nextcloud / server

lib/public/Encryption/IFile.php

Indentation +8 added lines, -8 removed lines

@@ -32,13 +32,13 @@
  */
 interface IFile {
 
-	/**
-	 * get list of users with access to the file
-	 *
-	 * @param string $path to the file
-	 * @return array
-	 * @since 8.1.0
-	 */
-	public function getAccessList($path);
+    /**
+     * get list of users with access to the file
+     *
+     * @param string $path to the file
+     * @return array
+     * @since 8.1.0
+     */
+    public function getAccessList($path);
 
 }

lib/public/Encryption/IManager.php

Indentation +55 added lines, -55 removed lines

@@ -34,67 +34,67 @@
  */
 interface IManager {
 
-	/**
-	 * Check if encryption is available (at least one encryption module needs to be enabled)
-	 *
-	 * @return bool true if enabled, false if not
-	 * @since 8.1.0
-	 */
-	public function isEnabled();
+    /**
+     * Check if encryption is available (at least one encryption module needs to be enabled)
+     *
+     * @return bool true if enabled, false if not
+     * @since 8.1.0
+     */
+    public function isEnabled();
 
-	/**
-	 * Registers an callback function which must return an encryption module instance
-	 *
-	 * @param string $id
-	 * @param string $displayName
-	 * @param callable $callback
-	 * @throws ModuleAlreadyExistsException
-	 * @since 8.1.0
-	 */
-	public function registerEncryptionModule($id, $displayName, callable $callback);
+    /**
+     * Registers an callback function which must return an encryption module instance
+     *
+     * @param string $id
+     * @param string $displayName
+     * @param callable $callback
+     * @throws ModuleAlreadyExistsException
+     * @since 8.1.0
+     */
+    public function registerEncryptionModule($id, $displayName, callable $callback);
 
-	/**
-	 * Unregisters an encryption module
-	 *
-	 * @param string $moduleId
-	 * @since 8.1.0
-	 */
-	public function unregisterEncryptionModule($moduleId);
+    /**
+     * Unregisters an encryption module
+     *
+     * @param string $moduleId
+     * @since 8.1.0
+     */
+    public function unregisterEncryptionModule($moduleId);
 
-	/**
-	 * get a list of all encryption modules
-	 *
-	 * @return array [id => ['id' => $id, 'displayName' => $displayName, 'callback' => callback]]
-	 * @since 8.1.0
-	 */
-	public function getEncryptionModules();
+    /**
+     * get a list of all encryption modules
+     *
+     * @return array [id => ['id' => $id, 'displayName' => $displayName, 'callback' => callback]]
+     * @since 8.1.0
+     */
+    public function getEncryptionModules();
 
 
-	/**
-	 * get a specific encryption module
-	 *
-	 * @param string $moduleId Empty to get the default module
-	 * @return IEncryptionModule
-	 * @throws ModuleDoesNotExistsException
-	 * @since 8.1.0
-	 */
-	public function getEncryptionModule($moduleId = '');
+    /**
+     * get a specific encryption module
+     *
+     * @param string $moduleId Empty to get the default module
+     * @return IEncryptionModule
+     * @throws ModuleDoesNotExistsException
+     * @since 8.1.0
+     */
+    public function getEncryptionModule($moduleId = '');
 
-	/**
-	 * get default encryption module Id
-	 *
-	 * @return string
-	 * @since 8.1.0
-	 */
-	public function getDefaultEncryptionModuleId();
+    /**
+     * get default encryption module Id
+     *
+     * @return string
+     * @since 8.1.0
+     */
+    public function getDefaultEncryptionModuleId();
 
-	/**
-	 * set default encryption module Id
-	 *
-	 * @param string $moduleId
-	 * @return string
-	 * @since 8.1.0
-	 */
-	public function setDefaultEncryptionModule($moduleId);
+    /**
+     * set default encryption module Id
+     *
+     * @param string $moduleId
+     * @return string
+     * @since 8.1.0
+     */
+    public function setDefaultEncryptionModule($moduleId);
 
 }

lib/public/Encryption/Keys/IStorage.php

Indentation +135 added lines, -135 removed lines

@@ -33,151 +33,151 @@
  */
 interface IStorage {
 
-	/**
-	 * get user specific key
-	 *
-	 * @param string $uid ID if the user for whom we want the key
-	 * @param string $keyId id of the key
-	 * @param string $encryptionModuleId
-	 *
-	 * @return mixed key
-	 * @since 8.1.0
-	 */
-	public function getUserKey($uid, $keyId, $encryptionModuleId);
+    /**
+     * get user specific key
+     *
+     * @param string $uid ID if the user for whom we want the key
+     * @param string $keyId id of the key
+     * @param string $encryptionModuleId
+     *
+     * @return mixed key
+     * @since 8.1.0
+     */
+    public function getUserKey($uid, $keyId, $encryptionModuleId);
 
-	/**
-	 * get file specific key
-	 *
-	 * @param string $path path to file
-	 * @param string $keyId id of the key
-	 * @param string $encryptionModuleId
-	 *
-	 * @return mixed key
-	 * @since 8.1.0
-	 */
-	public function getFileKey($path, $keyId, $encryptionModuleId);
+    /**
+     * get file specific key
+     *
+     * @param string $path path to file
+     * @param string $keyId id of the key
+     * @param string $encryptionModuleId
+     *
+     * @return mixed key
+     * @since 8.1.0
+     */
+    public function getFileKey($path, $keyId, $encryptionModuleId);
 
-	/**
-	 * get system-wide encryption keys not related to a specific user,
-	 * e.g something like a key for public link shares
-	 *
-	 * @param string $keyId id of the key
-	 * @param string $encryptionModuleId
-	 *
-	 * @return mixed key
-	 * @since 8.1.0
-	 */
-	public function getSystemUserKey($keyId, $encryptionModuleId);
+    /**
+     * get system-wide encryption keys not related to a specific user,
+     * e.g something like a key for public link shares
+     *
+     * @param string $keyId id of the key
+     * @param string $encryptionModuleId
+     *
+     * @return mixed key
+     * @since 8.1.0
+     */
+    public function getSystemUserKey($keyId, $encryptionModuleId);
 
-	/**
-	 * set user specific key
-	 *
-	 * @param string $uid ID if the user for whom we want the key
-	 * @param string $keyId id of the key
-	 * @param mixed $key
-	 * @param string $encryptionModuleId
-	 * @since 8.1.0
-	 */
-	public function setUserKey($uid, $keyId, $key, $encryptionModuleId);
+    /**
+     * set user specific key
+     *
+     * @param string $uid ID if the user for whom we want the key
+     * @param string $keyId id of the key
+     * @param mixed $key
+     * @param string $encryptionModuleId
+     * @since 8.1.0
+     */
+    public function setUserKey($uid, $keyId, $key, $encryptionModuleId);
 
-	/**
-	 * set file specific key
-	 *
-	 * @param string $path path to file
-	 * @param string $keyId id of the key
-	 * @param mixed $key
-	 * @param string $encryptionModuleId
-	 * @since 8.1.0
-	 */
-	public function setFileKey($path, $keyId, $key, $encryptionModuleId);
+    /**
+     * set file specific key
+     *
+     * @param string $path path to file
+     * @param string $keyId id of the key
+     * @param mixed $key
+     * @param string $encryptionModuleId
+     * @since 8.1.0
+     */
+    public function setFileKey($path, $keyId, $key, $encryptionModuleId);
 
