Inspection of "Merge pull request #7813 from nextcloud/getHeader-..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 9222dc...c12161 )

by Morris

created 2018-01-17 10:42 UTC

Status

Indentation +809 added lines, -809 removed lines patch added patch discarded remove patch

@@ -58,814 +58,814 @@
 block discarded – undo
  */
 class Request implements \ArrayAccess, \Countable, IRequest {
 
-	const USER_AGENT_IE = '/(MSIE)|(Trident)/';
-	// Microsoft Edge User Agent from https://msdn.microsoft.com/en-us/library/hh869301(v=vs.85).aspx
-	const USER_AGENT_MS_EDGE = '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+ Edge\/[0-9.]+$/';
-	// Firefox User Agent from https://developer.mozilla.org/en-US/docs/Web/HTTP/Gecko_user_agent_string_reference
-	const USER_AGENT_FIREFOX = '/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/[0-9.]+$/';
-	// Chrome User Agent from https://developer.chrome.com/multidevice/user-agent
-	const USER_AGENT_CHROME = '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\)( Ubuntu Chromium\/[0-9.]+|) Chrome\/[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+$/';
-	// Safari User Agent from http://www.useragentstring.com/pages/Safari/
-	const USER_AGENT_SAFARI = '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/[0-9.]+ Safari\/[0-9.A-Z]+$/';
-	// Android Chrome user agent: https://developers.google.com/chrome/mobile/docs/user-agent
-	const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
-	const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
-	const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost|::1)$/';
-
-	/**
-	 * @deprecated use \OCP\IRequest::USER_AGENT_CLIENT_IOS instead
-	 */
-	const USER_AGENT_OWNCLOUD_IOS = '/^Mozilla\/5\.0 \(iOS\) (ownCloud|Nextcloud)\-iOS.*$/';
-	/**
-	 * @deprecated use \OCP\IRequest::USER_AGENT_CLIENT_ANDROID instead
-	 */
-	const USER_AGENT_OWNCLOUD_ANDROID = '/^Mozilla\/5\.0 \(Android\) ownCloud\-android.*$/';
-	/**
-	 * @deprecated use \OCP\IRequest::USER_AGENT_CLIENT_DESKTOP instead
-	 */
-	const USER_AGENT_OWNCLOUD_DESKTOP = '/^Mozilla\/5\.0 \([A-Za-z ]+\) (mirall|csyncoC)\/.*$/';
-
-	protected $inputStream;
-	protected $content;
-	protected $items = array();
-	protected $allowedKeys = array(
-		'get',
-		'post',
-		'files',
-		'server',
-		'env',
-		'cookies',
-		'urlParams',
-		'parameters',
-		'method',
-		'requesttoken',
-	);
-	/** @var ISecureRandom */
-	protected $secureRandom;
-	/** @var IConfig */
-	protected $config;
-	/** @var string */
-	protected $requestId = '';
-	/** @var ICrypto */
-	protected $crypto;
-	/** @var CsrfTokenManager|null */
-	protected $csrfTokenManager;
-
-	/** @var bool */
-	protected $contentDecoded = false;
-
-	/**
-	 * @param array $vars An associative array with the following optional values:
-	 *        - array 'urlParams' the parameters which were matched from the URL
-	 *        - array 'get' the $_GET array
-	 *        - array|string 'post' the $_POST array or JSON string
-	 *        - array 'files' the $_FILES array
-	 *        - array 'server' the $_SERVER array
-	 *        - array 'env' the $_ENV array
-	 *        - array 'cookies' the $_COOKIE array
-	 *        - string 'method' the request method (GET, POST etc)
-	 *        - string|false 'requesttoken' the requesttoken or false when not available
-	 * @param ISecureRandom $secureRandom
-	 * @param IConfig $config
-	 * @param CsrfTokenManager|null $csrfTokenManager
-	 * @param string $stream
-	 * @see http://www.php.net/manual/en/reserved.variables.php
-	 */
-	public function __construct(array $vars=array(),
-								ISecureRandom $secureRandom = null,
-								IConfig $config,
-								CsrfTokenManager $csrfTokenManager = null,
-								$stream = 'php://input') {
-		$this->inputStream = $stream;
-		$this->items['params'] = array();
-		$this->secureRandom = $secureRandom;
-		$this->config = $config;
-		$this->csrfTokenManager = $csrfTokenManager;
-
-		if(!array_key_exists('method', $vars)) {
-			$vars['method'] = 'GET';
-		}
-
-		foreach($this->allowedKeys as $name) {
-			$this->items[$name] = isset($vars[$name])
-				? $vars[$name]
-				: array();
-		}
-
-		$this->items['parameters'] = array_merge(
-			$this->items['get'],
-			$this->items['post'],
-			$this->items['urlParams'],
-			$this->items['params']
-		);
-
-	}
-	/**
-	 * @param array $parameters
-	 */
-	public function setUrlParameters(array $parameters) {
-		$this->items['urlParams'] = $parameters;
-		$this->items['parameters'] = array_merge(
-			$this->items['parameters'],
-			$this->items['urlParams']
-		);
-	}
-
-	/**
-	 * Countable method
-	 * @return int
-	 */
-	public function count() {
-		return count(array_keys($this->items['parameters']));
-	}
-
-	/**
-	* ArrayAccess methods
-	*
-	* Gives access to the combined GET, POST and urlParams arrays
-	*
-	* Examples:
-	*
-	* $var = $request['myvar'];
-	*
-	* or
-	*
-	* if(!isset($request['myvar']) {
-	* 	// Do something
-	* }
-	*
-	* $request['myvar'] = 'something'; // This throws an exception.
-	*
-	* @param string $offset The key to lookup
-	* @return boolean
-	*/
-	public function offsetExists($offset) {
-		return isset($this->items['parameters'][$offset]);
-	}
-
-	/**
-	* @see offsetExists
-	*/
-	public function offsetGet($offset) {
-		return isset($this->items['parameters'][$offset])
-			? $this->items['parameters'][$offset]
-			: null;
-	}
-
-	/**
-	* @see offsetExists
-	*/
-	public function offsetSet($offset, $value) {
-		throw new \RuntimeException('You cannot change the contents of the request object');
-	}
-
-	/**
-	* @see offsetExists
-	*/
-	public function offsetUnset($offset) {
-		throw new \RuntimeException('You cannot change the contents of the request object');
-	}
-
-	/**
-	 * Magic property accessors
-	 * @param string $name
-	 * @param mixed $value
-	 */
-	public function __set($name, $value) {
-		throw new \RuntimeException('You cannot change the contents of the request object');
-	}
-
-	/**
-	* Access request variables by method and name.
-	* Examples:
-	*
-	* $request->post['myvar']; // Only look for POST variables
-	* $request->myvar; or $request->{'myvar'}; or $request->{$myvar}
-	* Looks in the combined GET, POST and urlParams array.
-	*
-	* If you access e.g. ->post but the current HTTP request method
-	* is GET a \LogicException will be thrown.
-	*
-	* @param string $name The key to look for.
-	* @throws \LogicException
-	* @return mixed|null
-	*/
-	public function __get($name) {
-		switch($name) {
-			case 'put':
-			case 'patch':
-			case 'get':
-			case 'post':
-				if($this->method !== strtoupper($name)) {
-					throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method));
-				}
-				return $this->getContent();
-			case 'files':
-			case 'server':
-			case 'env':
-			case 'cookies':
-			case 'urlParams':
-			case 'method':
-				return isset($this->items[$name])
-					? $this->items[$name]
-					: null;
-			case 'parameters':
-			case 'params':
-				return $this->getContent();
-			default;
-				return isset($this[$name])
-					? $this[$name]
-					: null;
-		}
-	}
-
-	/**
-	 * @param string $name
-	 * @return bool
-	 */
-	public function __isset($name) {
-		if (in_array($name, $this->allowedKeys, true)) {
-			return true;
-		}
-		return isset($this->items['parameters'][$name]);
-	}
-
-	/**
-	 * @param string $id
-	 */
-	public function __unset($id) {
-		throw new \RuntimeException('You cannot change the contents of the request object');
-	}
-
-	/**
-	 * Returns the value for a specific http header.
-	 *
-	 * This method returns null if the header did not exist.
-	 *
-	 * @param string $name
-	 * @return string
-	 */
-	public function getHeader($name) {
-
-		$name = strtoupper(str_replace(array('-'),array('_'),$name));
-		if (isset($this->server['HTTP_' . $name])) {
-			return $this->server['HTTP_' . $name];
-		}
-
-		// There's a few headers that seem to end up in the top-level
-		// server array.
-		switch($name) {
-			case 'CONTENT_TYPE' :
-			case 'CONTENT_LENGTH' :
-				if (isset($this->server[$name])) {
-					return $this->server[$name];
-				}
-				break;
-
-		}
-
-		return '';
-	}
-
-	/**
-	 * Lets you access post and get parameters by the index
-	 * In case of json requests the encoded json body is accessed
-	 *
-	 * @param string $key the key which you want to access in the URL Parameter
-	 *                     placeholder, $_POST or $_GET array.
-	 *                     The priority how they're returned is the following:
-	 *                     1. URL parameters
-	 *                     2. POST parameters
-	 *                     3. GET parameters
-	 * @param mixed $default If the key is not found, this value will be returned
-	 * @return mixed the content of the array
-	 */
-	public function getParam($key, $default = null) {
-		return isset($this->parameters[$key])
-			? $this->parameters[$key]
-			: $default;
-	}
-
-	/**
-	 * Returns all params that were received, be it from the request
-	 * (as GET or POST) or throuh the URL by the route
-	 * @return array the array with all parameters
-	 */
-	public function getParams() {
-		return $this->parameters;
-	}
-
-	/**
-	 * Returns the method of the request
-	 * @return string the method of the request (POST, GET, etc)
-	 */
-	public function getMethod() {
-		return $this->method;
-	}
-
-	/**
-	 * Shortcut for accessing an uploaded file through the $_FILES array
-	 * @param string $key the key that will be taken from the $_FILES array
-	 * @return array the file in the $_FILES element
-	 */
-	public function getUploadedFile($key) {
-		return isset($this->files[$key]) ? $this->files[$key] : null;
-	}
-
-	/**
-	 * Shortcut for getting env variables
-	 * @param string $key the key that will be taken from the $_ENV array
-	 * @return array the value in the $_ENV element
-	 */
-	public function getEnv($key) {
-		return isset($this->env[$key]) ? $this->env[$key] : null;
-	}
-
-	/**
-	 * Shortcut for getting cookie variables
-	 * @param string $key the key that will be taken from the $_COOKIE array
-	 * @return string the value in the $_COOKIE element
-	 */
-	public function getCookie($key) {
-		return isset($this->cookies[$key]) ? $this->cookies[$key] : null;
-	}
-
-	/**
-	 * Returns the request body content.
-	 *
-	 * If the HTTP request method is PUT and the body
-	 * not application/x-www-form-urlencoded or application/json a stream
-	 * resource is returned, otherwise an array.
-	 *
-	 * @return array|string|resource The request body content or a resource to read the body stream.
-	 *
-	 * @throws \LogicException
-	 */
-	protected function getContent() {
-		// If the content can't be parsed into an array then return a stream resource.
-		if ($this->method === 'PUT'
-			&& $this->getHeader('Content-Length') !== '0'
-			&& $this->getHeader('Content-Length') !== ''
-			&& strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') === false
-			&& strpos($this->getHeader('Content-Type'), 'application/json') === false
-		) {
-			if ($this->content === false) {
-				throw new \LogicException(
-					'"put" can only be accessed once if not '
-					. 'application/x-www-form-urlencoded or application/json.'
-				);
-			}
-			$this->content = false;
-			return fopen($this->inputStream, 'rb');
-		} else {
-			$this->decodeContent();
-			return $this->items['parameters'];
-		}
-	}
-
-	/**
-	 * Attempt to decode the content and populate parameters
-	 */
-	protected function decodeContent() {
-		if ($this->contentDecoded) {
-			return;
-		}
-		$params = [];
-
-		// 'application/json' must be decoded manually.
-		if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) {
-			$params = json_decode(file_get_contents($this->inputStream), true);
-			if($params !== null && count($params) > 0) {
-				$this->items['params'] = $params;
-				if($this->method === 'POST') {
-					$this->items['post'] = $params;
-				}
-			}
-
-		// Handle application/x-www-form-urlencoded for methods other than GET
-		// or post correctly
-		} elseif($this->method !== 'GET'
-				&& $this->method !== 'POST'
-				&& strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
-
-			parse_str(file_get_contents($this->inputStream), $params);
-			if(is_array($params)) {
-				$this->items['params'] = $params;
-			}
-		}
-
-		if (is_array($params)) {
-			$this->items['parameters'] = array_merge($this->items['parameters'], $params);
-		}
-		$this->contentDecoded = true;
-	}
-
-
-	/**
-	 * Checks if the CSRF check was correct
-	 * @return bool true if CSRF check passed
-	 */
-	public function passesCSRFCheck() {
-		if($this->csrfTokenManager === null) {
-			return false;
-		}
-
-		if(!$this->passesStrictCookieCheck()) {
-			return false;
-		}
-
-		if (isset($this->items['get']['requesttoken'])) {
-			$token = $this->items['get']['requesttoken'];
-		} elseif (isset($this->items['post']['requesttoken'])) {
-			$token = $this->items['post']['requesttoken'];
-		} elseif (isset($this->items['server']['HTTP_REQUESTTOKEN'])) {
-			$token = $this->items['server']['HTTP_REQUESTTOKEN'];
-		} else {
-			//no token found.
-			return false;
-		}
-		$token = new CsrfToken($token);
-
-		return $this->csrfTokenManager->isTokenValid($token);
-	}
-
-	/**
-	 * Whether the cookie checks are required
-	 *
-	 * @return bool
-	 */
-	private function cookieCheckRequired() {
-		if ($this->getHeader('OCS-APIREQUEST')) {
-			return false;
-		}
-		if($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) {
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * Wrapper around session_get_cookie_params
-	 *
-	 * @return array
-	 */
-	public function getCookieParams() {
-		return session_get_cookie_params();
-	}
-
-	/**
-	 * Appends the __Host- prefix to the cookie if applicable
-	 *
-	 * @param string $name
-	 * @return string
-	 */
-	protected function getProtectedCookieName($name) {
-		$cookieParams = $this->getCookieParams();
-		$prefix = '';
-		if($cookieParams['secure'] === true && $cookieParams['path'] === '/') {
-			$prefix = '__Host-';
-		}
-
-		return $prefix.$name;
-	}
-
-	/**
-	 * Checks if the strict cookie has been sent with the request if the request
-	 * is including any cookies.
-	 *
-	 * @return bool
-	 * @since 9.1.0
-	 */
-	public function passesStrictCookieCheck() {
-		if(!$this->cookieCheckRequired()) {
-			return true;
-		}
-
-		$cookieName = $this->getProtectedCookieName('nc_sameSiteCookiestrict');
-		if($this->getCookie($cookieName) === 'true'
-			&& $this->passesLaxCookieCheck()) {
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * Checks if the lax cookie has been sent with the request if the request
-	 * is including any cookies.
-	 *
-	 * @return bool
-	 * @since 9.1.0
-	 */
-	public function passesLaxCookieCheck() {
-		if(!$this->cookieCheckRequired()) {
-			return true;
-		}
-
-		$cookieName = $this->getProtectedCookieName('nc_sameSiteCookielax');
-		if($this->getCookie($cookieName) === 'true') {
-			return true;
-		}
-		return false;
-	}
-
-
-	/**
-	 * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
-	 * If `mod_unique_id` is installed this value will be taken.
-	 * @return string
-	 */
-	public function getId() {
-		if(isset($this->server['UNIQUE_ID'])) {
-			return $this->server['UNIQUE_ID'];
-		}
-
-		if(empty($this->requestId)) {
-			$validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS;
-			$this->requestId = $this->secureRandom->generate(20, $validChars);
-		}
-
-		return $this->requestId;
-	}
-
-	/**
-	 * Returns the remote address, if the connection came from a trusted proxy
-	 * and `forwarded_for_headers` has been configured then the IP address
-	 * specified in this header will be returned instead.
-	 * Do always use this instead of $_SERVER['REMOTE_ADDR']
-	 * @return string IP address
-	 */
-	public function getRemoteAddress() {
-		$remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : '';
-		$trustedProxies = $this->config->getSystemValue('trusted_proxies', []);
-
-		if(is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) {
-			$forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [
-				'HTTP_X_FORWARDED_FOR'
-				// only have one default, so we cannot ship an insecure product out of the box
-			]);
-
-			foreach($forwardedForHeaders as $header) {
-				if(isset($this->server[$header])) {
-					foreach(explode(',', $this->server[$header]) as $IP) {
-						$IP = trim($IP);
-						if (filter_var($IP, FILTER_VALIDATE_IP) !== false) {
-							return $IP;
-						}
-					}
-				}
-			}
-		}
-
-		return $remoteAddress;
-	}
-
-	/**
-	 * Check overwrite condition
-	 * @param string $type
-	 * @return bool
-	 */
-	private function isOverwriteCondition($type = '') {
-		$regex = '/' . $this->config->getSystemValue('overwritecondaddr', '')  . '/';
-		$remoteAddr = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : '';
-		return $regex === '//' || preg_match($regex, $remoteAddr) === 1
-		|| $type !== 'protocol';
-	}
-
-	/**
-	 * Returns the server protocol. It respects one or more reverse proxies servers
-	 * and load balancers
-	 * @return string Server protocol (http or https)
-	 */
-	public function getServerProtocol() {
-		if($this->config->getSystemValue('overwriteprotocol') !== ''
-			&& $this->isOverwriteCondition('protocol')) {
-			return $this->config->getSystemValue('overwriteprotocol');
-		}
-
-		if (isset($this->server['HTTP_X_FORWARDED_PROTO'])) {
-			if (strpos($this->server['HTTP_X_FORWARDED_PROTO'], ',') !== false) {
-				$parts = explode(',', $this->server['HTTP_X_FORWARDED_PROTO']);
-				$proto = strtolower(trim($parts[0]));
-			} else {
-				$proto = strtolower($this->server['HTTP_X_FORWARDED_PROTO']);
-			}
-
-			// Verify that the protocol is always HTTP or HTTPS
-			// default to http if an invalid value is provided
-			return $proto === 'https' ? 'https' : 'http';
-		}
-
-		if (isset($this->server['HTTPS'])
-			&& $this->server['HTTPS'] !== null
-			&& $this->server['HTTPS'] !== 'off'
-			&& $this->server['HTTPS'] !== '') {
-			return 'https';
-		}
-
-		return 'http';
-	}
-
-	/**
-	 * Returns the used HTTP protocol.
-	 *
-	 * @return string HTTP protocol. HTTP/2, HTTP/1.1 or HTTP/1.0.
-	 */
-	public function getHttpProtocol() {
-		$claimedProtocol = strtoupper($this->server['SERVER_PROTOCOL']);
-
-		$validProtocols = [
-			'HTTP/1.0',
-			'HTTP/1.1',
-			'HTTP/2',
-		];
-
-		if(in_array($claimedProtocol, $validProtocols, true)) {
-			return $claimedProtocol;
-		}
-
-		return 'HTTP/1.1';
-	}
-
-	/**
-	 * Returns the request uri, even if the website uses one or more
-	 * reverse proxies
-	 * @return string
-	 */
-	public function getRequestUri() {
-		$uri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : '';
-		if($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) {
-			$uri = $this->getScriptName() . substr($uri, strlen($this->server['SCRIPT_NAME']));
-		}
-		return $uri;
-	}
-
-	/**
-	 * Get raw PathInfo from request (not urldecoded)
-	 * @throws \Exception
-	 * @return string Path info
-	 */
-	public function getRawPathInfo() {
-		$requestUri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : '';
-		// remove too many leading slashes - can be caused by reverse proxy configuration
-		if (strpos($requestUri, '/') === 0) {
-			$requestUri = '/' . ltrim($requestUri, '/');
-		}
-
-		$requestUri = preg_replace('%/{2,}%', '/', $requestUri);
-
-		// Remove the query string from REQUEST_URI
-		if ($pos = strpos($requestUri, '?')) {
-			$requestUri = substr($requestUri, 0, $pos);
-		}
-
-		$scriptName = $this->server['SCRIPT_NAME'];
-		$pathInfo = $requestUri;
-
-		// strip off the script name's dir and file name
-		// FIXME: Sabre does not really belong here
-		list($path, $name) = \Sabre\Uri\split($scriptName);
-		if (!empty($path)) {
-			if($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) {
-				$pathInfo = substr($pathInfo, strlen($path));
-			} else {
-				throw new \Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')");
-			}
-		}
-		if (strpos($pathInfo, '/'.$name) === 0) {
-			$pathInfo = substr($pathInfo, strlen($name) + 1);
-		}
-		if (strpos($pathInfo, $name) === 0) {
-			$pathInfo = substr($pathInfo, strlen($name));
-		}
-		if($pathInfo === false || $pathInfo === '/'){
-			return '';
-		} else {
-			return $pathInfo;
-		}
-	}
-
-	/**
-	 * Get PathInfo from request
-	 * @throws \Exception
-	 * @return string|false Path info or false when not found
-	 */
-	public function getPathInfo() {
-		$pathInfo = $this->getRawPathInfo();
-		// following is taken from \Sabre\HTTP\URLUtil::decodePathSegment
-		$pathInfo = rawurldecode($pathInfo);
-		$encoding = mb_detect_encoding($pathInfo, ['UTF-8', 'ISO-8859-1']);
-
-		switch($encoding) {
-			case 'ISO-8859-1' :
-				$pathInfo = utf8_encode($pathInfo);
-		}
-		// end copy
-
-		return $pathInfo;
-	}
-
-	/**
-	 * Returns the script name, even if the website uses one or more
-	 * reverse proxies
-	 * @return string the script name
-	 */
-	public function getScriptName() {
-		$name = $this->server['SCRIPT_NAME'];
-		$overwriteWebRoot =  $this->config->getSystemValue('overwritewebroot');
-		if ($overwriteWebRoot !== '' && $this->isOverwriteCondition()) {
-			// FIXME: This code is untestable due to __DIR__, also that hardcoded path is really dangerous
-			$serverRoot = str_replace('\\', '/', substr(__DIR__, 0, -strlen('lib/private/appframework/http/')));
-			$suburi = str_replace('\\', '/', substr(realpath($this->server['SCRIPT_FILENAME']), strlen($serverRoot)));
-			$name = '/' . ltrim($overwriteWebRoot . $suburi, '/');
-		}
-		return $name;
-	}
-
-	/**
-	 * Checks whether the user agent matches a given regex
-	 * @param array $agent array of agent names
-	 * @return bool true if at least one of the given agent matches, false otherwise
-	 */
-	public function isUserAgent(array $agent) {
-		if (!isset($this->server['HTTP_USER_AGENT'])) {
-			return false;
-		}
-		foreach ($agent as $regex) {
-			if (preg_match($regex, $this->server['HTTP_USER_AGENT'])) {
-				return true;
-			}
-		}
-		return false;
-	}
-
-	/**
-	 * Returns the unverified server host from the headers without checking
-	 * whether it is a trusted domain
-	 * @return string Server host
-	 */
-	public function getInsecureServerHost() {
-		$host = 'localhost';
-		if (isset($this->server['HTTP_X_FORWARDED_HOST'])) {
-			if (strpos($this->server['HTTP_X_FORWARDED_HOST'], ',') !== false) {
-				$parts = explode(',', $this->server['HTTP_X_FORWARDED_HOST']);
-				$host = trim(current($parts));
-			} else {
-				$host = $this->server['HTTP_X_FORWARDED_HOST'];
-			}
-		} else {
-			if (isset($this->server['HTTP_HOST'])) {
-				$host = $this->server['HTTP_HOST'];
-			} else if (isset($this->server['SERVER_NAME'])) {
-				$host = $this->server['SERVER_NAME'];
-			}
-		}
-		return $host;
-	}
-
-
-	/**
-	 * Returns the server host from the headers, or the first configured
-	 * trusted domain if the host isn't in the trusted list
-	 * @return string Server host
-	 */
-	public function getServerHost() {
-		// overwritehost is always trusted
-		$host = $this->getOverwriteHost();
-		if ($host !== null) {
-			return $host;
-		}
-
-		// get the host from the headers
-		$host = $this->getInsecureServerHost();
-
-		// Verify that the host is a trusted domain if the trusted domains
-		// are defined
-		// If no trusted domain is provided the first trusted domain is returned
-		$trustedDomainHelper = new TrustedDomainHelper($this->config);
-		if ($trustedDomainHelper->isTrustedDomain($host)) {
-			return $host;
-		} else {
-			$trustedList = $this->config->getSystemValue('trusted_domains', []);
-			if(!empty($trustedList)) {
-				return $trustedList[0];
-			} else {
-				return '';
-			}
-		}
-	}
-
-	/**
-	 * Returns the overwritehost setting from the config if set and
-	 * if the overwrite condition is met
-	 * @return string|null overwritehost value or null if not defined or the defined condition
-	 * isn't met
-	 */
-	private function getOverwriteHost() {
-		if($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) {
-			return $this->config->getSystemValue('overwritehost');
-		}
-		return null;
-	}
+    const USER_AGENT_IE = '/(MSIE)|(Trident)/';
+    // Microsoft Edge User Agent from https://msdn.microsoft.com/en-us/library/hh869301(v=vs.85).aspx
+    const USER_AGENT_MS_EDGE = '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Chrome\/[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+ Edge\/[0-9.]+$/';
+    // Firefox User Agent from https://developer.mozilla.org/en-US/docs/Web/HTTP/Gecko_user_agent_string_reference
+    const USER_AGENT_FIREFOX = '/^Mozilla\/5\.0 \([^)]+\) Gecko\/[0-9.]+ Firefox\/[0-9.]+$/';
+    // Chrome User Agent from https://developer.chrome.com/multidevice/user-agent
+    const USER_AGENT_CHROME = '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\)( Ubuntu Chromium\/[0-9.]+|) Chrome\/[0-9.]+ (Mobile Safari|Safari)\/[0-9.]+$/';
+    // Safari User Agent from http://www.useragentstring.com/pages/Safari/
+    const USER_AGENT_SAFARI = '/^Mozilla\/5\.0 \([^)]+\) AppleWebKit\/[0-9.]+ \(KHTML, like Gecko\) Version\/[0-9.]+ Safari\/[0-9.A-Z]+$/';
+    // Android Chrome user agent: https://developers.google.com/chrome/mobile/docs/user-agent
+    const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
+    const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
+    const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost|::1)$/';
+
+    /**
+     * @deprecated use \OCP\IRequest::USER_AGENT_CLIENT_IOS instead
+     */
+    const USER_AGENT_OWNCLOUD_IOS = '/^Mozilla\/5\.0 \(iOS\) (ownCloud|Nextcloud)\-iOS.*$/';
+    /**
+     * @deprecated use \OCP\IRequest::USER_AGENT_CLIENT_ANDROID instead
+     */
+    const USER_AGENT_OWNCLOUD_ANDROID = '/^Mozilla\/5\.0 \(Android\) ownCloud\-android.*$/';
+    /**
+     * @deprecated use \OCP\IRequest::USER_AGENT_CLIENT_DESKTOP instead
+     */
