nextcloud /
server
@@ -43,246 +43,246 @@ |
||
| 43 | 43 | * Manage trusted certificates for users |
| 44 | 44 | */ |
| 45 | 45 | class CertificateManager implements ICertificateManager { |
| 46 | - /** |
|
| 47 | - * @var \OC\Files\View |
|
| 48 | - */ |
|
| 49 | - protected $view; |
|
| 50 | - |
|
| 51 | - /** |
|
| 52 | - * @var IConfig |
|
| 53 | - */ |
|
| 54 | - protected $config; |
|
| 55 | - |
|
| 56 | - /** |
|
| 57 | - * @var ILogger |
|
| 58 | - */ |
|
| 59 | - protected $logger; |
|
| 60 | - |
|
| 61 | - /** @var ISecureRandom */ |
|
| 62 | - protected $random; |
|
| 63 | - |
|
| 64 | - /** |
|
| 65 | - * @param \OC\Files\View $view relative to data/ |
|
| 66 | - * @param IConfig $config |
|
| 67 | - * @param ILogger $logger |
|
| 68 | - * @param ISecureRandom $random |
|
| 69 | - */ |
|
| 70 | - public function __construct(\OC\Files\View $view, |
|
| 71 | - IConfig $config, |
|
| 72 | - ILogger $logger, |
|
| 73 | - ISecureRandom $random) { |
|
| 74 | - $this->view = $view; |
|
| 75 | - $this->config = $config; |
|
| 76 | - $this->logger = $logger; |
|
| 77 | - $this->random = $random; |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - /** |
|
| 81 | - * Returns all certificates trusted by the user |
|
| 82 | - * |
|
| 83 | - * @return \OCP\ICertificate[] |
|
| 84 | - */ |
|
| 85 | - public function listCertificates(): array { |
|
| 86 | - if (!$this->config->getSystemValue('installed', false)) { |
|
| 87 | - return []; |
|
| 88 | - } |
|
| 89 | - |
|
| 90 | - $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 91 | - if (!$this->view->is_dir($path)) { |
|
| 92 | - return []; |
|
| 93 | - } |
|
| 94 | - $result = []; |
|
| 95 | - $handle = $this->view->opendir($path); |
|
| 96 | - if (!is_resource($handle)) { |
|
| 97 | - return []; |
|
| 98 | - } |
|
| 99 | - while (false !== ($file = readdir($handle))) { |
|
| 100 | - if ($file != '.' && $file != '..') { |
|
| 101 | - try { |
|
| 102 | - $result[] = new Certificate($this->view->file_get_contents($path . $file), $file); |
|
| 103 | - } catch (\Exception $e) { |
|
| 104 | - } |
|
| 105 | - } |
|
| 106 | - } |
|
| 107 | - closedir($handle); |
|
| 108 | - return $result; |
|
| 109 | - } |
|
| 110 | - |
|
| 111 | - private function hasCertificates(): bool { |
|
| 112 | - if (!$this->config->getSystemValue('installed', false)) { |
|
| 113 | - return false; |
|
| 114 | - } |
|
| 115 | - |
|
| 116 | - $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 117 | - if (!$this->view->is_dir($path)) { |
|
| 118 | - return false; |
|
| 119 | - } |
|
| 120 | - $result = []; |
|
| 121 | - $handle = $this->view->opendir($path); |
|
| 122 | - if (!is_resource($handle)) { |
|
| 123 | - return false; |
|
| 124 | - } |
|
| 125 | - while (false !== ($file = readdir($handle))) { |
|
| 126 | - if ($file !== '.' && $file !== '..') { |
|
| 127 | - return true; |
|
| 128 | - } |
|
| 129 | - } |
|
| 130 | - closedir($handle); |
|
| 131 | - return false; |
|
| 132 | - } |
|
| 133 | - |
|
| 134 | - /** |
|
| 135 | - * create the certificate bundle of all trusted certificated |
|
| 136 | - */ |
|
| 137 | - public function createCertificateBundle(): void { |
|
| 138 | - $path = $this->getPathToCertificates(); |
|
| 139 | - $certs = $this->listCertificates(); |
|
| 140 | - |
|
| 141 | - if (!$this->view->file_exists($path)) { |
|
| 142 | - $this->view->mkdir($path); |
|
| 143 | - } |
|
| 144 | - |
|
| 145 | - $defaultCertificates = file_get_contents(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); |
|
| 146 | - if (strlen($defaultCertificates) < 1024) { // sanity check to verify that we have some content for our bundle |
|
| 147 | - // log as exception so we have a stacktrace |
|
| 148 | - $this->logger->logException(new \Exception('Shipped ca-bundle is empty, refusing to create certificate bundle')); |
|
| 149 | - return; |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - $certPath = $path . 'rootcerts.crt'; |
|
| 153 | - $tmpPath = $certPath . '.tmp' . $this->random->generate(10, ISecureRandom::CHAR_DIGITS); |
|
| 154 | - $fhCerts = $this->view->fopen($tmpPath, 'w'); |
|
| 155 | - |
|
| 156 | - // Write user certificates |
|
| 157 | - foreach ($certs as $cert) { |
|
| 158 | - $file = $path . '/uploads/' . $cert->getName(); |
|
| 159 | - $data = $this->view->file_get_contents($file); |
|
| 160 | - if (strpos($data, 'BEGIN CERTIFICATE')) { |
|
| 161 | - fwrite($fhCerts, $data); |
|
| 162 | - fwrite($fhCerts, "\r\n"); |
|
| 163 | - } |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - // Append the default certificates |
|
| 167 | - fwrite($fhCerts, $defaultCertificates); |
|
| 168 | - |
|
| 169 | - // Append the system certificate bundle |
|
| 170 | - $systemBundle = $this->getCertificateBundle(); |
|
| 171 | - if ($systemBundle !== $certPath && $this->view->file_exists($systemBundle)) { |
|
| 172 | - $systemCertificates = $this->view->file_get_contents($systemBundle); |
|
| 173 | - fwrite($fhCerts, $systemCertificates); |
|
| 174 | - } |
|
| 175 | - |
|
| 176 | - fclose($fhCerts); |
|
| 177 | - |
|
| 178 | - $this->view->rename($tmpPath, $certPath); |
|
| 179 | - } |
|
| 180 | - |
|
| 181 | - /** |
|
| 182 | - * Save the certificate and re-generate the certificate bundle |
|
| 183 | - * |
|
| 184 | - * @param string $certificate the certificate data |
|
| 185 | - * @param string $name the filename for the certificate |
|
| 186 | - * @return \OCP\ICertificate |
|
| 187 | - * @throws \Exception If the certificate could not get added |
|
| 188 | - */ |
|
| 189 | - public function addCertificate(string $certificate, string $name): ICertificate { |