-	/**
-	 * set system-wide encryption keys not related to a specific user,
-	 * e.g something like a key for public link shares
-	 *
-	 * @param string $keyId id of the key
-	 * @param mixed $key
-	 * @param string $encryptionModuleId
-	 *
-	 * @return mixed key
-	 * @since 8.1.0
-	 */
-	public function setSystemUserKey($keyId, $key, $encryptionModuleId);
+    /**
+     * set system-wide encryption keys not related to a specific user,
+     * e.g something like a key for public link shares
+     *
+     * @param string $keyId id of the key
+     * @param mixed $key
+     * @param string $encryptionModuleId
+     *
+     * @return mixed key
+     * @since 8.1.0
+     */
+    public function setSystemUserKey($keyId, $key, $encryptionModuleId);
 
-	/**
-	 * delete user specific key
-	 *
-	 * @param string $uid ID if the user for whom we want to delete the key
-	 * @param string $keyId id of the key
-	 * @param string $encryptionModuleId
-	 *
-	 * @return boolean False when the key could not be deleted
-	 * @since 8.1.0
-	 */
-	public function deleteUserKey($uid, $keyId, $encryptionModuleId);
+    /**
+     * delete user specific key
+     *
+     * @param string $uid ID if the user for whom we want to delete the key
+     * @param string $keyId id of the key
+     * @param string $encryptionModuleId
+     *
+     * @return boolean False when the key could not be deleted
+     * @since 8.1.0
+     */
+    public function deleteUserKey($uid, $keyId, $encryptionModuleId);
 
-	/**
-	 * delete file specific key
-	 *
-	 * @param string $path path to file
-	 * @param string $keyId id of the key
-	 * @param string $encryptionModuleId
-	 *
-	 * @return boolean False when the key could not be deleted
-	 * @since 8.1.0
-	 */
-	public function deleteFileKey($path, $keyId, $encryptionModuleId);
+    /**
+     * delete file specific key
+     *
+     * @param string $path path to file
+     * @param string $keyId id of the key
+     * @param string $encryptionModuleId
+     *
+     * @return boolean False when the key could not be deleted
+     * @since 8.1.0
+     */
+    public function deleteFileKey($path, $keyId, $encryptionModuleId);
 
-	/**
-	 * delete all file keys for a given file
-	 *
-	 * @param string $path to the file
-	 *
-	 * @return boolean False when the keys could not be deleted
-	 * @since 8.1.0
-	 */
-	public function deleteAllFileKeys($path);
+    /**
+     * delete all file keys for a given file
+     *
+     * @param string $path to the file
+     *
+     * @return boolean False when the keys could not be deleted
+     * @since 8.1.0
+     */
+    public function deleteAllFileKeys($path);
 
-	/**
-	 * delete system-wide encryption keys not related to a specific user,
-	 * e.g something like a key for public link shares
-	 *
-	 * @param string $keyId id of the key
-	 * @param string $encryptionModuleId
-	 *
-	 * @return boolean False when the key could not be deleted
-	 * @since 8.1.0
-	 */
-	public function deleteSystemUserKey($keyId, $encryptionModuleId);
+    /**
+     * delete system-wide encryption keys not related to a specific user,
+     * e.g something like a key for public link shares
+     *
+     * @param string $keyId id of the key
+     * @param string $encryptionModuleId
+     *
+     * @return boolean False when the key could not be deleted
+     * @since 8.1.0
+     */
+    public function deleteSystemUserKey($keyId, $encryptionModuleId);
 
-	/**
-	 * copy keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 * @since 8.1.0
-	 */
-	public function renameKeys($source, $target);
+    /**
+     * copy keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     * @since 8.1.0
+     */
+    public function renameKeys($source, $target);
 
-	/**
-	 * move keys if a file was renamed
-	 *
-	 * @param string $source
-	 * @param string $target
-	 * @return boolean
-	 * @since 8.1.0
-	 */
-	public function copyKeys($source, $target);
+    /**
+     * move keys if a file was renamed
+     *
+     * @param string $source
+     * @param string $target
+     * @return boolean
+     * @since 8.1.0
+     */
+    public function copyKeys($source, $target);
 
-	/**
-	 * backup keys of a given encryption module
-	 *
-	 * @param string $encryptionModuleId
-	 * @param string $purpose
-	 * @param string $uid
-	 * @return bool
-	 * @since 12.0.0
-	 */
-	public function backupUserKeys($encryptionModuleId, $purpose, $uid);
+    /**
+     * backup keys of a given encryption module
+     *
+     * @param string $encryptionModuleId
+     * @param string $purpose
+     * @param string $uid
+     * @return bool
+     * @since 12.0.0
+     */
+    public function backupUserKeys($encryptionModuleId, $purpose, $uid);
 }

lib/public/IPreview.php

Spacing +1 added lines, -1 removed lines

@@ -46,7 +46,7 @@
 	/**
 	 * @since 9.2.0
 	 */
-	const EVENT = self::class . ':' . 'PreviewRequested';
+	const EVENT = self::class.':'.'PreviewRequested';
 
 	const MODE_FILL = 'fill';
 	const MODE_COVER = 'cover';

Indentation +74 added lines, -74 removed lines

@@ -43,86 +43,86 @@
  */
 interface IPreview {
 
-	/**
-	 * @since 9.2.0
-	 */
-	const EVENT = self::class . ':' . 'PreviewRequested';
+    /**
+     * @since 9.2.0
+     */
+    const EVENT = self::class . ':' . 'PreviewRequested';
 
-	const MODE_FILL = 'fill';
-	const MODE_COVER = 'cover';
+    const MODE_FILL = 'fill';
+    const MODE_COVER = 'cover';
 
-	/**
-	 * In order to improve lazy loading a closure can be registered which will be
-	 * called in case preview providers are actually requested
-	 *
-	 * $callable has to return an instance of \OCP\Preview\IProvider
-	 *
-	 * @param string $mimeTypeRegex Regex with the mime types that are supported by this provider
-	 * @param \Closure $callable
-	 * @return void
-	 * @since 8.1.0
-	 */
-	public function registerProvider($mimeTypeRegex, \Closure $callable);
+    /**
+     * In order to improve lazy loading a closure can be registered which will be
+     * called in case preview providers are actually requested
+     *
+     * $callable has to return an instance of \OCP\Preview\IProvider
+     *
+     * @param string $mimeTypeRegex Regex with the mime types that are supported by this provider
+     * @param \Closure $callable
+     * @return void
+     * @since 8.1.0
+     */
+    public function registerProvider($mimeTypeRegex, \Closure $callable);
 
-	/**
-	 * Get all providers
-	 * @return array
-	 * @since 8.1.0
-	 */
-	public function getProviders();
+    /**
+     * Get all providers
+     * @return array
+     * @since 8.1.0
+     */
+    public function getProviders();
 
-	/**
-	 * Does the manager have any providers
-	 * @return bool
-	 * @since 8.1.0
-	 */
-	public function hasProviders();
+    /**
+     * Does the manager have any providers
+     * @return bool
+     * @since 8.1.0
+     */
+    public function hasProviders();
 
