '') {
	159	+ $client = $this->clientMapper->getByIdentifier($clientIdentifier);
	160	+ $clientName = $client->getName();
	161	+ }
162	162
163		- $validClient = $client !== null && $client->getClientIdentifier() !== null;
164		- $cookieCheckSuccessful = $this->request->passesStrictCookieCheck();
	163	+ $validClient = $client !== null && $client->getClientIdentifier() !== null;
	164	+ $cookieCheckSuccessful = $this->request->passesStrictCookieCheck();
165	165
166		- // no valid clientIdentifier given and no valid API Request (APIRequest header not set)
167		- if ($cookieCheckSuccessful === false && $validClient === false) {
168		- return new TemplateResponse(
169		- $this->appName,
170		- 'error',
171		- ['errors' =>
172		- [
173		- ['error' => 'Access Forbidden', 'hint' => 'Invalid request']
174		- ]
175		- ]
176		- );
177		- }
	166	+ // no valid clientIdentifier given and no valid API Request (APIRequest header not set)
	167	+ if ($cookieCheckSuccessful === false && $validClient === false) {
	168	+ return new TemplateResponse(
	169	+ $this->appName,
	170	+ 'error',
	171	+ ['errors' =>
	172	+ [
	173	+ ['error' => 'Access Forbidden', 'hint' => 'Invalid request']
	174	+ ]
	175	+ ]
	176	+ );
	177	+ }
178	178
179		- $stateToken = $this->random->generate(
180		- 64,
181		- ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
182		- );
183		- $this->session->set(self::stateName, $stateToken);
	179	+ $stateToken = $this->random->generate(
	180	+ 64,
	181	+ ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
	182	+ );
	183	+ $this->session->set(self::stateName, $stateToken);
184	184
185		- return new TemplateResponse(
186		- $this->appName,
187		- 'loginflow/authpicker',
188		- [
189		- 'client' => $clientName,
190		- 'clientIdentifier' => $clientIdentifier,
191		- 'oauthState' => $oauthState,
192		- 'instanceName' => $this->defaults->getName(),
193		- 'urlGenerator' => $this->urlGenerator,
194		- 'stateToken' => $stateToken,
195		- 'serverHost' => $this->request->getServerHost(),
196		- ],
197		- 'guest'
198		- );
199		- }
	185	+ return new TemplateResponse(
	186	+ $this->appName,
	187	+ 'loginflow/authpicker',
	188	+ [
	189	+ 'client' => $clientName,
	190	+ 'clientIdentifier' => $clientIdentifier,
	191	+ 'oauthState' => $oauthState,
	192	+ 'instanceName' => $this->defaults->getName(),
	193	+ 'urlGenerator' => $this->urlGenerator,
	194	+ 'stateToken' => $stateToken,
	195	+ 'serverHost' => $this->request->getServerHost(),
	196	+ ],
	197	+ 'guest'
	198	+ );
	199	+ }
200	200
201		- /**
202		- * @NoAdminRequired
203		- * @NoCSRFRequired
204		- * @UseSession
205		- *
206		- * @param string $stateToken
207		- * @param string $clientIdentifier
208		- * @param string $oauthState
209		- * @return TemplateResponse
210		- */
211		- public function redirectPage($stateToken = '',
212		- $clientIdentifier = '',
213		- $oauthState = '') {
214		- if(!$this->isValidToken($stateToken)) {
215		- return $this->stateTokenForbiddenResponse();
216		- }
	201	+ /**
	202	+ * @NoAdminRequired
	203	+ * @NoCSRFRequired
	204	+ * @UseSession
	205	+ *
	206	+ * @param string $stateToken
	207	+ * @param string $clientIdentifier
	208	+ * @param string $oauthState
	209	+ * @return TemplateResponse
	210	+ */
	211	+ public function redirectPage($stateToken = '',
	212	+ $clientIdentifier = '',
	213	+ $oauthState = '') {
	214	+ if(!$this->isValidToken($stateToken)) {
	215	+ return $this->stateTokenForbiddenResponse();
	216	+ }
217	217
218		- return new TemplateResponse(
219		- $this->appName,
220		- 'loginflow/redirect',
221		- [
222		- 'urlGenerator' => $this->urlGenerator,
223		- 'stateToken' => $stateToken,
224		- 'clientIdentifier' => $clientIdentifier,
225		- 'oauthState' => $oauthState,
226		- ],
227		- 'empty'
228		- );
229		- }
	218	+ return new TemplateResponse(
	219	+ $this->appName,
	220	+ 'loginflow/redirect',
	221	+ [
	222	+ 'urlGenerator' => $this->urlGenerator,
	223	+ 'stateToken' => $stateToken,
	224	+ 'clientIdentifier' => $clientIdentifier,
	225	+ 'oauthState' => $oauthState,
	226	+ ],
	227	+ 'empty'
	228	+ );
	229	+ }
230	230
231		- /**
232		- * @NoAdminRequired
233		- * @UseSession
234		- *
235		- * @param string $stateToken
236		- * @param string $clientIdentifier
237		- * @param string $state
238		- * @param string $oauthState
239		- * @return Http\RedirectResponse\|Response
240		- */
241		- public function generateAppPassword($stateToken,
242		- $clientIdentifier = '',
243		- $state = '',
244		- $oauthState = '') {
245		- if(!$this->isValidToken($stateToken)) {
246		- $this->session->remove(self::stateName);