|
| 190 | - if (!Filesystem::isValidPath($name) or Filesystem::isFileBlacklisted($name)) { |
|
| 191 | - throw new \Exception('Filename is not valid'); |
|
| 192 | - } |
|
| 193 | - |
|
| 194 | - $dir = $this->getPathToCertificates() . 'uploads/'; |
|
| 195 | - if (!$this->view->file_exists($dir)) { |
|
| 196 | - $this->view->mkdir($dir); |
|
| 197 | - } |
|
| 198 | - |
|
| 199 | - try { |
|
| 200 | - $file = $dir . $name; |
|
| 201 | - $certificateObject = new Certificate($certificate, $name); |
|
| 202 | - $this->view->file_put_contents($file, $certificate); |
|
| 203 | - $this->createCertificateBundle(); |
|
| 204 | - return $certificateObject; |
|
| 205 | - } catch (\Exception $e) { |
|
| 206 | - throw $e; |
|
| 207 | - } |
|
| 208 | - } |
|
| 209 | - |
|
| 210 | - /** |
|
| 211 | - * Remove the certificate and re-generate the certificate bundle |
|
| 212 | - * |
|
| 213 | - * @param string $name |
|
| 214 | - * @return bool |
|
| 215 | - */ |
|
| 216 | - public function removeCertificate(string $name): bool { |
|
| 217 | - if (!Filesystem::isValidPath($name)) { |
|
| 218 | - return false; |
|
| 219 | - } |
|
| 220 | - $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 221 | - if ($this->view->file_exists($path . $name)) { |
|
| 222 | - $this->view->unlink($path . $name); |
|
| 223 | - $this->createCertificateBundle(); |
|
| 224 | - } |
|
| 225 | - return true; |
|
| 226 | - } |
|
| 227 | - |
|
| 228 | - /** |
|
| 229 | - * Get the path to the certificate bundle |
|
| 230 | - * |
|
| 231 | - * @return string |
|
| 232 | - */ |
|
| 233 | - public function getCertificateBundle(): string { |
|
| 234 | - return $this->getPathToCertificates() . 'rootcerts.crt'; |
|
| 235 | - } |
|
| 236 | - |
|
| 237 | - /** |
|
| 238 | - * Get the full local path to the certificate bundle |
|
| 239 | - * |
|
| 240 | - * @return string |
|
| 241 | - */ |
|
| 242 | - public function getAbsoluteBundlePath(): string { |
|
| 243 | - try { |
|
| 244 | - if (!$this->hasCertificates()) { |
|
| 245 | - return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 246 | - } |
|
| 247 | - |
|
| 248 | - if ($this->needsRebundling()) { |
|
| 249 | - $this->createCertificateBundle(); |
|
| 250 | - } |
|
| 251 | - |
|
| 252 | - return $this->view->getLocalFile($this->getCertificateBundle()); |
|
| 253 | - } catch (\Exception $e) { |
|
| 254 | - return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 255 | - } |
|
| 256 | - } |
|
| 257 | - |
|
| 258 | - /** |
|
| 259 | - * @return string |
|
| 260 | - */ |
|
| 261 | - private function getPathToCertificates(): string { |
|
| 262 | - return '/files_external/'; |
|
| 263 | - } |
|
| 264 | - |
|
| 265 | - /** |
|
| 266 | - * Check if we need to re-bundle the certificates because one of the sources has updated |
|
| 267 | - * |
|
| 268 | - * @return bool |
|
| 269 | - */ |
|
| 270 | - private function needsRebundling(): bool { |
|
| 271 | - $targetBundle = $this->getCertificateBundle(); |
|
| 272 | - if (!$this->view->file_exists($targetBundle)) { |
|
| 273 | - return true; |
|
| 274 | - } |
|
| 275 | - |
|
| 276 | - $sourceMTime = $this->getFilemtimeOfCaBundle(); |
|
| 277 | - return $sourceMTime > $this->view->filemtime($targetBundle); |
|
| 278 | - } |
|
| 279 | - |
|
| 280 | - /** |
|
| 281 | - * get mtime of ca-bundle shipped by Nextcloud |
|
| 282 | - * |
|
| 283 | - * @return int |
|
| 284 | - */ |
|
| 285 | - protected function getFilemtimeOfCaBundle(): int { |
|
| 286 | - return filemtime(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); |
|
| 287 | - } |
|
| 46 | + /** |
|
| 47 | + * @var \OC\Files\View |
|
| 48 | + */ |
|
| 49 | + protected $view; |
|
| 50 | + |
|
| 51 | + /** |
|
| 52 | + * @var IConfig |
|
| 53 | + */ |
|
| 54 | + protected $config; |
|
| 55 | + |
|
| 56 | + /** |
|
| 57 | + * @var ILogger |
|
| 58 | + */ |
|
| 59 | + protected $logger; |
|
| 60 | + |
|
| 61 | + /** @var ISecureRandom */ |
|
| 62 | + protected $random; |
|
| 63 | + |
|
| 64 | + /** |
|
| 65 | + * @param \OC\Files\View $view relative to data/ |
|
| 66 | + * @param IConfig $config |
|
| 67 | + * @param ILogger $logger |
|
| 68 | + * @param ISecureRandom $random |
|
| 69 | + */ |
|
| 70 | + public function __construct(\OC\Files\View $view, |
|
| 71 | + IConfig $config, |
|
| 72 | + ILogger $logger, |
|
| 73 | + ISecureRandom $random) { |
|
| 74 | + $this->view = $view; |
|
| 75 | + $this->config = $config; |
|
| 76 | + $this->logger = $logger; |
|
| 77 | + $this->random = $random; |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + /** |
|
| 81 | + * Returns all certificates trusted by the user |
|
| 82 | + * |
|
| 83 | + * @return \OCP\ICertificate[] |
|
| 84 | + */ |
|
| 85 | + public function listCertificates(): array { |
|
| 86 | + if (!$this->config->getSystemValue('installed', false)) { |
|
| 87 | + return []; |
|
| 88 | + } |
|
| 89 | + |
|
| 90 | + $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 91 | + if (!$this->view->is_dir($path)) { |
|
| 92 | + return []; |
|
| 93 | + } |
|
| 94 | + $result = []; |
|
| 95 | + $handle = $this->view->opendir($path); |
|
| 96 | + if (!is_resource($handle)) { |
|
| 97 | + return []; |
|
| 98 | + } |
|
| 99 | + while (false !== ($file = readdir($handle))) { |
|
| 100 | + if ($file != '.' && $file != '..') { |
|
| 101 | + try { |
|
| 102 | + $result[] = new Certificate($this->view->file_get_contents($path . $file), $file); |
|
| 103 | + } catch (\Exception $e) { |
|
| 104 | + } |
|
| 105 | + } |
|
| 106 | + } |
|
| 107 | + closedir($handle); |
|
| 108 | + return $result; |
|
| 109 | + } |
|
| 110 | + |
|
