Inspection of "Merge pull request #4484 from nextcloud/fix/loginc..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 133f3f...026070 )

by Blizzz

created 2017-04-25 11:16 UTC

Status

Indentation +244 added lines, -244 removed lines patch added patch discarded remove patch

@@ -49,274 +49,274 @@
 block discarded – undo
 use OC\Hooks\PublicEmitter;
 
 class LoginController extends Controller {
-	/** @var IUserManager */
-	private $userManager;
-	/** @var IConfig */
-	private $config;
-	/** @var ISession */
-	private $session;
-	/** @var IUserSession|Session */
-	private $userSession;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var ILogger */
-	private $logger;
-	/** @var Manager */
-	private $twoFactorManager;
+    /** @var IUserManager */
+    private $userManager;
+    /** @var IConfig */
+    private $config;
+    /** @var ISession */
+    private $session;
+    /** @var IUserSession|Session */
+    private $userSession;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var ILogger */
+    private $logger;
+    /** @var Manager */
+    private $twoFactorManager;
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IUserManager $userManager
-	 * @param IConfig $config
-	 * @param ISession $session
-	 * @param IUserSession $userSession
-	 * @param IURLGenerator $urlGenerator
-	 * @param ILogger $logger
-	 * @param Manager $twoFactorManager
-	 */
-	public function __construct($appName,
-						 IRequest $request,
-						 IUserManager $userManager,
-						 IConfig $config,
-						 ISession $session,
-						 IUserSession $userSession,
-						 IURLGenerator $urlGenerator,
-						 ILogger $logger,
-						 Manager $twoFactorManager) {
-		parent::__construct($appName, $request);
-		$this->userManager = $userManager;
-		$this->config = $config;
-		$this->session = $session;
-		$this->userSession = $userSession;
-		$this->urlGenerator = $urlGenerator;
-		$this->logger = $logger;
-		$this->twoFactorManager = $twoFactorManager;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IUserManager $userManager
+     * @param IConfig $config
+     * @param ISession $session
+     * @param IUserSession $userSession
+     * @param IURLGenerator $urlGenerator
+     * @param ILogger $logger
+     * @param Manager $twoFactorManager
+     */
+    public function __construct($appName,
+                            IRequest $request,
+                            IUserManager $userManager,
+                            IConfig $config,
+                            ISession $session,
+                            IUserSession $userSession,
+                            IURLGenerator $urlGenerator,
+                            ILogger $logger,
+                            Manager $twoFactorManager) {
+        parent::__construct($appName, $request);
+        $this->userManager = $userManager;
+        $this->config = $config;
+        $this->session = $session;
+        $this->userSession = $userSession;
+        $this->urlGenerator = $urlGenerator;
+        $this->logger = $logger;
+        $this->twoFactorManager = $twoFactorManager;
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @UseSession
-	 *
-	 * @return RedirectResponse
-	 */
-	public function logout() {
-		$loginToken = $this->request->getCookie('nc_token');
-		if (!is_null($loginToken)) {
-			$this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
-		}
-		$this->userSession->logout();
+    /**
+     * @NoAdminRequired
+     * @UseSession
+     *
+     * @return RedirectResponse
+     */
+    public function logout() {
+        $loginToken = $this->request->getCookie('nc_token');
+        if (!is_null($loginToken)) {
+            $this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
+        }
+        $this->userSession->logout();
 
-		return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
-	}
+        return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $user
-	 * @param string $redirect_url
-	 * @param string $remember_login
-	 *
-	 * @return TemplateResponse|RedirectResponse
-	 */
-	public function showLoginForm($user, $redirect_url, $remember_login) {
-		if ($this->userSession->isLoggedIn()) {
-			return new RedirectResponse(OC_Util::getDefaultPageUrl());
-		}
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $user
+     * @param string $redirect_url
+     * @param string $remember_login
+     *
+     * @return TemplateResponse|RedirectResponse
+     */
+    public function showLoginForm($user, $redirect_url, $remember_login) {
+        if ($this->userSession->isLoggedIn()) {
+            return new RedirectResponse(OC_Util::getDefaultPageUrl());
+        }
 
-		$parameters = array();
-		$loginMessages = $this->session->get('loginMessages');
-		$errors = [];
-		$messages = [];
-		if (is_array($loginMessages)) {
-			list($errors, $messages) = $loginMessages;
-		}
-		$this->session->remove('loginMessages');
-		foreach ($errors as $value) {
-			$parameters[$value] = true;
-		}
+        $parameters = array();
+        $loginMessages = $this->session->get('loginMessages');
+        $errors = [];
+        $messages = [];
+        if (is_array($loginMessages)) {
+            list($errors, $messages) = $loginMessages;
+        }
+        $this->session->remove('loginMessages');
+        foreach ($errors as $value) {
+            $parameters[$value] = true;
+        }
 