+    const USER_AGENT_OWNCLOUD_DESKTOP = '/^Mozilla\/5\.0 \([A-Za-z ]+\) (mirall|csyncoC)\/.*$/';
+
+    protected $inputStream;
+    protected $content;
+    protected $items = array();
+    protected $allowedKeys = array(
+        'get',
+        'post',
+        'files',
+        'server',
+        'env',
+        'cookies',
+        'urlParams',
+        'parameters',
+        'method',
+        'requesttoken',
+    );
+    /** @var ISecureRandom */
+    protected $secureRandom;
+    /** @var IConfig */
+    protected $config;
+    /** @var string */
+    protected $requestId = '';
+    /** @var ICrypto */
+    protected $crypto;
+    /** @var CsrfTokenManager|null */
+    protected $csrfTokenManager;
+
+    /** @var bool */
+    protected $contentDecoded = false;
+
+    /**
+     * @param array $vars An associative array with the following optional values:
+     *        - array 'urlParams' the parameters which were matched from the URL
+     *        - array 'get' the $_GET array
+     *        - array|string 'post' the $_POST array or JSON string
+     *        - array 'files' the $_FILES array
+     *        - array 'server' the $_SERVER array
+     *        - array 'env' the $_ENV array
+     *        - array 'cookies' the $_COOKIE array
+     *        - string 'method' the request method (GET, POST etc)
+     *        - string|false 'requesttoken' the requesttoken or false when not available
+     * @param ISecureRandom $secureRandom
+     * @param IConfig $config
+     * @param CsrfTokenManager|null $csrfTokenManager
+     * @param string $stream
+     * @see http://www.php.net/manual/en/reserved.variables.php
+     */
+    public function __construct(array $vars=array(),
+                                ISecureRandom $secureRandom = null,
+                                IConfig $config,
+                                CsrfTokenManager $csrfTokenManager = null,
+                                $stream = 'php://input') {
+        $this->inputStream = $stream;
+        $this->items['params'] = array();
+        $this->secureRandom = $secureRandom;
+        $this->config = $config;
+        $this->csrfTokenManager = $csrfTokenManager;
+
+        if(!array_key_exists('method', $vars)) {
+            $vars['method'] = 'GET';
+        }
+
+        foreach($this->allowedKeys as $name) {
+            $this->items[$name] = isset($vars[$name])
+                ? $vars[$name]
+                : array();
+        }
+
+        $this->items['parameters'] = array_merge(
+            $this->items['get'],
+            $this->items['post'],
+            $this->items['urlParams'],
+            $this->items['params']
+        );
+
+    }
+    /**
+     * @param array $parameters
+     */
+    public function setUrlParameters(array $parameters) {
+        $this->items['urlParams'] = $parameters;
+        $this->items['parameters'] = array_merge(
+            $this->items['parameters'],
+            $this->items['urlParams']
+        );
+    }
+
+    /**
+     * Countable method
+     * @return int
+     */
+    public function count() {
+        return count(array_keys($this->items['parameters']));
+    }
+
+    /**
+     * ArrayAccess methods
+     *
+     * Gives access to the combined GET, POST and urlParams arrays
+     *
+     * Examples:
+     *
+     * $var = $request['myvar'];
+     *
+     * or
+     *
+     * if(!isset($request['myvar']) {
+     * 	// Do something
+     * }
+     *
+     * $request['myvar'] = 'something'; // This throws an exception.
+     *
+     * @param string $offset The key to lookup
+     * @return boolean
+     */
+    public function offsetExists($offset) {
+        return isset($this->items['parameters'][$offset]);
+    }
+
+    /**
+     * @see offsetExists
+     */
+    public function offsetGet($offset) {
+        return isset($this->items['parameters'][$offset])
+            ? $this->items['parameters'][$offset]
+            : null;
+    }
+
+    /**
+     * @see offsetExists
+     */
+    public function offsetSet($offset, $value) {
+        throw new \RuntimeException('You cannot change the contents of the request object');
+    }
+
+    /**
+     * @see offsetExists
+     */
+    public function offsetUnset($offset) {
+        throw new \RuntimeException('You cannot change the contents of the request object');
+    }
+
+    /**
+     * Magic property accessors
+     * @param string $name
+     * @param mixed $value
+     */
+    public function __set($name, $value) {
+        throw new \RuntimeException('You cannot change the contents of the request object');
+    }
+
+    /**
+     * Access request variables by method and name.
+     * Examples:
+     *
+     * $request->post['myvar']; // Only look for POST variables
+     * $request->myvar; or $request->{'myvar'}; or $request->{$myvar}
+     * Looks in the combined GET, POST and urlParams array.
+     *
+     * If you access e.g. ->post but the current HTTP request method
+     * is GET a \LogicException will be thrown.
+     *
+     * @param string $name The key to look for.
+     * @throws \LogicException
+     * @return mixed|null
+     */
+    public function __get($name) {
+        switch($name) {
+            case 'put':
+            case 'patch':
+            case 'get':
+            case 'post':
+                if($this->method !== strtoupper($name)) {
+                    throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method));
+                }
+                return $this->getContent();
+            case 'files':
+            case 'server':
+            case 'env':
+            case 'cookies':
+            case 'urlParams':
+            case 'method':
+                return isset($this->items[$name])
+                    ? $this->items[$name]
+                    : null;
+            case 'parameters':
+            case 'params':
+                return $this->getContent();
+            default;
+                return isset($this[$name])
+                    ? $this[$name]
+                    : null;
+        }
+    }
+
+    /**
+     * @param string $name
+     * @return bool
+     */
+    public function __isset($name) {
+        if (in_array($name, $this->allowedKeys, true)) {
+            return true;
+        }
+        return isset($this->items['parameters'][$name]);
+    }
+
+    /**
+     * @param string $id
+     */
+    public function __unset($id) {
+        throw new \RuntimeException('You cannot change the contents of the request object');
+    }
+
+    /**
+     * Returns the value for a specific http header.
+     *
+     * This method returns null if the header did not exist.
+     *
+     * @param string $name
+     * @return string
+     */
+    public function getHeader($name) {
+
+        $name = strtoupper(str_replace(array('-'),array('_'),$name));
+        if (isset($this->server['HTTP_' . $name])) {
+            return $this->server['HTTP_' . $name];
+        }
+
+        // There's a few headers that seem to end up in the top-level
+        // server array.
+        switch($name) {
+            case 'CONTENT_TYPE' :
+            case 'CONTENT_LENGTH' :
+                if (isset($this->server[$name])) {
+                    return $this->server[$name];
+                }
+                break;
+
+        }
+
+        return '';
+    }
+
+    /**
+     * Lets you access post and get parameters by the index
+     * In case of json requests the encoded json body is accessed
+     *
+     * @param string $key the key which you want to access in the URL Parameter
+     *                     placeholder, $_POST or $_GET array.
+     *                     The priority how they're returned is the following:
+     *                     1. URL parameters
+     *                     2. POST parameters
+     *                     3. GET parameters
+     * @param mixed $default If the key is not found, this value will be returned
+     * @return mixed the content of the array
+     */
+    public function getParam($key, $default = null) {
+        return isset($this->parameters[$key])
+            ? $this->parameters[$key]
+            : $default;
+    }
+
+    /**
+     * Returns all params that were received, be it from the request
+     * (as GET or POST) or throuh the URL by the route
+     * @return array the array with all parameters
+     */
+    public function getParams() {
+        return $this->parameters;
+    }
+
+    /**
+     * Returns the method of the request
+     * @return string the method of the request (POST, GET, etc)
+     */
+    public function getMethod() {
+        return $this->method;
+    }
+
+    /**
+     * Shortcut for accessing an uploaded file through the $_FILES array
+     * @param string $key the key that will be taken from the $_FILES array
+     * @return array the file in the $_FILES element
+     */
+    public function getUploadedFile($key) {
+        return isset($this->files[$key]) ? $this->files[$key] : null;
+    }
+
+    /**
+     * Shortcut for getting env variables
+     * @param string $key the key that will be taken from the $_ENV array
+     * @return array the value in the $_ENV element
+     */
+    public function getEnv($key) {
+        return isset($this->env[$key]) ? $this->env[$key] : null;
+    }
+
+    /**
+     * Shortcut for getting cookie variables
+     * @param string $key the key that will be taken from the $_COOKIE array
+     * @return string the value in the $_COOKIE element
+     */
+    public function getCookie($key) {
+        return isset($this->cookies[$key]) ? $this->cookies[$key] : null;
+    }
+
+    /**
+     * Returns the request body content.
+     *
+     * If the HTTP request method is PUT and the body
+     * not application/x-www-form-urlencoded or application/json a stream
+     * resource is returned, otherwise an array.
+     *
+     * @return array|string|resource The request body content or a resource to read the body stream.
+     *
+     * @throws \LogicException
+     */
+    protected function getContent() {
+        // If the content can't be parsed into an array then return a stream resource.
+        if ($this->method === 'PUT'
+            && $this->getHeader('Content-Length') !== '0'
+            && $this->getHeader('Content-Length') !== ''
+            && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') === false
+            && strpos($this->getHeader('Content-Type'), 'application/json') === false
+        ) {
+            if ($this->content === false) {
+                throw new \LogicException(
+                    '"put" can only be accessed once if not '
+                    . 'application/x-www-form-urlencoded or application/json.'
+                );
+            }
+            $this->content = false;
+            return fopen($this->inputStream, 'rb');
+        } else {
+            $this->decodeContent();
+            return $this->items['parameters'];
+        }
+    }
+
+    /**
+     * Attempt to decode the content and populate parameters
+     */
+    protected function decodeContent() {
+        if ($this->contentDecoded) {
+            return;
+        }
+        $params = [];
+
+        // 'application/json' must be decoded manually.
+        if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) {
+            $params = json_decode(file_get_contents($this->inputStream), true);
+            if($params !== null && count($params) > 0) {
+                $this->items['params'] = $params;
+                if($this->method === 'POST') {
+                    $this->items['post'] = $params;
+                }
+            }
+
+        // Handle application/x-www-form-urlencoded for methods other than GET
+        // or post correctly
+        } elseif($this->method !== 'GET'
+                && $this->method !== 'POST'
+                && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
+
+            parse_str(file_get_contents($this->inputStream), $params);
+            if(is_array($params)) {
+                $this->items['params'] = $params;
+            }
+        }
+
+        if (is_array($params)) {
+            $this->items['parameters'] = array_merge($this->items['parameters'], $params);
+        }
+        $this->contentDecoded = true;
+    }
+
+
+    /**
+     * Checks if the CSRF check was correct
+     * @return bool true if CSRF check passed
+     */
+    public function passesCSRFCheck() {
+        if($this->csrfTokenManager === null) {
+            return false;
+        }
+
+        if(!$this->passesStrictCookieCheck()) {
+            return false;
+        }
+
+        if (isset($this->items['get']['requesttoken'])) {
+            $token = $this->items['get']['requesttoken'];
+        } elseif (isset($this->items['post']['requesttoken'])) {
+            $token = $this->items['post']['requesttoken'];
+        } elseif (isset($this->items['server']['HTTP_REQUESTTOKEN'])) {
+            $token = $this->items['server']['HTTP_REQUESTTOKEN'];
+        } else {
+            //no token found.
+            return false;
+        }
+        $token = new CsrfToken($token);
+
+        return $this->csrfTokenManager->isTokenValid($token);
+    }
+
+    /**
+     * Whether the cookie checks are required
+     *
+     * @return bool
+     */
+    private function cookieCheckRequired() {
+        if ($this->getHeader('OCS-APIREQUEST')) {
+            return false;
+        }
+        if($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Wrapper around session_get_cookie_params
+     *
+     * @return array
+     */
+    public function getCookieParams() {
+        return session_get_cookie_params();
+    }
+
+    /**
+     * Appends the __Host- prefix to the cookie if applicable
+     *
+     * @param string $name
+     * @return string
+     */
+    protected function getProtectedCookieName($name) {
+        $cookieParams = $this->getCookieParams();
+        $prefix = '';
+        if($cookieParams['secure'] === true && $cookieParams['path'] === '/') {
+            $prefix = '__Host-';
+        }
+
+        return $prefix.$name;
+    }
+
+    /**
+     * Checks if the strict cookie has been sent with the request if the request
+     * is including any cookies.
+     *
+     * @return bool
+     * @since 9.1.0
+     */
+    public function passesStrictCookieCheck() {
+        if(!$this->cookieCheckRequired()) {
+            return true;
+        }
+
+        $cookieName = $this->getProtectedCookieName('nc_sameSiteCookiestrict');
+        if($this->getCookie($cookieName) === 'true'
+            && $this->passesLaxCookieCheck()) {
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * Checks if the lax cookie has been sent with the request if the request
+     * is including any cookies.
+     *
+     * @return bool
+     * @since 9.1.0
+     */
+    public function passesLaxCookieCheck() {
+        if(!$this->cookieCheckRequired()) {
+            return true;
+        }
+
+        $cookieName = $this->getProtectedCookieName('nc_sameSiteCookielax');
+        if($this->getCookie($cookieName) === 'true') {
+            return true;
+        }
+        return false;
+    }
+
+
+    /**
+     * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
+     * If `mod_unique_id` is installed this value will be taken.
+     * @return string
+     */
+    public function getId() {
+        if(isset($this->server['UNIQUE_ID'])) {
+            return $this->server['UNIQUE_ID'];
+        }
+
+        if(empty($this->requestId)) {
+            $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS;
+            $this->requestId = $this->secureRandom->generate(20, $validChars);
+        }
+
+        return $this->requestId;
+    }
+
+    /**
+     * Returns the remote address, if the connection came from a trusted proxy
+     * and `forwarded_for_headers` has been configured then the IP address
+     * specified in this header will be returned instead.
+     * Do always use this instead of $_SERVER['REMOTE_ADDR']
+     * @return string IP address
+     */
+    public function getRemoteAddress() {
+        $remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : '';
+        $trustedProxies = $this->config->getSystemValue('trusted_proxies', []);
+
+        if(is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) {
+            $forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [
+                'HTTP_X_FORWARDED_FOR'
+                // only have one default, so we cannot ship an insecure product out of the box
+            ]);
+
+            foreach($forwardedForHeaders as $header) {
+                if(isset($this->server[$header])) {
+                    foreach(explode(',', $this->server[$header]) as $IP) {
+                        $IP = trim($IP);
+                        if (filter_var($IP, FILTER_VALIDATE_IP) !== false) {
+                            return $IP;
+                        }
+                    }
+                }
+            }
+        }
+
+        return $remoteAddress;
+    }
+
+    /**
+     * Check overwrite condition
+     * @param string $type
+     * @return bool
+     */
+    private function isOverwriteCondition($type = '') {
+        $regex = '/' . $this->config->getSystemValue('overwritecondaddr', '')  . '/';
+        $remoteAddr = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : '';
+        return $regex === '//' || preg_match($regex, $remoteAddr) === 1
+        || $type !== 'protocol';
+    }
+
+    /**
+     * Returns the server protocol. It respects one or more reverse proxies servers
+     * and load balancers
+     * @return string Server protocol (http or https)
+     */
+    public function getServerProtocol() {
+        if($this->config->getSystemValue('overwriteprotocol') !== ''
+            && $this->isOverwriteCondition('protocol')) {
+            return $this->config->getSystemValue('overwriteprotocol');
+        }
+
+        if (isset($this->server['HTTP_X_FORWARDED_PROTO'])) {
+            if (strpos($this->server['HTTP_X_FORWARDED_PROTO'], ',') !== false) {
+                $parts = explode(',', $this->server['HTTP_X_FORWARDED_PROTO']);
+                $proto = strtolower(trim($parts[0]));
+            } else {
+                $proto = strtolower($this->server['HTTP_X_FORWARDED_PROTO']);
+            }
+
+            // Verify that the protocol is always HTTP or HTTPS
+            // default to http if an invalid value is provided
+            return $proto === 'https' ? 'https' : 'http';
+        }
+
+        if (isset($this->server['HTTPS'])
+            && $this->server['HTTPS'] !== null
+            && $this->server['HTTPS'] !== 'off'
+            && $this->server['HTTPS'] !== '') {
+            return 'https';
+        }
+
+        return 'http';
+    }
+
+    /**
+     * Returns the used HTTP protocol.
+     *
+     * @return string HTTP protocol. HTTP/2, HTTP/1.1 or HTTP/1.0.
+     */
+    public function getHttpProtocol() {
+        $claimedProtocol = strtoupper($this->server['SERVER_PROTOCOL']);
+
+        $validProtocols = [
+            'HTTP/1.0',
+            'HTTP/1.1',
+            'HTTP/2',
+        ];
+
+        if(in_array($claimedProtocol, $validProtocols, true)) {
+            return $claimedProtocol;
+        }
+
+        return 'HTTP/1.1';
+    }
+
+    /**
+     * Returns the request uri, even if the website uses one or more
+     * reverse proxies
+     * @return string
+     */
+    public function getRequestUri() {
+        $uri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : '';
+        if($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) {
+            $uri = $this->getScriptName() . substr($uri, strlen($this->server['SCRIPT_NAME']));
+        }
+        return $uri;
+    }
+
+    /**
+     * Get raw PathInfo from request (not urldecoded)
+     * @throws \Exception
+     * @return string Path info
+     */
+    public function getRawPathInfo() {
+        $requestUri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : '';
+        // remove too many leading slashes - can be caused by reverse proxy configuration
+        if (strpos($requestUri, '/') === 0) {
+            $requestUri = '/' . ltrim($requestUri, '/');
+        }
+
+        $requestUri = preg_replace('%/{2,}%', '/', $requestUri);
+
+        // Remove the query string from REQUEST_URI
+        if ($pos = strpos($requestUri, '?')) {
+            $requestUri = substr($requestUri, 0, $pos);
+        }
+
+        $scriptName = $this->server['SCRIPT_NAME'];
+        $pathInfo = $requestUri;
+
+        // strip off the script name's dir and file name
+        // FIXME: Sabre does not really belong here
+        list($path, $name) = \Sabre\Uri\split($scriptName);
+        if (!empty($path)) {
+            if($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) {
+                $pathInfo = substr($pathInfo, strlen($path));
+            } else {
+                throw new \Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')");
+            }
+        }
+        if (strpos($pathInfo, '/'.$name) === 0) {
+            $pathInfo = substr($pathInfo, strlen($name) + 1);
+        }
+        if (strpos($pathInfo, $name) === 0) {
+            $pathInfo = substr($pathInfo, strlen($name));
+        }
+        if($pathInfo === false || $pathInfo === '/'){
+            return '';
+        } else {
+            return $pathInfo;
+        }
+    }
+
+    /**
+     * Get PathInfo from request
+     * @throws \Exception
+     * @return string|false Path info or false when not found
+     */
+    public function getPathInfo() {
+        $pathInfo = $this->getRawPathInfo();
+        // following is taken from \Sabre\HTTP\URLUtil::decodePathSegment
+        $pathInfo = rawurldecode($pathInfo);
+        $encoding = mb_detect_encoding($pathInfo, ['UTF-8', 'ISO-8859-1']);
+
+        switch($encoding) {
+            case 'ISO-8859-1' :
+                $pathInfo = utf8_encode($pathInfo);
+        }
+        // end copy
+
+        return $pathInfo;
+    }
+
+    /**
+     * Returns the script name, even if the website uses one or more
+     * reverse proxies
+     * @return string the script name
+     */
+    public function getScriptName() {
+        $name = $this->server['SCRIPT_NAME'];
+        $overwriteWebRoot =  $this->config->getSystemValue('overwritewebroot');
+        if ($overwriteWebRoot !== '' && $this->isOverwriteCondition()) {
+            // FIXME: This code is untestable due to __DIR__, also that hardcoded path is really dangerous
+            $serverRoot = str_replace('\\', '/', substr(__DIR__, 0, -strlen('lib/private/appframework/http/')));
+            $suburi = str_replace('\\', '/', substr(realpath($this->server['SCRIPT_FILENAME']), strlen($serverRoot)));
+            $name = '/' . ltrim($overwriteWebRoot . $suburi, '/');
+        }
+        return $name;
+    }
+
+    /**
+     * Checks whether the user agent matches a given regex
+     * @param array $agent array of agent names
+     * @return bool true if at least one of the given agent matches, false otherwise
+     */
+    public function isUserAgent(array $agent) {
+        if (!isset($this->server['HTTP_USER_AGENT'])) {
+            return false;
+        }
+        foreach ($agent as $regex) {
+            if (preg_match($regex, $this->server['HTTP_USER_AGENT'])) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Returns the unverified server host from the headers without checking
+     * whether it is a trusted domain
+     * @return string Server host
+     */
+    public function getInsecureServerHost() {
+        $host = 'localhost';
+        if (isset($this->server['HTTP_X_FORWARDED_HOST'])) {
+            if (strpos($this->server['HTTP_X_FORWARDED_HOST'], ',') !== false) {
+                $parts = explode(',', $this->server['HTTP_X_FORWARDED_HOST']);
+                $host = trim(current($parts));
+            } else {
+                $host = $this->server['HTTP_X_FORWARDED_HOST'];
+            }
+        } else {
+            if (isset($this->server['HTTP_HOST'])) {
+                $host = $this->server['HTTP_HOST'];
+            } else if (isset($this->server['SERVER_NAME'])) {
+                $host = $this->server['SERVER_NAME'];
+            }
+        }
+        return $host;
+    }
+
+
+    /**
+     * Returns the server host from the headers, or the first configured
+     * trusted domain if the host isn't in the trusted list
+     * @return string Server host
+     */
+    public function getServerHost() {
+        // overwritehost is always trusted
+        $host = $this->getOverwriteHost();
+        if ($host !== null) {
+            return $host;
+        }
+
+        // get the host from the headers
+        $host = $this->getInsecureServerHost();
+
+        // Verify that the host is a trusted domain if the trusted domains
+        // are defined
+        // If no trusted domain is provided the first trusted domain is returned
+        $trustedDomainHelper = new TrustedDomainHelper($this->config);
+        if ($trustedDomainHelper->isTrustedDomain($host)) {
+            return $host;
+        } else {
+            $trustedList = $this->config->getSystemValue('trusted_domains', []);
+            if(!empty($trustedList)) {
+                return $trustedList[0];
+            } else {
+                return '';
+            }
+        }
+    }
+
+    /**
+     * Returns the overwritehost setting from the config if set and
+     * if the overwrite condition is met
+     * @return string|null overwritehost value or null if not defined or the defined condition
+     * isn't met
+     */
+    private function getOverwriteHost() {
+        if($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) {
+            return $this->config->getSystemValue('overwritehost');
+        }
+        return null;
+    }
 