| 111 | + private function hasCertificates(): bool { |
|
| 112 | + if (!$this->config->getSystemValue('installed', false)) { |
|
| 113 | + return false; |
|
| 114 | + } |
|
| 115 | + |
|
| 116 | + $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 117 | + if (!$this->view->is_dir($path)) { |
|
| 118 | + return false; |
|
| 119 | + } |
|
| 120 | + $result = []; |
|
| 121 | + $handle = $this->view->opendir($path); |
|
| 122 | + if (!is_resource($handle)) { |
|
| 123 | + return false; |
|
| 124 | + } |
|
| 125 | + while (false !== ($file = readdir($handle))) { |
|
| 126 | + if ($file !== '.' && $file !== '..') { |
|
| 127 | + return true; |
|
| 128 | + } |
|
| 129 | + } |
|
| 130 | + closedir($handle); |
|
| 131 | + return false; |
|
| 132 | + } |
|
| 133 | + |
|
| 134 | + /** |
|
| 135 | + * create the certificate bundle of all trusted certificated |
|
| 136 | + */ |
|
| 137 | + public function createCertificateBundle(): void { |
|
| 138 | + $path = $this->getPathToCertificates(); |
|
| 139 | + $certs = $this->listCertificates(); |
|
| 140 | + |
|
| 141 | + if (!$this->view->file_exists($path)) { |
|
| 142 | + $this->view->mkdir($path); |
|
| 143 | + } |
|
| 144 | + |
|
| 145 | + $defaultCertificates = file_get_contents(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); |
|
| 146 | + if (strlen($defaultCertificates) < 1024) { // sanity check to verify that we have some content for our bundle |
|
| 147 | + // log as exception so we have a stacktrace |
|
| 148 | + $this->logger->logException(new \Exception('Shipped ca-bundle is empty, refusing to create certificate bundle')); |
|
| 149 | + return; |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + $certPath = $path . 'rootcerts.crt'; |
|
| 153 | + $tmpPath = $certPath . '.tmp' . $this->random->generate(10, ISecureRandom::CHAR_DIGITS); |
|
| 154 | + $fhCerts = $this->view->fopen($tmpPath, 'w'); |
|
| 155 | + |
|
| 156 | + // Write user certificates |
|
| 157 | + foreach ($certs as $cert) { |
|
| 158 | + $file = $path . '/uploads/' . $cert->getName(); |
|
| 159 | + $data = $this->view->file_get_contents($file); |
|
| 160 | + if (strpos($data, 'BEGIN CERTIFICATE')) { |
|
| 161 | + fwrite($fhCerts, $data); |
|
| 162 | + fwrite($fhCerts, "\r\n"); |
|
| 163 | + } |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + // Append the default certificates |
|
| 167 | + fwrite($fhCerts, $defaultCertificates); |
|
| 168 | + |
|
| 169 | + // Append the system certificate bundle |
|
| 170 | + $systemBundle = $this->getCertificateBundle(); |
|
| 171 | + if ($systemBundle !== $certPath && $this->view->file_exists($systemBundle)) { |
|
| 172 | + $systemCertificates = $this->view->file_get_contents($systemBundle); |
|
| 173 | + fwrite($fhCerts, $systemCertificates); |
|
| 174 | + } |
|
| 175 | + |
|
| 176 | + fclose($fhCerts); |
|
| 177 | + |
|
| 178 | + $this->view->rename($tmpPath, $certPath); |
|
| 179 | + } |
|
| 180 | + |
|
| 181 | + /** |
|
| 182 | + * Save the certificate and re-generate the certificate bundle |
|
| 183 | + * |
|
| 184 | + * @param string $certificate the certificate data |
|
| 185 | + * @param string $name the filename for the certificate |
|
| 186 | + * @return \OCP\ICertificate |
|
| 187 | + * @throws \Exception If the certificate could not get added |
|
| 188 | + */ |
|
| 189 | + public function addCertificate(string $certificate, string $name): ICertificate { |
|
| 190 | + if (!Filesystem::isValidPath($name) or Filesystem::isFileBlacklisted($name)) { |
|
| 191 | + throw new \Exception('Filename is not valid'); |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + $dir = $this->getPathToCertificates() . 'uploads/'; |
|
| 195 | + if (!$this->view->file_exists($dir)) { |
|
| 196 | + $this->view->mkdir($dir); |
|
| 197 | + } |
|
| 198 | + |
|
| 199 | + try { |
|
| 200 | + $file = $dir . $name; |
|
| 201 | + $certificateObject = new Certificate($certificate, $name); |
|
| 202 | + $this->view->file_put_contents($file, $certificate); |
|
| 203 | + $this->createCertificateBundle(); |
|
| 204 | + return $certificateObject; |
|
| 205 | + } catch (\Exception $e) { |
|
| 206 | + throw $e; |
|
| 207 | + } |
|
| 208 | + } |
|
| 209 | + |
|
| 210 | + /** |
|
| 211 | + * Remove the certificate and re-generate the certificate bundle |
|
| 212 | + * |
|
| 213 | + * @param string $name |
|
| 214 | + * @return bool |
|
| 215 | + */ |
|
| 216 | + public function removeCertificate(string $name): bool { |
|
| 217 | + if (!Filesystem::isValidPath($name)) { |
|
| 218 | + return false; |
|
| 219 | + } |
|
| 220 | + $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 221 | + if ($this->view->file_exists($path . $name)) { |
|
| 222 | + $this->view->unlink($path . $name); |
|
| 223 | + $this->createCertificateBundle(); |
|
| 224 | + } |
|
| 225 | + return true; |
|
| 226 | + } |
|
| 227 | + |
|
| 228 | + /** |
|
| 229 | + * Get the path to the certificate bundle |
|
| 230 | + * |
|
| 231 | + * @return string |
|
| 232 | + */ |
|
| 233 | + public function getCertificateBundle(): string { |
|
| 234 | + return $this->getPathToCertificates() . 'rootcerts.crt'; |
|
| 235 | + } |
|
| 236 | + |
|
| 237 | + /** |
|
| 238 | + * Get the full local path to the certificate bundle |
|
| 239 | + * |
|
| 240 | + * @return string |
|
| 241 | + */ |
|
| 242 | + public function getAbsoluteBundlePath(): string { |
|
| 243 | + try { |
|
| 244 | + if (!$this->hasCertificates()) { |
|
| 245 | + return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 246 | + } |
|
| 247 | + |
|
| 248 | + if ($this->needsRebundling()) { |
|
| 249 | + $this->createCertificateBundle(); |
|
| 250 | + } |
|