-		$parameters['messages'] = $messages;
-		if (!is_null($user) && $user !== '') {
-			$parameters['loginName'] = $user;
-			$parameters['user_autofocus'] = false;
-		} else {
-			$parameters['loginName'] = '';
-			$parameters['user_autofocus'] = true;
-		}
-		if (!empty($redirect_url)) {
-			$parameters['redirect_url'] = $redirect_url;
-		}
+        $parameters['messages'] = $messages;
+        if (!is_null($user) && $user !== '') {
+            $parameters['loginName'] = $user;
+            $parameters['user_autofocus'] = false;
+        } else {
+            $parameters['loginName'] = '';
+            $parameters['user_autofocus'] = true;
+        }
+        if (!empty($redirect_url)) {
+            $parameters['redirect_url'] = $redirect_url;
+        }
 
-		$parameters['canResetPassword'] = true;
-		$parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', '');
-		if (!$parameters['resetPasswordLink']) {
-			if (!is_null($user) && $user !== '') {
-				$userObj = $this->userManager->get($user);
-				if ($userObj instanceof IUser) {
-					$parameters['canResetPassword'] = $userObj->canChangePassword();
-				}
-			}
-		}
+        $parameters['canResetPassword'] = true;
+        $parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', '');
+        if (!$parameters['resetPasswordLink']) {
+            if (!is_null($user) && $user !== '') {
+                $userObj = $this->userManager->get($user);
+                if ($userObj instanceof IUser) {
+                    $parameters['canResetPassword'] = $userObj->canChangePassword();
+                }
+            }
+        }
 
-		$parameters['alt_login'] = OC_App::getAlternativeLogIns();
-		$parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0;
+        $parameters['alt_login'] = OC_App::getAlternativeLogIns();
+        $parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0;
 
-		if (!is_null($user) && $user !== '') {
-			$parameters['loginName'] = $user;
-			$parameters['user_autofocus'] = false;
-		} else {
-			$parameters['loginName'] = '';
-			$parameters['user_autofocus'] = true;
-		}
+        if (!is_null($user) && $user !== '') {
+            $parameters['loginName'] = $user;
+            $parameters['user_autofocus'] = false;
+        } else {
+            $parameters['loginName'] = '';
+            $parameters['user_autofocus'] = true;
+        }
 
-		return new TemplateResponse(
-			$this->appName, 'login', $parameters, 'guest'
-		);
-	}
+        return new TemplateResponse(
+            $this->appName, 'login', $parameters, 'guest'
+        );
+    }
 
-	/**
-	 * @param string $redirectUrl
-	 * @return RedirectResponse
-	 */
-	private function generateRedirect($redirectUrl) {
-		if (!is_null($redirectUrl) && $this->userSession->isLoggedIn()) {
-			$location = $this->urlGenerator->getAbsoluteURL(urldecode($redirectUrl));
-			// Deny the redirect if the URL contains a @
-			// This prevents unvalidated redirects like ?redirect_url=:[email protected]
-			if (strpos($location, '@') === false) {
-				return new RedirectResponse($location);
-			}
-		}
-		return new RedirectResponse(OC_Util::getDefaultPageUrl());
-	}
+    /**
+     * @param string $redirectUrl
+     * @return RedirectResponse
+     */
+    private function generateRedirect($redirectUrl) {
+        if (!is_null($redirectUrl) && $this->userSession->isLoggedIn()) {
+            $location = $this->urlGenerator->getAbsoluteURL(urldecode($redirectUrl));
+            // Deny the redirect if the URL contains a @
+            // This prevents unvalidated redirects like ?redirect_url=:[email protected]
+            if (strpos($location, '@') === false) {
+                return new RedirectResponse($location);
+            }
+        }
+        return new RedirectResponse(OC_Util::getDefaultPageUrl());
+    }
 
-	/**
-	 * @PublicPage
-	 * @UseSession
-	 * @NoCSRFRequired
-	 * @BruteForceProtection(action=login)
-	 *
-	 * @param string $user
-	 * @param string $password
-	 * @param string $redirect_url
-	 * @param boolean $remember_login
-	 * @param string $timezone
-	 * @param string $timezone_offset
-	 * @return RedirectResponse
-	 */
-	public function tryLogin($user, $password, $redirect_url, $remember_login = false, $timezone = '', $timezone_offset = '') {
-		if(!is_string($user)) {
-			throw new \InvalidArgumentException('Username must be string');
-		}
+    /**
+     * @PublicPage
+     * @UseSession
+     * @NoCSRFRequired
+     * @BruteForceProtection(action=login)
+     *
+     * @param string $user
+     * @param string $password
+     * @param string $redirect_url
+     * @param boolean $remember_login
+     * @param string $timezone
+     * @param string $timezone_offset
+     * @return RedirectResponse
+     */
+    public function tryLogin($user, $password, $redirect_url, $remember_login = false, $timezone = '', $timezone_offset = '') {
+        if(!is_string($user)) {
+            throw new \InvalidArgumentException('Username must be string');
+        }
 
