nextcloud / server

core/routes.php

Indentation +67 added lines, -67 removed lines

@@ -35,38 +35,38 @@ 
 
 $application = new Application();
 $application->registerRoutes($this, [
-	'routes' => [
-		['name' => 'lost#email', 'url' => '/lostpassword/email', 'verb' => 'POST'],
-		['name' => 'lost#resetform', 'url' => '/lostpassword/reset/form/{token}/{userId}', 'verb' => 'GET'],
-		['name' => 'lost#setPassword', 'url' => '/lostpassword/set/{token}/{userId}', 'verb' => 'POST'],
-		['name' => 'user#getDisplayNames', 'url' => '/displaynames', 'verb' => 'POST'],
-		['name' => 'avatar#getAvatar', 'url' => '/avatar/{userId}/{size}', 'verb' => 'GET'],
-		['name' => 'avatar#deleteAvatar', 'url' => '/avatar/', 'verb' => 'DELETE'],
-		['name' => 'avatar#postCroppedAvatar', 'url' => '/avatar/cropped', 'verb' => 'POST'],
-		['name' => 'avatar#getTmpAvatar', 'url' => '/avatar/tmp', 'verb' => 'GET'],
-		['name' => 'avatar#postAvatar', 'url' => '/avatar/', 'verb' => 'POST'],
-		['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
-		['name' => 'login#confirmPassword', 'url' => '/login/confirm', 'verb' => 'POST'],
-		['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
-		['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
-		['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'],
-		['name' => 'ClientFlowLogin#redirectPage', 'url' => '/login/flow/redirect', 'verb' => 'GET'],
-		['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'],
-		['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
-		['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
-		['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],
-		['name' => 'OCJS#getConfig', 'url' => '/core/js/oc.js', 'verb' => 'GET'],
-		['name' => 'Preview#getPreview', 'url' => '/core/preview', 'verb' => 'GET'],
-		['name' => 'Preview#getPreview', 'url' => '/core/preview.png', 'verb' => 'GET'],
-		['name' => 'Css#getCss', 'url' => '/css/{appName}/{fileName}', 'verb' => 'GET'],
-		['name' => 'Js#getJs', 'url' => '/js/{appName}/{fileName}', 'verb' => 'GET'],
-	],
-	'ocs' => [
-		['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
-		['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
-		['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
-		['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'],
-	],
+    'routes' => [
+        ['name' => 'lost#email', 'url' => '/lostpassword/email', 'verb' => 'POST'],
+        ['name' => 'lost#resetform', 'url' => '/lostpassword/reset/form/{token}/{userId}', 'verb' => 'GET'],
+        ['name' => 'lost#setPassword', 'url' => '/lostpassword/set/{token}/{userId}', 'verb' => 'POST'],
+        ['name' => 'user#getDisplayNames', 'url' => '/displaynames', 'verb' => 'POST'],
+        ['name' => 'avatar#getAvatar', 'url' => '/avatar/{userId}/{size}', 'verb' => 'GET'],
+        ['name' => 'avatar#deleteAvatar', 'url' => '/avatar/', 'verb' => 'DELETE'],
+        ['name' => 'avatar#postCroppedAvatar', 'url' => '/avatar/cropped', 'verb' => 'POST'],
+        ['name' => 'avatar#getTmpAvatar', 'url' => '/avatar/tmp', 'verb' => 'GET'],
+        ['name' => 'avatar#postAvatar', 'url' => '/avatar/', 'verb' => 'POST'],
+        ['name' => 'login#tryLogin', 'url' => '/login', 'verb' => 'POST'],
+        ['name' => 'login#confirmPassword', 'url' => '/login/confirm', 'verb' => 'POST'],
+        ['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
+        ['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLogin#redirectPage', 'url' => '/login/flow/redirect', 'verb' => 'GET'],
+        ['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'],
+        ['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
+        ['name' => 'TwoFactorChallenge#showChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'GET'],
+        ['name' => 'TwoFactorChallenge#solveChallenge', 'url' => '/login/challenge/{challengeProviderId}', 'verb' => 'POST'],
+        ['name' => 'OCJS#getConfig', 'url' => '/core/js/oc.js', 'verb' => 'GET'],
+        ['name' => 'Preview#getPreview', 'url' => '/core/preview', 'verb' => 'GET'],
+        ['name' => 'Preview#getPreview', 'url' => '/core/preview.png', 'verb' => 'GET'],
+        ['name' => 'Css#getCss', 'url' => '/css/{appName}/{fileName}', 'verb' => 'GET'],
+        ['name' => 'Js#getJs', 'url' => '/js/{appName}/{fileName}', 'verb' => 'GET'],
+    ],
+    'ocs' => [
+        ['root' => '/cloud', 'name' => 'OCS#getCapabilities', 'url' => '/capabilities', 'verb' => 'GET'],
+        ['root' => '', 'name' => 'OCS#getConfig', 'url' => '/config', 'verb' => 'GET'],
+        ['root' => '/person', 'name' => 'OCS#personCheck', 'url' => '/check', 'verb' => 'POST'],
+        ['root' => '/identityproof', 'name' => 'OCS#getIdentityProof', 'url' => '/key/{cloudId}', 'verb' => 'GET'],
+    ],
 ]);
 