| 251 | + |
|
| 252 | + return $this->view->getLocalFile($this->getCertificateBundle()); |
|
| 253 | + } catch (\Exception $e) { |
|
| 254 | + return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 255 | + } |
|
| 256 | + } |
|
| 257 | + |
|
| 258 | + /** |
|
| 259 | + * @return string |
|
| 260 | + */ |
|
| 261 | + private function getPathToCertificates(): string { |
|
| 262 | + return '/files_external/'; |
|
| 263 | + } |
|
| 264 | + |
|
| 265 | + /** |
|
| 266 | + * Check if we need to re-bundle the certificates because one of the sources has updated |
|
| 267 | + * |
|
| 268 | + * @return bool |
|
| 269 | + */ |
|
| 270 | + private function needsRebundling(): bool { |
|
| 271 | + $targetBundle = $this->getCertificateBundle(); |
|
| 272 | + if (!$this->view->file_exists($targetBundle)) { |
|
| 273 | + return true; |
|
| 274 | + } |
|
| 275 | + |
|
| 276 | + $sourceMTime = $this->getFilemtimeOfCaBundle(); |
|
| 277 | + return $sourceMTime > $this->view->filemtime($targetBundle); |
|
| 278 | + } |
|
| 279 | + |
|
| 280 | + /** |
|
| 281 | + * get mtime of ca-bundle shipped by Nextcloud |
|
| 282 | + * |
|
| 283 | + * @return int |
|
| 284 | + */ |
|
| 285 | + protected function getFilemtimeOfCaBundle(): int { |
|
| 286 | + return filemtime(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); |
|
| 287 | + } |
|
| 288 | 288 | } |
@@ -87,7 +87,7 @@ discard block |
||
| 87 | 87 | return []; |
| 88 | 88 | } |
| 89 | 89 | |
| 90 | - $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 90 | + $path = $this->getPathToCertificates().'uploads/'; |
|
| 91 | 91 | if (!$this->view->is_dir($path)) { |
| 92 | 92 | return []; |
| 93 | 93 | } |
@@ -99,7 +99,7 @@ discard block |
||
| 99 | 99 | while (false !== ($file = readdir($handle))) { |
| 100 | 100 | if ($file != '.' && $file != '..') { |
| 101 | 101 | try { |
| 102 | - $result[] = new Certificate($this->view->file_get_contents($path . $file), $file); |
|
| 102 | + $result[] = new Certificate($this->view->file_get_contents($path.$file), $file); |
|
| 103 | 103 | } catch (\Exception $e) { |
| 104 | 104 | } |
| 105 | 105 | } |
@@ -113,7 +113,7 @@ discard block |
||
| 113 | 113 | return false; |
| 114 | 114 | } |
| 115 | 115 | |
| 116 | - $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 116 | + $path = $this->getPathToCertificates().'uploads/'; |
|
| 117 | 117 | if (!$this->view->is_dir($path)) { |
| 118 | 118 | return false; |
| 119 | 119 | } |
@@ -142,20 +142,20 @@ discard block |
||
| 142 | 142 | $this->view->mkdir($path); |
| 143 | 143 | } |
| 144 | 144 | |
| 145 | - $defaultCertificates = file_get_contents(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); |
|
| 145 | + $defaultCertificates = file_get_contents(\OC::$SERVERROOT.'/resources/config/ca-bundle.crt'); |
|
| 146 | 146 | if (strlen($defaultCertificates) < 1024) { // sanity check to verify that we have some content for our bundle |
| 147 | 147 | // log as exception so we have a stacktrace |
| 148 | 148 | $this->logger->logException(new \Exception('Shipped ca-bundle is empty, refusing to create certificate bundle')); |
| 149 | 149 | return; |
| 150 | 150 | } |
| 151 | 151 | |
| 152 | - $certPath = $path . 'rootcerts.crt'; |
|
| 153 | - $tmpPath = $certPath . '.tmp' . $this->random->generate(10, ISecureRandom::CHAR_DIGITS); |
|
| 152 | + $certPath = $path.'rootcerts.crt'; |
|
| 153 | + $tmpPath = $certPath.'.tmp'.$this->random->generate(10, ISecureRandom::CHAR_DIGITS); |
|
| 154 | 154 | $fhCerts = $this->view->fopen($tmpPath, 'w'); |
| 155 | 155 | |
| 156 | 156 | // Write user certificates |
| 157 | 157 | foreach ($certs as $cert) { |
| 158 | - $file = $path . '/uploads/' . $cert->getName(); |
|
| 158 | + $file = $path.'/uploads/'.$cert->getName(); |
|
| 159 | 159 | $data = $this->view->file_get_contents($file); |
| 160 | 160 | if (strpos($data, 'BEGIN CERTIFICATE')) { |
| 161 | 161 | fwrite($fhCerts, $data); |
@@ -191,13 +191,13 @@ discard block |
||
| 191 | 191 | throw new \Exception('Filename is not valid'); |
| 192 | 192 | } |
| 193 | 193 | |
| 194 | - $dir = $this->getPathToCertificates() . 'uploads/'; |
|
| 194 | + $dir = $this->getPathToCertificates().'uploads/'; |
|
| 195 | 195 | if (!$this->view->file_exists($dir)) { |
| 196 | 196 | $this->view->mkdir($dir); |
| 197 | 197 | } |
| 198 | 198 | |
| 199 | 199 | try { |
| 200 | - $file = $dir . $name; |
|
| 200 | + $file = $dir.$name; |
|
| 201 | 201 | $certificateObject = new Certificate($certificate, $name); |
| 202 | 202 | $this->view->file_put_contents($file, $certificate); |
| 203 | 203 | $this->createCertificateBundle(); |
@@ -217,9 +217,9 @@ discard block |
||
| 217 | 217 | if (!Filesystem::isValidPath($name)) { |
| 218 | 218 | return false; |
| 219 | 219 | } |
| 220 | - $path = $this->getPathToCertificates() . 'uploads/'; |
|
| 221 | - if ($this->view->file_exists($path . $name)) { |
|
| 222 | - $this->view->unlink($path . $name); |
|
| 220 | + $path = $this->getPathToCertificates().'uploads/'; |
|
| 221 | + if ($this->view->file_exists($path.$name)) { |
|
| 222 | + $this->view->unlink($path.$name); |
|
| 223 | 223 | $this->createCertificateBundle(); |
| 224 | 224 | } |
| 225 | 225 | return true; |
@@ -231,7 +231,7 @@ discard block |
||
| 231 | 231 | * @return string |
| 232 | 232 | */ |
| 233 | 233 | public function getCertificateBundle(): string { |
| 234 | - return $this->getPathToCertificates() . 'rootcerts.crt'; |
|
| 234 | + return $this->getPathToCertificates().'rootcerts.crt'; |
|
| 235 | 235 | } |
| 236 | 236 | |
| 237 | 237 | /** |
@@ -242,7 +242,7 @@ discard block |
||
| 242 | 242 | public function getAbsoluteBundlePath(): string { |