-	/**
-	 * Return a preview of a file
-	 * @param string $file The path to the file where you want a thumbnail from
-	 * @param int $maxX The maximum X size of the thumbnail. It can be smaller depending on the shape of the image
-	 * @param int $maxY The maximum Y size of the thumbnail. It can be smaller depending on the shape of the image
-	 * @param boolean $scaleUp Scale smaller images up to the thumbnail size or not. Might look ugly
-	 * @return \OCP\IImage
-	 * @since 6.0.0
-	 * @deprecated 11 Use getPreview
-	 */
-	public function createPreview($file, $maxX = 100, $maxY = 75, $scaleUp = false);
+    /**
+     * Return a preview of a file
+     * @param string $file The path to the file where you want a thumbnail from
+     * @param int $maxX The maximum X size of the thumbnail. It can be smaller depending on the shape of the image
+     * @param int $maxY The maximum Y size of the thumbnail. It can be smaller depending on the shape of the image
+     * @param boolean $scaleUp Scale smaller images up to the thumbnail size or not. Might look ugly
+     * @return \OCP\IImage
+     * @since 6.0.0
+     * @deprecated 11 Use getPreview
+     */
+    public function createPreview($file, $maxX = 100, $maxY = 75, $scaleUp = false);
 
-	/**
-	 * Returns a preview of a file
-	 *
-	 * The cache is searched first and if nothing usable was found then a preview is
-	 * generated by one of the providers
-	 *
-	 * @param File $file
-	 * @param int $width
-	 * @param int $height
-	 * @param bool $crop
-	 * @param string $mode
-	 * @param string $mimeType To force a given mimetype for the file (files_versions needs this)
-	 * @return ISimpleFile
-	 * @throws NotFoundException
-	 * @throws \InvalidArgumentException if the preview would be invalid (in case the original image is invalid)
-	 * @since 11.0.0 - \InvalidArgumentException was added in 12.0.0
-	 */
-	public function getPreview(File $file, $width = -1, $height = -1, $crop = false, $mode = IPreview::MODE_FILL, $mimeType = null);
+    /**
+     * Returns a preview of a file
+     *
+     * The cache is searched first and if nothing usable was found then a preview is
+     * generated by one of the providers
+     *
+     * @param File $file
+     * @param int $width
+     * @param int $height
+     * @param bool $crop
+     * @param string $mode
+     * @param string $mimeType To force a given mimetype for the file (files_versions needs this)
+     * @return ISimpleFile
+     * @throws NotFoundException
+     * @throws \InvalidArgumentException if the preview would be invalid (in case the original image is invalid)
+     * @since 11.0.0 - \InvalidArgumentException was added in 12.0.0
+     */
+    public function getPreview(File $file, $width = -1, $height = -1, $crop = false, $mode = IPreview::MODE_FILL, $mimeType = null);
 
-	/**
-	 * Returns true if the passed mime type is supported
-	 * @param string $mimeType
-	 * @return boolean
-	 * @since 6.0.0
-	 */
-	public function isMimeSupported($mimeType = '*');
+    /**
+     * Returns true if the passed mime type is supported
+     * @param string $mimeType
+     * @return boolean
+     * @since 6.0.0
+     */
+    public function isMimeSupported($mimeType = '*');
 
-	/**
-	 * Check if a preview can be generated for a file
-	 *
-	 * @param \OCP\Files\FileInfo $file
-	 * @return bool
-	 * @since 8.0.0
-	 */
-	public function isAvailable(\OCP\Files\FileInfo $file);
+    /**
+     * Check if a preview can be generated for a file
+     *
+     * @param \OCP\Files\FileInfo $file
+     * @return bool
+     * @since 8.0.0
+     */
+    public function isAvailable(\OCP\Files\FileInfo $file);
 }

lib/private/Authentication/LoginCredentials/Credentials.php

Indentation +34 added lines, -34 removed lines

@@ -28,45 +28,45 @@
 
 class Credentials implements ICredentials {
 
-	/** @var string */
-	private $uid;
+    /** @var string */
+    private $uid;
 
-	/** @var string */
-	private $loginName;
+    /** @var string */
+    private $loginName;
 
-	/** @var string */
-	private $password;
+    /** @var string */
+    private $password;
 
-	/**
-	 * @param string $uid
-	 * @param string $loginName
-	 * @param string $password
-	 */
-	public function __construct($uid, $loginName, $password) {
-		$this->uid = $uid;
-		$this->loginName = $loginName;
-		$this->password = $password;
-	}
+    /**
+     * @param string $uid
+     * @param string $loginName
+     * @param string $password
+     */
+    public function __construct($uid, $loginName, $password) {
+        $this->uid = $uid;
+        $this->loginName = $loginName;
+        $this->password = $password;
+    }
 
-	/**
-	 * @return string
-	 */
-	public function getUID() {
-		return $this->uid;
-	}
+    /**
+     * @return string
+     */
+    public function getUID() {
+        return $this->uid;
+    }
 
-	/**
-	 * @return string
-	 */
-	public function getLoginName() {
-		return $this->loginName;
-	}
+    /**
+     * @return string
+     */
+    public function getLoginName() {
+        return $this->loginName;
+    }
 
-	/**
-	 * @return string
-	 */
-	public function getPassword() {
-		return $this->password;
-	}
+    /**
+     * @return string
+     */
+    public function getPassword() {
+        return $this->password;
+    }
 