-		// If the user is already logged in and the CSRF check does not pass then
-		// simply redirect the user to the correct page as required. This is the
-		// case when an user has already logged-in, in another tab.
-		if(!$this->request->passesCSRFCheck()) {
-			return $this->generateRedirect($redirect_url);
-		}
+        // If the user is already logged in and the CSRF check does not pass then
+        // simply redirect the user to the correct page as required. This is the
+        // case when an user has already logged-in, in another tab.
+        if(!$this->request->passesCSRFCheck()) {
+            return $this->generateRedirect($redirect_url);
+        }
 
-		if ($this->userManager instanceof PublicEmitter) {
-			$this->userManager->emit('\OC\User', 'preLogin', array($user, $password));
-		}
+        if ($this->userManager instanceof PublicEmitter) {
+            $this->userManager->emit('\OC\User', 'preLogin', array($user, $password));
+        }
 
-		$originalUser = $user;
-		// TODO: Add all the insane error handling
-		/* @var $loginResult IUser */
-		$loginResult = $this->userManager->checkPasswordNoLogging($user, $password);
-		if ($loginResult === false) {
-			$users = $this->userManager->getByEmail($user);
-			// we only allow login by email if unique
-			if (count($users) === 1) {
-				$user = $users[0]->getUID();
-				$loginResult = $this->userManager->checkPassword($user, $password);
-			} else {
-				$this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
-			}
-		}
-		if ($loginResult === false) {
-			// Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
-			$args = !is_null($user) ? ['user' => $originalUser] : [];
-			if (!is_null($redirect_url)) {
-				$args['redirect_url'] = $redirect_url;
-			}
-			$response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
-			$response->throttle();
-			$this->session->set('loginMessages', [
-				['invalidpassword'], []
-			]);
-			return $response;
-		}
-		// TODO: remove password checks from above and let the user session handle failures
-		// requires https://github.com/owncloud/core/pull/24616
-		$this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
-		$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, (int)$remember_login);
+        $originalUser = $user;
+        // TODO: Add all the insane error handling
+        /* @var $loginResult IUser */
+        $loginResult = $this->userManager->checkPasswordNoLogging($user, $password);
+        if ($loginResult === false) {
+            $users = $this->userManager->getByEmail($user);
+            // we only allow login by email if unique
+            if (count($users) === 1) {
+                $user = $users[0]->getUID();
+                $loginResult = $this->userManager->checkPassword($user, $password);
+            } else {
+                $this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
+            }
+        }
+        if ($loginResult === false) {
+            // Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
+            $args = !is_null($user) ? ['user' => $originalUser] : [];
+            if (!is_null($redirect_url)) {
+                $args['redirect_url'] = $redirect_url;
+            }
+            $response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
+            $response->throttle();
+            $this->session->set('loginMessages', [
+                ['invalidpassword'], []
+            ]);
+            return $response;
+        }
+        // TODO: remove password checks from above and let the user session handle failures
+        // requires https://github.com/owncloud/core/pull/24616
+        $this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
+        $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, (int)$remember_login);
 
-		// User has successfully logged in, now remove the password reset link, when it is available
-		$this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
+        // User has successfully logged in, now remove the password reset link, when it is available
+        $this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
 
-		$this->session->set('last-password-confirm', $loginResult->getLastLogin());
+        $this->session->set('last-password-confirm', $loginResult->getLastLogin());
 
-		if ($timezone_offset !== '') {
-			$this->config->setUserValue($loginResult->getUID(), 'core', 'timezone', $timezone);
-			$this->session->set('timezone', $timezone_offset);
-		}
+        if ($timezone_offset !== '') {
+            $this->config->setUserValue($loginResult->getUID(), 'core', 'timezone', $timezone);
+            $this->session->set('timezone', $timezone_offset);
+        }
 
-		if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
-			$this->twoFactorManager->prepareTwoFactorLogin($loginResult, $remember_login);
+        if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
+            $this->twoFactorManager->prepareTwoFactorLogin($loginResult, $remember_login);
 
