Inspection of "Merge pull request #15590 from nextcloud/enh/15480..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 0857d9...f9d30b )

by Roeland

created 2019-05-17 08:57 UTC

Status

Indentation +75 added lines, -75 removed lines patch added patch discarded remove patch

@@ -36,83 +36,83 @@  discard block
 block discarded – undo
 
 $application = new Application();
 $application->registerRoutes($this, [
-	'routes' => [
-		['name' => 'lost#email', 'url' => '/lostpassword/email', 'verb' => 'POST'],
-		['name' => 'lost#resetform', 'url' => '/lostpassword/reset/form/{token}/{userId}', 'verb' => 'GET'],
-		['name' => 'lost#setPassword', 'url' => '/lostpassword/set/{token}/{userId}', 'verb' => 'POST'],
-		['name' => 'user#getDisplayNames', 'url' => '/displaynames', 'verb' => 'POST'],
-		['name' => 'avatar#getAvatar', 'url' => '/avatar/{userId}/{size}', 'verb' => 'GET'],
-		['name' => 'avatar#deleteAvatar', 'url' => '/avatar/', 'verb' => 'DELETE'],
-		['name' => 'avatar#postCroppedAvatar', 'url' => '/avatar/cropped', 'verb' => 'POST'],
-		['name' => 'avatar#getTmpAvatar', 'url' => '/avatar/tmp', 'verb' => 'GET'],
-		['name' => 'avatar#postAvatar', 'url' => '/avatar/', 'verb' => 'POST'],
-		['name' => 'GuestAvatar#getAvatar', 'url' => '/avatar/guest/{guestName}/{size}', 'verb' => 'GET'],
-		['name' => 'CSRFToken#index', 'url' => '/csrftoken', 'verb' => 'GET'],
-		['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
-		['name' => 'login#confirmPassword', 'url' => '/login/confirm', 'verb' => 'POST'],
-		['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
-		['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
-		// Original login flow used by all clients
-		['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'],
-		['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'],
-		['name' => 'ClientFlowLogin#grantPage', 'url' => '/login/flow/grant', 'verb' => 'GET'],
-		['name' => 'ClientFlowLogin#apptokenRedirect', 'url' => '/login/flow/apptoken', 'verb' => 'POST'],
-		// NG login flow used by desktop client in case of Kerberos/fancy 2fa (smart cards for example)
-		['name' => 'ClientFlowLoginV2#poll', 'url' => '/login/v2/poll', 'verb' => 'POST'],
-		['name' => 'ClientFlowLoginV2#showAuthPickerPage', 'url' => '/login/v2/flow', 'verb' => 'GET'],
-		['name' => 'ClientFlowLoginV2#landing', 'url' => '/login/v2/flow/{token}', 'verb' => 'GET'],
-		['name' => 'ClientFlowLoginV2#grantPage', 'url' => '/login/v2/grant', 'verb' => 'GET'],
-		['name' => 'ClientFlowLoginV2#generateAppPassword', 'url' => '/login/v2/grant', 'verb' => 'POST'],
-		['name' => 'ClientFlowLoginV2#init', 'url' => '/login/v2', 'verb' => 'POST'],
-		['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
-		['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
-		['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],
-		['name' => 'OCJS#getConfig', 'url' => '/core/js/oc.js', 'verb' => 'GET'],
-		['name' => 'Preview#getPreviewByFileId', 'url' => '/core/preview', 'verb' => 'GET'],
-		['name' => 'Preview#getPreview', 'url' => '/core/preview.png', 'verb' => 'GET'],
-		['name' => 'Svg#getSvgFromCore', 'url' => '/svg/core/{folder}/{fileName}', 'verb' => 'GET'],
-		['name' => 'Svg#getSvgFromApp', 'url' => '/svg/{app}/{fileName}', 'verb' => 'GET'],
-		['name' => 'Css#getCss', 'url' => '/css/{appName}/{fileName}', 'verb' => 'GET'],
-		['name' => 'Js#getJs', 'url' => '/js/{appName}/{fileName}', 'verb' => 'GET'],
-		['name' => 'contactsMenu#index', 'url' => '/contactsmenu/contacts', 'verb' => 'POST'],
-		['name' => 'contactsMenu#findOne', 'url' => '/contactsmenu/findOne', 'verb' => 'POST'],
-		['name' => 'WalledGarden#get', 'url' => '/204', 'verb' => 'GET'],
-		['name' => 'Search#search', 'url' => '/core/search', 'verb' => 'GET'],
+    'routes' => [
+        ['name' => 'lost#email', 'url' => '/lostpassword/email', 'verb' => 'POST'],
+        ['name' => 'lost#resetform', 'url' => '/lostpassword/reset/form/{token}/{userId}', 'verb' => 'GET'],
+        ['name' => 'lost#setPassword', 'url' => '/lostpassword/set/{token}/{userId}', 'verb' => 'POST'],
+        ['name' => 'user#getDisplayNames', 'url' => '/displaynames', 'verb' => 'POST'],
+        ['name' => 'avatar#getAvatar', 'url' => '/avatar/{userId}/{size}', 'verb' => 'GET'],
+        ['name' => 'avatar#deleteAvatar', 'url' => '/avatar/', 'verb' => 'DELETE'],
+        ['name' => 'avatar#postCroppedAvatar', 'url' => '/avatar/cropped', 'verb' => 'POST'],
+        ['name' => 'avatar#getTmpAvatar', 'url' => '/avatar/tmp', 'verb' => 'GET'],
+        ['name' => 'avatar#postAvatar', 'url' => '/avatar/', 'verb' => 'POST'],
+        ['name' => 'GuestAvatar#getAvatar', 'url' => '/avatar/guest/{guestName}/{size}', 'verb' => 'GET'],
+        ['name' => 'CSRFToken#index', 'url' => '/csrftoken', 'verb' => 'GET'],
+        ['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
+        ['name' => 'login#confirmPassword', 'url' => '/login/confirm', 'verb' => 'POST'],
+        ['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
+        ['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
+        // Original login flow used by all clients
+        ['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'],
+        ['name' => 'ClientFlowLogin#grantPage', 'url' => '/login/flow/grant', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLogin#apptokenRedirect', 'url' => '/login/flow/apptoken', 'verb' => 'POST'],
+        // NG login flow used by desktop client in case of Kerberos/fancy 2fa (smart cards for example)
+        ['name' => 'ClientFlowLoginV2#poll', 'url' => '/login/v2/poll', 'verb' => 'POST'],
+        ['name' => 'ClientFlowLoginV2#showAuthPickerPage', 'url' => '/login/v2/flow', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLoginV2#landing', 'url' => '/login/v2/flow/{token}', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLoginV2#grantPage', 'url' => '/login/v2/grant', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLoginV2#generateAppPassword', 'url' => '/login/v2/grant', 'verb' => 'POST'],
+        ['name' => 'ClientFlowLoginV2#init', 'url' => '/login/v2', 'verb' => 'POST'],
+        ['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
+        ['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
+        ['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],
+        ['name' => 'OCJS#getConfig', 'url' => '/core/js/oc.js', 'verb' => 'GET'],
+        ['name' => 'Preview#getPreviewByFileId', 'url' => '/core/preview', 'verb' => 'GET'],
+        ['name' => 'Preview#getPreview', 'url' => '/core/preview.png', 'verb' => 'GET'],
+        ['name' => 'Svg#getSvgFromCore', 'url' => '/svg/core/{folder}/{fileName}', 'verb' => 'GET'],
+        ['name' => 'Svg#getSvgFromApp', 'url' => '/svg/{app}/{fileName}', 'verb' => 'GET'],
+        ['name' => 'Css#getCss', 'url' => '/css/{appName}/{fileName}', 'verb' => 'GET'],
+        ['name' => 'Js#getJs', 'url' => '/js/{appName}/{fileName}', 'verb' => 'GET'],
+        ['name' => 'contactsMenu#index', 'url' => '/contactsmenu/contacts', 'verb' => 'POST'],
+        ['name' => 'contactsMenu#findOne', 'url' => '/contactsmenu/findOne', 'verb' => 'POST'],
+        ['name' => 'WalledGarden#get', 'url' => '/204', 'verb' => 'GET'],
+        ['name' => 'Search#search', 'url' => '/core/search', 'verb' => 'GET'],
 