 }

lib/private/Authentication/LoginCredentials/Store.php

Indentation +79 added lines, -79 removed lines

@@ -37,84 +37,84 @@
 
 class Store implements IStore {
 
-	/** @var ISession */
-	private $session;
-
-	/** @var ILogger */
-	private $logger;
-
-	/** @var IProvider|null */
-	private $tokenProvider;
-
-	/**
-	 * @param ISession $session
-	 * @param ILogger $logger
-	 * @param IProvider $tokenProvider
-	 */
-	public function __construct(ISession $session, ILogger $logger, IProvider $tokenProvider = null) {
-		$this->session = $session;
-		$this->logger = $logger;
-		$this->tokenProvider = $tokenProvider;
-
-		Util::connectHook('OC_User', 'post_login', $this, 'authenticate');
-	}
-
-	/**
-	 * Hook listener on post login
-	 *
-	 * @param array $params
-	 */
-	public function authenticate(array $params) {
-		$this->session->set('login_credentials', json_encode($params));
-	}
-
-	/**
-	 * Replace the session implementation
-	 *
-	 * @param ISession $session
-	 */
-	public function setSession(ISession $session) {
-		$this->session = $session;
-	}
-
-	/**
-	 * @since 12
-	 *
-	 * @return ICredentials the login credentials of the current user
-	 * @throws CredentialsUnavailableException
-	 */
-	public function getLoginCredentials() {
-		if (is_null($this->tokenProvider)) {
-			throw new CredentialsUnavailableException();
-		}
-
-		$trySession = false;
-		try {
-			$sessionId = $this->session->getId();
-			$token = $this->tokenProvider->getToken($sessionId);
-
-			$uid = $token->getUID();
-			$user = $token->getLoginName();
-			$password = $this->tokenProvider->getPassword($token, $sessionId);
-
-			return new Credentials($uid, $user, $password);
-		} catch (SessionNotAvailableException $ex) {
-			$this->logger->debug('could not get login credentials because session is unavailable', ['app' => 'core']);
-		} catch (InvalidTokenException $ex) {
-			$this->logger->debug('could not get login credentials because the token is invalid', ['app' => 'core']);
-			$trySession = true;
-		} catch (PasswordlessTokenException $ex) {
-			$this->logger->debug('could not get login credentials because the token has no password', ['app' => 'core']);
-			$trySession = true;
-		}
-
-		if ($trySession && $this->session->exists('login_credentials')) {
-			$creds = json_decode($this->session->get('login_credentials'));
-			return new Credentials($creds->uid, $creds->uid, $creds->password);
-		}
-
-		// If we reach this line, an exception was thrown.
-		throw new CredentialsUnavailableException();
-	}
+    /** @var ISession */
+    private $session;
+
+    /** @var ILogger */
+    private $logger;
+
+    /** @var IProvider|null */
+    private $tokenProvider;
+
+    /**
+     * @param ISession $session
+     * @param ILogger $logger
+     * @param IProvider $tokenProvider
+     */
+    public function __construct(ISession $session, ILogger $logger, IProvider $tokenProvider = null) {
+        $this->session = $session;
+        $this->logger = $logger;
+        $this->tokenProvider = $tokenProvider;
+
+        Util::connectHook('OC_User', 'post_login', $this, 'authenticate');
+    }
+
+    /**
+     * Hook listener on post login
+     *
+     * @param array $params
+     */
+    public function authenticate(array $params) {
+        $this->session->set('login_credentials', json_encode($params));
+    }
+
+    /**
+     * Replace the session implementation
+     *
+     * @param ISession $session
+     */
+    public function setSession(ISession $session) {
+        $this->session = $session;
+    }
+
+    /**
+     * @since 12
+     *
+     * @return ICredentials the login credentials of the current user
+     * @throws CredentialsUnavailableException
+     */
+    public function getLoginCredentials() {
+        if (is_null($this->tokenProvider)) {
+            throw new CredentialsUnavailableException();
+        }
+
+        $trySession = false;
+        try {
+            $sessionId = $this->session->getId();
+            $token = $this->tokenProvider->getToken($sessionId);
+
+            $uid = $token->getUID();
+            $user = $token->getLoginName();
+            $password = $this->tokenProvider->getPassword($token, $sessionId);
+
+            return new Credentials($uid, $user, $password);
+        } catch (SessionNotAvailableException $ex) {
+            $this->logger->debug('could not get login credentials because session is unavailable', ['app' => 'core']);
+        } catch (InvalidTokenException $ex) {
+            $this->logger->debug('could not get login credentials because the token is invalid', ['app' => 'core']);
+            $trySession = true;
+        } catch (PasswordlessTokenException $ex) {
+            $this->logger->debug('could not get login credentials because the token has no password', ['app' => 'core']);
+            $trySession = true;
+        }
+
+        if ($trySession && $this->session->exists('login_credentials')) {
+            $creds = json_decode($this->session->get('login_credentials'));
+            return new Credentials($creds->uid, $creds->uid, $creds->password);
+        }
+
+        // If we reach this line, an exception was thrown.
+        throw new CredentialsUnavailableException();
+    }
 
 }

lib/private/Authentication/TwoFactorAuth/Manager.php

Spacing +1 added lines, -1 removed lines

@@ -159,7 +159,7 @@
 			}
 		}
 
-		return array_filter($providers, function ($provider) use ($user) {
+		return array_filter($providers, function($provider) use ($user) {
 			/* @var $provider IProvider */
 			return $provider->isTwoFactorAuthEnabledForUser($user);
 		});