-			$providers = $this->twoFactorManager->getProviders($loginResult);
-			if (count($providers) === 1) {
-				// Single provider, hence we can redirect to that provider's challenge page directly
-				/* @var $provider IProvider */
-				$provider = array_pop($providers);
-				$url = 'core.TwoFactorChallenge.showChallenge';
-				$urlParams = [
-					'challengeProviderId' => $provider->getId(),
-				];
-			} else {
-				$url = 'core.TwoFactorChallenge.selectChallenge';
-				$urlParams = [];
-			}
+            $providers = $this->twoFactorManager->getProviders($loginResult);
+            if (count($providers) === 1) {
+                // Single provider, hence we can redirect to that provider's challenge page directly
+                /* @var $provider IProvider */
+                $provider = array_pop($providers);
+                $url = 'core.TwoFactorChallenge.showChallenge';
+                $urlParams = [
+                    'challengeProviderId' => $provider->getId(),
+                ];
+            } else {
+                $url = 'core.TwoFactorChallenge.selectChallenge';
+                $urlParams = [];
+            }
 
-			if (!is_null($redirect_url)) {
-				$urlParams['redirect_url'] = $redirect_url;
-			}
+            if (!is_null($redirect_url)) {
+                $urlParams['redirect_url'] = $redirect_url;
+            }
 
-			return new RedirectResponse($this->urlGenerator->linkToRoute($url, $urlParams));
-		}
+            return new RedirectResponse($this->urlGenerator->linkToRoute($url, $urlParams));
+        }
 
-		if ($remember_login) {
-			$this->userSession->createRememberMeToken($loginResult);
-		}
+        if ($remember_login) {
+            $this->userSession->createRememberMeToken($loginResult);
+        }
 
-		return $this->generateRedirect($redirect_url);
-	}
+        return $this->generateRedirect($redirect_url);
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @UseSession
-	 * @BruteForceProtection(action=sudo)
-	 *
-	 * @license GNU AGPL version 3 or any later version
-	 *
-	 * @param string $password
-	 * @return DataResponse
-	 */
-	public function confirmPassword($password) {
-		$loginName = $this->userSession->getLoginName();
-		$loginResult = $this->userManager->checkPassword($loginName, $password);
-		if ($loginResult === false) {
-			$response = new DataResponse([], Http::STATUS_FORBIDDEN);
-			$response->throttle();
-			return $response;
-		}
+    /**
+     * @NoAdminRequired
+     * @UseSession
+     * @BruteForceProtection(action=sudo)
+     *
+     * @license GNU AGPL version 3 or any later version
+     *
+     * @param string $password
+     * @return DataResponse
+     */
+    public function confirmPassword($password) {
+        $loginName = $this->userSession->getLoginName();
+        $loginResult = $this->userManager->checkPassword($loginName, $password);
+        if ($loginResult === false) {
+            $response = new DataResponse([], Http::STATUS_FORBIDDEN);
+            $response->throttle();
+            return $response;
+        }
 
-		$confirmTimestamp = time();
-		$this->session->set('last-password-confirm', $confirmTimestamp);
-		return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
-	}
+        $confirmTimestamp = time();
+        $this->session->set('last-password-confirm', $confirmTimestamp);
+        return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
+    }
 }

Please login to merge, or discard this patch.