247		- return $this->stateTokenForbiddenResponse();
248		- }
	231	+ /**
	232	+ * @NoAdminRequired
	233	+ * @UseSession
	234	+ *
	235	+ * @param string $stateToken
	236	+ * @param string $clientIdentifier
	237	+ * @param string $state
	238	+ * @param string $oauthState
	239	+ * @return Http\RedirectResponse\|Response
	240	+ */
	241	+ public function generateAppPassword($stateToken,
	242	+ $clientIdentifier = '',
	243	+ $state = '',
	244	+ $oauthState = '') {
	245	+ if(!$this->isValidToken($stateToken)) {
	246	+ $this->session->remove(self::stateName);
	247	+ return $this->stateTokenForbiddenResponse();
	248	+ }
249	249
250		- $this->session->remove(self::stateName);
	250	+ $this->session->remove(self::stateName);
251	251
252		- try {
253		- $sessionId = $this->session->getId();
254		- } catch (SessionNotAvailableException $ex) {
255		- $response = new Response();
256		- $response->setStatus(Http::STATUS_FORBIDDEN);
257		- return $response;
258		- }
	252	+ try {
	253	+ $sessionId = $this->session->getId();
	254	+ } catch (SessionNotAvailableException $ex) {
	255	+ $response = new Response();
	256	+ $response->setStatus(Http::STATUS_FORBIDDEN);
	257	+ return $response;
	258	+ }
259	259
260		- try {
261		- $sessionToken = $this->tokenProvider->getToken($sessionId);
262		- $loginName = $sessionToken->getLoginName();
263		- try {
264		- $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
265		- } catch (PasswordlessTokenException $ex) {
266		- $password = null;
267		- }
268		- } catch (InvalidTokenException $ex) {
269		- $response = new Response();
270		- $response->setStatus(Http::STATUS_FORBIDDEN);
271		- return $response;
272		- }
	260	+ try {
	261	+ $sessionToken = $this->tokenProvider->getToken($sessionId);
	262	+ $loginName = $sessionToken->getLoginName();
	263	+ try {
	264	+ $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
	265	+ } catch (PasswordlessTokenException $ex) {
	266	+ $password = null;
	267	+ }
	268	+ } catch (InvalidTokenException $ex) {
	269	+ $response = new Response();
	270	+ $response->setStatus(Http::STATUS_FORBIDDEN);
	271	+ return $response;
	272	+ }
273	273
274		- $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
275		- $uid = $this->userSession->getUser()->getUID();
276		- $generatedToken = $this->tokenProvider->generateToken(
277		- $token,
278		- $uid,
279		- $loginName,
280		- $password,
281		- $this->getClientName(),
282		- IToken::PERMANENT_TOKEN,
283		- IToken::DO_NOT_REMEMBER
284		- );
	274	+ $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
	275	+ $uid = $this->userSession->getUser()->getUID();
	276	+ $generatedToken = $this->tokenProvider->generateToken(
	277	+ $token,
	278	+ $uid,
	279	+ $loginName,
	280	+ $password,
	281	+ $this->getClientName(),
	282	+ IToken::PERMANENT_TOKEN,
	283	+ IToken::DO_NOT_REMEMBER
	284	+ );
285	285
286		- if($clientIdentifier !== '') {
287		- $client = $this->clientMapper->getByIdentifier($clientIdentifier);
	286	+ if($clientIdentifier !== '') {
	287	+ $client = $this->clientMapper->getByIdentifier($clientIdentifier);
288	288
289		- $code = $this->random->generate(128);
290		- $accessToken = new AccessToken();
291		- $accessToken->setClientId($client->getId());
292		- $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
293		- $accessToken->setHashedCode(hash('sha512', $code));
294		- $accessToken->setTokenId($generatedToken->getId());
295		- $this->accessTokenMapper->insert($accessToken);
	289	+ $code = $this->random->generate(128);
	290	+ $accessToken = new AccessToken();
	291	+ $accessToken->setClientId($client->getId());
	292	+ $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
	293	+ $accessToken->setHashedCode(hash('sha512', $code));
	294	+ $accessToken->setTokenId($generatedToken->getId());
	295	+ $this->accessTokenMapper->insert($accessToken);
296	296
297		- $redirectUri = sprintf(
298		- '%s?state=%s&code=%s',
299		- $client->getRedirectUri(),
300		- urlencode($oauthState),
301		- urlencode($code)
302		- );
303		- } else {
304		- $redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
305		- }
	297	+ $redirectUri = sprintf(
	298	+ '%s?state=%s&code=%s',
	299	+ $client->getRedirectUri(),
	300	+ urlencode($oauthState),
	301	+ urlencode($code)
	302	+ );
	303	+ } else {
	304	+ $redirectUri = 'nc://login/server:' . $this->request->getServerHost() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
	305	+ }
306	306
307		- return new Http\RedirectResponse($redirectUri);
308		- }
	307	+ return new Http\RedirectResponse($redirectUri);
	308	+ }
309	309	}