-		// Legacy routes that need to be globally available while they are handled by an app
-		['name' => 'viewcontroller#showFile', 'url' => '/f/{fileid}', 'verb' => 'GET', 'app' => 'files'],
-		['name' => 'sharecontroller#showShare', 'url' => '/s/{token}', 'verb' => 'GET', 'app' => 'files_sharing'],
-		['name' => 'sharecontroller#showAuthenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'GET', 'app' => 'files_sharing'],
-		['name' => 'sharecontroller#authenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'POST', 'app' => 'files_sharing'],
-		['name' => 'sharecontroller#downloadShare', 'url' => '/s/{token}/download', 'verb' => 'GET', 'app' => 'files_sharing'],
-		['name' => 'publicpreview#directLink', 'url' => '/s/{token}/preview', 'verb' => 'GET', 'app' => 'files_sharing'],
-		['name' => 'requesthandlercontroller#addShare', 'url' => '/ocm/shares', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
-		['name' => 'requesthandlercontroller#receiveNotification', 'url' => '/ocm/notifications', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
-		['name' => 'pagecontroller#showCall', 'url' => '/call/{token}', 'verb' => 'GET', 'app' => 'spreed'],
-		['name' => 'pagecontroller#authenticatePassword', 'url' => '/call/{token}', 'verb' => 'POST', 'app' => 'spreed'],
-	],
-	'ocs' => [
-		['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
-		['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
-		['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
-		['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'],
-		['root' => '/core', 'name' => 'Navigation#getAppsNavigation', 'url' => '/navigation/apps', 'verb' => 'GET'],
-		['root' => '/core', 'name' => 'Navigation#getSettingsNavigation', 'url' => '/navigation/settings', 'verb' => 'GET'],
-		['root' => '/core', 'name' => 'AutoComplete#get', 'url' => '/autocomplete/get', 'verb' => 'GET'],
-		['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'],
-		['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'],
-		['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'],
-		['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'],
+        // Legacy routes that need to be globally available while they are handled by an app
+        ['name' => 'viewcontroller#showFile', 'url' => '/f/{fileid}', 'verb' => 'GET', 'app' => 'files'],
+        ['name' => 'sharecontroller#showShare', 'url' => '/s/{token}', 'verb' => 'GET', 'app' => 'files_sharing'],
+        ['name' => 'sharecontroller#showAuthenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'GET', 'app' => 'files_sharing'],
+        ['name' => 'sharecontroller#authenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'POST', 'app' => 'files_sharing'],
+        ['name' => 'sharecontroller#downloadShare', 'url' => '/s/{token}/download', 'verb' => 'GET', 'app' => 'files_sharing'],
+        ['name' => 'publicpreview#directLink', 'url' => '/s/{token}/preview', 'verb' => 'GET', 'app' => 'files_sharing'],
+        ['name' => 'requesthandlercontroller#addShare', 'url' => '/ocm/shares', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
+        ['name' => 'requesthandlercontroller#receiveNotification', 'url' => '/ocm/notifications', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
+        ['name' => 'pagecontroller#showCall', 'url' => '/call/{token}', 'verb' => 'GET', 'app' => 'spreed'],
+        ['name' => 'pagecontroller#authenticatePassword', 'url' => '/call/{token}', 'verb' => 'POST', 'app' => 'spreed'],
+    ],
+    'ocs' => [
+        ['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
+        ['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
+        ['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
+        ['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'],
+        ['root' => '/core', 'name' => 'Navigation#getAppsNavigation', 'url' => '/navigation/apps', 'verb' => 'GET'],
+        ['root' => '/core', 'name' => 'Navigation#getSettingsNavigation', 'url' => '/navigation/settings', 'verb' => 'GET'],
+        ['root' => '/core', 'name' => 'AutoComplete#get', 'url' => '/autocomplete/get', 'verb' => 'GET'],
+        ['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'],
+        ['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'],
+        ['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'],
+        ['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'],
 