| 243 | 243 | try { |
| 244 | 244 | if (!$this->hasCertificates()) { |
| 245 | - return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 245 | + return \OC::$SERVERROOT.'/resources/config/ca-bundle.crt'; |
|
| 246 | 246 | } |
| 247 | 247 | |
| 248 | 248 | if ($this->needsRebundling()) { |
@@ -251,7 +251,7 @@ discard block |
||
| 251 | 251 | |
| 252 | 252 | return $this->view->getLocalFile($this->getCertificateBundle()); |
| 253 | 253 | } catch (\Exception $e) { |
| 254 | - return \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 254 | + return \OC::$SERVERROOT.'/resources/config/ca-bundle.crt'; |
|
| 255 | 255 | } |
| 256 | 256 | } |
| 257 | 257 | |
@@ -283,6 +283,6 @@ discard block |
||
| 283 | 283 | * @return int |
| 284 | 284 | */ |
| 285 | 285 | protected function getFilemtimeOfCaBundle(): int { |
| 286 | - return filemtime(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt'); |
|
| 286 | + return filemtime(\OC::$SERVERROOT.'/resources/config/ca-bundle.crt'); |
|
| 287 | 287 | } |
| 288 | 288 | } |
@@ -26,19 +26,19 @@ |
||
| 26 | 26 | use OCP\Files\ObjectStore\IObjectStore; |
| 27 | 27 | |
| 28 | 28 | class S3 implements IObjectStore { |
| 29 | - use S3ConnectionTrait; |
|
| 30 | - use S3ObjectTrait; |
|
| 29 | + use S3ConnectionTrait; |
|
| 30 | + use S3ObjectTrait; |
|
| 31 | 31 | |
| 32 | - public function __construct($parameters) { |
|
| 33 | - $parameters['primary_storage'] = true; |
|
| 34 | - $this->parseParams($parameters); |
|
| 35 | - } |
|
| 32 | + public function __construct($parameters) { |
|
| 33 | + $parameters['primary_storage'] = true; |
|
| 34 | + $this->parseParams($parameters); |
|
| 35 | + } |
|
| 36 | 36 | |
| 37 | - /** |
|
| 38 | - * @return string the container or bucket name where objects are stored |
|
| 39 | - * @since 7.0.0 |
|
| 40 | - */ |
|
| 41 | - public function getStorageId() { |
|
| 42 | - return $this->id; |
|
| 43 | - } |
|
| 37 | + /** |
|
| 38 | + * @return string the container or bucket name where objects are stored |
|
| 39 | + * @since 7.0.0 |
|
| 40 | + */ |
|
| 41 | + public function getStorageId() { |
|
| 42 | + return $this->id; |
|
| 43 | + } |
|
| 44 | 44 | } |
@@ -42,181 +42,181 @@ |
||
| 42 | 42 | use OCP\ILogger; |
| 43 | 43 | |
| 44 | 44 | trait S3ConnectionTrait { |
| 45 | - /** @var array */ |
|
| 46 | - protected $params; |
|
| 47 | - |
|
| 48 | - /** @var S3Client */ |
|
| 49 | - protected $connection; |
|
| 50 | - |
|
| 51 | - /** @var string */ |
|
| 52 | - protected $id; |
|
| 53 | - |
|
| 54 | - /** @var string */ |
|
| 55 | - protected $bucket; |
|
| 56 | - |
|
| 57 | - /** @var int */ |
|
| 58 | - protected $timeout; |
|
| 59 | - |
|
| 60 | - /** @var string */ |
|
| 61 | - protected $proxy; |
|
| 62 | - |
|
| 63 | - /** @var int */ |
|
| 64 | - protected $uploadPartSize; |
|
| 65 | - |
|
| 66 | - /** @var int */ |
|
| 67 | - private $putSizeLimit; |
|
| 68 | - |
|
| 69 | - protected $test; |
|
| 70 | - |
|
| 71 | - protected function parseParams($params) { |
|
| 72 | - if (empty($params['bucket'])) { |
|
| 73 | - throw new \Exception("Bucket has to be configured."); |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - $this->id = 'amazon::' . $params['bucket']; |
|
| 77 | - |
|
| 78 | - $this->test = isset($params['test']); |
|
| 79 | - $this->bucket = $params['bucket']; |
|
| 80 | - $this->proxy = $params['proxy'] ?? false; |
|
| 81 | - $this->timeout = $params['timeout'] ?? 15; |
|
| 82 | - $this->uploadPartSize = $params['uploadPartSize'] ?? 524288000; |
|
| 83 | - $this->putSizeLimit = $params['putSizeLimit'] ?? 104857600; |
|
| 84 | - $params['region'] = empty($params['region']) ? 'eu-west-1' : $params['region']; |
|
| 85 | - $params['hostname'] = empty($params['hostname']) ? 's3.' . $params['region'] . '.amazonaws.com' : $params['hostname']; |
|
| 86 | - if (!isset($params['port']) || $params['port'] === '') { |
|
| 87 | - $params['port'] = (isset($params['use_ssl']) && $params['use_ssl'] === false) ? 80 : 443; |
|
| 88 | - } |
|
| 89 | - $params['verify_bucket_exists'] = empty($params['verify_bucket_exists']) ? true : $params['verify_bucket_exists']; |
|
| 90 | - $this->params = $params; |
|
| 91 | - } |
|
| 92 | - |
|
| 93 | - public function getBucket() { |
|
| 94 | - return $this->bucket; |
|
| 95 | - } |
|
| 96 | - |
|
| 97 | - public function getProxy() { |
|
| 98 | - return $this->proxy; |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - /** |
|
| 102 | - * Returns the connection |
|
| 103 | - * |
|
| 104 | - * @return S3Client connected client |
|
| 105 | - * @throws \Exception if connection could not be made |
|
| 106 | - */ |
|
| 107 | - public function getConnection() { |
|
| 108 | - if (!is_null($this->connection)) { |
|
| 109 | - return $this->connection; |
|
| 110 | - } |
|
| 111 | - |
|
| 112 | - $scheme = (isset($this->params['use_ssl']) && $this->params['use_ssl'] === false) ? 'http' : 'https'; |
|
| 113 | - $base_url = $scheme . '://' . $this->params['hostname'] . ':' . $this->params['port'] . '/'; |
|
| 114 | - |
|
| 115 | - // Adding explicit credential provider to the beginning chain. |
|
| 116 | - // Including default credential provider (skipping AWS shared config files). |
|
| 117 | - $provider = CredentialProvider::memoize( |
|
| 118 | - CredentialProvider::chain( |
|
| 119 | - $this->paramCredentialProvider(), |
|
| 120 | - CredentialProvider::defaultProvider(['use_aws_shared_config_files' => false]) |
|
| 121 | - ) |
|
| 122 | - ); |
|
| 123 | - |
|
| 124 | - // since we store the certificate bundles on the primary storage, we can't get the bundle while setting up the primary storage |