		@@ -20,26 +20,26 @@
		block discarded – undo
20	20	*/
21	21
22	22	return [
23		- 'routes' => [
24		- [
25		- 'name' => 'Settings#addClient',
26		- 'url' => '/settings',
27		- 'verb' => 'POST',
28		- ],
29		- [
30		- 'name' => 'Settings#deleteClient',
31		- 'url' => '/clients/{id}/delete',
32		- 'verb' => 'POST'
33		- ],
34		- [
35		- 'name' => 'LoginRedirector#authorize',
36		- 'url' => '/authorize',
37		- 'verb' => 'GET',
38		- ],
39		- [
40		- 'name' => 'OauthApi#getToken',
41		- 'url' => '/api/v1/token',
42		- 'verb' => 'POST'
43		- ],
44		- ],
	23	+ 'routes' => [
	24	+ [
	25	+ 'name' => 'Settings#addClient',
	26	+ 'url' => '/settings',
	27	+ 'verb' => 'POST',
	28	+ ],
	29	+ [
	30	+ 'name' => 'Settings#deleteClient',
	31	+ 'url' => '/clients/{id}/delete',
	32	+ 'verb' => 'POST'
	33	+ ],
	34	+ [
	35	+ 'name' => 'LoginRedirector#authorize',
	36	+ 'url' => '/authorize',
	37	+ 'verb' => 'GET',
	38	+ ],
	39	+ [
	40	+ 'name' => 'OauthApi#getToken',
	41	+ 'url' => '/api/v1/token',
	42	+ 'verb' => 'POST'
	43	+ ],
	44	+ ],
45	45	];
46	46	\ No newline at end of file