-		['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'],
-		['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'],
-		['root' => '/collaboration', 'name' => 'CollaborationResources#renameCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'PUT'],
-		['root' => '/collaboration', 'name' => 'CollaborationResources#addResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'POST'],
+        ['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'],
+        ['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'],
+        ['root' => '/collaboration', 'name' => 'CollaborationResources#renameCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'PUT'],
+        ['root' => '/collaboration', 'name' => 'CollaborationResources#addResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'POST'],
 
-		['root' => '/collaboration', 'name' => 'CollaborationResources#removeResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'DELETE'],
-		['root' => '/collaboration', 'name' => 'CollaborationResources#getCollectionsByResource', 'url' => '/resources/{resourceType}/{resourceId}', 'verb' => 'GET'],
-		['root' => '/collaboration', 'name' => 'CollaborationResources#createCollectionOnResource', 'url' => '/resources/{baseResourceType}/{baseResourceId}', 'verb' => 'POST'],
-	],
+        ['root' => '/collaboration', 'name' => 'CollaborationResources#removeResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'DELETE'],
+        ['root' => '/collaboration', 'name' => 'CollaborationResources#getCollectionsByResource', 'url' => '/resources/{resourceType}/{resourceId}', 'verb' => 'GET'],
+        ['root' => '/collaboration', 'name' => 'CollaborationResources#createCollectionOnResource', 'url' => '/resources/{baseResourceType}/{baseResourceId}', 'verb' => 'POST'],
+    ],
 ]);
 
 // Post installation check
@@ -121,4 +121,4 @@  discard block
 block discarded – undo
 // Core ajax actions
 // Routing
 $this->create('core_ajax_update', '/core/ajax/update.php')
-	->actionInclude('core/ajax/update.php');
+    ->actionInclude('core/ajax/update.php');

Please login to merge, or discard this patch.

core/Controller/AppPasswordController.php 1 patch

Indentation +98 added lines, -98 removed lines patch added patch discarded remove patch