		@@ -49,274 +49,274 @@
		block discarded – undo
49	49	use OC\Hooks\PublicEmitter;
50	50
51	51	class LoginController extends Controller {
52		- /** @var IUserManager */
53		- private $userManager;
54		- /** @var IConfig */
55		- private $config;
56		- /** @var ISession */
57		- private $session;
58		- /** @var IUserSession\|Session */
59		- private $userSession;
60		- /** @var IURLGenerator */
61		- private $urlGenerator;
62		- /** @var ILogger */
63		- private $logger;
64		- /** @var Manager */
65		- private $twoFactorManager;
	52	+ /** @var IUserManager */
	53	+ private $userManager;
	54	+ /** @var IConfig */
	55	+ private $config;
	56	+ /** @var ISession */
	57	+ private $session;
	58	+ /** @var IUserSession\|Session */
	59	+ private $userSession;
	60	+ /** @var IURLGenerator */
	61	+ private $urlGenerator;
	62	+ /** @var ILogger */
	63	+ private $logger;
	64	+ /** @var Manager */
	65	+ private $twoFactorManager;
66	66
67		- /**
68		- * @param string $appName
69		- * @param IRequest $request
70		- * @param IUserManager $userManager
71		- * @param IConfig $config
72		- * @param ISession $session
73		- * @param IUserSession $userSession
74		- * @param IURLGenerator $urlGenerator
75		- * @param ILogger $logger
76		- * @param Manager $twoFactorManager
77		- */
78		- public function __construct($appName,
79		- IRequest $request,
80		- IUserManager $userManager,
81		- IConfig $config,
82		- ISession $session,
83		- IUserSession $userSession,
84		- IURLGenerator $urlGenerator,
85		- ILogger $logger,
86		- Manager $twoFactorManager) {
87		- parent::__construct($appName, $request);
88		- $this->userManager = $userManager;
89		- $this->config = $config;
90		- $this->session = $session;
91		- $this->userSession = $userSession;
92		- $this->urlGenerator = $urlGenerator;
93		- $this->logger = $logger;
94		- $this->twoFactorManager = $twoFactorManager;
95		- }
	67	+ /**
	68	+ * @param string $appName
	69	+ * @param IRequest $request
	70	+ * @param IUserManager $userManager
	71	+ * @param IConfig $config
	72	+ * @param ISession $session
	73	+ * @param IUserSession $userSession
	74	+ * @param IURLGenerator $urlGenerator
	75	+ * @param ILogger $logger
	76	+ * @param Manager $twoFactorManager
	77	+ */
	78	+ public function __construct($appName,
	79	+ IRequest $request,
	80	+ IUserManager $userManager,
	81	+ IConfig $config,
	82	+ ISession $session,
	83	+ IUserSession $userSession,
	84	+ IURLGenerator $urlGenerator,
	85	+ ILogger $logger,
	86	+ Manager $twoFactorManager) {
	87	+ parent::__construct($appName, $request);
	88	+ $this->userManager = $userManager;
	89	+ $this->config = $config;
	90	+ $this->session = $session;
	91	+ $this->userSession = $userSession;
	92	+ $this->urlGenerator = $urlGenerator;
	93	+ $this->logger = $logger;
	94	+ $this->twoFactorManager = $twoFactorManager;
	95	+ }
96	96
97		- /**
98		- * @NoAdminRequired
99		- * @UseSession
100		- *
101		- * @return RedirectResponse
102		- */
103		- public function logout() {
104		- $loginToken = $this->request->getCookie('nc_token');
105		- if (!is_null($loginToken)) {
106		- $this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
107		- }
108		- $this->userSession->logout();
	97	+ /**
	98	+ * @NoAdminRequired
	99	+ * @UseSession
	100	+ *
	101	+ * @return RedirectResponse
	102	+ */
	103	+ public function logout() {
	104	+ $loginToken = $this->request->getCookie('nc_token');
	105	+ if (!is_null($loginToken)) {
	106	+ $this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
	107	+ }
	108	+ $this->userSession->logout();
109	109
110		- return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
111		- }
	110	+ return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
	111	+ }
112	112
113		- /**
114		- * @PublicPage
115		- * @NoCSRFRequired
116		- * @UseSession
117		- *
118		- * @param string $user
119		- * @param string $redirect_url
120		- * @param string $remember_login
121		- *
122		- * @return TemplateResponse\|RedirectResponse
123		- */
124		- public function showLoginForm($user, $redirect_url, $remember_login) {
125		- if ($this->userSession->isLoggedIn()) {
126		- return new RedirectResponse(OC_Util::getDefaultPageUrl());
127		- }
	113	+ /**
	114	+ * @PublicPage
	115	+ * @NoCSRFRequired
	116	+ * @UseSession
	117	+ *
	118	+ * @param string $user
	119	+ * @param string $redirect_url
	120	+ * @param string $remember_login
	121	+ *
	122	+ * @return TemplateResponse\|RedirectResponse
	123	+ */
	124	+ public function showLoginForm($user, $redirect_url, $remember_login) {
	125	+ if ($this->userSession->isLoggedIn()) {
	126	+ return new RedirectResponse(OC_Util::getDefaultPageUrl());
	127	+ }
128	128
129		- $parameters = array();
130		- $loginMessages = $this->session->get('loginMessages');
131		- $errors = [];
132		- $messages = [];
133		- if (is_array($loginMessages)) {