		@@ -34,20 +34,20 @@
		block discarded – undo
34	34	* @method void setName(string $name)
35	35	*/
36	36	class Client extends Entity {
37		- /** @var string */
38		- protected $name;
39		- /** @var string */
40		- protected $redirectUri;
41		- /** @var string */
42		- protected $clientIdentifier;
43		- /** @var string */
44		- protected $secret;
	37	+ /** @var string */
	38	+ protected $name;
	39	+ /** @var string */
	40	+ protected $redirectUri;
	41	+ /** @var string */
	42	+ protected $clientIdentifier;
	43	+ /** @var string */
	44	+ protected $secret;
45	45
46		- public function __construct() {
47		- $this->addType('id', 'int');
48		- $this->addType('name', 'string');
49		- $this->addType('redirect_uri', 'string');
50		- $this->addType('client_identifier', 'string');
51		- $this->addType('secret', 'string');
52		- }
	46	+ public function __construct() {
	47	+ $this->addType('id', 'int');
	48	+ $this->addType('name', 'string');
	49	+ $this->addType('redirect_uri', 'string');
	50	+ $this->addType('client_identifier', 'string');
	51	+ $this->addType('secret', 'string');
	52	+ }
53	53	}

		@@ -34,20 +34,20 @@
		block discarded – undo
34	34	* @method void setHashedCode(string $token)
35	35	*/
36	36	class AccessToken extends Entity {
37		- /** @var int */
38		- protected $tokenId;
39		- /** @var int */
40		- protected $clientId;
41		- /** @var string */
42		- protected $hashedCode;
43		- /** @var string */
44		- protected $encryptedToken;
	37	+ /** @var int */
	38	+ protected $tokenId;
	39	+ /** @var int */
	40	+ protected $clientId;
	41	+ /** @var string */
	42	+ protected $hashedCode;
	43	+ /** @var string */
	44	+ protected $encryptedToken;
45	45
46		- public function __construct() {
47		- $this->addType('id', 'int');
48		- $this->addType('token_id', 'int');
49		- $this->addType('client_id', 'int');
50		- $this->addType('hashed_code', 'string');
51		- $this->addType('encrypted_token', 'string');
52		- }
	46	+ public function __construct() {
	47	+ $this->addType('id', 'int');
	48	+ $this->addType('token_id', 'int');
	49	+ $this->addType('client_id', 'int');
	50	+ $this->addType('hashed_code', 'string');
	51	+ $this->addType('encrypted_token', 'string');
	52	+ }
53	53	}

		@@ -26,43 +26,43 @@
		block discarded – undo
26	26
27	27	class ClientMapper extends Mapper {
28	28
29		- /**
30		- * @param IDBConnection $db
31		- */
32		- public function __construct(IDBConnection $db) {
33		- parent::__construct($db, 'oauth2_clients');
34		- }
	29	+ /**
	30	+ * @param IDBConnection $db
	31	+ */
	32	+ public function __construct(IDBConnection $db) {
	33	+ parent::__construct($db, 'oauth2_clients');
	34	+ }
35	35
36		- /**
37		- * @param string $clientIdentifier
38		- * @return Client
39		- */
40		- public function getByIdentifier($clientIdentifier) {
41		- $qb = $this->db->getQueryBuilder();
42		- $qb
43		- ->select('*')
44		- ->from($this->tableName)
45		- ->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
46		- $result = $qb->execute();
47		- $row = $result->fetch();
48		- $result->closeCursor();
	36	+ /**
	37	+ * @param string $clientIdentifier
	38	+ * @return Client
	39	+ */
	40	+ public function getByIdentifier($clientIdentifier) {
	41	+ $qb = $this->db->getQueryBuilder();
	42	+ $qb
	43	+ ->select('*')
	44	+ ->from($this->tableName)
	45	+ ->where($qb->expr()->eq('client_identifier', $qb->createNamedParameter($clientIdentifier)));
	46	+ $result = $qb->execute();
	47	+ $row = $result->fetch();
	48	+ $result->closeCursor();
49	49
50		- if (!is_array($row)) {
51		- $row = [];
52		- }
	50	+ if (!is_array($row)) {
	51	+ $row = [];
	52	+ }
53	53
54		- return Client::fromRow($row);
55		- }
	54	+ return Client::fromRow($row);
	55	+ }
56	56
57		- /**
58		- * @return Client[]
59		- */
60		- public function getClients() {
61		- $qb = $this->db->getQueryBuilder();
62		- $qb
63		- ->select('*')
64		- ->from($this->tableName);
	57	+ /**
	58	+ * @return Client[]
	59	+ */
	60	+ public function getClients() {
	61	+ $qb = $this->db->getQueryBuilder();
	62	+ $qb
	63	+ ->select('*')
	64	+ ->from($this->tableName);
65	65
66		- return $this->findEntities($qb->getSQL());
67		- }
	66	+ return $this->findEntities($qb->getSQL());
	67	+ }
68	68	}