 }

Please login to merge, or discard this patch.

lib/private/Log/File.php 1 patch

Indentation +156 added lines, -156 removed lines patch added patch discarded remove patch

@@ -44,166 +44,166 @@
 block discarded – undo
  */
 
 class File {
-	static protected $logFile;
+    static protected $logFile;
 
-	/**
-	 * Init class data
-	 */
-	public static function init() {
-		$systemConfig = \OC::$server->getSystemConfig();
-		$defaultLogFile = $systemConfig->getValue("datadirectory", \OC::$SERVERROOT.'/data').'/nextcloud.log';
-		self::$logFile = $systemConfig->getValue("logfile", $defaultLogFile);
+    /**
+     * Init class data
+     */
+    public static function init() {
+        $systemConfig = \OC::$server->getSystemConfig();
+        $defaultLogFile = $systemConfig->getValue("datadirectory", \OC::$SERVERROOT.'/data').'/nextcloud.log';
+        self::$logFile = $systemConfig->getValue("logfile", $defaultLogFile);
 
-		/**
-		 * Fall back to default log file if specified logfile does not exist
-		 * and can not be created.
-		 */
-		if (!file_exists(self::$logFile)) {
-			if(!is_writable(dirname(self::$logFile))) {
-				self::$logFile = $defaultLogFile;
-			} else {
-				if(!touch(self::$logFile)) {
-					self::$logFile = $defaultLogFile;
-				}
-			}
-		}
-	}
+        /**
+         * Fall back to default log file if specified logfile does not exist
+         * and can not be created.
+         */
+        if (!file_exists(self::$logFile)) {
+            if(!is_writable(dirname(self::$logFile))) {
+                self::$logFile = $defaultLogFile;
+            } else {
+                if(!touch(self::$logFile)) {
+                    self::$logFile = $defaultLogFile;
+                }
+            }
+        }
+    }
 
-	/**
-	 * write a message in the log
-	 * @param string $app
-	 * @param string $message
-	 * @param int $level
-	 */
-	public static function write($app, $message, $level) {
-		$config = \OC::$server->getSystemConfig();
+    /**
+     * write a message in the log
+     * @param string $app
+     * @param string $message
+     * @param int $level
+     */
+    public static function write($app, $message, $level) {
+        $config = \OC::$server->getSystemConfig();
 