Indentation +302 added lines, -302 removed lines

@@ -46,310 +46,310 @@
 
 class Manager {
 
-	const SESSION_UID_KEY = 'two_factor_auth_uid';
-	const SESSION_UID_DONE = 'two_factor_auth_passed';
-	const BACKUP_CODES_APP_ID = 'twofactor_backupcodes';
-	const BACKUP_CODES_PROVIDER_ID = 'backup_codes';
-	const REMEMBER_LOGIN = 'two_factor_remember_login';
-
-	/** @var AppManager */
-	private $appManager;
-
-	/** @var ISession */
-	private $session;
-
-	/** @var IConfig */
-	private $config;
-
-	/** @var IManager */
-	private $activityManager;
-
-	/** @var ILogger */
-	private $logger;
-
-	/** @var TokenProvider */
-	private $tokenProvider;
-
-	/** @var ITimeFactory */
-	private $timeFactory;
-
-	/** @var EventDispatcherInterface */
-	private $dispatcher;
-
-	/**
-	 * @param AppManager $appManager
-	 * @param ISession $session
-	 * @param IConfig $config
-	 * @param IManager $activityManager
-	 * @param ILogger $logger
-	 * @param TokenProvider $tokenProvider
-	 * @param ITimeFactory $timeFactory
-	 * @param EventDispatcherInterface $eventDispatcher
-	 */
-	public function __construct(AppManager $appManager,
-								ISession $session,
-								IConfig $config,
-								IManager $activityManager,
-								ILogger $logger,
-								TokenProvider $tokenProvider,
-								ITimeFactory $timeFactory,
-								EventDispatcherInterface $eventDispatcher) {
-		$this->appManager = $appManager;
-		$this->session = $session;
-		$this->config = $config;
-		$this->activityManager = $activityManager;
-		$this->logger = $logger;
-		$this->tokenProvider = $tokenProvider;
-		$this->timeFactory = $timeFactory;
-		$this->dispatcher = $eventDispatcher;
-	}
-
-	/**
-	 * Determine whether the user must provide a second factor challenge
-	 *
-	 * @param IUser $user
-	 * @return boolean
-	 */
-	public function isTwoFactorAuthenticated(IUser $user): bool {
-		$twoFactorEnabled = ((int) $this->config->getUserValue($user->getUID(), 'core', 'two_factor_auth_disabled', 0)) === 0;
-		return $twoFactorEnabled && \count($this->getProviders($user)) > 0;
-	}
-
-	/**
-	 * Disable 2FA checks for the given user
-	 *
-	 * @param IUser $user
-	 */
-	public function disableTwoFactorAuthentication(IUser $user) {
-		$this->config->setUserValue($user->getUID(), 'core', 'two_factor_auth_disabled', 1);
-	}
-
-	/**
-	 * Enable all 2FA checks for the given user
-	 *
-	 * @param IUser $user
-	 */
-	public function enableTwoFactorAuthentication(IUser $user) {
-		$this->config->deleteUserValue($user->getUID(), 'core', 'two_factor_auth_disabled');
-	}
-
-	/**
-	 * Get a 2FA provider by its ID
-	 *
-	 * @param IUser $user
-	 * @param string $challengeProviderId
-	 * @return IProvider|null
-	 */
-	public function getProvider(IUser $user, string $challengeProviderId) {
-		$providers = $this->getProviders($user, true);
-		return $providers[$challengeProviderId] ?? null;
-	}
-
-	/**
-	 * @param IUser $user
-	 * @return IProvider|null the backup provider, if enabled for the given user
-	 */
-	public function getBackupProvider(IUser $user) {
-		$providers = $this->getProviders($user, true);
-		if (!isset($providers[self::BACKUP_CODES_PROVIDER_ID])) {
-			return null;
-		}
-		return $providers[self::BACKUP_CODES_PROVIDER_ID];
-	}
-
-	/**
-	 * Get the list of 2FA providers for the given user
-	 *
-	 * @param IUser $user
-	 * @param bool $includeBackupApp
-	 * @return IProvider[]
-	 * @throws Exception
-	 */
-	public function getProviders(IUser $user, bool $includeBackupApp = false): array {
-		$allApps = $this->appManager->getEnabledAppsForUser($user);
-		$providers = [];
-
-		foreach ($allApps as $appId) {
-			if (!$includeBackupApp && $appId === self::BACKUP_CODES_APP_ID) {
-				continue;
-			}
-
-			$info = $this->appManager->getAppInfo($appId);
-			if (isset($info['two-factor-providers'])) {
-				/** @var string[] $providerClasses */
-				$providerClasses = $info['two-factor-providers'];
-				foreach ($providerClasses as $class) {
-					try {
-						$this->loadTwoFactorApp($appId);
-						$provider = OC::$server->query($class);
-						$providers[$provider->getId()] = $provider;
-					} catch (QueryException $exc) {
-						// Provider class can not be resolved
-						throw new Exception("Could not load two-factor auth provider $class");
-					}
-				}
-			}
-		}
-
-		return array_filter($providers, function ($provider) use ($user) {
-			/* @var $provider IProvider */
-			return $provider->isTwoFactorAuthEnabledForUser($user);
-		});
-	}
-
-	/**
-	 * Load an app by ID if it has not been loaded yet
-	 *
-	 * @param string $appId
-	 */
-	protected function loadTwoFactorApp(string $appId) {
-		if (!OC_App::isAppLoaded($appId)) {
-			OC_App::loadApp($appId);
-		}
-	}
-
-	/**
-	 * Verify the given challenge
-	 *
-	 * @param string $providerId
-	 * @param IUser $user
-	 * @param string $challenge
-	 * @return boolean
-	 */
-	public function verifyChallenge(string $providerId, IUser $user, string $challenge): bool {
-		$provider = $this->getProvider($user, $providerId);
-		if ($provider === null) {
-			return false;
-		}
-
-		$passed = $provider->verifyChallenge($user, $challenge);
-		if ($passed) {
-			if ($this->session->get(self::REMEMBER_LOGIN) === true) {
-				// TODO: resolve cyclic dependency and use DI
-				\OC::$server->getUserSession()->createRememberMeToken($user);
-			}
-			$this->session->remove(self::SESSION_UID_KEY);
-			$this->session->remove(self::REMEMBER_LOGIN);
-			$this->session->set(self::SESSION_UID_DONE, $user->getUID());
-
-			// Clear token from db
-			$sessionId = $this->session->getId();
-			$token = $this->tokenProvider->getToken($sessionId);
-			$tokenId = $token->getId();
-			$this->config->deleteUserValue($user->getUID(), 'login_token_2fa', $tokenId);
-
-			$dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]);
-			$this->dispatcher->dispatch(IProvider::EVENT_SUCCESS, $dispatchEvent);
-
-			$this->publishEvent($user, 'twofactor_success', [
-				'provider' => $provider->getDisplayName(),
-			]);
-		} else {
-			$dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]);
-			$this->dispatcher->dispatch(IProvider::EVENT_FAILED, $dispatchEvent);
-
-			$this->publishEvent($user, 'twofactor_failed', [
-				'provider' => $provider->getDisplayName(),
-			]);
-		}
-		return $passed;
-	}
-
-	/**
-	 * Push a 2fa event the user's activity stream
-	 *
-	 * @param IUser $user
-	 * @param string $event
-	 * @param array $params
-	 */
-	private function publishEvent(IUser $user, string $event, array $params) {
-		$activity = $this->activityManager->generateEvent();
-		$activity->setApp('core')
-			->setType('security')
-			->setAuthor($user->getUID())
-			->setAffectedUser($user->getUID())
-			->setSubject($event, $params);
-		try {
-			$this->activityManager->publish($activity);
-		} catch (BadMethodCallException $e) {
-			$this->logger->warning('could not publish backup code creation activity', ['app' => 'core']);
-			$this->logger->logException($e, ['app' => 'core']);
-		}
-	}
-
-	/**
-	 * Check if the currently logged in user needs to pass 2FA
-	 *
-	 * @param IUser $user the currently logged in user
-	 * @return boolean
-	 */
-	public function needsSecondFactor(IUser $user = null): bool {
-		if ($user === null) {
-			return false;
-		}
-
-		// If we are authenticated using an app password skip all this
-		if ($this->session->exists('app_password')) {
-			return false;
-		}
-
-		// First check if the session tells us we should do 2FA (99% case)
-		if (!$this->session->exists(self::SESSION_UID_KEY)) {
-
-			// Check if the session tells us it is 2FA authenticated already
-			if ($this->session->exists(self::SESSION_UID_DONE) &&
-				$this->session->get(self::SESSION_UID_DONE) === $user->getUID()) {
-				return false;
-			}
-
-			/*
+    const SESSION_UID_KEY = 'two_factor_auth_uid';
+    const SESSION_UID_DONE = 'two_factor_auth_passed';
+    const BACKUP_CODES_APP_ID = 'twofactor_backupcodes';
+    const BACKUP_CODES_PROVIDER_ID = 'backup_codes';
+    const REMEMBER_LOGIN = 'two_factor_remember_login';
+
+    /** @var AppManager */
+    private $appManager;
+
+    /** @var ISession */
+    private $session;
+
+    /** @var IConfig */
+    private $config;
+
+    /** @var IManager */
+    private $activityManager;
+
+    /** @var ILogger */
+    private $logger;
+
+    /** @var TokenProvider */
+    private $tokenProvider;
+
+    /** @var ITimeFactory */
+    private $timeFactory;
+
+    /** @var EventDispatcherInterface */
+    private $dispatcher;
+
+    /**
+     * @param AppManager $appManager
+     * @param ISession $session
+     * @param IConfig $config
+     * @param IManager $activityManager
+     * @param ILogger $logger
+     * @param TokenProvider $tokenProvider
+     * @param ITimeFactory $timeFactory
+     * @param EventDispatcherInterface $eventDispatcher
+     */
+    public function __construct(AppManager $appManager,
+                                ISession $session,
+                                IConfig $config,
+                                IManager $activityManager,
+                                ILogger $logger,
+                                TokenProvider $tokenProvider,
+                                ITimeFactory $timeFactory,
+                                EventDispatcherInterface $eventDispatcher) {
+        $this->appManager = $appManager;
+        $this->session = $session;
+        $this->config = $config;
+        $this->activityManager = $activityManager;
+        $this->logger = $logger;
+        $this->tokenProvider = $tokenProvider;
+        $this->timeFactory = $timeFactory;
+        $this->dispatcher = $eventDispatcher;
+    }
+
+    /**
+     * Determine whether the user must provide a second factor challenge
+     *
+     * @param IUser $user
+     * @return boolean
+     */
+    public function isTwoFactorAuthenticated(IUser $user): bool {
+        $twoFactorEnabled = ((int) $this->config->getUserValue($user->getUID(), 'core', 'two_factor_auth_disabled', 0)) === 0;
+        return $twoFactorEnabled && \count($this->getProviders($user)) > 0;
+    }
+
+    /**
+     * Disable 2FA checks for the given user
+     *