		@@ -28,51 +28,51 @@
		block discarded – undo
28	28	use OCP\IURLGenerator;
29	29
30	30	class LoginRedirectorController extends Controller {
31		- /** @var IURLGenerator */
32		- private $urlGenerator;
33		- /** @var ClientMapper */
34		- private $clientMapper;
	31	+ /** @var IURLGenerator */
	32	+ private $urlGenerator;
	33	+ /** @var ClientMapper */
	34	+ private $clientMapper;
35	35
36		- /**
37		- * @param string $appName
38		- * @param IRequest $request
39		- * @param IURLGenerator $urlGenerator
40		- * @param ClientMapper $clientMapper
41		- */
42		- public function __construct($appName,
43		- IRequest $request,
44		- IURLGenerator $urlGenerator,
45		- ClientMapper $clientMapper) {
46		- parent::__construct($appName, $request);
47		- $this->urlGenerator = $urlGenerator;
48		- $this->clientMapper = $clientMapper;
49		- }
	36	+ /**
	37	+ * @param string $appName
	38	+ * @param IRequest $request
	39	+ * @param IURLGenerator $urlGenerator
	40	+ * @param ClientMapper $clientMapper
	41	+ */
	42	+ public function __construct($appName,
	43	+ IRequest $request,
	44	+ IURLGenerator $urlGenerator,
	45	+ ClientMapper $clientMapper) {
	46	+ parent::__construct($appName, $request);
	47	+ $this->urlGenerator = $urlGenerator;
	48	+ $this->clientMapper = $clientMapper;
	49	+ }
50	50
51		- /**
52		- * @PublicPage
53		- * @NoCSRFRequired
54		- *
55		- * @param string $client_id
56		- * @param string $redirect_uri
57		- * @param string $state
58		- * @return RedirectResponse
59		- */
60		- public function authorize($client_id,
61		- $redirect_uri,
62		- $state) {
63		- $client = $this->clientMapper->getByIdentifier($client_id);
	51	+ /**
	52	+ * @PublicPage
	53	+ * @NoCSRFRequired
	54	+ *
	55	+ * @param string $client_id
	56	+ * @param string $redirect_uri
	57	+ * @param string $state
	58	+ * @return RedirectResponse
	59	+ */
	60	+ public function authorize($client_id,
	61	+ $redirect_uri,
	62	+ $state) {
	63	+ $client = $this->clientMapper->getByIdentifier($client_id);
64	64
65		- if($client->getRedirectUri() !== $redirect_uri) {
66		- throw new \Exception('Redirect URI does not match');
67		- }
	65	+ if($client->getRedirectUri() !== $redirect_uri) {
	66	+ throw new \Exception('Redirect URI does not match');
	67	+ }
68	68
69		- $targetUrl = $this->urlGenerator->linkToRouteAbsolute(
70		- 'core.ClientFlowLogin.showAuthPickerPage',
71		- [
72		- 'clientIdentifier' => $client->getClientIdentifier(),
73		- 'oauthState' => $state,
74		- ]
75		- );
76		- return new RedirectResponse($targetUrl);
77		- }
	69	+ $targetUrl = $this->urlGenerator->linkToRouteAbsolute(
	70	+ 'core.ClientFlowLogin.showAuthPickerPage',
	71	+ [
	72	+ 'clientIdentifier' => $client->getClientIdentifier(),
	73	+ 'oauthState' => $state,
	74	+ ]
	75	+ );
	76	+ return new RedirectResponse($targetUrl);
	77	+ }
78	78	}