-		// default to ISO8601
-		$format = $config->getValue('logdateformat', \DateTime::ATOM);
-		$logTimeZone = $config->getValue('logtimezone', 'UTC');
-		try {
-			$timezone = new \DateTimeZone($logTimeZone);
-		} catch (\Exception $e) {
-			$timezone = new \DateTimeZone('UTC');
-		}
-		$time = \DateTime::createFromFormat("U.u", number_format(microtime(true), 4, ".", ""));
-		if ($time === false) {
-			$time = new \DateTime(null, $timezone);
-		} else {
-			// apply timezone if $time is created from UNIX timestamp
-			$time->setTimezone($timezone);
-		}
-		$request = \OC::$server->getRequest();
-		$reqId = $request->getId();
-		$remoteAddr = $request->getRemoteAddress();
-		// remove username/passwords from URLs before writing the to the log file
-		$time = $time->format($format);
-		$url = ($request->getRequestUri() !== '') ? $request->getRequestUri() : '--';
-		$method = is_string($request->getMethod()) ? $request->getMethod() : '--';
-		if($config->getValue('installed', false)) {
-			$user = (\OC_User::getUser()) ? \OC_User::getUser() : '--';
-		} else {
-			$user = '--';
-		}
-		$userAgent = $request->getHeader('User-Agent');
-		if ($userAgent === '') {
-			$userAgent = '--';
-		}
-		$version = $config->getValue('version', '');
-		$entry = compact(
-			'reqId',
-			'level',
-			'time',
-			'remoteAddr',
-			'user',
-			'app',
-			'method',
-			'url',
-			'message',
-			'userAgent',
-			'version'
-		);
-		// PHP's json_encode only accept proper UTF-8 strings, loop over all
-		// elements to ensure that they are properly UTF-8 compliant or convert
-		// them manually.
-		foreach($entry as $key => $value) {
-			if(is_string($value)) {
-				$testEncode = json_encode($value);
-				if($testEncode === false) {
-					$entry[$key] = utf8_encode($value);
-				}
-			}
-		}
-		$entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR);
-		$handle = @fopen(self::$logFile, 'a');
-		if ((fileperms(self::$logFile) & 0777) != 0640) {
-			@chmod(self::$logFile, 0640);
-		}
-		if ($handle) {
-			fwrite($handle, $entry."\n");
-			fclose($handle);
-		} else {
-			// Fall back to error_log
-			error_log($entry);
-		}
-		if (php_sapi_name() === 'cli-server') {
-			error_log($message, 4);
-		}
-	}
+        // default to ISO8601
+        $format = $config->getValue('logdateformat', \DateTime::ATOM);
+        $logTimeZone = $config->getValue('logtimezone', 'UTC');
+        try {
+            $timezone = new \DateTimeZone($logTimeZone);
+        } catch (\Exception $e) {
+            $timezone = new \DateTimeZone('UTC');
+        }
+        $time = \DateTime::createFromFormat("U.u", number_format(microtime(true), 4, ".", ""));
+        if ($time === false) {
+            $time = new \DateTime(null, $timezone);
+        } else {
+            // apply timezone if $time is created from UNIX timestamp
+            $time->setTimezone($timezone);
+        }
+        $request = \OC::$server->getRequest();
+        $reqId = $request->getId();
+        $remoteAddr = $request->getRemoteAddress();
+        // remove username/passwords from URLs before writing the to the log file
+        $time = $time->format($format);
+        $url = ($request->getRequestUri() !== '') ? $request->getRequestUri() : '--';
+        $method = is_string($request->getMethod()) ? $request->getMethod() : '--';
+        if($config->getValue('installed', false)) {
+            $user = (\OC_User::getUser()) ? \OC_User::getUser() : '--';
+        } else {
+            $user = '--';
+        }
+        $userAgent = $request->getHeader('User-Agent');
+        if ($userAgent === '') {
+            $userAgent = '--';
+        }
+        $version = $config->getValue('version', '');
+        $entry = compact(
+            'reqId',
+            'level',
+            'time',
+            'remoteAddr',
+            'user',
+            'app',
+            'method',
+            'url',
+            'message',
+            'userAgent',
+            'version'
+        );
+        // PHP's json_encode only accept proper UTF-8 strings, loop over all
+        // elements to ensure that they are properly UTF-8 compliant or convert
+        // them manually.
+        foreach($entry as $key => $value) {
+            if(is_string($value)) {
+                $testEncode = json_encode($value);
+                if($testEncode === false) {
+                    $entry[$key] = utf8_encode($value);
+                }
+            }
+        }
+        $entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR);
+        $handle = @fopen(self::$logFile, 'a');
+        if ((fileperms(self::$logFile) & 0777) != 0640) {
+            @chmod(self::$logFile, 0640);
+        }
+        if ($handle) {
+            fwrite($handle, $entry."\n");
+            fclose($handle);
+        } else {
+            // Fall back to error_log
+            error_log($entry);
+        }
+        if (php_sapi_name() === 'cli-server') {
+            error_log($message, 4);
+        }
+    }
 
-	/**
-	 * get entries from the log in reverse chronological order
-	 * @param int $limit
-	 * @param int $offset
-	 * @return array
-	 */
-	public static function getEntries($limit=50, $offset=0) {
-		self::init();
-		$minLevel = \OC::$server->getSystemConfig()->getValue("loglevel", \OCP\Util::WARN);
-		$entries = array();
-		$handle = @fopen(self::$logFile, 'rb');
-		if ($handle) {
-			fseek($handle, 0, SEEK_END);
-			$pos = ftell($handle);
-			$line = '';
-			$entriesCount = 0;
-			$lines = 0;
-			// Loop through each character of the file looking for new lines
-			while ($pos >= 0 && ($limit === null ||$entriesCount < $limit)) {
-				fseek($handle, $pos);
-				$ch = fgetc($handle);
-				if ($ch == "\n" || $pos == 0) {
-					if ($line != '') {
-						// Add the first character if at the start of the file,
-						// because it doesn't hit the else in the loop
-						if ($pos == 0) {
-							$line = $ch.$line;
-						}
-						$entry = json_decode($line);
-						// Add the line as an entry if it is passed the offset and is equal or above the log level
-						if ($entry->level >= $minLevel) {
-							$lines++;
-							if ($lines > $offset) {
-								$entries[] = $entry;
-								$entriesCount++;
-							}
-						}
-						$line = '';
-					}
-				} else {
-					$line = $ch.$line;
-				}
-				$pos--;
-			}
-			fclose($handle);
-		}
-		return $entries;
-	}
+    /**
+     * get entries from the log in reverse chronological order
+     * @param int $limit
+     * @param int $offset
+     * @return array
+     */
+    public static function getEntries($limit=50, $offset=0) {
+        self::init();
+        $minLevel = \OC::$server->getSystemConfig()->getValue("loglevel", \OCP\Util::WARN);
+        $entries = array();
+        $handle = @fopen(self::$logFile, 'rb');
+        if ($handle) {
+            fseek($handle, 0, SEEK_END);
+            $pos = ftell($handle);
+            $line = '';
+            $entriesCount = 0;
+            $lines = 0;
+            // Loop through each character of the file looking for new lines
+            while ($pos >= 0 && ($limit === null ||$entriesCount < $limit)) {
+                fseek($handle, $pos);
+                $ch = fgetc($handle);
+                if ($ch == "\n" || $pos == 0) {
+                    if ($line != '') {
+                        // Add the first character if at the start of the file,
+                        // because it doesn't hit the else in the loop
+                        if ($pos == 0) {
+                            $line = $ch.$line;
+                        }
+                        $entry = json_decode($line);
+                        // Add the line as an entry if it is passed the offset and is equal or above the log level
+                        if ($entry->level >= $minLevel) {
+                            $lines++;
+                            if ($lines > $offset) {
+                                $entries[] = $entry;
+                                $entriesCount++;
+                            }
+                        }
+                        $line = '';
+                    }
+                } else {
+                    $line = $ch.$line;
+                }
+                $pos--;
+            }
+            fclose($handle);
+        }
+        return $entries;
+    }
 
-	/**
-	 * @return string
-	 */
-	public static function getLogFilePath() {
-		return self::$logFile;
-	}
+    /**
+     * @return string
+     */
+    public static function getLogFilePath() {
+        return self::$logFile;
+    }
 }

Please login to merge, or discard this patch.

lib/private/L10N/Factory.php 1 patch

Indentation +400 added lines, -400 removed lines patch added patch discarded remove patch

@@ -40,404 +40,404 @@
 block discarded – undo
  */
 class Factory implements IFactory {
 