 // Post installation check
@@ -75,62 +75,62 @@ 
 // Core ajax actions
 // Search
 $this->create('search_ajax_search', '/core/search')
-	->actionInclude('core/search/ajax/search.php');
+    ->actionInclude('core/search/ajax/search.php');
 // Routing
 $this->create('core_ajax_update', '/core/ajax/update.php')
-	->actionInclude('core/ajax/update.php');
+    ->actionInclude('core/ajax/update.php');
 
 // File routes
 $this->create('files.viewcontroller.showFile', '/f/{fileid}')->action(function($urlParams) {
-	$app = new \OCA\Files\AppInfo\Application($urlParams);
-	$app->dispatch('ViewController', 'index');
+    $app = new \OCA\Files\AppInfo\Application($urlParams);
+    $app->dispatch('ViewController', 'index');
 });
 
 // Call routes
 $this->create('spreed.pagecontroller.showCall', '/call/{token}')->action(function($urlParams) {
-	if (class_exists(\OCA\Spreed\AppInfo\Application::class, false)) {
-		$app = new \OCA\Spreed\AppInfo\Application($urlParams);
-		$app->dispatch('PageController', 'index');
-	} else {
-		throw new \OC\HintException('App spreed is not enabled');
-	}
+    if (class_exists(\OCA\Spreed\AppInfo\Application::class, false)) {
+        $app = new \OCA\Spreed\AppInfo\Application($urlParams);
+        $app->dispatch('PageController', 'index');
+    } else {
+        throw new \OC\HintException('App spreed is not enabled');
+    }
 });
 
 // Sharing routes
 $this->create('files_sharing.sharecontroller.showShare', '/s/{token}')->action(function($urlParams) {
-	if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
-		$app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
-		$app->dispatch('ShareController', 'showShare');
-	} else {
-		throw new \OC\HintException('App file sharing is not enabled');
-	}
+    if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
+        $app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
+        $app->dispatch('ShareController', 'showShare');
+    } else {
+        throw new \OC\HintException('App file sharing is not enabled');
+    }
 });
 $this->create('files_sharing.sharecontroller.authenticate', '/s/{token}/authenticate')->post()->action(function($urlParams) {
-	if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
-		$app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
-		$app->dispatch('ShareController', 'authenticate');
-	} else {
-		throw new \OC\HintException('App file sharing is not enabled');
-	}
+    if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
+        $app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
+        $app->dispatch('ShareController', 'authenticate');
+    } else {
+        throw new \OC\HintException('App file sharing is not enabled');
+    }
 });
 $this->create('files_sharing.sharecontroller.showAuthenticate', '/s/{token}/authenticate')->get()->action(function($urlParams) {
-	if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
-		$app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
-		$app->dispatch('ShareController', 'showAuthenticate');
-	} else {
-		throw new \OC\HintException('App file sharing is not enabled');
-	}
+    if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
+        $app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
+        $app->dispatch('ShareController', 'showAuthenticate');
+    } else {
+        throw new \OC\HintException('App file sharing is not enabled');
+    }
 });
 $this->create('files_sharing.sharecontroller.downloadShare', '/s/{token}/download')->get()->action(function($urlParams) {
-	if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
-		$app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
-		$app->dispatch('ShareController', 'downloadShare');
-	} else {
-		throw new \OC\HintException('App file sharing is not enabled');
-	}
+    if (class_exists(\OCA\Files_Sharing\AppInfo\Application::class, false)) {
+        $app = new \OCA\Files_Sharing\AppInfo\Application($urlParams);
+        $app->dispatch('ShareController', 'downloadShare');
+    } else {
+        throw new \OC\HintException('App file sharing is not enabled');
+    }
 });
 