|
| 125 | - if (!isset($this->params['primary_storage'])) { |
|
| 126 | - /** @var ICertificateManager $certManager */ |
|
| 127 | - $certManager = \OC::$server->get(ICertificateManager::class); |
|
| 128 | - $certPath = $certManager->getAbsoluteBundlePath(); |
|
| 129 | - } else { |
|
| 130 | - $certPath = \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 131 | - } |
|
| 132 | - |
|
| 133 | - $options = [ |
|
| 134 | - 'version' => isset($this->params['version']) ? $this->params['version'] : 'latest', |
|
| 135 | - 'credentials' => $provider, |
|
| 136 | - 'endpoint' => $base_url, |
|
| 137 | - 'region' => $this->params['region'], |
|
| 138 | - 'use_path_style_endpoint' => isset($this->params['use_path_style']) ? $this->params['use_path_style'] : false, |
|
| 139 | - 'signature_provider' => \Aws\or_chain([self::class, 'legacySignatureProvider'], ClientResolver::_default_signature_provider()), |
|
| 140 | - 'csm' => false, |
|
| 141 | - 'use_arn_region' => false, |
|
| 142 | - 'http' => ['verify' => $certPath], |
|
| 143 | - ]; |
|
| 144 | - if ($this->getProxy()) { |
|
| 145 | - $options['http']['proxy'] = $this->getProxy(); |
|
| 146 | - } |
|
| 147 | - if (isset($this->params['legacy_auth']) && $this->params['legacy_auth']) { |
|
| 148 | - $options['signature_version'] = 'v2'; |
|
| 149 | - } |
|
| 150 | - $this->connection = new S3Client($options); |
|
| 151 | - |
|
| 152 | - if (!$this->connection::isBucketDnsCompatible($this->bucket)) { |
|
| 153 | - $logger = \OC::$server->getLogger(); |
|
| 154 | - $logger->debug('Bucket "' . $this->bucket . '" This bucket name is not dns compatible, it may contain invalid characters.', |
|
| 155 | - ['app' => 'objectstore']); |
|
| 156 | - } |
|
| 157 | - |
|
| 158 | - if ($this->params['verify_bucket_exists'] && !$this->connection->doesBucketExist($this->bucket)) { |
|
| 159 | - $logger = \OC::$server->getLogger(); |
|
| 160 | - try { |
|
| 161 | - $logger->info('Bucket "' . $this->bucket . '" does not exist - creating it.', ['app' => 'objectstore']); |
|
| 162 | - if (!$this->connection::isBucketDnsCompatible($this->bucket)) { |
|
| 163 | - throw new \Exception("The bucket will not be created because the name is not dns compatible, please correct it: " . $this->bucket); |
|
| 164 | - } |
|
| 165 | - $this->connection->createBucket(['Bucket' => $this->bucket]); |
|
| 166 | - $this->testTimeout(); |
|
| 167 | - } catch (S3Exception $e) { |
|
| 168 | - $logger->logException($e, [ |
|
| 169 | - 'message' => 'Invalid remote storage.', |
|
| 170 | - 'level' => ILogger::DEBUG, |
|
| 171 | - 'app' => 'objectstore', |
|
| 172 | - ]); |
|
| 173 | - throw new \Exception('Creation of bucket "' . $this->bucket . '" failed. ' . $e->getMessage()); |
|
| 174 | - } |
|
| 175 | - } |
|
| 176 | - |
|
| 177 | - // google cloud's s3 compatibility doesn't like the EncodingType parameter |
|
| 178 | - if (strpos($base_url, 'storage.googleapis.com')) { |
|
| 179 | - $this->connection->getHandlerList()->remove('s3.auto_encode'); |
|
| 180 | - } |
|
| 181 | - |
|
| 182 | - return $this->connection; |
|
| 183 | - } |
|
| 184 | - |
|
| 185 | - /** |
|
| 186 | - * when running the tests wait to let the buckets catch up |
|
| 187 | - */ |
|
| 188 | - private function testTimeout() { |
|
| 189 | - if ($this->test) { |
|
| 190 | - sleep($this->timeout); |
|
| 191 | - } |
|
| 192 | - } |
|
| 193 | - |
|
| 194 | - public static function legacySignatureProvider($version, $service, $region) { |
|
| 195 | - switch ($version) { |
|
| 196 | - case 'v2': |
|
| 197 | - case 's3': |
|
| 198 | - return new S3Signature(); |
|
| 199 | - default: |
|
| 200 | - return null; |
|
| 201 | - } |
|
| 202 | - } |
|
| 203 | - |
|
| 204 | - /** |
|
| 205 | - * This function creates a credential provider based on user parameter file |
|
| 206 | - */ |
|
| 207 | - protected function paramCredentialProvider() : callable { |
|
| 208 | - return function () { |
|
| 209 | - $key = empty($this->params['key']) ? null : $this->params['key']; |
|
| 210 | - $secret = empty($this->params['secret']) ? null : $this->params['secret']; |
|
| 211 | - |
|
| 212 | - if ($key && $secret) { |
|
| 213 | - return Promise\promise_for( |
|
| 214 | - new Credentials($key, $secret) |
|
| 215 | - ); |
|
| 216 | - } |
|
| 217 | - |
|
| 218 | - $msg = 'Could not find parameters set for credentials in config file.'; |
|
| 219 | - return new RejectedPromise(new CredentialsException($msg)); |
|
| 220 | - }; |
|
| 221 | - } |
|
| 45 | + /** @var array */ |
|
| 46 | + protected $params; |
|
| 47 | + |
|
| 48 | + /** @var S3Client */ |
|
| 49 | + protected $connection; |
|
| 50 | + |
|
| 51 | + /** @var string */ |
|
| 52 | + protected $id; |
|
| 53 | + |
|
| 54 | + /** @var string */ |
|
| 55 | + protected $bucket; |
|
| 56 | + |
|
| 57 | + /** @var int */ |
|
| 58 | + protected $timeout; |
|
| 59 | + |
|
| 60 | + /** @var string */ |
|
| 61 | + protected $proxy; |
|
| 62 | + |
|
| 63 | + /** @var int */ |
|
| 64 | + protected $uploadPartSize; |
|
| 65 | + |
|
| 66 | + /** @var int */ |
|
| 67 | + private $putSizeLimit; |
|
| 68 | + |
|
| 69 | + protected $test; |
|
| 70 | + |
|
| 71 | + protected function parseParams($params) { |
|
| 72 | + if (empty($params['bucket'])) { |
|
| 73 | + throw new \Exception("Bucket has to be configured."); |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + $this->id = 'amazon::' . $params['bucket']; |
|
| 77 | + |
|
| 78 | + $this->test = isset($params['test']); |
|
| 79 | + $this->bucket = $params['bucket']; |
|
| 80 | + $this->proxy = $params['proxy'] ?? false; |
|