@@ -40,102 +40,102 @@
 block discarded – undo
 
 class AppPasswordController extends \OCP\AppFramework\OCSController {
 
-	/** @var ISession */
-	private $session;
-
-	/** @var ISecureRandom */
-	private $random;
-
-	/** @var IProvider */
-	private $tokenProvider;
-
-	/** @var IStore */
-	private $credentialStore;
-
-	/** @var EventDispatcherInterface */
-	private $eventDispatcher;
-
-	public function __construct(string $appName,
-								IRequest $request,
-								ISession $session,
-								ISecureRandom $random,
-								IProvider $tokenProvider,
-								IStore $credentialStore,
-								EventDispatcherInterface $eventDispatcher) {
-		parent::__construct($appName, $request);
-
-		$this->session = $session;
-		$this->random = $random;
-		$this->tokenProvider = $tokenProvider;
-		$this->credentialStore = $credentialStore;
-		$this->eventDispatcher = $eventDispatcher;
-	}
-
-	/**
-	 * @NoAdminRequired
-	 *
-	 * @return DataResponse
-	 * @throws OCSForbiddenException
-	 */
-	public function getAppPassword(): DataResponse {
-		// We do not allow the creation of new tokens if this is an app password
-		if ($this->session->exists('app_password')) {
-			throw new OCSForbiddenException('You cannot request an new apppassword with an apppassword');
-		}
-
-		try {
-			$credentials = $this->credentialStore->getLoginCredentials();
-		} catch (CredentialsUnavailableException $e) {
-			throw new OCSForbiddenException();
-		}
-
-		try {
-			$password = $credentials->getPassword();
-		} catch (PasswordUnavailableException $e) {
-			$password = null;
-		}
-
-		$userAgent = $this->request->getHeader('USER_AGENT');
-
-		$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
-
-		$generatedToken = $this->tokenProvider->generateToken(
-			$token,
-			$credentials->getUID(),
-			$credentials->getLoginName(),
-			$password,
-			$userAgent,
-			IToken::PERMANENT_TOKEN,
-			IToken::DO_NOT_REMEMBER
-		);
-
-		$event = new GenericEvent($generatedToken);
-		$this->eventDispatcher->dispatch('app_password_created', $event);
-
-		return new DataResponse([
-			'apppassword' => $token
-		]);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 *
-	 * @return DataResponse
-	 */
-	public function deleteAppPassword() {
-		if (!$this->session->exists('app_password')) {
-			throw new OCSForbiddenException('no app password in use');
-		}
-
-		$appPassword = $this->session->get('app_password');
-
-		try {
-			$token = $this->tokenProvider->getToken($appPassword);
-		} catch (InvalidTokenException $e) {
-			throw new OCSForbiddenException('could not remove apptoken');
-		}
-
-		$this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId());
-		return new DataResponse();
-	}
+    /** @var ISession */
+    private $session;
+
+    /** @var ISecureRandom */
+    private $random;
+
+    /** @var IProvider */
+    private $tokenProvider;
+
+    /** @var IStore */
+    private $credentialStore;
+
+    /** @var EventDispatcherInterface */
+    private $eventDispatcher;
+
+    public function __construct(string $appName,
+                                IRequest $request,
+                                ISession $session,
+                                ISecureRandom $random,
+                                IProvider $tokenProvider,
+                                IStore $credentialStore,
+                                EventDispatcherInterface $eventDispatcher) {
+        parent::__construct($appName, $request);
+
+        $this->session = $session;
+        $this->random = $random;
+        $this->tokenProvider = $tokenProvider;
+        $this->credentialStore = $credentialStore;
+        $this->eventDispatcher = $eventDispatcher;
+    }
+
+    /**
+     * @NoAdminRequired
+     *
+     * @return DataResponse
+     * @throws OCSForbiddenException
+     */
+    public function getAppPassword(): DataResponse {
+        // We do not allow the creation of new tokens if this is an app password
+        if ($this->session->exists('app_password')) {
+            throw new OCSForbiddenException('You cannot request an new apppassword with an apppassword');
+        }
+
+        try {
+            $credentials = $this->credentialStore->getLoginCredentials();
+        } catch (CredentialsUnavailableException $e) {
+            throw new OCSForbiddenException();
+        }
+
+        try {
+            $password = $credentials->getPassword();
+        } catch (PasswordUnavailableException $e) {
+            $password = null;
+        }
+
+        $userAgent = $this->request->getHeader('USER_AGENT');
+
+        $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+
+        $generatedToken = $this->tokenProvider->generateToken(
+            $token,
+            $credentials->getUID(),
+            $credentials->getLoginName(),
+            $password,
+            $userAgent,
+            IToken::PERMANENT_TOKEN,
+            IToken::DO_NOT_REMEMBER
+        );
+
+        $event = new GenericEvent($generatedToken);
+        $this->eventDispatcher->dispatch('app_password_created', $event);
+
+        return new DataResponse([
+            'apppassword' => $token
+        ]);
+    }
+
+    /**
+     * @NoAdminRequired
+     *
+     * @return DataResponse
+     */
+    public function deleteAppPassword() {
+        if (!$this->session->exists('app_password')) {
+            throw new OCSForbiddenException('no app password in use');
+        }
+
+        $appPassword = $this->session->get('app_password');
+
+        try {
+            $token = $this->tokenProvider->getToken($appPassword);
+        } catch (InvalidTokenException $e) {
+            throw new OCSForbiddenException('could not remove apptoken');
+        }
+
+        $this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId());
+        return new DataResponse();
+    }
 }

Please login to merge, or discard this patch.