134		- list($errors, $messages) = $loginMessages;
135		- }
136		- $this->session->remove('loginMessages');
137		- foreach ($errors as $value) {
138		- $parameters[$value] = true;
139		- }
	129	+ $parameters = array();
	130	+ $loginMessages = $this->session->get('loginMessages');
	131	+ $errors = [];
	132	+ $messages = [];
	133	+ if (is_array($loginMessages)) {
	134	+ list($errors, $messages) = $loginMessages;
	135	+ }
	136	+ $this->session->remove('loginMessages');
	137	+ foreach ($errors as $value) {
	138	+ $parameters[$value] = true;
	139	+ }
140	140
141		- $parameters['messages'] = $messages;
142		- if (!is_null($user) && $user !== '') {
143		- $parameters['loginName'] = $user;
144		- $parameters['user_autofocus'] = false;
145		- } else {
146		- $parameters['loginName'] = '';
147		- $parameters['user_autofocus'] = true;
148		- }
149		- if (!empty($redirect_url)) {
150		- $parameters['redirect_url'] = $redirect_url;
151		- }
	141	+ $parameters['messages'] = $messages;
	142	+ if (!is_null($user) && $user !== '') {
	143	+ $parameters['loginName'] = $user;
	144	+ $parameters['user_autofocus'] = false;
	145	+ } else {
	146	+ $parameters['loginName'] = '';
	147	+ $parameters['user_autofocus'] = true;
	148	+ }
	149	+ if (!empty($redirect_url)) {
	150	+ $parameters['redirect_url'] = $redirect_url;
	151	+ }
152	152
153		- $parameters['canResetPassword'] = true;
154		- $parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', '');
155		- if (!$parameters['resetPasswordLink']) {
156		- if (!is_null($user) && $user !== '') {
157		- $userObj = $this->userManager->get($user);
158		- if ($userObj instanceof IUser) {
159		- $parameters['canResetPassword'] = $userObj->canChangePassword();
160		- }
161		- }
162		- }
	153	+ $parameters['canResetPassword'] = true;
	154	+ $parameters['resetPasswordLink'] = $this->config->getSystemValue('lost_password_link', '');
	155	+ if (!$parameters['resetPasswordLink']) {
	156	+ if (!is_null($user) && $user !== '') {
	157	+ $userObj = $this->userManager->get($user);
	158	+ if ($userObj instanceof IUser) {
	159	+ $parameters['canResetPassword'] = $userObj->canChangePassword();
	160	+ }
	161	+ }
	162	+ }
163	163
164		- $parameters['alt_login'] = OC_App::getAlternativeLogIns();
165		- $parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0;
	164	+ $parameters['alt_login'] = OC_App::getAlternativeLogIns();
	165	+ $parameters['rememberLoginState'] = !empty($remember_login) ? $remember_login : 0;
166	166
167		- if (!is_null($user) && $user !== '') {
168		- $parameters['loginName'] = $user;
169		- $parameters['user_autofocus'] = false;
170		- } else {
171		- $parameters['loginName'] = '';
172		- $parameters['user_autofocus'] = true;
173		- }
	167	+ if (!is_null($user) && $user !== '') {
	168	+ $parameters['loginName'] = $user;
	169	+ $parameters['user_autofocus'] = false;
	170	+ } else {
	171	+ $parameters['loginName'] = '';
	172	+ $parameters['user_autofocus'] = true;
	173	+ }
174	174
175		- return new TemplateResponse(
176		- $this->appName, 'login', $parameters, 'guest'
177		- );
178		- }
	175	+ return new TemplateResponse(
	176	+ $this->appName, 'login', $parameters, 'guest'
	177	+ );
	178	+ }
179	179
180		- /**
181		- * @param string $redirectUrl
182		- * @return RedirectResponse
183		- */
184		- private function generateRedirect($redirectUrl) {
185		- if (!is_null($redirectUrl) && $this->userSession->isLoggedIn()) {
186		- $location = $this->urlGenerator->getAbsoluteURL(urldecode($redirectUrl));
187		- // Deny the redirect if the URL contains a @
188		- // This prevents unvalidated redirects like ?redirect_url=:[email protected]
189		- if (strpos($location, '@') === false) {
190		- return new RedirectResponse($location);
191		- }
192		- }
193		- return new RedirectResponse(OC_Util::getDefaultPageUrl());
194		- }
	180	+ /**
	181	+ * @param string $redirectUrl
	182	+ * @return RedirectResponse
	183	+ */
	184	+ private function generateRedirect($redirectUrl) {
	185	+ if (!is_null($redirectUrl) && $this->userSession->isLoggedIn()) {
	186	+ $location = $this->urlGenerator->getAbsoluteURL(urldecode($redirectUrl));
	187	+ // Deny the redirect if the URL contains a @
	188	+ // This prevents unvalidated redirects like ?redirect_url=:[email protected]
	189	+ if (strpos($location, '@') === false) {
	190	+ return new RedirectResponse($location);
	191	+ }
	192	+ }
	193	+ return new RedirectResponse(OC_Util::getDefaultPageUrl());
	194	+ }
195	195
196		- /**
197		- * @PublicPage
198		- * @UseSession
199		- * @NoCSRFRequired
200		- * @BruteForceProtection(action=login)
201		- *
202		- * @param string $user
203		- * @param string $password
204		- * @param string $redirect_url
205		- * @param boolean $remember_login
206		- * @param string $timezone
207		- * @param string $timezone_offset