+     * @param IUser $user
+     */
+    public function disableTwoFactorAuthentication(IUser $user) {
+        $this->config->setUserValue($user->getUID(), 'core', 'two_factor_auth_disabled', 1);
+    }
+
+    /**
+     * Enable all 2FA checks for the given user
+     *
+     * @param IUser $user
+     */
+    public function enableTwoFactorAuthentication(IUser $user) {
+        $this->config->deleteUserValue($user->getUID(), 'core', 'two_factor_auth_disabled');
+    }
+
+    /**
+     * Get a 2FA provider by its ID
+     *
+     * @param IUser $user
+     * @param string $challengeProviderId
+     * @return IProvider|null
+     */
+    public function getProvider(IUser $user, string $challengeProviderId) {
+        $providers = $this->getProviders($user, true);
+        return $providers[$challengeProviderId] ?? null;
+    }
+
+    /**
+     * @param IUser $user
+     * @return IProvider|null the backup provider, if enabled for the given user
+     */
+    public function getBackupProvider(IUser $user) {
+        $providers = $this->getProviders($user, true);
+        if (!isset($providers[self::BACKUP_CODES_PROVIDER_ID])) {
+            return null;
+        }
+        return $providers[self::BACKUP_CODES_PROVIDER_ID];
+    }
+
+    /**
+     * Get the list of 2FA providers for the given user
+     *
+     * @param IUser $user
+     * @param bool $includeBackupApp
+     * @return IProvider[]
+     * @throws Exception
+     */
+    public function getProviders(IUser $user, bool $includeBackupApp = false): array {
+        $allApps = $this->appManager->getEnabledAppsForUser($user);
+        $providers = [];
+
+        foreach ($allApps as $appId) {
+            if (!$includeBackupApp && $appId === self::BACKUP_CODES_APP_ID) {
+                continue;
+            }
+
+            $info = $this->appManager->getAppInfo($appId);
+            if (isset($info['two-factor-providers'])) {
+                /** @var string[] $providerClasses */
+                $providerClasses = $info['two-factor-providers'];
+                foreach ($providerClasses as $class) {
+                    try {
+                        $this->loadTwoFactorApp($appId);
+                        $provider = OC::$server->query($class);
+                        $providers[$provider->getId()] = $provider;
+                    } catch (QueryException $exc) {
+                        // Provider class can not be resolved
+                        throw new Exception("Could not load two-factor auth provider $class");
+                    }
+                }
+            }
+        }
+
+        return array_filter($providers, function ($provider) use ($user) {
+            /* @var $provider IProvider */
+            return $provider->isTwoFactorAuthEnabledForUser($user);
+        });
+    }
+
+    /**
+     * Load an app by ID if it has not been loaded yet
+     *
+     * @param string $appId
+     */
+    protected function loadTwoFactorApp(string $appId) {
+        if (!OC_App::isAppLoaded($appId)) {
+            OC_App::loadApp($appId);
+        }
+    }
+
+    /**
+     * Verify the given challenge
+     *
+     * @param string $providerId
+     * @param IUser $user
+     * @param string $challenge
+     * @return boolean
+     */
+    public function verifyChallenge(string $providerId, IUser $user, string $challenge): bool {
+        $provider = $this->getProvider($user, $providerId);
+        if ($provider === null) {
+            return false;
+        }
+
+        $passed = $provider->verifyChallenge($user, $challenge);
+        if ($passed) {
+            if ($this->session->get(self::REMEMBER_LOGIN) === true) {
+                // TODO: resolve cyclic dependency and use DI
+                \OC::$server->getUserSession()->createRememberMeToken($user);
+            }
+            $this->session->remove(self::SESSION_UID_KEY);
+            $this->session->remove(self::REMEMBER_LOGIN);
+            $this->session->set(self::SESSION_UID_DONE, $user->getUID());
+
+            // Clear token from db
+            $sessionId = $this->session->getId();
+            $token = $this->tokenProvider->getToken($sessionId);
+            $tokenId = $token->getId();
+            $this->config->deleteUserValue($user->getUID(), 'login_token_2fa', $tokenId);
+
+            $dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]);
+            $this->dispatcher->dispatch(IProvider::EVENT_SUCCESS, $dispatchEvent);
+
+            $this->publishEvent($user, 'twofactor_success', [
+                'provider' => $provider->getDisplayName(),
+            ]);
+        } else {
+            $dispatchEvent = new GenericEvent($user, ['provider' => $provider->getDisplayName()]);
+            $this->dispatcher->dispatch(IProvider::EVENT_FAILED, $dispatchEvent);
+
+            $this->publishEvent($user, 'twofactor_failed', [
+                'provider' => $provider->getDisplayName(),
+            ]);
+        }
+        return $passed;
+    }
+
+    /**
+     * Push a 2fa event the user's activity stream
+     *
+     * @param IUser $user
+     * @param string $event
+     * @param array $params
+     */
+    private function publishEvent(IUser $user, string $event, array $params) {
+        $activity = $this->activityManager->generateEvent();
+        $activity->setApp('core')
+            ->setType('security')
+            ->setAuthor($user->getUID())
+            ->setAffectedUser($user->getUID())
+            ->setSubject($event, $params);
+        try {
+            $this->activityManager->publish($activity);
+        } catch (BadMethodCallException $e) {
+            $this->logger->warning('could not publish backup code creation activity', ['app' => 'core']);
+            $this->logger->logException($e, ['app' => 'core']);
+        }
+    }
+
+    /**
+     * Check if the currently logged in user needs to pass 2FA
+     *
+     * @param IUser $user the currently logged in user
+     * @return boolean
+     */
+    public function needsSecondFactor(IUser $user = null): bool {
+        if ($user === null) {
+            return false;
+        }
+
+        // If we are authenticated using an app password skip all this
+        if ($this->session->exists('app_password')) {
+            return false;
+        }
+
+        // First check if the session tells us we should do 2FA (99% case)
+        if (!$this->session->exists(self::SESSION_UID_KEY)) {
+
+            // Check if the session tells us it is 2FA authenticated already
+            if ($this->session->exists(self::SESSION_UID_DONE) &&
+                $this->session->get(self::SESSION_UID_DONE) === $user->getUID()) {
+                return false;
+            }
+
+            /*
 			 * If the session is expired check if we are not logged in by a token
 			 * that still needs 2FA auth
 			 */
-			try {
-				$sessionId = $this->session->getId();
-				$token = $this->tokenProvider->getToken($sessionId);
-				$tokenId = $token->getId();
-				$tokensNeeding2FA = $this->config->getUserKeys($user->getUID(), 'login_token_2fa');
-
-				if (!\in_array($tokenId, $tokensNeeding2FA, true)) {
-					$this->session->set(self::SESSION_UID_DONE, $user->getUID());
-					return false;
-				}
-			} catch (InvalidTokenException $e) {
-			}
-		}
-
-		if (!$this->isTwoFactorAuthenticated($user)) {
-			// There is no second factor any more -> let the user pass
-			//   This prevents infinite redirect loops when a user is about
-			//   to solve the 2FA challenge, and the provider app is
-			//   disabled the same time
-			$this->session->remove(self::SESSION_UID_KEY);
-
-			$keys = $this->config->getUserKeys($user->getUID(), 'login_token_2fa');
-			foreach ($keys as $key) {
-				$this->config->deleteUserValue($user->getUID(), 'login_token_2fa', $key);
-			}
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * Prepare the 2FA login
-	 *
-	 * @param IUser $user
-	 * @param boolean $rememberMe
-	 */
-	public function prepareTwoFactorLogin(IUser $user, bool $rememberMe) {
-		$this->session->set(self::SESSION_UID_KEY, $user->getUID());
-		$this->session->set(self::REMEMBER_LOGIN, $rememberMe);
-
-		$id = $this->session->getId();
-		$token = $this->tokenProvider->getToken($id);
-		$this->config->setUserValue($user->getUID(), 'login_token_2fa', $token->getId(), $this->timeFactory->getTime());
-	}
+            try {
+                $sessionId = $this->session->getId();
+                $token = $this->tokenProvider->getToken($sessionId);
+                $tokenId = $token->getId();
+                $tokensNeeding2FA = $this->config->getUserKeys($user->getUID(), 'login_token_2fa');
+
+                if (!\in_array($tokenId, $tokensNeeding2FA, true)) {
+                    $this->session->set(self::SESSION_UID_DONE, $user->getUID());
+                    return false;
+                }
+            } catch (InvalidTokenException $e) {
+            }
+        }
+
+        if (!$this->isTwoFactorAuthenticated($user)) {
+            // There is no second factor any more -> let the user pass
+            //   This prevents infinite redirect loops when a user is about
+            //   to solve the 2FA challenge, and the provider app is
+            //   disabled the same time
+            $this->session->remove(self::SESSION_UID_KEY);
+
+            $keys = $this->config->getUserKeys($user->getUID(), 'login_token_2fa');
+            foreach ($keys as $key) {
+                $this->config->deleteUserValue($user->getUID(), 'login_token_2fa', $key);
+            }
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Prepare the 2FA login
+     *
+     * @param IUser $user
+     * @param boolean $rememberMe
+     */
+    public function prepareTwoFactorLogin(IUser $user, bool $rememberMe) {
+        $this->session->set(self::SESSION_UID_KEY, $user->getUID());
+        $this->session->set(self::REMEMBER_LOGIN, $rememberMe);
+
+        $id = $this->session->getId();
+        $token = $this->tokenProvider->getToken($id);
+        $this->config->setUserValue($user->getUID(), 'login_token_2fa', $token->getId(), $this->timeFactory->getTime());
+    }
 