		@@ -36,83 +36,83 @@ discard block
		block discarded – undo
36	36
37	37	$application = new Application();
38	38	$application->registerRoutes($this, [
39		- 'routes' => [
40		- ['name' => 'lost#email', 'url' => '/lostpassword/email', 'verb' => 'POST'],
41		- ['name' => 'lost#resetform', 'url' => '/lostpassword/reset/form/{token}/{userId}', 'verb' => 'GET'],
42		- ['name' => 'lost#setPassword', 'url' => '/lostpassword/set/{token}/{userId}', 'verb' => 'POST'],
43		- ['name' => 'user#getDisplayNames', 'url' => '/displaynames', 'verb' => 'POST'],
44		- ['name' => 'avatar#getAvatar', 'url' => '/avatar/{userId}/{size}', 'verb' => 'GET'],
45		- ['name' => 'avatar#deleteAvatar', 'url' => '/avatar/', 'verb' => 'DELETE'],
46		- ['name' => 'avatar#postCroppedAvatar', 'url' => '/avatar/cropped', 'verb' => 'POST'],
47		- ['name' => 'avatar#getTmpAvatar', 'url' => '/avatar/tmp', 'verb' => 'GET'],
48		- ['name' => 'avatar#postAvatar', 'url' => '/avatar/', 'verb' => 'POST'],
49		- ['name' => 'GuestAvatar#getAvatar', 'url' => '/avatar/guest/{guestName}/{size}', 'verb' => 'GET'],
50		- ['name' => 'CSRFToken#index', 'url' => '/csrftoken', 'verb' => 'GET'],
51		- ['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
52		- ['name' => 'login#confirmPassword', 'url' => '/login/confirm', 'verb' => 'POST'],
53		- ['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
54		- ['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
55		- // Original login flow used by all clients
56		- ['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'],
57		- ['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'],
58		- ['name' => 'ClientFlowLogin#grantPage', 'url' => '/login/flow/grant', 'verb' => 'GET'],
59		- ['name' => 'ClientFlowLogin#apptokenRedirect', 'url' => '/login/flow/apptoken', 'verb' => 'POST'],
60		- // NG login flow used by desktop client in case of Kerberos/fancy 2fa (smart cards for example)
61		- ['name' => 'ClientFlowLoginV2#poll', 'url' => '/login/v2/poll', 'verb' => 'POST'],
62		- ['name' => 'ClientFlowLoginV2#showAuthPickerPage', 'url' => '/login/v2/flow', 'verb' => 'GET'],
63		- ['name' => 'ClientFlowLoginV2#landing', 'url' => '/login/v2/flow/{token}', 'verb' => 'GET'],
64		- ['name' => 'ClientFlowLoginV2#grantPage', 'url' => '/login/v2/grant', 'verb' => 'GET'],
65		- ['name' => 'ClientFlowLoginV2#generateAppPassword', 'url' => '/login/v2/grant', 'verb' => 'POST'],
66		- ['name' => 'ClientFlowLoginV2#init', 'url' => '/login/v2', 'verb' => 'POST'],
67		- ['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
68		- ['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
69		- ['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],
70		- ['name' => 'OCJS#getConfig', 'url' => '/core/js/oc.js', 'verb' => 'GET'],
71		- ['name' => 'Preview#getPreviewByFileId', 'url' => '/core/preview', 'verb' => 'GET'],
72		- ['name' => 'Preview#getPreview', 'url' => '/core/preview.png', 'verb' => 'GET'],
73		- ['name' => 'Svg#getSvgFromCore', 'url' => '/svg/core/{folder}/{fileName}', 'verb' => 'GET'],
74		- ['name' => 'Svg#getSvgFromApp', 'url' => '/svg/{app}/{fileName}', 'verb' => 'GET'],
75		- ['name' => 'Css#getCss', 'url' => '/css/{appName}/{fileName}', 'verb' => 'GET'],
76		- ['name' => 'Js#getJs', 'url' => '/js/{appName}/{fileName}', 'verb' => 'GET'],
77		- ['name' => 'contactsMenu#index', 'url' => '/contactsmenu/contacts', 'verb' => 'POST'],
78		- ['name' => 'contactsMenu#findOne', 'url' => '/contactsmenu/findOne', 'verb' => 'POST'],
79		- ['name' => 'WalledGarden#get', 'url' => '/204', 'verb' => 'GET'],
80		- ['name' => 'Search#search', 'url' => '/core/search', 'verb' => 'GET'],
	39	+ 'routes' => [
	40	+ ['name' => 'lost#email', 'url' => '/lostpassword/email', 'verb' => 'POST'],
	41	+ ['name' => 'lost#resetform', 'url' => '/lostpassword/reset/form/{token}/{userId}', 'verb' => 'GET'],
	42	+ ['name' => 'lost#setPassword', 'url' => '/lostpassword/set/{token}/{userId}', 'verb' => 'POST'],
	43	+ ['name' => 'user#getDisplayNames', 'url' => '/displaynames', 'verb' => 'POST'],
	44	+ ['name' => 'avatar#getAvatar', 'url' => '/avatar/{userId}/{size}', 'verb' => 'GET'],
	45	+ ['name' => 'avatar#deleteAvatar', 'url' => '/avatar/', 'verb' => 'DELETE'],
	46	+ ['name' => 'avatar#postCroppedAvatar', 'url' => '/avatar/cropped', 'verb' => 'POST'],
	47	+ ['name' => 'avatar#getTmpAvatar', 'url' => '/avatar/tmp', 'verb' => 'GET'],
	48	+ ['name' => 'avatar#postAvatar', 'url' => '/avatar/', 'verb' => 'POST'],
	49	+ ['name' => 'GuestAvatar#getAvatar', 'url' => '/avatar/guest/{guestName}/{size}', 'verb' => 'GET'],
	50	+ ['name' => 'CSRFToken#index', 'url' => '/csrftoken', 'verb' => 'GET'],
	51	+ ['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