-	/** @var string */
-	protected $requestLanguage = '';
-
-	/**
-	 * cached instances
-	 * @var array Structure: Lang => App => \OCP\IL10N
-	 */
-	protected $instances = [];
-
-	/**
-	 * @var array Structure: App => string[]
-	 */
-	protected $availableLanguages = [];
-
-	/**
-	 * @var array Structure: string => callable
-	 */
-	protected $pluralFunctions = [];
-
-	/** @var IConfig */
-	protected $config;
-
-	/** @var IRequest */
-	protected $request;
-
-	/** @var IUserSession */
-	protected $userSession;
-
-	/** @var string */
-	protected $serverRoot;
-
-	/**
-	 * @param IConfig $config
-	 * @param IRequest $request
-	 * @param IUserSession $userSession
-	 * @param string $serverRoot
-	 */
-	public function __construct(IConfig $config,
-								IRequest $request,
-								IUserSession $userSession,
-								$serverRoot) {
-		$this->config = $config;
-		$this->request = $request;
-		$this->userSession = $userSession;
-		$this->serverRoot = $serverRoot;
-	}
-
-	/**
-	 * Get a language instance
-	 *
-	 * @param string $app
-	 * @param string|null $lang
-	 * @return \OCP\IL10N
-	 */
-	public function get($app, $lang = null) {
-		$app = \OC_App::cleanAppId($app);
-		if ($lang !== null) {
-			$lang = str_replace(array('\0', '/', '\\', '..'), '', (string) $lang);
-		}
-
-		$forceLang = $this->config->getSystemValue('force_language', false);
-		if (is_string($forceLang)) {
-			$lang = $forceLang;
-		}
-
-		if ($lang === null || !$this->languageExists($app, $lang)) {
-			$lang = $this->findLanguage($app);
-		}
-
-		if (!isset($this->instances[$lang][$app])) {
-			$this->instances[$lang][$app] = new L10N(
-				$this, $app, $lang,
-				$this->getL10nFilesForApp($app, $lang)
-			);
-		}
-
-		return $this->instances[$lang][$app];
-	}
-
-	/**
-	 * Find the best language
-	 *
-	 * @param string|null $app App id or null for core
-	 * @return string language If nothing works it returns 'en'
-	 */
-	public function findLanguage($app = null) {
-		if ($this->requestLanguage !== '' && $this->languageExists($app, $this->requestLanguage)) {
-			return $this->requestLanguage;
-		}
-
-		/**
-		 * At this point Nextcloud might not yet be installed and thus the lookup
-		 * in the preferences table might fail. For this reason we need to check
-		 * whether the instance has already been installed
-		 *
-		 * @link https://github.com/owncloud/core/issues/21955
-		 */
-		if($this->config->getSystemValue('installed', false)) {
-			$userId = !is_null($this->userSession->getUser()) ? $this->userSession->getUser()->getUID() :  null;
-			if(!is_null($userId)) {
-				$userLang = $this->config->getUserValue($userId, 'core', 'lang', null);
-			} else {
-				$userLang = null;
-			}
-		} else {
-			$userId = null;
-			$userLang = null;
-		}
-
-		if ($userLang) {
-			$this->requestLanguage = $userLang;
-			if ($this->languageExists($app, $userLang)) {
-				return $userLang;
-			}
-		}
-
-		try {
-			// Try to get the language from the Request
-			$lang = $this->getLanguageFromRequest($app);
-			if ($userId !== null && $app === null && !$userLang) {
-				$this->config->setUserValue($userId, 'core', 'lang', $lang);
-			}
-			return $lang;
-		} catch (LanguageNotFoundException $e) {
-			// Finding language from request failed fall back to default language
-			$defaultLanguage = $this->config->getSystemValue('default_language', false);
-			if ($defaultLanguage !== false && $this->languageExists($app, $defaultLanguage)) {
-				return $defaultLanguage;
-			}
-		}
-
-		// We could not find any language so fall back to english
-		return 'en';
-	}
-
-	/**
-	 * Find all available languages for an app
-	 *
-	 * @param string|null $app App id or null for core
-	 * @return array an array of available languages
-	 */
-	public function findAvailableLanguages($app = null) {
-		$key = $app;
-		if ($key === null) {
-			$key = 'null';
-		}
-
-		// also works with null as key
-		if (!empty($this->availableLanguages[$key])) {
-			return $this->availableLanguages[$key];
-		}
-
-		$available = ['en']; //english is always available
-		$dir = $this->findL10nDir($app);
-		if (is_dir($dir)) {
-			$files = scandir($dir);
-			if ($files !== false) {
-				foreach ($files as $file) {
-					if (substr($file, -5) === '.json' && substr($file, 0, 4) !== 'l10n') {
-						$available[] = substr($file, 0, -5);
-					}
-				}
-			}
-		}
-
-		// merge with translations from theme
-		$theme = $this->config->getSystemValue('theme');
-		if (!empty($theme)) {
-			$themeDir = $this->serverRoot . '/themes/' . $theme . substr($dir, strlen($this->serverRoot));
-
-			if (is_dir($themeDir)) {
-				$files = scandir($themeDir);
-				if ($files !== false) {
-					foreach ($files as $file) {
-						if (substr($file, -5) === '.json' && substr($file, 0, 4) !== 'l10n') {
-							$available[] = substr($file, 0, -5);
-						}
-					}
-				}
-			}
-		}
-
-		$this->availableLanguages[$key] = $available;
-		return $available;
-	}
-
-	/**
-	 * @param string|null $app App id or null for core
-	 * @param string $lang
-	 * @return bool
-	 */
-	public function languageExists($app, $lang) {
-		if ($lang === 'en') {//english is always available
-			return true;
-		}
-
-		$languages = $this->findAvailableLanguages($app);
-		return array_search($lang, $languages) !== false;
-	}
-
-	/**
-	 * @param string|null $app
-	 * @return string
-	 * @throws LanguageNotFoundException
-	 */
-	private function getLanguageFromRequest($app) {
-		$header = $this->request->getHeader('ACCEPT_LANGUAGE');
-		if ($header !== '') {
-			$available = $this->findAvailableLanguages($app);
-
-			// E.g. make sure that 'de' is before 'de_DE'.
-			sort($available);
-
-			$preferences = preg_split('/,\s*/', strtolower($header));
-			foreach ($preferences as $preference) {
-				list($preferred_language) = explode(';', $preference);
-				$preferred_language = str_replace('-', '_', $preferred_language);
-
-				foreach ($available as $available_language) {
-					if ($preferred_language === strtolower($available_language)) {
-						return $this->respectDefaultLanguage($app, $available_language);
-					}
-				}
-
-				// Fallback from de_De to de
-				foreach ($available as $available_language) {
-					if (substr($preferred_language, 0, 2) === $available_language) {
-						return $available_language;
-					}
-				}
-			}
-		}
-
-		throw new LanguageNotFoundException();
-	}
-
-	/**
-	 * if default language is set to de_DE (formal German) this should be
-	 * preferred to 'de' (non-formal German) if possible
-	 *
-	 * @param string|null $app
-	 * @param string $lang
-	 * @return string
-	 */
-	protected function respectDefaultLanguage($app, $lang) {
-		$result = $lang;
-		$defaultLanguage = $this->config->getSystemValue('default_language', false);
-
-		// use formal version of german ("Sie" instead of "Du") if the default
-		// language is set to 'de_DE' if possible
-		if (is_string($defaultLanguage) &&
-			strtolower($lang) === 'de' &&
-			strtolower($defaultLanguage) === 'de_de' &&
-			$this->languageExists($app, 'de_DE')
-		) {
-			$result = 'de_DE';
-		}
-
-		return $result;
-	}
-
-	/**
-	 * Checks if $sub is a subdirectory of $parent
-	 *
-	 * @param string $sub
-	 * @param string $parent
-	 * @return bool
-	 */
-	private function isSubDirectory($sub, $parent) {
-		// Check whether $sub contains no ".."
-		if(strpos($sub, '..') !== false) {
-			return false;
-		}
-
-		// Check whether $sub is a subdirectory of $parent
-		if (strpos($sub, $parent) === 0) {
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * Get a list of language files that should be loaded
-	 *
-	 * @param string $app
-	 * @param string $lang
-	 * @return string[]
-	 */
-	// FIXME This method is only public, until OC_L10N does not need it anymore,
-	// FIXME This is also the reason, why it is not in the public interface
-	public function getL10nFilesForApp($app, $lang) {
-		$languageFiles = [];
-
-		$i18nDir = $this->findL10nDir($app);
-		$transFile = strip_tags($i18nDir) . strip_tags($lang) . '.json';
-
-		if (($this->isSubDirectory($transFile, $this->serverRoot . '/core/l10n/')
-				|| $this->isSubDirectory($transFile, $this->serverRoot . '/lib/l10n/')
-				|| $this->isSubDirectory($transFile, $this->serverRoot . '/settings/l10n/')
-				|| $this->isSubDirectory($transFile, \OC_App::getAppPath($app) . '/l10n/')
-			)
-			&& file_exists($transFile)) {
-			// load the translations file
-			$languageFiles[] = $transFile;
-		}
-
-		// merge with translations from theme
-		$theme = $this->config->getSystemValue('theme');
-		if (!empty($theme)) {
-			$transFile = $this->serverRoot . '/themes/' . $theme . substr($transFile, strlen($this->serverRoot));
-			if (file_exists($transFile)) {
-				$languageFiles[] = $transFile;
-			}
-		}
-
-		return $languageFiles;
-	}
-
-	/**
-	 * find the l10n directory
-	 *
-	 * @param string $app App id or empty string for core
-	 * @return string directory
-	 */
-	protected function findL10nDir($app = null) {
-		if (in_array($app, ['core', 'lib', 'settings'])) {
-			if (file_exists($this->serverRoot . '/' . $app . '/l10n/')) {
-				return $this->serverRoot . '/' . $app . '/l10n/';
-			}
-		} else if ($app && \OC_App::getAppPath($app) !== false) {
-			// Check if the app is in the app folder
-			return \OC_App::getAppPath($app) . '/l10n/';
-		}
-		return $this->serverRoot . '/core/l10n/';
-	}
-
-
-	/**
-	 * Creates a function from the plural string
-	 *
-	 * Parts of the code is copied from Habari:
-	 * https://github.com/habari/system/blob/master/classes/locale.php
-	 * @param string $string
-	 * @return string
-	 */
-	public function createPluralFunction($string) {
-		if (isset($this->pluralFunctions[$string])) {
-			return $this->pluralFunctions[$string];
-		}
-
-		if (preg_match( '/^\s*nplurals\s*=\s*(\d+)\s*;\s*plural=(.*)$/u', $string, $matches)) {
-			// sanitize
-			$nplurals = preg_replace( '/[^0-9]/', '', $matches[1] );
-			$plural = preg_replace( '#[^n0-9:\(\)\?\|\&=!<>+*/\%-]#', '', $matches[2] );
-
-			$body = str_replace(
-				array( 'plural', 'n', '$n$plurals', ),
-				array( '$plural', '$n', '$nplurals', ),
-				'nplurals='. $nplurals . '; plural=' . $plural
-			);
-
-			// add parents
-			// important since PHP's ternary evaluates from left to right
-			$body .= ';';
-			$res = '';
-			$p = 0;
-			for($i = 0; $i < strlen($body); $i++) {
-				$ch = $body[$i];
-				switch ( $ch ) {
-					case '?':
-						$res .= ' ? (';
-						$p++;
-						break;
-					case ':':
-						$res .= ') : (';
-						break;
-					case ';':
-						$res .= str_repeat( ')', $p ) . ';';
-						$p = 0;
-						break;
-					default:
-						$res .= $ch;
-				}
-			}
-
-			$body = $res . 'return ($plural>=$nplurals?$nplurals-1:$plural);';
-			$function = create_function('$n', $body);
-			$this->pluralFunctions[$string] = $function;
-			return $function;
-		} else {
-			// default: one plural form for all cases but n==1 (english)
-			$function = create_function(
-				'$n',
-				'$nplurals=2;$plural=($n==1?0:1);return ($plural>=$nplurals?$nplurals-1:$plural);'
-			);
-			$this->pluralFunctions[$string] = $function;
-			return $function;
-		}
-	}
+    /** @var string */
+    protected $requestLanguage = '';
+
+    /**
+     * cached instances
+     * @var array Structure: Lang => App => \OCP\IL10N
+     */
+    protected $instances = [];
+
+    /**
+     * @var array Structure: App => string[]
+     */
+    protected $availableLanguages = [];
+
+    /**
+     * @var array Structure: string => callable
+     */
+    protected $pluralFunctions = [];
+
+    /** @var IConfig */
+    protected $config;
+
+    /** @var IRequest */
+    protected $request;
+
+    /** @var IUserSession */
+    protected $userSession;
+
+    /** @var string */
+    protected $serverRoot;
+
+    /**
+     * @param IConfig $config
+     * @param IRequest $request
+     * @param IUserSession $userSession
+     * @param string $serverRoot
+     */
+    public function __construct(IConfig $config,
+                                IRequest $request,
+                                IUserSession $userSession,
+                                $serverRoot) {
+        $this->config = $config;
+        $this->request = $request;
+        $this->userSession = $userSession;
+        $this->serverRoot = $serverRoot;
+    }
+
+    /**
+     * Get a language instance
+     *
+     * @param string $app
+     * @param string|null $lang
+     * @return \OCP\IL10N
+     */
+    public function get($app, $lang = null) {
+        $app = \OC_App::cleanAppId($app);
+        if ($lang !== null) {
+            $lang = str_replace(array('\0', '/', '\\', '..'), '', (string) $lang);
+        }
+
+        $forceLang = $this->config->getSystemValue('force_language', false);
+        if (is_string($forceLang)) {
+            $lang = $forceLang;
+        }
+
+        if ($lang === null || !$this->languageExists($app, $lang)) {
+            $lang = $this->findLanguage($app);
+        }
+
+        if (!isset($this->instances[$lang][$app])) {
+            $this->instances[$lang][$app] = new L10N(
+                $this, $app, $lang,
+                $this->getL10nFilesForApp($app, $lang)
+            );
+        }
+
+        return $this->instances[$lang][$app];
+    }
+
+    /**
+     * Find the best language
+     *
+     * @param string|null $app App id or null for core
+     * @return string language If nothing works it returns 'en'
+     */
+    public function findLanguage($app = null) {
+        if ($this->requestLanguage !== '' && $this->languageExists($app, $this->requestLanguage)) {
+            return $this->requestLanguage;
+        }
+
+        /**
+         * At this point Nextcloud might not yet be installed and thus the lookup
+         * in the preferences table might fail. For this reason we need to check
+         * whether the instance has already been installed
+         *
+         * @link https://github.com/owncloud/core/issues/21955
+         */
+        if($this->config->getSystemValue('installed', false)) {
+            $userId = !is_null($this->userSession->getUser()) ? $this->userSession->getUser()->getUID() :  null;
+            if(!is_null($userId)) {
+                $userLang = $this->config->getUserValue($userId, 'core', 'lang', null);
+            } else {
+                $userLang = null;
+            }
+        } else {
+            $userId = null;
+            $userLang = null;
+        }
+
+        if ($userLang) {
+            $this->requestLanguage = $userLang;
+            if ($this->languageExists($app, $userLang)) {
+                return $userLang;
+            }
+        }
+
+        try {
+            // Try to get the language from the Request
+            $lang = $this->getLanguageFromRequest($app);
+            if ($userId !== null && $app === null && !$userLang) {
+                $this->config->setUserValue($userId, 'core', 'lang', $lang);
+            }
+            return $lang;
+        } catch (LanguageNotFoundException $e) {
+            // Finding language from request failed fall back to default language
+            $defaultLanguage = $this->config->getSystemValue('default_language', false);
+            if ($defaultLanguage !== false && $this->languageExists($app, $defaultLanguage)) {
+                return $defaultLanguage;
+            }
+        }
+
+        // We could not find any language so fall back to english
+        return 'en';
+    }
+
+    /**
+     * Find all available languages for an app
+     *
+     * @param string|null $app App id or null for core
+     * @return array an array of available languages
+     */
+    public function findAvailableLanguages($app = null) {
+        $key = $app;
+        if ($key === null) {
+            $key = 'null';
+        }
+
+        // also works with null as key
+        if (!empty($this->availableLanguages[$key])) {
+            return $this->availableLanguages[$key];
+        }
+
+        $available = ['en']; //english is always available
+        $dir = $this->findL10nDir($app);
+        if (is_dir($dir)) {
+            $files = scandir($dir);
+            if ($files !== false) {
+                foreach ($files as $file) {
+                    if (substr($file, -5) === '.json' && substr($file, 0, 4) !== 'l10n') {
+                        $available[] = substr($file, 0, -5);
+                    }
+                }
+            }
+        }
+
+        // merge with translations from theme
+        $theme = $this->config->getSystemValue('theme');
+        if (!empty($theme)) {
+            $themeDir = $this->serverRoot . '/themes/' . $theme . substr($dir, strlen($this->serverRoot));
+
+            if (is_dir($themeDir)) {
+                $files = scandir($themeDir);
+                if ($files !== false) {
+                    foreach ($files as $file) {
+                        if (substr($file, -5) === '.json' && substr($file, 0, 4) !== 'l10n') {
+                            $available[] = substr($file, 0, -5);
+                        }
+                    }
+                }
+            }
+        }
+
+        $this->availableLanguages[$key] = $available;
+        return $available;
+    }
+
+    /**
+     * @param string|null $app App id or null for core
+     * @param string $lang
+     * @return bool
+     */
+    public function languageExists($app, $lang) {
+        if ($lang === 'en') {//english is always available
+            return true;
+        }
+
+        $languages = $this->findAvailableLanguages($app);
+        return array_search($lang, $languages) !== false;
+    }
+
+    /**
+     * @param string|null $app
+     * @return string
+     * @throws LanguageNotFoundException
+     */
+    private function getLanguageFromRequest($app) {
+        $header = $this->request->getHeader('ACCEPT_LANGUAGE');
+        if ($header !== '') {
+            $available = $this->findAvailableLanguages($app);
+
+            // E.g. make sure that 'de' is before 'de_DE'.
+            sort($available);
+
+            $preferences = preg_split('/,\s*/', strtolower($header));
+            foreach ($preferences as $preference) {
+                list($preferred_language) = explode(';', $preference);
+                $preferred_language = str_replace('-', '_', $preferred_language);
+
+                foreach ($available as $available_language) {
+                    if ($preferred_language === strtolower($available_language)) {
+                        return $this->respectDefaultLanguage($app, $available_language);
+                    }
+                }
+
+                // Fallback from de_De to de
+                foreach ($available as $available_language) {
+                    if (substr($preferred_language, 0, 2) === $available_language) {
+                        return $available_language;
+                    }
+                }
+            }
+        }
+
+        throw new LanguageNotFoundException();
+    }
+
+    /**
+     * if default language is set to de_DE (formal German) this should be
+     * preferred to 'de' (non-formal German) if possible
+     *
+     * @param string|null $app
+     * @param string $lang
+     * @return string
+     */
+    protected function respectDefaultLanguage($app, $lang) {
+        $result = $lang;
+        $defaultLanguage = $this->config->getSystemValue('default_language', false);
+
+        // use formal version of german ("Sie" instead of "Du") if the default
+        // language is set to 'de_DE' if possible
+        if (is_string($defaultLanguage) &&
+            strtolower($lang) === 'de' &&
+            strtolower($defaultLanguage) === 'de_de' &&
+            $this->languageExists($app, 'de_DE')
+        ) {
+            $result = 'de_DE';
+        }
+
+        return $result;
+    }
+
+    /**
+     * Checks if $sub is a subdirectory of $parent
+     *
+     * @param string $sub
+     * @param string $parent
+     * @return bool
+     */
+    private function isSubDirectory($sub, $parent) {
+        // Check whether $sub contains no ".."
+        if(strpos($sub, '..') !== false) {
+            return false;
+        }
+
+        // Check whether $sub is a subdirectory of $parent
+        if (strpos($sub, $parent) === 0) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * Get a list of language files that should be loaded
+     *
+     * @param string $app
+     * @param string $lang
+     * @return string[]
+     */
+    // FIXME This method is only public, until OC_L10N does not need it anymore,
+    // FIXME This is also the reason, why it is not in the public interface
+    public function getL10nFilesForApp($app, $lang) {
+        $languageFiles = [];
+
+        $i18nDir = $this->findL10nDir($app);
+        $transFile = strip_tags($i18nDir) . strip_tags($lang) . '.json';
+
+        if (($this->isSubDirectory($transFile, $this->serverRoot . '/core/l10n/')
+                || $this->isSubDirectory($transFile, $this->serverRoot . '/lib/l10n/')
+                || $this->isSubDirectory($transFile, $this->serverRoot . '/settings/l10n/')
+                || $this->isSubDirectory($transFile, \OC_App::getAppPath($app) . '/l10n/')
+            )
+            && file_exists($transFile)) {
+            // load the translations file
+            $languageFiles[] = $transFile;
+        }
+
+        // merge with translations from theme
+        $theme = $this->config->getSystemValue('theme');
+        if (!empty($theme)) {
+            $transFile = $this->serverRoot . '/themes/' . $theme . substr($transFile, strlen($this->serverRoot));
+            if (file_exists($transFile)) {
+                $languageFiles[] = $transFile;
+            }
+        }
+
+        return $languageFiles;
+    }
+
+    /**
+     * find the l10n directory
+     *
+     * @param string $app App id or empty string for core
+     * @return string directory
+     */
+    protected function findL10nDir($app = null) {
+        if (in_array($app, ['core', 'lib', 'settings'])) {
+            if (file_exists($this->serverRoot . '/' . $app . '/l10n/')) {
+                return $this->serverRoot . '/' . $app . '/l10n/';
+            }
+        } else if ($app && \OC_App::getAppPath($app) !== false) {
+            // Check if the app is in the app folder
+            return \OC_App::getAppPath($app) . '/l10n/';
+        }
+        return $this->serverRoot . '/core/l10n/';
+    }
+
+
+    /**
+     * Creates a function from the plural string
+     *
+     * Parts of the code is copied from Habari:
+     * https://github.com/habari/system/blob/master/classes/locale.php
+     * @param string $string
+     * @return string
+     */
+    public function createPluralFunction($string) {
+        if (isset($this->pluralFunctions[$string])) {
+            return $this->pluralFunctions[$string];
+        }
+
+        if (preg_match( '/^\s*nplurals\s*=\s*(\d+)\s*;\s*plural=(.*)$/u', $string, $matches)) {
+            // sanitize
+            $nplurals = preg_replace( '/[^0-9]/', '', $matches[1] );
+            $plural = preg_replace( '#[^n0-9:\(\)\?\|\&=!<>+*/\%-]#', '', $matches[2] );
+
+            $body = str_replace(
+                array( 'plural', 'n', '$n$plurals', ),
+                array( '$plural', '$n', '$nplurals', ),
+                'nplurals='. $nplurals . '; plural=' . $plural
+            );
+
+            // add parents
+            // important since PHP's ternary evaluates from left to right
+            $body .= ';';
+            $res = '';
+            $p = 0;
+            for($i = 0; $i < strlen($body); $i++) {
+                $ch = $body[$i];
+                switch ( $ch ) {
+                    case '?':
+                        $res .= ' ? (';
+                        $p++;
+                        break;
+                    case ':':
+                        $res .= ') : (';
+                        break;
+                    case ';':
+                        $res .= str_repeat( ')', $p ) . ';';
+                        $p = 0;
+                        break;
+                    default:
+                        $res .= $ch;
+                }
+            }
+
+            $body = $res . 'return ($plural>=$nplurals?$nplurals-1:$plural);';
+            $function = create_function('$n', $body);
+            $this->pluralFunctions[$string] = $function;
+            return $function;
+        } else {
+            // default: one plural form for all cases but n==1 (english)
+            $function = create_function(
+                '$n',
+                '$nplurals=2;$plural=($n==1?0:1);return ($plural>=$nplurals?$nplurals-1:$plural);'
+            );
+            $this->pluralFunctions[$string] = $function;
+            return $function;
+        }
+    }
 }

Please login to merge, or discard this patch.

lib/private/Memcache/APCu.php 1 patch

Indentation +125 added lines, -125 removed lines patch added patch discarded remove patch

@@ -30,140 +30,140 @@
 block discarded – undo
 use OCP\IMemcache;
 
 class APCu extends Cache implements IMemcache {
-	use CASTrait {
-		cas as casEmulated;
-	}
+    use CASTrait {
+        cas as casEmulated;
+    }
 
-	use CADTrait;
+    use CADTrait;
 
-	public function get($key) {
-		$result = apcu_fetch($this->getPrefix() . $key, $success);
-		if (!$success) {
-			return null;
-		}
-		return $result;
-	}
+    public function get($key) {
+        $result = apcu_fetch($this->getPrefix() . $key, $success);
+        if (!$success) {
+            return null;
+        }
+        return $result;
+    }
 
-	public function set($key, $value, $ttl = 0) {
-		return apcu_store($this->getPrefix() . $key, $value, $ttl);
-	}
+    public function set($key, $value, $ttl = 0) {
+        return apcu_store($this->getPrefix() . $key, $value, $ttl);
+    }
 
-	public function hasKey($key) {
-		return apcu_exists($this->getPrefix() . $key);
-	}
+    public function hasKey($key) {
+        return apcu_exists($this->getPrefix() . $key);
+    }
 
-	public function remove($key) {
-		return apcu_delete($this->getPrefix() . $key);
-	}
+    public function remove($key) {
+        return apcu_delete($this->getPrefix() . $key);
+    }
 
-	public function clear($prefix = '') {
-		$ns = $this->getPrefix() . $prefix;
-		$ns = preg_quote($ns, '/');
-		if(class_exists('\APCIterator')) {
-			$iter = new \APCIterator('user', '/^' . $ns . '/', APC_ITER_KEY);
-		} else {
-			$iter = new \APCUIterator('/^' . $ns . '/', APC_ITER_KEY);
-		}
-		return apcu_delete($iter);
-	}
+    public function clear($prefix = '') {
+        $ns = $this->getPrefix() . $prefix;
+        $ns = preg_quote($ns, '/');
+        if(class_exists('\APCIterator')) {
+            $iter = new \APCIterator('user', '/^' . $ns . '/', APC_ITER_KEY);
+        } else {
+            $iter = new \APCUIterator('/^' . $ns . '/', APC_ITER_KEY);
+        }
+        return apcu_delete($iter);
+    }
 
-	/**
-	 * Set a value in the cache if it's not already stored
-	 *
-	 * @param string $key
-	 * @param mixed $value
-	 * @param int $ttl Time To Live in seconds. Defaults to 60*60*24
-	 * @return bool
-	 */
-	public function add($key, $value, $ttl = 0) {
-		return apcu_add($this->getPrefix() . $key, $value, $ttl);
-	}
+    /**
+     * Set a value in the cache if it's not already stored
+     *
+     * @param string $key
+     * @param mixed $value
+     * @param int $ttl Time To Live in seconds. Defaults to 60*60*24
+     * @return bool
+     */
+    public function add($key, $value, $ttl = 0) {
+        return apcu_add($this->getPrefix() . $key, $value, $ttl);
+    }
 