| 81 | + $this->timeout = $params['timeout'] ?? 15; |
|
| 82 | + $this->uploadPartSize = $params['uploadPartSize'] ?? 524288000; |
|
| 83 | + $this->putSizeLimit = $params['putSizeLimit'] ?? 104857600; |
|
| 84 | + $params['region'] = empty($params['region']) ? 'eu-west-1' : $params['region']; |
|
| 85 | + $params['hostname'] = empty($params['hostname']) ? 's3.' . $params['region'] . '.amazonaws.com' : $params['hostname']; |
|
| 86 | + if (!isset($params['port']) || $params['port'] === '') { |
|
| 87 | + $params['port'] = (isset($params['use_ssl']) && $params['use_ssl'] === false) ? 80 : 443; |
|
| 88 | + } |
|
| 89 | + $params['verify_bucket_exists'] = empty($params['verify_bucket_exists']) ? true : $params['verify_bucket_exists']; |
|
| 90 | + $this->params = $params; |
|
| 91 | + } |
|
| 92 | + |
|
| 93 | + public function getBucket() { |
|
| 94 | + return $this->bucket; |
|
| 95 | + } |
|
| 96 | + |
|
| 97 | + public function getProxy() { |
|
| 98 | + return $this->proxy; |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + /** |
|
| 102 | + * Returns the connection |
|
| 103 | + * |
|
| 104 | + * @return S3Client connected client |
|
| 105 | + * @throws \Exception if connection could not be made |
|
| 106 | + */ |
|
| 107 | + public function getConnection() { |
|
| 108 | + if (!is_null($this->connection)) { |
|
| 109 | + return $this->connection; |
|
| 110 | + } |
|
| 111 | + |
|
| 112 | + $scheme = (isset($this->params['use_ssl']) && $this->params['use_ssl'] === false) ? 'http' : 'https'; |
|
| 113 | + $base_url = $scheme . '://' . $this->params['hostname'] . ':' . $this->params['port'] . '/'; |
|
| 114 | + |
|
| 115 | + // Adding explicit credential provider to the beginning chain. |
|
| 116 | + // Including default credential provider (skipping AWS shared config files). |
|
| 117 | + $provider = CredentialProvider::memoize( |
|
| 118 | + CredentialProvider::chain( |
|
| 119 | + $this->paramCredentialProvider(), |
|
| 120 | + CredentialProvider::defaultProvider(['use_aws_shared_config_files' => false]) |
|
| 121 | + ) |
|
| 122 | + ); |
|
| 123 | + |
|
| 124 | + // since we store the certificate bundles on the primary storage, we can't get the bundle while setting up the primary storage |
|
| 125 | + if (!isset($this->params['primary_storage'])) { |
|
| 126 | + /** @var ICertificateManager $certManager */ |
|
| 127 | + $certManager = \OC::$server->get(ICertificateManager::class); |
|
| 128 | + $certPath = $certManager->getAbsoluteBundlePath(); |
|
| 129 | + } else { |
|
| 130 | + $certPath = \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 131 | + } |
|
| 132 | + |
|
| 133 | + $options = [ |
|
| 134 | + 'version' => isset($this->params['version']) ? $this->params['version'] : 'latest', |
|
| 135 | + 'credentials' => $provider, |
|
| 136 | + 'endpoint' => $base_url, |
|
| 137 | + 'region' => $this->params['region'], |
|
| 138 | + 'use_path_style_endpoint' => isset($this->params['use_path_style']) ? $this->params['use_path_style'] : false, |
|
| 139 | + 'signature_provider' => \Aws\or_chain([self::class, 'legacySignatureProvider'], ClientResolver::_default_signature_provider()), |
|
| 140 | + 'csm' => false, |
|
| 141 | + 'use_arn_region' => false, |
|
| 142 | + 'http' => ['verify' => $certPath], |
|
| 143 | + ]; |
|
| 144 | + if ($this->getProxy()) { |
|
| 145 | + $options['http']['proxy'] = $this->getProxy(); |
|
| 146 | + } |
|
| 147 | + if (isset($this->params['legacy_auth']) && $this->params['legacy_auth']) { |
|
| 148 | + $options['signature_version'] = 'v2'; |
|
| 149 | + } |
|
| 150 | + $this->connection = new S3Client($options); |
|
| 151 | + |
|
| 152 | + if (!$this->connection::isBucketDnsCompatible($this->bucket)) { |
|
| 153 | + $logger = \OC::$server->getLogger(); |
|
| 154 | + $logger->debug('Bucket "' . $this->bucket . '" This bucket name is not dns compatible, it may contain invalid characters.', |
|
| 155 | + ['app' => 'objectstore']); |
|
| 156 | + } |
|
| 157 | + |
|
| 158 | + if ($this->params['verify_bucket_exists'] && !$this->connection->doesBucketExist($this->bucket)) { |
|
| 159 | + $logger = \OC::$server->getLogger(); |
|
| 160 | + try { |
|
| 161 | + $logger->info('Bucket "' . $this->bucket . '" does not exist - creating it.', ['app' => 'objectstore']); |
|
| 162 | + if (!$this->connection::isBucketDnsCompatible($this->bucket)) { |
|
| 163 | + throw new \Exception("The bucket will not be created because the name is not dns compatible, please correct it: " . $this->bucket); |
|
| 164 | + } |
|
| 165 | + $this->connection->createBucket(['Bucket' => $this->bucket]); |
|
| 166 | + $this->testTimeout(); |
|
| 167 | + } catch (S3Exception $e) { |
|
| 168 | + $logger->logException($e, [ |
|
| 169 | + 'message' => 'Invalid remote storage.', |
|
| 170 | + 'level' => ILogger::DEBUG, |
|
| 171 | + 'app' => 'objectstore', |
|
| 172 | + ]); |
|
| 173 | + throw new \Exception('Creation of bucket "' . $this->bucket . '" failed. ' . $e->getMessage()); |
|
| 174 | + } |
|
| 175 | + } |
|
| 176 | + |
|
| 177 | + // google cloud's s3 compatibility doesn't like the EncodingType parameter |
|
| 178 | + if (strpos($base_url, 'storage.googleapis.com')) { |
|
| 179 | + $this->connection->getHandlerList()->remove('s3.auto_encode'); |
|
| 180 | + } |
|
| 181 | + |
|
| 182 | + return $this->connection; |
|
| 183 | + } |
|
| 184 | + |
|
| 185 | + /** |
|
| 186 | + * when running the tests wait to let the buckets catch up |
|
| 187 | + */ |
|
| 188 | + private function testTimeout() { |
|
| 189 | + if ($this->test) { |
|
| 190 | + sleep($this->timeout); |
|