	52	+ ['name' => 'login#confirmPassword', 'url' => '/login/confirm', 'verb' => 'POST'],
	53	+ ['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
	54	+ ['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
	55	+ // Original login flow used by all clients
	56	+ ['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'],
	57	+ ['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'],
	58	+ ['name' => 'ClientFlowLogin#grantPage', 'url' => '/login/flow/grant', 'verb' => 'GET'],
	59	+ ['name' => 'ClientFlowLogin#apptokenRedirect', 'url' => '/login/flow/apptoken', 'verb' => 'POST'],
	60	+ // NG login flow used by desktop client in case of Kerberos/fancy 2fa (smart cards for example)
	61	+ ['name' => 'ClientFlowLoginV2#poll', 'url' => '/login/v2/poll', 'verb' => 'POST'],
	62	+ ['name' => 'ClientFlowLoginV2#showAuthPickerPage', 'url' => '/login/v2/flow', 'verb' => 'GET'],
	63	+ ['name' => 'ClientFlowLoginV2#landing', 'url' => '/login/v2/flow/{token}', 'verb' => 'GET'],
	64	+ ['name' => 'ClientFlowLoginV2#grantPage', 'url' => '/login/v2/grant', 'verb' => 'GET'],
	65	+ ['name' => 'ClientFlowLoginV2#generateAppPassword', 'url' => '/login/v2/grant', 'verb' => 'POST'],
	66	+ ['name' => 'ClientFlowLoginV2#init', 'url' => '/login/v2', 'verb' => 'POST'],
	67	+ ['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
	68	+ ['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
	69	+ ['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],
	70	+ ['name' => 'OCJS#getConfig', 'url' => '/core/js/oc.js', 'verb' => 'GET'],
	71	+ ['name' => 'Preview#getPreviewByFileId', 'url' => '/core/preview', 'verb' => 'GET'],
	72	+ ['name' => 'Preview#getPreview', 'url' => '/core/preview.png', 'verb' => 'GET'],
	73	+ ['name' => 'Svg#getSvgFromCore', 'url' => '/svg/core/{folder}/{fileName}', 'verb' => 'GET'],
	74	+ ['name' => 'Svg#getSvgFromApp', 'url' => '/svg/{app}/{fileName}', 'verb' => 'GET'],
	75	+ ['name' => 'Css#getCss', 'url' => '/css/{appName}/{fileName}', 'verb' => 'GET'],
	76	+ ['name' => 'Js#getJs', 'url' => '/js/{appName}/{fileName}', 'verb' => 'GET'],
	77	+ ['name' => 'contactsMenu#index', 'url' => '/contactsmenu/contacts', 'verb' => 'POST'],
	78	+ ['name' => 'contactsMenu#findOne', 'url' => '/contactsmenu/findOne', 'verb' => 'POST'],
	79	+ ['name' => 'WalledGarden#get', 'url' => '/204', 'verb' => 'GET'],
	80	+ ['name' => 'Search#search', 'url' => '/core/search', 'verb' => 'GET'],
81	81
82		- // Legacy routes that need to be globally available while they are handled by an app
83		- ['name' => 'viewcontroller#showFile', 'url' => '/f/{fileid}', 'verb' => 'GET', 'app' => 'files'],
84		- ['name' => 'sharecontroller#showShare', 'url' => '/s/{token}', 'verb' => 'GET', 'app' => 'files_sharing'],
85		- ['name' => 'sharecontroller#showAuthenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'GET', 'app' => 'files_sharing'],
86		- ['name' => 'sharecontroller#authenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'POST', 'app' => 'files_sharing'],
87		- ['name' => 'sharecontroller#downloadShare', 'url' => '/s/{token}/download', 'verb' => 'GET', 'app' => 'files_sharing'],
88		- ['name' => 'publicpreview#directLink', 'url' => '/s/{token}/preview', 'verb' => 'GET', 'app' => 'files_sharing'],
89		- ['name' => 'requesthandlercontroller#addShare', 'url' => '/ocm/shares', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
90		- ['name' => 'requesthandlercontroller#receiveNotification', 'url' => '/ocm/notifications', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
91		- ['name' => 'pagecontroller#showCall', 'url' => '/call/{token}', 'verb' => 'GET', 'app' => 'spreed'],
92		- ['name' => 'pagecontroller#authenticatePassword', 'url' => '/call/{token}', 'verb' => 'POST', 'app' => 'spreed'],
93		- ],
94		- 'ocs' => [
95		- ['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
96		- ['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
97		- ['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
98		- ['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'],
99		- ['root' => '/core', 'name' => 'Navigation#getAppsNavigation', 'url' => '/navigation/apps', 'verb' => 'GET'],
100		- ['root' => '/core', 'name' => 'Navigation#getSettingsNavigation', 'url' => '/navigation/settings', 'verb' => 'GET'],
101		- ['root' => '/core', 'name' => 'AutoComplete#get', 'url' => '/autocomplete/get', 'verb' => 'GET'],
102		- ['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'],
103		- ['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'],
104		- ['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'],
105		- ['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'],