		@@ -62,7 +62,7 @@
		block discarded – undo
62	62	$state) {
63	63	$client = $this->clientMapper->getByIdentifier($client_id);
64	64
65		- if($client->getRedirectUri() !== $redirect_uri) {
	65	+ if ($client->getRedirectUri() !== $redirect_uri) {
66	66	throw new \Exception('Redirect URI does not match');
67	67	}
68	68

		@@ -30,59 +30,59 @@
		block discarded – undo
30	30	use OCP\Security\ISecureRandom;
31	31
32	32	class OauthApiController extends Controller {
33		- /** @var AccessTokenMapper */
34		- private $accessTokenMapper;
35		- /** @var ICrypto */
36		- private $crypto;
37		- /** @var DefaultTokenMapper */
38		- private $defaultTokenMapper;
39		- /** @var ISecureRandom */
40		- private $secureRandom;
	33	+ /** @var AccessTokenMapper */
	34	+ private $accessTokenMapper;
	35	+ /** @var ICrypto */
	36	+ private $crypto;
	37	+ /** @var DefaultTokenMapper */
	38	+ private $defaultTokenMapper;
	39	+ /** @var ISecureRandom */
	40	+ private $secureRandom;
41	41
42		- /**
43		- * @param string $appName
44		- * @param IRequest $request
45		- * @param ICrypto $crypto
46		- * @param AccessTokenMapper $accessTokenMapper
47		- * @param DefaultTokenMapper $defaultTokenMapper
48		- * @param ISecureRandom $secureRandom
49		- */
50		- public function __construct($appName,
51		- IRequest $request,
52		- ICrypto $crypto,
53		- AccessTokenMapper $accessTokenMapper,
54		- DefaultTokenMapper $defaultTokenMapper,
55		- ISecureRandom $secureRandom) {
56		- parent::__construct($appName, $request);
57		- $this->crypto = $crypto;
58		- $this->accessTokenMapper = $accessTokenMapper;
59		- $this->defaultTokenMapper = $defaultTokenMapper;
60		- $this->secureRandom = $secureRandom;
61		- }
	42	+ /**
	43	+ * @param string $appName
	44	+ * @param IRequest $request
	45	+ * @param ICrypto $crypto
	46	+ * @param AccessTokenMapper $accessTokenMapper
	47	+ * @param DefaultTokenMapper $defaultTokenMapper
	48	+ * @param ISecureRandom $secureRandom
	49	+ */
	50	+ public function __construct($appName,
	51	+ IRequest $request,
	52	+ ICrypto $crypto,
	53	+ AccessTokenMapper $accessTokenMapper,
	54	+ DefaultTokenMapper $defaultTokenMapper,
	55	+ ISecureRandom $secureRandom) {
	56	+ parent::__construct($appName, $request);
	57	+ $this->crypto = $crypto;
	58	+ $this->accessTokenMapper = $accessTokenMapper;
	59	+ $this->defaultTokenMapper = $defaultTokenMapper;
	60	+ $this->secureRandom = $secureRandom;
	61	+ }
62	62
63		- /**
64		- * @PublicPage
65		- * @NoCSRFRequired
66		- *
67		- * @param string $code
68		- * @return JSONResponse
69		- */
70		- public function getToken($code) {
71		- $accessToken = $this->accessTokenMapper->getByCode($code);
72		- $decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code);
73		- $newCode = $this->secureRandom->generate(128);
74		- $accessToken->setHashedCode(hash('sha512', $newCode));
75		- $accessToken->setEncryptedToken($this->crypto->encrypt($decryptedToken, $newCode));
76		- $this->accessTokenMapper->update($accessToken);
	63	+ /**
	64	+ * @PublicPage
	65	+ * @NoCSRFRequired
	66	+ *
	67	+ * @param string $code
	68	+ * @return JSONResponse
	69	+ */
	70	+ public function getToken($code) {
	71	+ $accessToken = $this->accessTokenMapper->getByCode($code);
	72	+ $decryptedToken = $this->crypto->decrypt($accessToken->getEncryptedToken(), $code);
	73	+ $newCode = $this->secureRandom->generate(128);
	74	+ $accessToken->setHashedCode(hash('sha512', $newCode));
	75	+ $accessToken->setEncryptedToken($this->crypto->encrypt($decryptedToken, $newCode));
	76	+ $this->accessTokenMapper->update($accessToken);
77	77
78		- return new JSONResponse(
79		- [
80		- 'access_token' => $decryptedToken,
81		- 'token_type' => 'Bearer',
82		- 'expires_in' => 3600,
83		- 'refresh_token' => $newCode,
84		- 'user_id' => ($this->defaultTokenMapper->getTokenById($accessToken->getTokenId()))->getUID(),
85		- ]
86		- );
87		- }
	78	+ return new JSONResponse(
	79	+ [
	80	+ 'access_token' => $decryptedToken,
	81	+ 'token_type' => 'Bearer',
	82	+ 'expires_in' => 3600,
	83	+ 'refresh_token' => $newCode,
	84	+ 'user_id' => ($this->defaultTokenMapper->getTokenById($accessToken->getTokenId()))->getUID(),
	85	+ ]
	86	+ );
	87	+ }
88	88	}