 // used for heartbeat
 $this->create('heartbeat', '/heartbeat')->action(function(){
-	// do nothing
+    // do nothing
 });

core/Controller/ClientFlowLoginController.php

Indentation +189 added lines, -189 removed lines

@@ -39,194 +39,194 @@
 use OCP\Session\Exceptions\SessionNotAvailableException;
 
 class ClientFlowLoginController extends Controller {
-	/** @var IUserSession */
-	private $userSession;
-	/** @var IL10N */
-	private $l10n;
-	/** @var Defaults */
-	private $defaults;
-	/** @var ISession */
-	private $session;
-	/** @var IProvider */
-	private $tokenProvider;
-	/** @var ISecureRandom */
-	private $random;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-
-	const stateName = 'client.flow.state.token';
-
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IUserSession $userSession
-	 * @param IL10N $l10n
-	 * @param Defaults $defaults
-	 * @param ISession $session
-	 * @param IProvider $tokenProvider
-	 * @param ISecureRandom $random
-	 * @param IURLGenerator $urlGenerator
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IUserSession $userSession,
-								IL10N $l10n,
-								Defaults $defaults,
-								ISession $session,
-								IProvider $tokenProvider,
-								ISecureRandom $random,
-								IURLGenerator $urlGenerator) {
-		parent::__construct($appName, $request);
-		$this->userSession = $userSession;
-		$this->l10n = $l10n;
-		$this->defaults = $defaults;
-		$this->session = $session;
-		$this->tokenProvider = $tokenProvider;
-		$this->random = $random;
-		$this->urlGenerator = $urlGenerator;
-	}
-
-	/**
-	 * @return string
-	 */
-	private function getClientName() {
-		return $this->request->getHeader('USER_AGENT') !== null ? $this->request->getHeader('USER_AGENT') : 'unknown';
-	}
-
-	/**
-	 * @param string $stateToken
-	 * @return bool
-	 */
-	private function isValidToken($stateToken) {
-		$currentToken = $this->session->get(self::stateName);
-		return $currentToken === $stateToken;
-	}
-
-	/**
-	 * @return TemplateResponse
-	 */
-	private function stateTokenForbiddenResponse() {
-		$response = new TemplateResponse(
-			$this->appName,
-			'403',
-			[
-				'file' => $this->l10n->t('State token does not match'),
-			],
-			'guest'
-		);
-		$response->setStatus(Http::STATUS_FORBIDDEN);
-		return $response;
-	}
-
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @return TemplateResponse
-	 */
-	public function showAuthPickerPage() {
-		if($this->userSession->isLoggedIn()) {
-			return new TemplateResponse(
-				$this->appName,
-				'403',
-				[
-					'file' => $this->l10n->t('Auth flow can only be started unauthenticated.'),
-				],
-				'guest'
-			);
-		}
-
-		$stateToken = $this->random->generate(
-			64,
-			ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
-		);
-		$this->session->set(self::stateName, $stateToken);
-
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/authpicker',
-			[
-				'client' => $this->getClientName(),
-				'instanceName' => $this->defaults->getName(),
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-			],
-			'guest'
-		);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @return TemplateResponse
-	 */
-	public function redirectPage($stateToken = '') {
-		if(!$this->isValidToken($stateToken)) {
-			return $this->stateTokenForbiddenResponse();
-		}
-
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/redirect',
-			[
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-			],
-			'empty'
-		);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @return Http\RedirectResponse|Response
-	 */
-	public function generateAppPassword($stateToken) {
-		$this->session->remove(self::stateName);
-		if(!$this->isValidToken($stateToken)) {
-			return $this->stateTokenForbiddenResponse();
-		}
-
-		try {
-			$sessionId = $this->session->getId();
-		} catch (SessionNotAvailableException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
-
-		try {
-			$sessionToken = $this->tokenProvider->getToken($sessionId);
-			$loginName = $sessionToken->getLoginName();
-			try {
-				$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
-			} catch (PasswordlessTokenException $ex) {
-				$password = null;
-			}
-		} catch (InvalidTokenException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
-
-		$token = $this->random->generate(60);
-		$this->tokenProvider->generateToken(
-			$token,
-			$this->userSession->getUser()->getUID(),
-			$loginName,
-			$password,
-			$this->getClientName(),
-			IToken::PERMANENT_TOKEN,
-			IToken::DO_NOT_REMEMBER
-		);
-
-		return new Http\RedirectResponse('nc://' . urlencode($loginName) . ':' . urlencode($token) . '@' . $this->request->getServerHost());
-	}
+    /** @var IUserSession */
+    private $userSession;
+    /** @var IL10N */
+    private $l10n;
+    /** @var Defaults */
+    private $defaults;
+    /** @var ISession */
+    private $session;
+    /** @var IProvider */
+    private $tokenProvider;
+    /** @var ISecureRandom */
+    private $random;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+
+    const stateName = 'client.flow.state.token';
+
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IUserSession $userSession
+     * @param IL10N $l10n
+     * @param Defaults $defaults
+     * @param ISession $session
+     * @param IProvider $tokenProvider
+     * @param ISecureRandom $random
+     * @param IURLGenerator $urlGenerator
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IUserSession $userSession,
+                                IL10N $l10n,
+                                Defaults $defaults,
+                                ISession $session,
+                                IProvider $tokenProvider,
+                                ISecureRandom $random,
+                                IURLGenerator $urlGenerator) {
+        parent::__construct($appName, $request);
+        $this->userSession = $userSession;
+        $this->l10n = $l10n;
+        $this->defaults = $defaults;
+        $this->session = $session;
+        $this->tokenProvider = $tokenProvider;
+        $this->random = $random;
+        $this->urlGenerator = $urlGenerator;
+    }
+
+    /**
+     * @return string
+     */
+    private function getClientName() {
+        return $this->request->getHeader('USER_AGENT') !== null ? $this->request->getHeader('USER_AGENT') : 'unknown';
+    }
+
+    /**
+     * @param string $stateToken
+     * @return bool
+     */
+    private function isValidToken($stateToken) {
+        $currentToken = $this->session->get(self::stateName);
+        return $currentToken === $stateToken;
+    }
+
+    /**
+     * @return TemplateResponse
+     */
+    private function stateTokenForbiddenResponse() {
+        $response = new TemplateResponse(
+            $this->appName,
+            '403',
+            [
+                'file' => $this->l10n->t('State token does not match'),
+            ],
+            'guest'
+        );
+        $response->setStatus(Http::STATUS_FORBIDDEN);
+        return $response;
+    }
+
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @return TemplateResponse
+     */
+    public function showAuthPickerPage() {
+        if($this->userSession->isLoggedIn()) {
+            return new TemplateResponse(
+                $this->appName,
+                '403',
+                [
+                    'file' => $this->l10n->t('Auth flow can only be started unauthenticated.'),
+                ],
+                'guest'
+            );
+        }
+
+        $stateToken = $this->random->generate(
+            64,
+            ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
+        );
+        $this->session->set(self::stateName, $stateToken);
+
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/authpicker',
+            [
+                'client' => $this->getClientName(),
+                'instanceName' => $this->defaults->getName(),
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+            ],
+            'guest'
+        );
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @return TemplateResponse
+     */
+    public function redirectPage($stateToken = '') {
+        if(!$this->isValidToken($stateToken)) {
+            return $this->stateTokenForbiddenResponse();
+        }
+
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/redirect',
+            [
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+            ],
+            'empty'
+        );
+    }
+
+    /**
+     * @NoAdminRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @return Http\RedirectResponse|Response
+     */
+    public function generateAppPassword($stateToken) {
+        $this->session->remove(self::stateName);
+        if(!$this->isValidToken($stateToken)) {
+            return $this->stateTokenForbiddenResponse();
+        }
+
+        try {
+            $sessionId = $this->session->getId();
+        } catch (SessionNotAvailableException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
+
+        try {
+            $sessionToken = $this->tokenProvider->getToken($sessionId);
+            $loginName = $sessionToken->getLoginName();
+            try {
+                $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
+            } catch (PasswordlessTokenException $ex) {
+                $password = null;
+            }
+        } catch (InvalidTokenException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
+
+        $token = $this->random->generate(60);
+        $this->tokenProvider->generateToken(
+            $token,
+            $this->userSession->getUser()->getUID(),
+            $loginName,
+            $password,
+            $this->getClientName(),
+            IToken::PERMANENT_TOKEN,
+            IToken::DO_NOT_REMEMBER
+        );
+
+        return new Http\RedirectResponse('nc://' . urlencode($loginName) . ':' . urlencode($token) . '@' . $this->request->getServerHost());
+    }
 