	82	+ // Legacy routes that need to be globally available while they are handled by an app
	83	+ ['name' => 'viewcontroller#showFile', 'url' => '/f/{fileid}', 'verb' => 'GET', 'app' => 'files'],
	84	+ ['name' => 'sharecontroller#showShare', 'url' => '/s/{token}', 'verb' => 'GET', 'app' => 'files_sharing'],
	85	+ ['name' => 'sharecontroller#showAuthenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'GET', 'app' => 'files_sharing'],
	86	+ ['name' => 'sharecontroller#authenticate', 'url' => '/s/{token}/authenticate/{redirect}', 'verb' => 'POST', 'app' => 'files_sharing'],
	87	+ ['name' => 'sharecontroller#downloadShare', 'url' => '/s/{token}/download', 'verb' => 'GET', 'app' => 'files_sharing'],
	88	+ ['name' => 'publicpreview#directLink', 'url' => '/s/{token}/preview', 'verb' => 'GET', 'app' => 'files_sharing'],
	89	+ ['name' => 'requesthandlercontroller#addShare', 'url' => '/ocm/shares', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
	90	+ ['name' => 'requesthandlercontroller#receiveNotification', 'url' => '/ocm/notifications', 'verb' => 'POST', 'app' => 'cloud_federation_api'],
	91	+ ['name' => 'pagecontroller#showCall', 'url' => '/call/{token}', 'verb' => 'GET', 'app' => 'spreed'],
	92	+ ['name' => 'pagecontroller#authenticatePassword', 'url' => '/call/{token}', 'verb' => 'POST', 'app' => 'spreed'],
	93	+ ],
	94	+ 'ocs' => [
	95	+ ['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
	96	+ ['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
	97	+ ['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
	98	+ ['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'],
	99	+ ['root' => '/core', 'name' => 'Navigation#getAppsNavigation', 'url' => '/navigation/apps', 'verb' => 'GET'],
	100	+ ['root' => '/core', 'name' => 'Navigation#getSettingsNavigation', 'url' => '/navigation/settings', 'verb' => 'GET'],
	101	+ ['root' => '/core', 'name' => 'AutoComplete#get', 'url' => '/autocomplete/get', 'verb' => 'GET'],
	102	+ ['root' => '/core', 'name' => 'WhatsNew#get', 'url' => '/whatsnew', 'verb' => 'GET'],
	103	+ ['root' => '/core', 'name' => 'WhatsNew#dismiss', 'url' => '/whatsnew', 'verb' => 'POST'],
	104	+ ['root' => '/core', 'name' => 'AppPassword#getAppPassword', 'url' => '/getapppassword', 'verb' => 'GET'],
	105	+ ['root' => '/core', 'name' => 'AppPassword#deleteAppPassword', 'url' => '/apppassword', 'verb' => 'DELETE'],
106	106
107		- ['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'],
108		- ['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'],
109		- ['root' => '/collaboration', 'name' => 'CollaborationResources#renameCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'PUT'],
110		- ['root' => '/collaboration', 'name' => 'CollaborationResources#addResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'POST'],
	107	+ ['root' => '/collaboration', 'name' => 'CollaborationResources#searchCollections', 'url' => '/resources/collections/search/{filter}', 'verb' => 'GET'],
	108	+ ['root' => '/collaboration', 'name' => 'CollaborationResources#listCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'GET'],
	109	+ ['root' => '/collaboration', 'name' => 'CollaborationResources#renameCollection', 'url' => '/resources/collections/{collectionId}', 'verb' => 'PUT'],
	110	+ ['root' => '/collaboration', 'name' => 'CollaborationResources#addResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'POST'],
111	111
112		- ['root' => '/collaboration', 'name' => 'CollaborationResources#removeResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'DELETE'],
113		- ['root' => '/collaboration', 'name' => 'CollaborationResources#getCollectionsByResource', 'url' => '/resources/{resourceType}/{resourceId}', 'verb' => 'GET'],
114		- ['root' => '/collaboration', 'name' => 'CollaborationResources#createCollectionOnResource', 'url' => '/resources/{baseResourceType}/{baseResourceId}', 'verb' => 'POST'],
115		- ],
	112	+ ['root' => '/collaboration', 'name' => 'CollaborationResources#removeResource', 'url' => '/resources/collections/{collectionId}', 'verb' => 'DELETE'],
	113	+ ['root' => '/collaboration', 'name' => 'CollaborationResources#getCollectionsByResource', 'url' => '/resources/{resourceType}/{resourceId}', 'verb' => 'GET'],
	114	+ ['root' => '/collaboration', 'name' => 'CollaborationResources#createCollectionOnResource', 'url' => '/resources/{baseResourceType}/{baseResourceId}', 'verb' => 'POST'],
	115	+ ],
116	116	]);
117	117
118	118	// Post installation check
		@@ -121,4 +121,4 @@ discard block
		block discarded – undo
121	121	// Core ajax actions
122	122	// Routing
123	123	$this->create('core_ajax_update', '/core/ajax/update.php')
124		- ->actionInclude('core/ajax/update.php');
	124	+ ->actionInclude('core/ajax/update.php');