| 191 | + } |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + public static function legacySignatureProvider($version, $service, $region) { |
|
| 195 | + switch ($version) { |
|
| 196 | + case 'v2': |
|
| 197 | + case 's3': |
|
| 198 | + return new S3Signature(); |
|
| 199 | + default: |
|
| 200 | + return null; |
|
| 201 | + } |
|
| 202 | + } |
|
| 203 | + |
|
| 204 | + /** |
|
| 205 | + * This function creates a credential provider based on user parameter file |
|
| 206 | + */ |
|
| 207 | + protected function paramCredentialProvider() : callable { |
|
| 208 | + return function () { |
|
| 209 | + $key = empty($this->params['key']) ? null : $this->params['key']; |
|
| 210 | + $secret = empty($this->params['secret']) ? null : $this->params['secret']; |
|
| 211 | + |
|
| 212 | + if ($key && $secret) { |
|
| 213 | + return Promise\promise_for( |
|
| 214 | + new Credentials($key, $secret) |
|
| 215 | + ); |
|
| 216 | + } |
|
| 217 | + |
|
| 218 | + $msg = 'Could not find parameters set for credentials in config file.'; |
|
| 219 | + return new RejectedPromise(new CredentialsException($msg)); |
|
| 220 | + }; |
|
| 221 | + } |
|
| 222 | 222 | } |
@@ -73,7 +73,7 @@ discard block |
||
| 73 | 73 | throw new \Exception("Bucket has to be configured."); |
| 74 | 74 | } |
| 75 | 75 | |
| 76 | - $this->id = 'amazon::' . $params['bucket']; |
|
| 76 | + $this->id = 'amazon::'.$params['bucket']; |
|
| 77 | 77 | |
| 78 | 78 | $this->test = isset($params['test']); |
| 79 | 79 | $this->bucket = $params['bucket']; |
@@ -82,7 +82,7 @@ discard block |
||
| 82 | 82 | $this->uploadPartSize = $params['uploadPartSize'] ?? 524288000; |
| 83 | 83 | $this->putSizeLimit = $params['putSizeLimit'] ?? 104857600; |
| 84 | 84 | $params['region'] = empty($params['region']) ? 'eu-west-1' : $params['region']; |
| 85 | - $params['hostname'] = empty($params['hostname']) ? 's3.' . $params['region'] . '.amazonaws.com' : $params['hostname']; |
|
| 85 | + $params['hostname'] = empty($params['hostname']) ? 's3.'.$params['region'].'.amazonaws.com' : $params['hostname']; |
|
| 86 | 86 | if (!isset($params['port']) || $params['port'] === '') { |
| 87 | 87 | $params['port'] = (isset($params['use_ssl']) && $params['use_ssl'] === false) ? 80 : 443; |
| 88 | 88 | } |
@@ -110,7 +110,7 @@ discard block |
||
| 110 | 110 | } |
| 111 | 111 | |
| 112 | 112 | $scheme = (isset($this->params['use_ssl']) && $this->params['use_ssl'] === false) ? 'http' : 'https'; |
| 113 | - $base_url = $scheme . '://' . $this->params['hostname'] . ':' . $this->params['port'] . '/'; |
|
| 113 | + $base_url = $scheme.'://'.$this->params['hostname'].':'.$this->params['port'].'/'; |
|
| 114 | 114 | |
| 115 | 115 | // Adding explicit credential provider to the beginning chain. |
| 116 | 116 | // Including default credential provider (skipping AWS shared config files). |
@@ -127,7 +127,7 @@ discard block |
||
| 127 | 127 | $certManager = \OC::$server->get(ICertificateManager::class); |
| 128 | 128 | $certPath = $certManager->getAbsoluteBundlePath(); |
| 129 | 129 | } else { |
| 130 | - $certPath = \OC::$SERVERROOT . '/resources/config/ca-bundle.crt'; |
|
| 130 | + $certPath = \OC::$SERVERROOT.'/resources/config/ca-bundle.crt'; |
|
| 131 | 131 | } |
| 132 | 132 | |
| 133 | 133 | $options = [ |
@@ -151,16 +151,16 @@ discard block |
||
| 151 | 151 | |
| 152 | 152 | if (!$this->connection::isBucketDnsCompatible($this->bucket)) { |
| 153 | 153 | $logger = \OC::$server->getLogger(); |
| 154 | - $logger->debug('Bucket "' . $this->bucket . '" This bucket name is not dns compatible, it may contain invalid characters.', |
|
| 154 | + $logger->debug('Bucket "'.$this->bucket.'" This bucket name is not dns compatible, it may contain invalid characters.', |
|
| 155 | 155 | ['app' => 'objectstore']); |
| 156 | 156 | } |
| 157 | 157 | |
| 158 | 158 | if ($this->params['verify_bucket_exists'] && !$this->connection->doesBucketExist($this->bucket)) { |
| 159 | 159 | $logger = \OC::$server->getLogger(); |
| 160 | 160 | try { |
| 161 | - $logger->info('Bucket "' . $this->bucket . '" does not exist - creating it.', ['app' => 'objectstore']); |
|
| 161 | + $logger->info('Bucket "'.$this->bucket.'" does not exist - creating it.', ['app' => 'objectstore']); |
|
| 162 | 162 | if (!$this->connection::isBucketDnsCompatible($this->bucket)) { |
| 163 | - throw new \Exception("The bucket will not be created because the name is not dns compatible, please correct it: " . $this->bucket); |
|
| 163 | + throw new \Exception("The bucket will not be created because the name is not dns compatible, please correct it: ".$this->bucket); |
|
| 164 | 164 | } |
| 165 | 165 | $this->connection->createBucket(['Bucket' => $this->bucket]); |
| 166 | 166 | $this->testTimeout(); |
@@ -170,7 +170,7 @@ discard block |
||
| 170 | 170 | 'level' => ILogger::DEBUG, |
| 171 | 171 | 'app' => 'objectstore', |
| 172 | 172 | ]); |
| 173 | - throw new \Exception('Creation of bucket "' . $this->bucket . '" failed. ' . $e->getMessage()); |
|
| 173 | + throw new \Exception('Creation of bucket "'.$this->bucket.'" failed. '.$e->getMessage()); |
|
| 174 | 174 | } |
| 175 | 175 | } |
| 176 | 176 | |
@@ -205,7 +205,7 @@ discard block |
||
| 205 | 205 | * This function creates a credential provider based on user parameter file |
| 206 | 206 | */ |
| 207 | 207 | protected function paramCredentialProvider() : callable { |
| 208 | - return function () { |
|
| 208 | + return function() { |
|
| 209 | 209 | $key = empty($this->params['key']) ? null : $this->params['key']; |
| 210 | 210 | $secret = empty($this->params['secret']) ? null : $this->params['secret']; |
| 211 | 211 | |