208		- * @return RedirectResponse
209		- */
210		- public function tryLogin($user, $password, $redirect_url, $remember_login = false, $timezone = '', $timezone_offset = '') {
211		- if(!is_string($user)) {
212		- throw new \InvalidArgumentException('Username must be string');
213		- }
	196	+ /**
	197	+ * @PublicPage
	198	+ * @UseSession
	199	+ * @NoCSRFRequired
	200	+ * @BruteForceProtection(action=login)
	201	+ *
	202	+ * @param string $user
	203	+ * @param string $password
	204	+ * @param string $redirect_url
	205	+ * @param boolean $remember_login
	206	+ * @param string $timezone
	207	+ * @param string $timezone_offset
	208	+ * @return RedirectResponse
	209	+ */
	210	+ public function tryLogin($user, $password, $redirect_url, $remember_login = false, $timezone = '', $timezone_offset = '') {
	211	+ if(!is_string($user)) {
	212	+ throw new \InvalidArgumentException('Username must be string');
	213	+ }
214	214
215		- // If the user is already logged in and the CSRF check does not pass then
216		- // simply redirect the user to the correct page as required. This is the
217		- // case when an user has already logged-in, in another tab.
218		- if(!$this->request->passesCSRFCheck()) {
219		- return $this->generateRedirect($redirect_url);
220		- }
	215	+ // If the user is already logged in and the CSRF check does not pass then
	216	+ // simply redirect the user to the correct page as required. This is the
	217	+ // case when an user has already logged-in, in another tab.
	218	+ if(!$this->request->passesCSRFCheck()) {
	219	+ return $this->generateRedirect($redirect_url);
	220	+ }
221	221
222		- if ($this->userManager instanceof PublicEmitter) {
223		- $this->userManager->emit('\OC\User', 'preLogin', array($user, $password));
224		- }
	222	+ if ($this->userManager instanceof PublicEmitter) {
	223	+ $this->userManager->emit('\OC\User', 'preLogin', array($user, $password));
	224	+ }
225	225
226		- $originalUser = $user;
227		- // TODO: Add all the insane error handling
228		- /* @var $loginResult IUser */
229		- $loginResult = $this->userManager->checkPasswordNoLogging($user, $password);
230		- if ($loginResult === false) {
231		- $users = $this->userManager->getByEmail($user);
232		- // we only allow login by email if unique
233		- if (count($users) === 1) {
234		- $user = $users[0]->getUID();
235		- $loginResult = $this->userManager->checkPassword($user, $password);
236		- } else {
237		- $this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
238		- }
239		- }
240		- if ($loginResult === false) {
241		- // Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
242		- $args = !is_null($user) ? ['user' => $originalUser] : [];
243		- if (!is_null($redirect_url)) {
244		- $args['redirect_url'] = $redirect_url;
245		- }
246		- $response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
247		- $response->throttle();
248		- $this->session->set('loginMessages', [
249		- ['invalidpassword'], []
250		- ]);
251		- return $response;
252		- }
253		- // TODO: remove password checks from above and let the user session handle failures
254		- // requires https://github.com/owncloud/core/pull/24616
255		- $this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
256		- $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, (int)$remember_login);
	226	+ $originalUser = $user;
	227	+ // TODO: Add all the insane error handling
	228	+ /* @var $loginResult IUser */
	229	+ $loginResult = $this->userManager->checkPasswordNoLogging($user, $password);
	230	+ if ($loginResult === false) {
	231	+ $users = $this->userManager->getByEmail($user);
	232	+ // we only allow login by email if unique
	233	+ if (count($users) === 1) {
	234	+ $user = $users[0]->getUID();
	235	+ $loginResult = $this->userManager->checkPassword($user, $password);
	236	+ } else {
	237	+ $this->logger->warning('Login failed: \''. $user .'\' (Remote IP: \''. $this->request->getRemoteAddress(). '\')', ['app' => 'core']);
	238	+ }
	239	+ }
	240	+ if ($loginResult === false) {
	241	+ // Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
	242	+ $args = !is_null($user) ? ['user' => $originalUser] : [];
	243	+ if (!is_null($redirect_url)) {
	244	+ $args['redirect_url'] = $redirect_url;
	245	+ }
	246	+ $response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
	247	+ $response->throttle();
	248	+ $this->session->set('loginMessages', [
	249	+ ['invalidpassword'], []
	250	+ ]);
	251	+ return $response;
	252	+ }
	253	+ // TODO: remove password checks from above and let the user session handle failures
	254	+ // requires https://github.com/owncloud/core/pull/24616
	255	+ $this->userSession->completeLogin($loginResult, ['loginName' => $user, 'password' => $password]);
	256	+ $this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password, (int)$remember_login);
257	257