-	/**
-	 * Increase a stored number
-	 *
-	 * @param string $key
-	 * @param int $step
-	 * @return int | bool
-	 */
-	public function inc($key, $step = 1) {
-		$this->add($key, 0);
-		/**
-		 * TODO - hack around a PHP 7 specific issue in APCu
-		 *
-		 * on PHP 7 the apcu_inc method on a non-existing object will increment
-		 * "0" and result in "1" as value - therefore we check for existence
-		 * first
-		 *
-		 * on PHP 5.6 this is not the case
-		 *
-		 * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
-		 * for details
-		 */
-		return apcu_exists($this->getPrefix() . $key)
-			? apcu_inc($this->getPrefix() . $key, $step)
-			: false;
-	}
+    /**
+     * Increase a stored number
+     *
+     * @param string $key
+     * @param int $step
+     * @return int | bool
+     */
+    public function inc($key, $step = 1) {
+        $this->add($key, 0);
+        /**
+         * TODO - hack around a PHP 7 specific issue in APCu
+         *
+         * on PHP 7 the apcu_inc method on a non-existing object will increment
+         * "0" and result in "1" as value - therefore we check for existence
+         * first
+         *
+         * on PHP 5.6 this is not the case
+         *
+         * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
+         * for details
+         */
+        return apcu_exists($this->getPrefix() . $key)
+            ? apcu_inc($this->getPrefix() . $key, $step)
+            : false;
+    }
 
-	/**
-	 * Decrease a stored number
-	 *
-	 * @param string $key
-	 * @param int $step
-	 * @return int | bool
-	 */
-	public function dec($key, $step = 1) {
-		/**
-		 * TODO - hack around a PHP 7 specific issue in APCu
-		 *
-		 * on PHP 7 the apcu_dec method on a non-existing object will decrement
-		 * "0" and result in "-1" as value - therefore we check for existence
-		 * first
-		 *
-		 * on PHP 5.6 this is not the case
-		 *
-		 * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
-		 * for details
-		 */
-		return apcu_exists($this->getPrefix() . $key)
-			? apcu_dec($this->getPrefix() . $key, $step)
-			: false;
-	}
+    /**
+     * Decrease a stored number
+     *
+     * @param string $key
+     * @param int $step
+     * @return int | bool
+     */
+    public function dec($key, $step = 1) {
+        /**
+         * TODO - hack around a PHP 7 specific issue in APCu
+         *
+         * on PHP 7 the apcu_dec method on a non-existing object will decrement
+         * "0" and result in "-1" as value - therefore we check for existence
+         * first
+         *
+         * on PHP 5.6 this is not the case
+         *
+         * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
+         * for details
+         */
+        return apcu_exists($this->getPrefix() . $key)
+            ? apcu_dec($this->getPrefix() . $key, $step)
+            : false;
+    }
 
-	/**
-	 * Compare and set
-	 *
-	 * @param string $key
-	 * @param mixed $old
-	 * @param mixed $new
-	 * @return bool
-	 */
-	public function cas($key, $old, $new) {
-		// apc only does cas for ints
-		if (is_int($old) and is_int($new)) {
-			return apcu_cas($this->getPrefix() . $key, $old, $new);
-		} else {
-			return $this->casEmulated($key, $old, $new);
-		}
-	}
+    /**
+     * Compare and set
+     *
+     * @param string $key
+     * @param mixed $old
+     * @param mixed $new
+     * @return bool
+     */
+    public function cas($key, $old, $new) {
+        // apc only does cas for ints
+        if (is_int($old) and is_int($new)) {
+            return apcu_cas($this->getPrefix() . $key, $old, $new);
+        } else {
+            return $this->casEmulated($key, $old, $new);
+        }
+    }
 
-	/**
-	 * @return bool
-	 */
-	static public function isAvailable() {
-		if (!extension_loaded('apcu')) {
-			return false;
-		} elseif (!\OC::$server->getIniWrapper()->getBool('apc.enabled')) {
-			return false;
-		} elseif (!\OC::$server->getIniWrapper()->getBool('apc.enable_cli') && \OC::$CLI) {
-			return false;
-		} elseif (
-				version_compare(phpversion('apc') ?: '0.0.0', '4.0.6') === -1 &&
-				version_compare(phpversion('apcu') ?: '0.0.0', '5.1.0') === -1
-		) {
-			return false;
-		} else {
-			return true;
-		}
-	}
+    /**
+     * @return bool
+     */
+    static public function isAvailable() {
+        if (!extension_loaded('apcu')) {
+            return false;
+        } elseif (!\OC::$server->getIniWrapper()->getBool('apc.enabled')) {
+            return false;
+        } elseif (!\OC::$server->getIniWrapper()->getBool('apc.enable_cli') && \OC::$CLI) {
+            return false;
+        } elseif (
+                version_compare(phpversion('apc') ?: '0.0.0', '4.0.6') === -1 &&
+                version_compare(phpversion('apcu') ?: '0.0.0', '5.1.0') === -1
+        ) {
+            return false;
+        } else {
+            return true;
+        }
+    }
 }

Please login to merge, or discard this patch.

apps/workflowengine/lib/Check/FileSize.php 1 patch

Indentation +86 added lines, -86 removed lines patch added patch discarded remove patch

@@ -30,90 +30,90 @@
 block discarded – undo
 
 class FileSize implements ICheck {
 
-	/** @var int */
-	protected $size;
-
-	/** @var IL10N */
-	protected $l;
-
-	/** @var IRequest */
-	protected $request;
-
-	/**
-	 * @param IL10N $l
-	 * @param IRequest $request
-	 */
-	public function __construct(IL10N $l, IRequest $request) {
-		$this->l = $l;
-		$this->request = $request;
-	}
-
-	/**
-	 * @param IStorage $storage
-	 * @param string $path
-	 */
-	public function setFileInfo(IStorage $storage, $path) {
-	}
-
-	/**
-	 * @param string $operator
-	 * @param string $value
-	 * @return bool
-	 */
-	public function executeCheck($operator, $value) {
-		$size = $this->getFileSizeFromHeader();
-
-		$value = Util::computerFileSize($value);
-		if ($size !== false) {
-			switch ($operator) {
-				case 'less':
-					return $size < $value;
-				case '!less':
-					return $size >= $value;
-				case 'greater':
-					return $size > $value;
-				case '!greater':
-					return $size <= $value;
-			}
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $operator
-	 * @param string $value
-	 * @throws \UnexpectedValueException
-	 */
-	public function validateCheck($operator, $value) {
-		if (!in_array($operator, ['less', '!less', 'greater', '!greater'])) {
-			throw new \UnexpectedValueException($this->l->t('The given operator is invalid'), 1);
-		}
-
-		if (!preg_match('/^[0-9]+[ ]?[kmgt]?b$/i', $value)) {
-			throw new \UnexpectedValueException($this->l->t('The given file size is invalid'), 2);
-		}
-	}
-
-	/**
-	 * @return string
-	 */
-	protected function getFileSizeFromHeader() {
-		if ($this->size !== null) {
-			return $this->size;
-		}
-
-		$size = $this->request->getHeader('OC-Total-Length');
-		if ($size === '') {
-			if (in_array($this->request->getMethod(), ['POST', 'PUT'])) {
-				$size = $this->request->getHeader('Content-Length');
-			}
-		}
-
-		if ($size === '') {
-			$size = false;
-		}
-
-		$this->size = $size;
-		return $this->size;
-	}
+    /** @var int */
+    protected $size;
+
+    /** @var IL10N */
+    protected $l;
+
+    /** @var IRequest */
+    protected $request;
+
+    /**
+     * @param IL10N $l
+     * @param IRequest $request
+     */
+    public function __construct(IL10N $l, IRequest $request) {
+        $this->l = $l;
+        $this->request = $request;
+    }
+
+    /**
+     * @param IStorage $storage
+     * @param string $path
+     */
+    public function setFileInfo(IStorage $storage, $path) {
+    }
+
+    /**
+     * @param string $operator
+     * @param string $value
+     * @return bool
+     */
+    public function executeCheck($operator, $value) {
+        $size = $this->getFileSizeFromHeader();
+
+        $value = Util::computerFileSize($value);
+        if ($size !== false) {
+            switch ($operator) {
+                case 'less':
+                    return $size < $value;
+                case '!less':
+                    return $size >= $value;
+                case 'greater':
+                    return $size > $value;
+                case '!greater':
+                    return $size <= $value;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * @param string $operator
+     * @param string $value
+     * @throws \UnexpectedValueException
+     */
+    public function validateCheck($operator, $value) {
+        if (!in_array($operator, ['less', '!less', 'greater', '!greater'])) {
+            throw new \UnexpectedValueException($this->l->t('The given operator is invalid'), 1);
+        }
+
+        if (!preg_match('/^[0-9]+[ ]?[kmgt]?b$/i', $value)) {
+            throw new \UnexpectedValueException($this->l->t('The given file size is invalid'), 2);
+        }
+    }
+
+    /**
+     * @return string
+     */
+    protected function getFileSizeFromHeader() {
+        if ($this->size !== null) {
+            return $this->size;
+        }
+
+        $size = $this->request->getHeader('OC-Total-Length');
+        if ($size === '') {
+            if (in_array($this->request->getMethod(), ['POST', 'PUT'])) {
+                $size = $this->request->getHeader('Content-Length');
+            }
+        }
+
+        if ($size === '') {
+            $size = false;
+        }
+
+        $this->size = $size;
+        return $this->size;
+    }
 }

Please login to merge, or discard this patch.

core/Controller/CssController.php 2 patches

Indentation +62 added lines, -62 removed lines patch added patch discarded remove patch

@@ -40,74 +40,74 @@
 block discarded – undo
 
 class CssController extends Controller {
 
-	/** @var IAppData */
-	protected $appData;
+    /** @var IAppData */
+    protected $appData;
 
-	/** @var ITimeFactory */
-	protected $timeFactory;
+    /** @var ITimeFactory */
+    protected $timeFactory;
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param Factory $appDataFactory
-	 * @param ITimeFactory $timeFactory
-	 */
-	public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
-		parent::__construct($appName, $request);
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param Factory $appDataFactory
+     * @param ITimeFactory $timeFactory
+     */
+    public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
+        parent::__construct($appName, $request);
 
-		$this->appData = $appDataFactory->get('css');
-		$this->timeFactory = $timeFactory;
-	}
+        $this->appData = $appDataFactory->get('css');
+        $this->timeFactory = $timeFactory;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $fileName css filename with extension
-	 * @param string $appName css folder name
-	 * @return FileDisplayResponse|NotFoundResponse
-	 */
-	public function getCss($fileName, $appName) {
-		try {
-			$folder = $this->appData->getFolder($appName);
-			$gzip = false;
-			$file = $this->getFile($folder, $fileName, $gzip);
-		} catch(NotFoundException $e) {
-			return new NotFoundResponse();
-		}
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $fileName css filename with extension
+     * @param string $appName css folder name
+     * @return FileDisplayResponse|NotFoundResponse
+     */
+    public function getCss($fileName, $appName) {
+        try {
+            $folder = $this->appData->getFolder($appName);
+            $gzip = false;
+            $file = $this->getFile($folder, $fileName, $gzip);
+        } catch(NotFoundException $e) {
+            return new NotFoundResponse();
+        }
 
-		$response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'text/css']);
-		if ($gzip) {
-			$response->addHeader('Content-Encoding', 'gzip');
-		}
-		$response->cacheFor(86400);
-		$expires = new \DateTime();
-		$expires->setTimestamp($this->timeFactory->getTime());
-		$expires->add(new \DateInterval('PT24H'));
-		$response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
-		$response->addHeader('Pragma', 'cache');
-		return $response;
-	}
+        $response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'text/css']);
+        if ($gzip) {
+            $response->addHeader('Content-Encoding', 'gzip');
+        }
+        $response->cacheFor(86400);
+        $expires = new \DateTime();
+        $expires->setTimestamp($this->timeFactory->getTime());
+        $expires->add(new \DateInterval('PT24H'));
+        $response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
+        $response->addHeader('Pragma', 'cache');
+        return $response;
+    }
 
-	/**
-	 * @param ISimpleFolder $folder
-	 * @param string $fileName
-	 * @param bool $gzip is set to true if we use the gzip file
-	 * @return ISimpleFile
-	 */
-	private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
-		$encoding = $this->request->getHeader('Accept-Encoding');
+    /**
+     * @param ISimpleFolder $folder
+     * @param string $fileName
+     * @param bool $gzip is set to true if we use the gzip file
+     * @return ISimpleFile
+     */
+    private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
+        $encoding = $this->request->getHeader('Accept-Encoding');
 
-		if (strpos($encoding, 'gzip') !== false) {
-			try {
-				$gzip = true;
-				return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
-			} catch (NotFoundException $e) {
-				// continue
-			}
-		}
+        if (strpos($encoding, 'gzip') !== false) {
+            try {
+                $gzip = true;
+                return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
+            } catch (NotFoundException $e) {
+                // continue
+            }
+        }
 
-		$gzip = false;
-		return $folder->getFile($fileName);
-	}
+        $gzip = false;
+        return $folder->getFile($fileName);
+    }
 }

Please login to merge, or discard this patch.

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -72,7 +72,7 @@  discard block
 block discarded – undo
 			$folder = $this->appData->getFolder($appName);
 			$gzip = false;
 			$file = $this->getFile($folder, $fileName, $gzip);
-		} catch(NotFoundException $e) {
+		} catch (NotFoundException $e) {
 			return new NotFoundResponse();
 		}
 
@@ -101,7 +101,7 @@  discard block
 block discarded – undo
 		if (strpos($encoding, 'gzip') !== false) {
 			try {
 				$gzip = true;
-				return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
+				return $folder->getFile($fileName.'.gzip'); # Safari doesn't like .gz
 			} catch (NotFoundException $e) {
 				// continue
 			}

Please login to merge, or discard this patch.

core/Controller/JsController.php 2 patches

Indentation +62 added lines, -62 removed lines patch added patch discarded remove patch

@@ -38,74 +38,74 @@
 block discarded – undo
 
 class JsController extends Controller {
 
-	/** @var IAppData */
-	protected $appData;
+    /** @var IAppData */
+    protected $appData;
 
-	/** @var ITimeFactory */
-	protected $timeFactory;
+    /** @var ITimeFactory */
+    protected $timeFactory;
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param Factory $appDataFactory
-	 * @param ITimeFactory $timeFactory
-	 */
-	public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
-		parent::__construct($appName, $request);
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param Factory $appDataFactory
+     * @param ITimeFactory $timeFactory
+     */
+    public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
+        parent::__construct($appName, $request);
 
-		$this->appData = $appDataFactory->get('js');
-		$this->timeFactory = $timeFactory;
-	}
+        $this->appData = $appDataFactory->get('js');
+        $this->timeFactory = $timeFactory;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $fileName css filename with extension
-	 * @param string $appName css folder name
-	 * @return FileDisplayResponse|NotFoundResponse
-	 */
-	public function getJs($fileName, $appName) {
-		try {
-			$folder = $this->appData->getFolder($appName);
-			$gzip = false;
-			$file = $this->getFile($folder, $fileName, $gzip);
-		} catch(NotFoundException $e) {
-			return new NotFoundResponse();
-		}
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $fileName css filename with extension
+     * @param string $appName css folder name
+     * @return FileDisplayResponse|NotFoundResponse
+     */
+    public function getJs($fileName, $appName) {
+        try {
+            $folder = $this->appData->getFolder($appName);
+            $gzip = false;
+            $file = $this->getFile($folder, $fileName, $gzip);
+        } catch(NotFoundException $e) {
+            return new NotFoundResponse();
+        }
 
-		$response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'application/javascript']);
-		if ($gzip) {
-			$response->addHeader('Content-Encoding', 'gzip');
-		}
-		$response->cacheFor(86400);
-		$expires = new \DateTime();
-		$expires->setTimestamp($this->timeFactory->getTime());
-		$expires->add(new \DateInterval('PT24H'));
-		$response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
-		$response->addHeader('Pragma', 'cache');
-		return $response;
-	}
+        $response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'application/javascript']);
+        if ($gzip) {
+            $response->addHeader('Content-Encoding', 'gzip');
+        }
+        $response->cacheFor(86400);
+        $expires = new \DateTime();
+        $expires->setTimestamp($this->timeFactory->getTime());
+        $expires->add(new \DateInterval('PT24H'));
+        $response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
+        $response->addHeader('Pragma', 'cache');
+        return $response;
+    }
 
-	/**
-	 * @param ISimpleFolder $folder
-	 * @param string $fileName
-	 * @param bool $gzip is set to true if we use the gzip file
-	 * @return ISimpleFile
-	 */
-	private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
-		$encoding = $this->request->getHeader('Accept-Encoding');
+    /**
+     * @param ISimpleFolder $folder
+     * @param string $fileName
+     * @param bool $gzip is set to true if we use the gzip file
+     * @return ISimpleFile
+     */
+    private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
+        $encoding = $this->request->getHeader('Accept-Encoding');
 
-		if (strpos($encoding, 'gzip') !== false) {
-			try {
-				$gzip = true;
-				return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
-			} catch (NotFoundException $e) {
-				// continue
-			}
-		}
+        if (strpos($encoding, 'gzip') !== false) {
+            try {
+                $gzip = true;
+                return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
+            } catch (NotFoundException $e) {
+                // continue
+            }
+        }
 
-		$gzip = false;
-		return $folder->getFile($fileName);
-	}
+        $gzip = false;
+        return $folder->getFile($fileName);
+    }
 }

Please login to merge, or discard this patch.