		@@ -27,41 +27,41 @@
		block discarded – undo
27	27	use OCP\Settings\ISettings;
28	28
29	29	class Admin implements ISettings {
30		- /** @var ClientMapper */
31		- private $clientMapper;
	30	+ /** @var ClientMapper */
	31	+ private $clientMapper;
32	32
33		- /**
34		- * @param ClientMapper $clientMapper
35		- */
36		- public function __construct(ClientMapper $clientMapper) {
37		- $this->clientMapper = $clientMapper;
38		- }
	33	+ /**
	34	+ * @param ClientMapper $clientMapper
	35	+ */
	36	+ public function __construct(ClientMapper $clientMapper) {
	37	+ $this->clientMapper = $clientMapper;
	38	+ }
39	39
40		- /**
41		- * @return TemplateResponse
42		- */
43		- public function getForm() {
44		- return new TemplateResponse(
45		- 'oauth2',
46		- 'admin',
47		- [
48		- 'clients' => $this->clientMapper->getClients(),
49		- ],
50		- ''
51		- );
52		- }
	40	+ /**
	41	+ * @return TemplateResponse
	42	+ */
	43	+ public function getForm() {
	44	+ return new TemplateResponse(
	45	+ 'oauth2',
	46	+ 'admin',
	47	+ [
	48	+ 'clients' => $this->clientMapper->getClients(),
	49	+ ],
	50	+ ''
	51	+ );
	52	+ }
53	53
54		- /**
55		- * {@inheritdoc}
56		- */
57		- public function getSection() {
58		- return 'security';
59		- }
	54	+ /**
	55	+ * {@inheritdoc}
	56	+ */
	57	+ public function getSection() {
	58	+ return 'security';
	59	+ }
60	60
61		- /**
62		- * {@inheritdoc}
63		- */
64		- public function getPriority() {
65		- return 0;
66		- }
	61	+ /**
	62	+ * {@inheritdoc}
	63	+ */
	64	+ public function getPriority() {
	65	+ return 0;
	66	+ }
67	67	}

nextcloud / server

Pull Request — master (#4704)

Status

Category

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Indentation +240 added lines, -240 removed lines patch added patch discarded remove patch

Spacing +6 added lines, -6 removed lines patch added patch discarded remove patch

Indentation +22 added lines, -22 removed lines patch added patch discarded remove patch

Indentation +15 added lines, -15 removed lines patch added patch discarded remove patch

Indentation +15 added lines, -15 removed lines patch added patch discarded remove patch

Indentation +34 added lines, -34 removed lines patch added patch discarded remove patch

Indentation +43 added lines, -43 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Indentation +52 added lines, -52 removed lines patch added patch discarded remove patch

Indentation +33 added lines, -33 removed lines patch added patch discarded remove patch