 }

lib/private/Authentication/Token/DefaultTokenMapper.php

Spacing +1 added lines, -1 removed lines

@@ -129,7 +129,7 @@
 		$data = $result->fetchAll();
 		$result->closeCursor();
 
-		$entities = array_map(function ($row) {
+		$entities = array_map(function($row) {
 			return DefaultToken::fromRow($row);
 		}, $data);
 

Indentation +129 added lines, -129 removed lines

@@ -30,134 +30,134 @@
 
 class DefaultTokenMapper extends Mapper {
 
-	public function __construct(IDBConnection $db) {
-		parent::__construct($db, 'authtoken');
-	}
-
-	/**
-	 * Invalidate (delete) a given token
-	 *
-	 * @param string $token
-	 */
-	public function invalidate($token) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->eq('token', $qb->createParameter('token')))
-			->setParameter('token', $token)
-			->execute();
-	}
-
-	/**
-	 * @param int $olderThan
-	 * @param int $remember
-	 */
-	public function invalidateOld($olderThan, $remember = IToken::DO_NOT_REMEMBER) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->lt('last_activity', $qb->createNamedParameter($olderThan, IQueryBuilder::PARAM_INT)))
-			->andWhere($qb->expr()->eq('type', $qb->createNamedParameter(IToken::TEMPORARY_TOKEN, IQueryBuilder::PARAM_INT)))
-			->andWhere($qb->expr()->eq('remember', $qb->createNamedParameter($remember, IQueryBuilder::PARAM_INT)))
-			->execute();
-	}
-
-	/**
-	 * Get the user UID for the given token
-	 *
-	 * @param string $token
-	 * @throws DoesNotExistException
-	 * @return DefaultToken
-	 */
-	public function getToken($token) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
-			->from('authtoken')
-			->where($qb->expr()->eq('token', $qb->createNamedParameter($token)))
-			->execute();
-
-		$data = $result->fetch();
-		$result->closeCursor();
-		if ($data === false) {
-			throw new DoesNotExistException('token does not exist');
-		}
-		return DefaultToken::fromRow($data);
-	}
-
-	/**
-	 * Get the token for $id
-	 *
-	 * @param string $id
-	 * @throws DoesNotExistException
-	 * @return DefaultToken
-	 */
-	public function getTokenById($id) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope')
-			->from('authtoken')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->execute();
-
-		$data = $result->fetch();
-		$result->closeCursor();
-		if ($data === false) {
-			throw new DoesNotExistException('token does not exist');
-		}
-		return DefaultToken::fromRow($data);
-	}
-
-	/**
-	 * Get all tokens of a user
-	 *
-	 * The provider may limit the number of result rows in case of an abuse
-	 * where a high number of (session) tokens is generated
-	 *
-	 * @param IUser $user
-	 * @return DefaultToken[]
-	 */
-	public function getTokenByUser(IUser $user) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
-			->from('authtoken')
-			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
-			->setMaxResults(1000);
-		$result = $qb->execute();
-		$data = $result->fetchAll();
-		$result->closeCursor();
-
-		$entities = array_map(function ($row) {
-			return DefaultToken::fromRow($row);
-		}, $data);
-
-		return $entities;
-	}
-
-	/**
-	 * @param IUser $user
-	 * @param int $id
-	 */
-	public function deleteById(IUser $user, $id) {
-		/* @var $qb IQueryBuilder */
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
-			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())));
-		$qb->execute();
-	}
-
-	/**
-	 * delete all auth token which belong to a specific client if the client was deleted
-	 *
-	 * @param string $name
-	 */
-	public function deleteByName($name) {
-		$qb = $this->db->getQueryBuilder();
-		$qb->delete('authtoken')
-			->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR));
-		$qb->execute();
-	}
+    public function __construct(IDBConnection $db) {
+        parent::__construct($db, 'authtoken');
+    }
+
+    /**
+     * Invalidate (delete) a given token
+     *
+     * @param string $token
+     */
+    public function invalidate($token) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->eq('token', $qb->createParameter('token')))
+            ->setParameter('token', $token)
+            ->execute();
+    }
+
+    /**
+     * @param int $olderThan
+     * @param int $remember
+     */
+    public function invalidateOld($olderThan, $remember = IToken::DO_NOT_REMEMBER) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->lt('last_activity', $qb->createNamedParameter($olderThan, IQueryBuilder::PARAM_INT)))
+            ->andWhere($qb->expr()->eq('type', $qb->createNamedParameter(IToken::TEMPORARY_TOKEN, IQueryBuilder::PARAM_INT)))
+            ->andWhere($qb->expr()->eq('remember', $qb->createNamedParameter($remember, IQueryBuilder::PARAM_INT)))
+            ->execute();
+    }
+
+    /**
+     * Get the user UID for the given token
+     *
+     * @param string $token
+     * @throws DoesNotExistException
+     * @return DefaultToken
+     */
+    public function getToken($token) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
+            ->from('authtoken')
+            ->where($qb->expr()->eq('token', $qb->createNamedParameter($token)))
+            ->execute();
+
+        $data = $result->fetch();
+        $result->closeCursor();
+        if ($data === false) {
+            throw new DoesNotExistException('token does not exist');
+        }
+        return DefaultToken::fromRow($data);
+    }
+
+    /**
+     * Get the token for $id
+     *
+     * @param string $id
+     * @throws DoesNotExistException
+     * @return DefaultToken
+     */
+    public function getTokenById($id) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope')
+            ->from('authtoken')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+            ->execute();
+
+        $data = $result->fetch();
+        $result->closeCursor();
+        if ($data === false) {
+            throw new DoesNotExistException('token does not exist');
+        }
+        return DefaultToken::fromRow($data);
+    }
+
+    /**
+     * Get all tokens of a user
+     *
+     * The provider may limit the number of result rows in case of an abuse
+     * where a high number of (session) tokens is generated
+     *
+     * @param IUser $user
+     * @return DefaultToken[]
+     */
+    public function getTokenByUser(IUser $user) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
+            ->from('authtoken')
+            ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+            ->setMaxResults(1000);
+        $result = $qb->execute();
+        $data = $result->fetchAll();
+        $result->closeCursor();
+
+        $entities = array_map(function ($row) {
+            return DefaultToken::fromRow($row);
+        }, $data);
+
+        return $entities;
+    }
+
+    /**
+     * @param IUser $user
+     * @param int $id
+     */
+    public function deleteById(IUser $user, $id) {
+        /* @var $qb IQueryBuilder */
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
+            ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())));
+        $qb->execute();
+    }
+
+    /**
+     * delete all auth token which belong to a specific client if the client was deleted
+     *
+     * @param string $name
+     */
+    public function deleteByName($name) {
+        $qb = $this->db->getQueryBuilder();
+        $qb->delete('authtoken')
+            ->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR));
+        $qb->execute();
+    }
 