258		- // User has successfully logged in, now remove the password reset link, when it is available
259		- $this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
	258	+ // User has successfully logged in, now remove the password reset link, when it is available
	259	+ $this->config->deleteUserValue($loginResult->getUID(), 'core', 'lostpassword');
260	260
261		- $this->session->set('last-password-confirm', $loginResult->getLastLogin());
	261	+ $this->session->set('last-password-confirm', $loginResult->getLastLogin());
262	262
263		- if ($timezone_offset !== '') {
264		- $this->config->setUserValue($loginResult->getUID(), 'core', 'timezone', $timezone);
265		- $this->session->set('timezone', $timezone_offset);
266		- }
	263	+ if ($timezone_offset !== '') {
	264	+ $this->config->setUserValue($loginResult->getUID(), 'core', 'timezone', $timezone);
	265	+ $this->session->set('timezone', $timezone_offset);
	266	+ }
267	267
268		- if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
269		- $this->twoFactorManager->prepareTwoFactorLogin($loginResult, $remember_login);
	268	+ if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
	269	+ $this->twoFactorManager->prepareTwoFactorLogin($loginResult, $remember_login);
270	270
271		- $providers = $this->twoFactorManager->getProviders($loginResult);
272		- if (count($providers) === 1) {
273		- // Single provider, hence we can redirect to that provider's challenge page directly
274		- /* @var $provider IProvider */
275		- $provider = array_pop($providers);
276		- $url = 'core.TwoFactorChallenge.showChallenge';
277		- $urlParams = [
278		- 'challengeProviderId' => $provider->getId(),
279		- ];
280		- } else {
281		- $url = 'core.TwoFactorChallenge.selectChallenge';
282		- $urlParams = [];
283		- }
	271	+ $providers = $this->twoFactorManager->getProviders($loginResult);
	272	+ if (count($providers) === 1) {
	273	+ // Single provider, hence we can redirect to that provider's challenge page directly
	274	+ /* @var $provider IProvider */
	275	+ $provider = array_pop($providers);
	276	+ $url = 'core.TwoFactorChallenge.showChallenge';
	277	+ $urlParams = [
	278	+ 'challengeProviderId' => $provider->getId(),
	279	+ ];
	280	+ } else {
	281	+ $url = 'core.TwoFactorChallenge.selectChallenge';
	282	+ $urlParams = [];
	283	+ }
284	284
285		- if (!is_null($redirect_url)) {
286		- $urlParams['redirect_url'] = $redirect_url;
287		- }
	285	+ if (!is_null($redirect_url)) {
	286	+ $urlParams['redirect_url'] = $redirect_url;
	287	+ }
288	288
289		- return new RedirectResponse($this->urlGenerator->linkToRoute($url, $urlParams));
290		- }
	289	+ return new RedirectResponse($this->urlGenerator->linkToRoute($url, $urlParams));
	290	+ }
291	291
292		- if ($remember_login) {
293		- $this->userSession->createRememberMeToken($loginResult);
294		- }
	292	+ if ($remember_login) {
	293	+ $this->userSession->createRememberMeToken($loginResult);
	294	+ }
295	295
296		- return $this->generateRedirect($redirect_url);
297		- }
	296	+ return $this->generateRedirect($redirect_url);
	297	+ }
298	298
299		- /**
300		- * @NoAdminRequired
301		- * @UseSession
302		- * @BruteForceProtection(action=sudo)
303		- *
304		- * @license GNU AGPL version 3 or any later version
305		- *
306		- * @param string $password
307		- * @return DataResponse
308		- */
309		- public function confirmPassword($password) {
310		- $loginName = $this->userSession->getLoginName();
311		- $loginResult = $this->userManager->checkPassword($loginName, $password);
312		- if ($loginResult === false) {
313		- $response = new DataResponse([], Http::STATUS_FORBIDDEN);
314		- $response->throttle();
315		- return $response;
316		- }
	299	+ /**
	300	+ * @NoAdminRequired
	301	+ * @UseSession
	302	+ * @BruteForceProtection(action=sudo)
	303	+ *
	304	+ * @license GNU AGPL version 3 or any later version
	305	+ *
	306	+ * @param string $password
	307	+ * @return DataResponse
	308	+ */
	309	+ public function confirmPassword($password) {
	310	+ $loginName = $this->userSession->getLoginName();
	311	+ $loginResult = $this->userManager->checkPassword($loginName, $password);
	312	+ if ($loginResult === false) {
	313	+ $response = new DataResponse([], Http::STATUS_FORBIDDEN);
	314	+ $response->throttle();
	315	+ return $response;
	316	+ }
317	317
318		- $confirmTimestamp = time();
319		- $this->session->set('last-password-confirm', $confirmTimestamp);
320		- return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
321		- }
	318	+ $confirmTimestamp = time();
	319	+ $this->session->set('last-password-confirm', $confirmTimestamp);
	320	+ return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
	321	+ }
322	322	}

nextcloud / server

Push — master ( 133f3f...026070 )

Status

Category

Indentation +244 added lines, -244 removed lines patch added patch discarded remove patch