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -72,7 +72,7 @@  discard block
 block discarded – undo
 			$folder = $this->appData->getFolder($appName);
 			$gzip = false;
 			$file = $this->getFile($folder, $fileName, $gzip);
-		} catch(NotFoundException $e) {
+		} catch (NotFoundException $e) {
 			return new NotFoundResponse();
 		}
 
@@ -101,7 +101,7 @@  discard block
 block discarded – undo
 		if (strpos($encoding, 'gzip') !== false) {
 			try {
 				$gzip = true;
-				return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
+				return $folder->getFile($fileName.'.gzip'); # Safari doesn't like .gz
 			} catch (NotFoundException $e) {
 				// continue
 			}

Please login to merge, or discard this patch.

core/Controller/ClientFlowLoginController.php 1 patch

Indentation +261 added lines, -261 removed lines patch added patch discarded remove patch

@@ -48,291 +48,291 @@
 block discarded – undo
 use OCP\Session\Exceptions\SessionNotAvailableException;
 
 class ClientFlowLoginController extends Controller {
-	/** @var IUserSession */
-	private $userSession;
-	/** @var IL10N */
-	private $l10n;
-	/** @var Defaults */
-	private $defaults;
-	/** @var ISession */
-	private $session;
-	/** @var IProvider */
-	private $tokenProvider;
-	/** @var ISecureRandom */
-	private $random;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var ClientMapper */
-	private $clientMapper;
-	/** @var AccessTokenMapper */
-	private $accessTokenMapper;
-	/** @var ICrypto */
-	private $crypto;
+    /** @var IUserSession */
+    private $userSession;
+    /** @var IL10N */
+    private $l10n;
+    /** @var Defaults */
+    private $defaults;
+    /** @var ISession */
+    private $session;
+    /** @var IProvider */
+    private $tokenProvider;
+    /** @var ISecureRandom */
+    private $random;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var ClientMapper */
+    private $clientMapper;
+    /** @var AccessTokenMapper */
+    private $accessTokenMapper;
+    /** @var ICrypto */
+    private $crypto;
 
-	const stateName = 'client.flow.state.token';
+    const stateName = 'client.flow.state.token';
 
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IUserSession $userSession
-	 * @param IL10N $l10n
-	 * @param Defaults $defaults
-	 * @param ISession $session
-	 * @param IProvider $tokenProvider
-	 * @param ISecureRandom $random
-	 * @param IURLGenerator $urlGenerator
-	 * @param ClientMapper $clientMapper
-	 * @param AccessTokenMapper $accessTokenMapper
-	 * @param ICrypto $crypto
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IUserSession $userSession,
-								IL10N $l10n,
-								Defaults $defaults,
-								ISession $session,
-								IProvider $tokenProvider,
-								ISecureRandom $random,
-								IURLGenerator $urlGenerator,
-								ClientMapper $clientMapper,
-								AccessTokenMapper $accessTokenMapper,
-								ICrypto $crypto) {
-		parent::__construct($appName, $request);
-		$this->userSession = $userSession;
-		$this->l10n = $l10n;
-		$this->defaults = $defaults;
-		$this->session = $session;
-		$this->tokenProvider = $tokenProvider;
-		$this->random = $random;
-		$this->urlGenerator = $urlGenerator;
-		$this->clientMapper = $clientMapper;
-		$this->accessTokenMapper = $accessTokenMapper;
-		$this->crypto = $crypto;
-	}
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IUserSession $userSession
+     * @param IL10N $l10n
+     * @param Defaults $defaults
+     * @param ISession $session
+     * @param IProvider $tokenProvider
+     * @param ISecureRandom $random
+     * @param IURLGenerator $urlGenerator
+     * @param ClientMapper $clientMapper
+     * @param AccessTokenMapper $accessTokenMapper
+     * @param ICrypto $crypto
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IUserSession $userSession,
+                                IL10N $l10n,
+                                Defaults $defaults,
+                                ISession $session,
+                                IProvider $tokenProvider,
+                                ISecureRandom $random,
+                                IURLGenerator $urlGenerator,
+                                ClientMapper $clientMapper,
+                                AccessTokenMapper $accessTokenMapper,
+                                ICrypto $crypto) {
+        parent::__construct($appName, $request);
+        $this->userSession = $userSession;
+        $this->l10n = $l10n;
+        $this->defaults = $defaults;
+        $this->session = $session;
+        $this->tokenProvider = $tokenProvider;
+        $this->random = $random;
+        $this->urlGenerator = $urlGenerator;
+        $this->clientMapper = $clientMapper;
+        $this->accessTokenMapper = $accessTokenMapper;
+        $this->crypto = $crypto;
+    }
 
-	/**
-	 * @return string
-	 */
-	private function getClientName() {
-		$userAgent = $this->request->getHeader('USER_AGENT');
-		return $userAgent !== '' ? $userAgent : 'unknown';
-	}
+    /**
+     * @return string
+     */
+    private function getClientName() {
+        $userAgent = $this->request->getHeader('USER_AGENT');
+        return $userAgent !== '' ? $userAgent : 'unknown';
+    }
 
-	/**
-	 * @param string $stateToken
-	 * @return bool
-	 */
-	private function isValidToken($stateToken) {
-		$currentToken = $this->session->get(self::stateName);
-		if(!is_string($stateToken) || !is_string($currentToken)) {
-			return false;
-		}
-		return hash_equals($currentToken, $stateToken);
-	}
+    /**
+     * @param string $stateToken
+     * @return bool
+     */
+    private function isValidToken($stateToken) {
+        $currentToken = $this->session->get(self::stateName);
+        if(!is_string($stateToken) || !is_string($currentToken)) {
+            return false;
+        }
+        return hash_equals($currentToken, $stateToken);
+    }
 
-	/**
-	 * @return TemplateResponse
-	 */
-	private function stateTokenForbiddenResponse() {
-		$response = new TemplateResponse(
-			$this->appName,
-			'403',
-			[
-				'file' => $this->l10n->t('State token does not match'),
-			],
-			'guest'
-		);
-		$response->setStatus(Http::STATUS_FORBIDDEN);
-		return $response;
-	}
+    /**
+     * @return TemplateResponse
+     */
+    private function stateTokenForbiddenResponse() {
+        $response = new TemplateResponse(
+            $this->appName,
+            '403',
+            [
+                'file' => $this->l10n->t('State token does not match'),
+            ],
+            'guest'
+        );
+        $response->setStatus(Http::STATUS_FORBIDDEN);
+        return $response;
+    }
 
-	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $clientIdentifier
-	 *
-	 * @return TemplateResponse
-	 */
-	public function showAuthPickerPage($clientIdentifier = '') {
-		$clientName = $this->getClientName();
-		$client = null;
-		if($clientIdentifier !== '') {
-			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
-			$clientName = $client->getName();
-		}
+    /**
+     * @PublicPage
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $clientIdentifier
+     *
+     * @return TemplateResponse
+     */
+    public function showAuthPickerPage($clientIdentifier = '') {
+        $clientName = $this->getClientName();
+        $client = null;
+        if($clientIdentifier !== '') {
+            $client = $this->clientMapper->getByIdentifier($clientIdentifier);
+            $clientName = $client->getName();
+        }
 
-		// No valid clientIdentifier given and no valid API Request (APIRequest header not set)
-		$clientRequest = $this->request->getHeader('OCS-APIREQUEST');
-		if ($clientRequest !== 'true' && $client === null) {
-			return new TemplateResponse(
-				$this->appName,
-				'error',
-				[
-					'errors' =>
-					[
-						[
-							'error' => 'Access Forbidden',
-							'hint' => 'Invalid request',
-						],
-					],
-				],
-				'guest'
-			);
-		}
+        // No valid clientIdentifier given and no valid API Request (APIRequest header not set)
+        $clientRequest = $this->request->getHeader('OCS-APIREQUEST');
+        if ($clientRequest !== 'true' && $client === null) {
+            return new TemplateResponse(
+                $this->appName,
+                'error',
+                [
+                    'errors' =>
+                    [
+                        [
+                            'error' => 'Access Forbidden',
+                            'hint' => 'Invalid request',
+                        ],
+                    ],
+                ],
+                'guest'
+            );
+        }
 
-		$stateToken = $this->random->generate(
-			64,
-			ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
-		);
-		$this->session->set(self::stateName, $stateToken);
+        $stateToken = $this->random->generate(
+            64,
+            ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
+        );
+        $this->session->set(self::stateName, $stateToken);
 
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/authpicker',
-			[
-				'client' => $clientName,
-				'clientIdentifier' => $clientIdentifier,
-				'instanceName' => $this->defaults->getName(),
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-				'serverHost' => $this->request->getServerHost(),
-				'oauthState' => $this->session->get('oauth.state'),
-			],
-			'guest'
-		);
-	}
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/authpicker',
+            [
+                'client' => $clientName,
+                'clientIdentifier' => $clientIdentifier,
+                'instanceName' => $this->defaults->getName(),
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+                'serverHost' => $this->request->getServerHost(),
+                'oauthState' => $this->session->get('oauth.state'),
+            ],
+            'guest'
+        );
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @param string $clientIdentifier
-	 * @return TemplateResponse
-	 */
-	public function redirectPage($stateToken = '',
-								 $clientIdentifier = '') {
-		if(!$this->isValidToken($stateToken)) {
-			return $this->stateTokenForbiddenResponse();
-		}
+    /**
+     * @NoAdminRequired
+     * @NoCSRFRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @param string $clientIdentifier
+     * @return TemplateResponse
+     */
+    public function redirectPage($stateToken = '',
+                                    $clientIdentifier = '') {
+        if(!$this->isValidToken($stateToken)) {
+            return $this->stateTokenForbiddenResponse();
+        }
 
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/redirect',
-			[
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-				'clientIdentifier' => $clientIdentifier,
-				'oauthState' => $this->session->get('oauth.state'),
-			],
-			'guest'
-		);
-	}
+        return new TemplateResponse(
+            $this->appName,
+            'loginflow/redirect',
+            [
+                'urlGenerator' => $this->urlGenerator,
+                'stateToken' => $stateToken,
+                'clientIdentifier' => $clientIdentifier,
+                'oauthState' => $this->session->get('oauth.state'),
+            ],
+            'guest'
+        );
+    }
 
-	/**
-	 * @NoAdminRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @param string $clientIdentifier
-	 * @return Http\RedirectResponse|Response
-	 */
-	public function generateAppPassword($stateToken,
-										$clientIdentifier = '') {
-		if(!$this->isValidToken($stateToken)) {
-			$this->session->remove(self::stateName);
-			return $this->stateTokenForbiddenResponse();
-		}
+    /**
+     * @NoAdminRequired
+     * @UseSession
+     *
+     * @param string $stateToken
+     * @param string $clientIdentifier
+     * @return Http\RedirectResponse|Response
+     */
+    public function generateAppPassword($stateToken,
+                                        $clientIdentifier = '') {
+        if(!$this->isValidToken($stateToken)) {
+            $this->session->remove(self::stateName);
+            return $this->stateTokenForbiddenResponse();
+        }
 
-		$this->session->remove(self::stateName);
+        $this->session->remove(self::stateName);
 
-		try {
-			$sessionId = $this->session->getId();
-		} catch (SessionNotAvailableException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
+        try {
+            $sessionId = $this->session->getId();
+        } catch (SessionNotAvailableException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
 
-		try {
-			$sessionToken = $this->tokenProvider->getToken($sessionId);
-			$loginName = $sessionToken->getLoginName();
-			try {
-				$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
-			} catch (PasswordlessTokenException $ex) {
-				$password = null;
-			}
-		} catch (InvalidTokenException $ex) {
-			$response = new Response();
-			$response->setStatus(Http::STATUS_FORBIDDEN);
-			return $response;
-		}
+        try {
+            $sessionToken = $this->tokenProvider->getToken($sessionId);
+            $loginName = $sessionToken->getLoginName();
+            try {
+                $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
+            } catch (PasswordlessTokenException $ex) {
+                $password = null;
+            }
+        } catch (InvalidTokenException $ex) {
+            $response = new Response();
+            $response->setStatus(Http::STATUS_FORBIDDEN);
+            return $response;
+        }
 
-		$clientName = $this->getClientName();
-		$client = false;
-		if($clientIdentifier !== '') {
-			$client = $this->clientMapper->getByIdentifier($clientIdentifier);
-			$clientName = $client->getName();
-		}
+        $clientName = $this->getClientName();
+        $client = false;
+        if($clientIdentifier !== '') {
+            $client = $this->clientMapper->getByIdentifier($clientIdentifier);
+            $clientName = $client->getName();
+        }
 
-		$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
-		$uid = $this->userSession->getUser()->getUID();
-		$generatedToken = $this->tokenProvider->generateToken(
-			$token,
-			$uid,
-			$loginName,
-			$password,
-			$clientName,
-			IToken::PERMANENT_TOKEN,
-			IToken::DO_NOT_REMEMBER
-		);
+        $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
+        $uid = $this->userSession->getUser()->getUID();
+        $generatedToken = $this->tokenProvider->generateToken(
+            $token,
+            $uid,
+            $loginName,
+            $password,
+            $clientName,
+            IToken::PERMANENT_TOKEN,
+            IToken::DO_NOT_REMEMBER
+        );
 
-		if($client) {
-			$code = $this->random->generate(128);
-			$accessToken = new AccessToken();
-			$accessToken->setClientId($client->getId());
-			$accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
-			$accessToken->setHashedCode(hash('sha512', $code));
-			$accessToken->setTokenId($generatedToken->getId());
-			$this->accessTokenMapper->insert($accessToken);
+        if($client) {
+            $code = $this->random->generate(128);
+            $accessToken = new AccessToken();
+            $accessToken->setClientId($client->getId());
+            $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
+            $accessToken->setHashedCode(hash('sha512', $code));
+            $accessToken->setTokenId($generatedToken->getId());
+            $this->accessTokenMapper->insert($accessToken);
 
-			$redirectUri = sprintf(
-				'%s?state=%s&code=%s',
-				$client->getRedirectUri(),
-				urlencode($this->session->get('oauth.state')),
-				urlencode($code)
-			);
-			$this->session->remove('oauth.state');
-		} else {
-			$serverPostfix = '';
+            $redirectUri = sprintf(
+                '%s?state=%s&code=%s',
+                $client->getRedirectUri(),
+                urlencode($this->session->get('oauth.state')),
+                urlencode($code)
+            );
+            $this->session->remove('oauth.state');
+        } else {
+            $serverPostfix = '';
 
-			if (strpos($this->request->getRequestUri(), '/index.php') !== false) {
-				$serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/index.php'));
-			} else if (strpos($this->request->getRequestUri(), '/login/flow') !== false) {
-				$serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow'));
-			}
+            if (strpos($this->request->getRequestUri(), '/index.php') !== false) {
+                $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/index.php'));
+            } else if (strpos($this->request->getRequestUri(), '/login/flow') !== false) {
+                $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow'));
+            }
 
-			$protocol = $this->request->getServerProtocol();
+            $protocol = $this->request->getServerProtocol();
 
-			if ($protocol !== "https") {
-				$xForwardedProto = $this->request->getHeader('X-Forwarded-Proto');
-				$xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl');
-				if ($xForwardedProto === 'https' || $xForwardedSSL === 'on') {
-					$protocol = 'https';
-				}
-			}
+            if ($protocol !== "https") {
+                $xForwardedProto = $this->request->getHeader('X-Forwarded-Proto');
+                $xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl');
+                if ($xForwardedProto === 'https' || $xForwardedSSL === 'on') {
+                    $protocol = 'https';
+                }
+            }
 
 
-			$serverPath = $protocol . "://" . $this->request->getServerHost() . $serverPostfix;
-			$redirectUri = 'nc://login/server:' . $serverPath . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
-		}
+            $serverPath = $protocol . "://" . $this->request->getServerHost() . $serverPostfix;
+            $redirectUri = 'nc://login/server:' . $serverPath . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
+        }
 
-		// Clear the token from the login here
-		$this->tokenProvider->invalidateToken($sessionId);
+        // Clear the token from the login here
+        $this->tokenProvider->invalidateToken($sessionId);
 
-		return new Http\RedirectResponse($redirectUri);
-	}
+        return new Http\RedirectResponse($redirectUri);
+    }
 }

Please login to merge, or discard this patch.