 }

lib/private/Authentication/Token/DefaultToken.php

Indentation +131 added lines, -131 removed lines

@@ -42,135 +42,135 @@
  */
 class DefaultToken extends Entity implements IToken {
 
-	/**
-	 * @var string user UID
-	 */
-	protected $uid;
-
-	/**
-	 * @var string login name used for generating the token
-	 */
-	protected $loginName;
-
-	/**
-	 * @var string encrypted user password
-	 */
-	protected $password;
-
-	/**
-	 * @var string token name (e.g. browser/OS)
-	 */
-	protected $name;
-
-	/**
-	 * @var string
-	 */
-	protected $token;
-
-	/**
-	 * @var int
-	 */
-	protected $type;
-
-	/**
-	 * @var int
-	 */
-	protected $remember;
-
-	/**
-	 * @var int
-	 */
-	protected $lastActivity;
-
-	/**
-	 * @var int
-	 */
-	protected $lastCheck;
-
-	/**
-	 * @var string
-	 */
-	protected $scope;
-
-	public function __construct() {
-		$this->addType('type', 'int');
-		$this->addType('lastActivity', 'int');
-		$this->addType('lastCheck', 'int');
-	}
-
-	public function getId() {
-		return $this->id;
-	}
-
-	public function getUID() {
-		return $this->uid;
-	}
-
-	/**
-	 * Get the login name used when generating the token
-	 *
-	 * @return string
-	 */
-	public function getLoginName() {
-		return parent::getLoginName();
-	}
-
-	/**
-	 * Get the (encrypted) login password
-	 *
-	 * @return string
-	 */
-	public function getPassword() {
-		return parent::getPassword();
-	}
-
-	public function jsonSerialize() {
-		return [
-			'id' => $this->id,
-			'name' => $this->name,
-			'lastActivity' => $this->lastActivity,
-			'type' => $this->type,
-			'scope' => $this->getScopeAsArray()
-		];
-	}
-
-	/**
-	 * Get the timestamp of the last password check
-	 *
-	 * @return int
-	 */
-	public function getLastCheck() {
-		return parent::getLastCheck();
-	}
-
-	/**
-	 * Get the timestamp of the last password check
-	 *
-	 * @param int $time
-	 */
-	public function setLastCheck($time) {
-		return parent::setLastCheck($time);
-	}
-
-	public function getScope() {
-		return parent::getScope();
-	}
-
-	public function getScopeAsArray() {
-		$scope = json_decode($this->getScope(), true);
-		if (!$scope) {
-			return [
-				'filesystem'=> true
-			];
-		}
-		return $scope;
-	}
-
-	public function setScope($scope) {
-		if (is_array($scope)) {
-			parent::setScope(json_encode($scope));
-		} else {
-			parent::setScope((string)$scope);
-		}
-	}
+    /**
+     * @var string user UID
+     */
+    protected $uid;
+
+    /**
+     * @var string login name used for generating the token
+     */
+    protected $loginName;
+
+    /**
+     * @var string encrypted user password
+     */
+    protected $password;
+
+    /**
+     * @var string token name (e.g. browser/OS)
+     */
+    protected $name;
+
+    /**
+     * @var string
+     */
+    protected $token;
+
+    /**
+     * @var int
+     */
+    protected $type;
+
+    /**
+     * @var int
+     */
+    protected $remember;
+
+    /**
+     * @var int
+     */
+    protected $lastActivity;
+
+    /**
+     * @var int
+     */
+    protected $lastCheck;
+
+    /**
+     * @var string
+     */
+    protected $scope;
+
+    public function __construct() {
+        $this->addType('type', 'int');
+        $this->addType('lastActivity', 'int');
+        $this->addType('lastCheck', 'int');
+    }
+
+    public function getId() {
+        return $this->id;
+    }
+
+    public function getUID() {
+        return $this->uid;
+    }
+
+    /**
+     * Get the login name used when generating the token
+     *
+     * @return string
+     */
+    public function getLoginName() {
+        return parent::getLoginName();
+    }
+
+    /**
+     * Get the (encrypted) login password
+     *
+     * @return string
+     */
+    public function getPassword() {
+        return parent::getPassword();
+    }
+
+    public function jsonSerialize() {
+        return [
+            'id' => $this->id,
+            'name' => $this->name,
+            'lastActivity' => $this->lastActivity,
+            'type' => $this->type,
+            'scope' => $this->getScopeAsArray()
+        ];
+    }
+
+    /**
+     * Get the timestamp of the last password check
+     *
+     * @return int
+     */
+    public function getLastCheck() {
+        return parent::getLastCheck();
+    }
+
+    /**
+     * Get the timestamp of the last password check
+     *
+     * @param int $time
+     */
+    public function setLastCheck($time) {
+        return parent::setLastCheck($time);
+    }
+
+    public function getScope() {
+        return parent::getScope();
+    }
+
+    public function getScopeAsArray() {
+        $scope = json_decode($this->getScope(), true);
+        if (!$scope) {
+            return [
+                'filesystem'=> true
+            ];
+        }
+        return $scope;
+    }
+
+    public function setScope($scope) {
+        if (is_array($scope)) {
+            parent::setScope(json_encode($scope));
+        } else {
+            parent::setScope((string)$scope);
+        }
+    }
 }

Spacing +1 added lines, -1 removed lines

@@ -170,7 +170,7 @@
 		if (is_array($scope)) {
 			parent::setScope(json_encode($scope));
 		} else {
-			parent::setScope((string)$scope);
+			parent::setScope((string) $scope);
 		}
 	}
 }