		@@ -40,102 +40,102 @@
		block discarded – undo
40	40
41	41	class AppPasswordController extends \OCP\AppFramework\OCSController {
42	42
43		- /** @var ISession */
44		- private $session;
45		-
46		- /** @var ISecureRandom */
47		- private $random;
48		-
49		- /** @var IProvider */
50		- private $tokenProvider;
51		-
52		- /** @var IStore */
53		- private $credentialStore;
54		-
55		- /** @var EventDispatcherInterface */
56		- private $eventDispatcher;
57		-
58		- public function __construct(string $appName,
59		- IRequest $request,
60		- ISession $session,
61		- ISecureRandom $random,
62		- IProvider $tokenProvider,
63		- IStore $credentialStore,
64		- EventDispatcherInterface $eventDispatcher) {
65		- parent::__construct($appName, $request);
66		-
67		- $this->session = $session;
68		- $this->random = $random;
69		- $this->tokenProvider = $tokenProvider;
70		- $this->credentialStore = $credentialStore;
71		- $this->eventDispatcher = $eventDispatcher;
72		- }
73		-
74		- /**
75		- * @NoAdminRequired
76		- *
77		- * @return DataResponse
78		- * @throws OCSForbiddenException
79		- */
80		- public function getAppPassword(): DataResponse {
81		- // We do not allow the creation of new tokens if this is an app password
82		- if ($this->session->exists('app_password')) {
83		- throw new OCSForbiddenException('You cannot request an new apppassword with an apppassword');
84		- }
85		-
86		- try {
87		- $credentials = $this->credentialStore->getLoginCredentials();
88		- } catch (CredentialsUnavailableException $e) {
89		- throw new OCSForbiddenException();
90		- }
91		-
92		- try {
93		- $password = $credentials->getPassword();
94		- } catch (PasswordUnavailableException $e) {
95		- $password = null;
96		- }
97		-
98		- $userAgent = $this->request->getHeader('USER_AGENT');
99		-
100		- $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
101		-
102		- $generatedToken = $this->tokenProvider->generateToken(
103		- $token,
104		- $credentials->getUID(),
105		- $credentials->getLoginName(),
106		- $password,
107		- $userAgent,
108		- IToken::PERMANENT_TOKEN,
109		- IToken::DO_NOT_REMEMBER
110		- );
111		-
112		- $event = new GenericEvent($generatedToken);
113		- $this->eventDispatcher->dispatch('app_password_created', $event);
114		-
115		- return new DataResponse([
116		- 'apppassword' => $token
117		- ]);
118		- }
119		-
120		- /**
121		- * @NoAdminRequired
122		- *
123		- * @return DataResponse
124		- */
125		- public function deleteAppPassword() {
126		- if (!$this->session->exists('app_password')) {
127		- throw new OCSForbiddenException('no app password in use');
128		- }
129		-
130		- $appPassword = $this->session->get('app_password');
131		-
132		- try {
133		- $token = $this->tokenProvider->getToken($appPassword);
134		- } catch (InvalidTokenException $e) {
135		- throw new OCSForbiddenException('could not remove apptoken');
136		- }
137		-
138		- $this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId());
139		- return new DataResponse();
140		- }
	43	+ /** @var ISession */
	44	+ private $session;
	45	+
	46	+ /** @var ISecureRandom */
	47	+ private $random;
	48	+
	49	+ /** @var IProvider */
	50	+ private $tokenProvider;
	51	+
	52	+ /** @var IStore */
	53	+ private $credentialStore;
	54	+
	55	+ /** @var EventDispatcherInterface */
	56	+ private $eventDispatcher;
	57	+
	58	+ public function __construct(string $appName,
	59	+ IRequest $request,
	60	+ ISession $session,
	61	+ ISecureRandom $random,
	62	+ IProvider $tokenProvider,
	63	+ IStore $credentialStore,
	64	+ EventDispatcherInterface $eventDispatcher) {
	65	+ parent::__construct($appName, $request);
	66	+
	67	+ $this->session = $session;
	68	+ $this->random = $random;
	69	+ $this->tokenProvider = $tokenProvider;
	70	+ $this->credentialStore = $credentialStore;
	71	+ $this->eventDispatcher = $eventDispatcher;
	72	+ }
	73	+
	74	+ /**
	75	+ * @NoAdminRequired
	76	+ *
	77	+ * @return DataResponse
	78	+ * @throws OCSForbiddenException
	79	+ */
	80	+ public function getAppPassword(): DataResponse {
	81	+ // We do not allow the creation of new tokens if this is an app password
	82	+ if ($this->session->exists('app_password')) {
	83	+ throw new OCSForbiddenException('You cannot request an new apppassword with an apppassword');
	84	+ }
	85	+
	86	+ try {
	87	+ $credentials = $this->credentialStore->getLoginCredentials();
	88	+ } catch (CredentialsUnavailableException $e) {
	89	+ throw new OCSForbiddenException();
	90	+ }
	91	+
	92	+ try {
	93	+ $password = $credentials->getPassword();
	94	+ } catch (PasswordUnavailableException $e) {
	95	+ $password = null;
	96	+ }
	97	+
	98	+ $userAgent = $this->request->getHeader('USER_AGENT');
	99	+
	100	+ $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
	101	+
	102	+ $generatedToken = $this->tokenProvider->generateToken(
	103	+ $token,
	104	+ $credentials->getUID(),
	105	+ $credentials->getLoginName(),
	106	+ $password,
	107	+ $userAgent,
	108	+ IToken::PERMANENT_TOKEN,
	109	+ IToken::DO_NOT_REMEMBER
	110	+ );
	111	+
	112	+ $event = new GenericEvent($generatedToken);
	113	+ $this->eventDispatcher->dispatch('app_password_created', $event);
	114	+
	115	+ return new DataResponse([
	116	+ 'apppassword' => $token
	117	+ ]);
	118	+ }
	119	+
	120	+ /**
	121	+ * @NoAdminRequired
	122	+ *
	123	+ * @return DataResponse
	124	+ */
	125	+ public function deleteAppPassword() {
	126	+ if (!$this->session->exists('app_password')) {
	127	+ throw new OCSForbiddenException('no app password in use');
	128	+ }
	129	+
	130	+ $appPassword = $this->session->get('app_password');
	131	+
	132	+ try {
	133	+ $token = $this->tokenProvider->getToken($appPassword);
	134	+ } catch (InvalidTokenException $e) {
	135	+ throw new OCSForbiddenException('could not remove apptoken');
	136	+ }
	137	+
	138	+ $this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId());
	139	+ return new DataResponse();
	140	+ }
141	141	}

nextcloud / server

Push — master ( 0857d9...f9d30b )

Status

Category

Indentation +75 added lines, -75 removed lines patch added patch discarded remove patch

Indentation +98 added lines, -98 removed lines patch added patch discarded remove patch