 }

Spacing +4 added lines, -4 removed lines

@@ -126,7 +126,7 @@ 
 	 * @return TemplateResponse
 	 */
 	public function showAuthPickerPage() {
-		if($this->userSession->isLoggedIn()) {
+		if ($this->userSession->isLoggedIn()) {
 			return new TemplateResponse(
 				$this->appName,
 				'403',
@@ -165,7 +165,7 @@ 
 	 * @return TemplateResponse
 	 */
 	public function redirectPage($stateToken = '') {
-		if(!$this->isValidToken($stateToken)) {
+		if (!$this->isValidToken($stateToken)) {
 			return $this->stateTokenForbiddenResponse();
 		}
 
@@ -189,7 +189,7 @@ 
 	 */
 	public function generateAppPassword($stateToken) {
 		$this->session->remove(self::stateName);
-		if(!$this->isValidToken($stateToken)) {
+		if (!$this->isValidToken($stateToken)) {
 			return $this->stateTokenForbiddenResponse();
 		}
 
@@ -226,7 +226,7 @@ 
 			IToken::DO_NOT_REMEMBER
 		);
 
-		return new Http\RedirectResponse('nc://' . urlencode($loginName) . ':' . urlencode($token) . '@' . $this->request->getServerHost());
+		return new Http\RedirectResponse('nc://'.urlencode($loginName).':'.urlencode($token).'@'.$this->request->getServerHost());
 	}
 
 }