		@@ -44,166 +44,166 @@
		block discarded – undo
44	44	*/
45	45
46	46	class File {
47		- static protected $logFile;
	47	+ static protected $logFile;
48	48
49		- /**
50		- * Init class data
51		- */
52		- public static function init() {
53		- $systemConfig = \OC::$server->getSystemConfig();
54		- $defaultLogFile = $systemConfig->getValue("datadirectory", \OC::$SERVERROOT.'/data').'/nextcloud.log';
55		- self::$logFile = $systemConfig->getValue("logfile", $defaultLogFile);
	49	+ /**
	50	+ * Init class data
	51	+ */
	52	+ public static function init() {
	53	+ $systemConfig = \OC::$server->getSystemConfig();
	54	+ $defaultLogFile = $systemConfig->getValue("datadirectory", \OC::$SERVERROOT.'/data').'/nextcloud.log';
	55	+ self::$logFile = $systemConfig->getValue("logfile", $defaultLogFile);
56	56
57		- /**
58		- * Fall back to default log file if specified logfile does not exist
59		- * and can not be created.
60		- */
61		- if (!file_exists(self::$logFile)) {
62		- if(!is_writable(dirname(self::$logFile))) {
63		- self::$logFile = $defaultLogFile;
64		- } else {
65		- if(!touch(self::$logFile)) {
66		- self::$logFile = $defaultLogFile;
67		- }
68		- }
69		- }
70		- }
	57	+ /**
	58	+ * Fall back to default log file if specified logfile does not exist
	59	+ * and can not be created.
	60	+ */
	61	+ if (!file_exists(self::$logFile)) {
	62	+ if(!is_writable(dirname(self::$logFile))) {
	63	+ self::$logFile = $defaultLogFile;
	64	+ } else {
	65	+ if(!touch(self::$logFile)) {
	66	+ self::$logFile = $defaultLogFile;
	67	+ }
	68	+ }
	69	+ }
	70	+ }
71	71
72		- /**
73		- * write a message in the log
74		- * @param string $app
75		- * @param string $message
76		- * @param int $level
77		- */
78		- public static function write($app, $message, $level) {
79		- $config = \OC::$server->getSystemConfig();
	72	+ /**
	73	+ * write a message in the log
	74	+ * @param string $app
	75	+ * @param string $message
	76	+ * @param int $level
	77	+ */
	78	+ public static function write($app, $message, $level) {
	79	+ $config = \OC::$server->getSystemConfig();
80	80
81		- // default to ISO8601
82		- $format = $config->getValue('logdateformat', \DateTime::ATOM);
83		- $logTimeZone = $config->getValue('logtimezone', 'UTC');
84		- try {
85		- $timezone = new \DateTimeZone($logTimeZone);
86		- } catch (\Exception $e) {
87		- $timezone = new \DateTimeZone('UTC');
88		- }
89		- $time = \DateTime::createFromFormat("U.u", number_format(microtime(true), 4, ".", ""));
90		- if ($time === false) {
91		- $time = new \DateTime(null, $timezone);
92		- } else {
93		- // apply timezone if $time is created from UNIX timestamp
94		- $time->setTimezone($timezone);
95		- }
96		- $request = \OC::$server->getRequest();
97		- $reqId = $request->getId();
98		- $remoteAddr = $request->getRemoteAddress();
99		- // remove username/passwords from URLs before writing the to the log file
100		- $time = $time->format($format);
101		- $url = ($request->getRequestUri() !== '') ? $request->getRequestUri() : '--';
102		- $method = is_string($request->getMethod()) ? $request->getMethod() : '--';
103		- if($config->getValue('installed', false)) {
104		- $user = (\OC_User::getUser()) ? \OC_User::getUser() : '--';
105		- } else {
106		- $user = '--';
107		- }
108		- $userAgent = $request->getHeader('User-Agent');
109		- if ($userAgent === '') {
110		- $userAgent = '--';
111		- }
112		- $version = $config->getValue('version', '');
113		- $entry = compact(
114		- 'reqId',
115		- 'level',
116		- 'time',
117		- 'remoteAddr',
118		- 'user',
119		- 'app',
120		- 'method',
121		- 'url',
122		- 'message',
123		- 'userAgent',
124		- 'version'
125		- );
126		- // PHP's json_encode only accept proper UTF-8 strings, loop over all
127		- // elements to ensure that they are properly UTF-8 compliant or convert
128		- // them manually.
129		- foreach($entry as $key => $value) {
130		- if(is_string($value)) {
131		- $testEncode = json_encode($value);
132		- if($testEncode === false) {
133		- $entry[$key] = utf8_encode($value);
134		- }
135		- }
136		- }
137		- $entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR);
138		- $handle = @fopen(self::$logFile, 'a');
139		- if ((fileperms(self::$logFile) & 0777) != 0640) {
140		- @chmod(self::$logFile, 0640);
141		- }
142		- if ($handle) {
143		- fwrite($handle, $entry."\n");
144		- fclose($handle);
145		- } else {
146		- // Fall back to error_log
147		- error_log($entry);
148		- }
149		- if (php_sapi_name() === 'cli-server') {
150		- error_log($message, 4);
151		- }
152		- }
	81	+ // default to ISO8601
	82	+ $format = $config->getValue('logdateformat', \DateTime::ATOM);
	83	+ $logTimeZone = $config->getValue('logtimezone', 'UTC');
	84	+ try {
	85	+ $timezone = new \DateTimeZone($logTimeZone);
	86	+ } catch (\Exception $e) {
	87	+ $timezone = new \DateTimeZone('UTC');
	88	+ }
	89	+ $time = \DateTime::createFromFormat("U.u", number_format(microtime(true), 4, ".", ""));
	90	+ if ($time === false) {
	91	+ $time = new \DateTime(null, $timezone);
	92	+ } else {
	93	+ // apply timezone if $time is created from UNIX timestamp
	94	+ $time->setTimezone($timezone);
	95	+ }
	96	+ $request = \OC::$server->getRequest();
	97	+ $reqId = $request->getId();
	98	+ $remoteAddr = $request->getRemoteAddress();
	99	+ // remove username/passwords from URLs before writing the to the log file
	100	+ $time = $time->format($format);
	101	+ $url = ($request->getRequestUri() !== '') ? $request->getRequestUri() : '--';
	102	+ $method = is_string($request->getMethod()) ? $request->getMethod() : '--';
	103	+ if($config->getValue('installed', false)) {
	104	+ $user = (\OC_User::getUser()) ? \OC_User::getUser() : '--';
	105	+ } else {
	106	+ $user = '--';
	107	+ }
	108	+ $userAgent = $request->getHeader('User-Agent');
	109	+ if ($userAgent === '') {
	110	+ $userAgent = '--';
	111	+ }
	112	+ $version = $config->getValue('version', '');
	113	+ $entry = compact(
	114	+ 'reqId',
	115	+ 'level',
	116	+ 'time',
	117	+ 'remoteAddr',
	118	+ 'user',
	119	+ 'app',
	120	+ 'method',
	121	+ 'url',
	122	+ 'message',
	123	+ 'userAgent',
	124	+ 'version'
	125	+ );
	126	+ // PHP's json_encode only accept proper UTF-8 strings, loop over all
	127	+ // elements to ensure that they are properly UTF-8 compliant or convert
	128	+ // them manually.
	129	+ foreach($entry as $key => $value) {
	130	+ if(is_string($value)) {
	131	+ $testEncode = json_encode($value);
	132	+ if($testEncode === false) {
	133	+ $entry[$key] = utf8_encode($value);
	134	+ }
	135	+ }
	136	+ }
	137	+ $entry = json_encode($entry, JSON_PARTIAL_OUTPUT_ON_ERROR);
	138	+ $handle = @fopen(self::$logFile, 'a');
	139	+ if ((fileperms(self::$logFile) & 0777) != 0640) {
	140	+ @chmod(self::$logFile, 0640);
	141	+ }
	142	+ if ($handle) {
	143	+ fwrite($handle, $entry."\n");
	144	+ fclose($handle);
	145	+ } else {
	146	+ // Fall back to error_log
	147	+ error_log($entry);
	148	+ }
	149	+ if (php_sapi_name() === 'cli-server') {
	150	+ error_log($message, 4);
	151	+ }
	152	+ }
153	153
154		- /**
155		- * get entries from the log in reverse chronological order
156		- * @param int $limit
157		- * @param int $offset
158		- * @return array
159		- */
160		- public static function getEntries($limit=50, $offset=0) {
161		- self::init();
162		- $minLevel = \OC::$server->getSystemConfig()->getValue("loglevel", \OCP\Util::WARN);
163		- $entries = array();
164		- $handle = @fopen(self::$logFile, 'rb');
165		- if ($handle) {
166		- fseek($handle, 0, SEEK_END);
167		- $pos = ftell($handle);
168		- $line = '';
169		- $entriesCount = 0;
170		- $lines = 0;
171		- // Loop through each character of the file looking for new lines
172		- while ($pos >= 0 && ($limit === null \|\|$entriesCount < $limit)) {
173		- fseek($handle, $pos);
174		- $ch = fgetc($handle);
175		- if ($ch == "\n" \|\| $pos == 0) {
176		- if ($line != '') {
177		- // Add the first character if at the start of the file,
178		- // because it doesn't hit the else in the loop
179		- if ($pos == 0) {
180		- $line = $ch.$line;
181		- }
182		- $entry = json_decode($line);
183		- // Add the line as an entry if it is passed the offset and is equal or above the log level
184		- if ($entry->level >= $minLevel) {
185		- $lines++;
186		- if ($lines > $offset) {
187		- $entries[] = $entry;
188		- $entriesCount++;
189		- }
190		- }
191		- $line = '';
192		- }
193		- } else {
194		- $line = $ch.$line;
195		- }
196		- $pos--;
197		- }
198		- fclose($handle);
199		- }
200		- return $entries;
201		- }
	154	+ /**
	155	+ * get entries from the log in reverse chronological order
	156	+ * @param int $limit
	157	+ * @param int $offset
	158	+ * @return array
	159	+ */
	160	+ public static function getEntries($limit=50, $offset=0) {
	161	+ self::init();
	162	+ $minLevel = \OC::$server->getSystemConfig()->getValue("loglevel", \OCP\Util::WARN);
	163	+ $entries = array();
	164	+ $handle = @fopen(self::$logFile, 'rb');
	165	+ if ($handle) {
	166	+ fseek($handle, 0, SEEK_END);
	167	+ $pos = ftell($handle);
	168	+ $line = '';
	169	+ $entriesCount = 0;
	170	+ $lines = 0;
	171	+ // Loop through each character of the file looking for new lines
	172	+ while ($pos >= 0 && ($limit === null \|\|$entriesCount < $limit)) {
	173	+ fseek($handle, $pos);
	174	+ $ch = fgetc($handle);
	175	+ if ($ch == "\n" \|\| $pos == 0) {
	176	+ if ($line != '') {
	177	+ // Add the first character if at the start of the file,
	178	+ // because it doesn't hit the else in the loop
	179	+ if ($pos == 0) {
	180	+ $line = $ch.$line;
	181	+ }
	182	+ $entry = json_decode($line);
	183	+ // Add the line as an entry if it is passed the offset and is equal or above the log level
	184	+ if ($entry->level >= $minLevel) {
	185	+ $lines++;
	186	+ if ($lines > $offset) {
	187	+ $entries[] = $entry;
	188	+ $entriesCount++;
	189	+ }
	190	+ }
	191	+ $line = '';
	192	+ }
	193	+ } else {
	194	+ $line = $ch.$line;
	195	+ }
	196	+ $pos--;
	197	+ }
	198	+ fclose($handle);
	199	+ }
	200	+ return $entries;
	201	+ }
202	202
203		- /**
204		- * @return string
205		- */
206		- public static function getLogFilePath() {
207		- return self::$logFile;
208		- }
	203	+ /**
	204	+ * @return string
	205	+ */
	206	+ public static function getLogFilePath() {
	207	+ return self::$logFile;
	208	+ }
209	209	}

		@@ -30,140 +30,140 @@
		block discarded – undo
30	30	use OCP\IMemcache;
31	31
32	32	class APCu extends Cache implements IMemcache {
33		- use CASTrait {
34		- cas as casEmulated;
35		- }
	33	+ use CASTrait {
	34	+ cas as casEmulated;
	35	+ }
36	36
37		- use CADTrait;
	37	+ use CADTrait;
38	38
39		- public function get($key) {
40		- $result = apcu_fetch($this->getPrefix() . $key, $success);
41		- if (!$success) {
42		- return null;
43		- }
44		- return $result;
45		- }
	39	+ public function get($key) {
	40	+ $result = apcu_fetch($this->getPrefix() . $key, $success);
	41	+ if (!$success) {
	42	+ return null;
	43	+ }
	44	+ return $result;
	45	+ }
46	46
47		- public function set($key, $value, $ttl = 0) {
48		- return apcu_store($this->getPrefix() . $key, $value, $ttl);
49		- }
	47	+ public function set($key, $value, $ttl = 0) {
	48	+ return apcu_store($this->getPrefix() . $key, $value, $ttl);
	49	+ }
50	50
51		- public function hasKey($key) {
52		- return apcu_exists($this->getPrefix() . $key);
53		- }
	51	+ public function hasKey($key) {
	52	+ return apcu_exists($this->getPrefix() . $key);
	53	+ }
54	54
55		- public function remove($key) {
56		- return apcu_delete($this->getPrefix() . $key);
57		- }
	55	+ public function remove($key) {
	56	+ return apcu_delete($this->getPrefix() . $key);
	57	+ }
58	58
59		- public function clear($prefix = '') {
60		- $ns = $this->getPrefix() . $prefix;
61		- $ns = preg_quote($ns, '/');
62		- if(class_exists('\APCIterator')) {
63		- $iter = new \APCIterator('user', '/^' . $ns . '/', APC_ITER_KEY);
64		- } else {
65		- $iter = new \APCUIterator('/^' . $ns . '/', APC_ITER_KEY);
66		- }
67		- return apcu_delete($iter);
68		- }
	59	+ public function clear($prefix = '') {
	60	+ $ns = $this->getPrefix() . $prefix;
	61	+ $ns = preg_quote($ns, '/');
	62	+ if(class_exists('\APCIterator')) {
	63	+ $iter = new \APCIterator('user', '/^' . $ns . '/', APC_ITER_KEY);
	64	+ } else {
	65	+ $iter = new \APCUIterator('/^' . $ns . '/', APC_ITER_KEY);
	66	+ }
	67	+ return apcu_delete($iter);
	68	+ }
69	69
70		- /**
71		- * Set a value in the cache if it's not already stored
72		- *
73		- * @param string $key
74		- * @param mixed $value
75		- * @param int $ttl Time To Live in seconds. Defaults to 606024
76		- * @return bool
77		- */
78		- public function add($key, $value, $ttl = 0) {
79		- return apcu_add($this->getPrefix() . $key, $value, $ttl);
80		- }
	70	+ /**
	71	+ * Set a value in the cache if it's not already stored
	72	+ *
	73	+ * @param string $key
	74	+ * @param mixed $value
	75	+ * @param int $ttl Time To Live in seconds. Defaults to 606024
	76	+ * @return bool
	77	+ */
	78	+ public function add($key, $value, $ttl = 0) {
	79	+ return apcu_add($this->getPrefix() . $key, $value, $ttl);
	80	+ }
81	81
82		- /**
83		- * Increase a stored number
84		- *
85		- * @param string $key
86		- * @param int $step
87		- * @return int \| bool
88		- */
89		- public function inc($key, $step = 1) {
90		- $this->add($key, 0);
91		- /**
92		- * TODO - hack around a PHP 7 specific issue in APCu
93		- *
94		- * on PHP 7 the apcu_inc method on a non-existing object will increment
95		- * "0" and result in "1" as value - therefore we check for existence
96		- * first
97		- *
98		- * on PHP 5.6 this is not the case
99		- *
100		- * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
101		- * for details
102		- */
103		- return apcu_exists($this->getPrefix() . $key)
104		- ? apcu_inc($this->getPrefix() . $key, $step)
105		- : false;
106		- }
	82	+ /**
	83	+ * Increase a stored number
	84	+ *
	85	+ * @param string $key
	86	+ * @param int $step
	87	+ * @return int \| bool
	88	+ */
	89	+ public function inc($key, $step = 1) {
	90	+ $this->add($key, 0);
	91	+ /**
	92	+ * TODO - hack around a PHP 7 specific issue in APCu
	93	+ *
	94	+ * on PHP 7 the apcu_inc method on a non-existing object will increment
	95	+ * "0" and result in "1" as value - therefore we check for existence
	96	+ * first
	97	+ *
	98	+ * on PHP 5.6 this is not the case
	99	+ *
	100	+ * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
	101	+ * for details
	102	+ */
	103	+ return apcu_exists($this->getPrefix() . $key)
	104	+ ? apcu_inc($this->getPrefix() . $key, $step)
	105	+ : false;
	106	+ }
107	107
108		- /**
109		- * Decrease a stored number
110		- *
111		- * @param string $key
112		- * @param int $step
113		- * @return int \| bool
114		- */
115		- public function dec($key, $step = 1) {
116		- /**
117		- * TODO - hack around a PHP 7 specific issue in APCu
118		- *
119		- * on PHP 7 the apcu_dec method on a non-existing object will decrement
120		- * "0" and result in "-1" as value - therefore we check for existence
121		- * first
122		- *
123		- * on PHP 5.6 this is not the case
124		- *
125		- * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
126		- * for details
127		- */
128		- return apcu_exists($this->getPrefix() . $key)
129		- ? apcu_dec($this->getPrefix() . $key, $step)
130		- : false;
131		- }
	108	+ /**
	109	+ * Decrease a stored number
	110	+ *
	111	+ * @param string $key
	112	+ * @param int $step
	113	+ * @return int \| bool
	114	+ */
	115	+ public function dec($key, $step = 1) {
	116	+ /**
	117	+ * TODO - hack around a PHP 7 specific issue in APCu
	118	+ *
	119	+ * on PHP 7 the apcu_dec method on a non-existing object will decrement
	120	+ * "0" and result in "-1" as value - therefore we check for existence
	121	+ * first
	122	+ *
	123	+ * on PHP 5.6 this is not the case
	124	+ *
	125	+ * see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221
	126	+ * for details
	127	+ */
	128	+ return apcu_exists($this->getPrefix() . $key)
	129	+ ? apcu_dec($this->getPrefix() . $key, $step)
	130	+ : false;
	131	+ }
132	132
133		- /**
134		- * Compare and set
135		- *
136		- * @param string $key
137		- * @param mixed $old
138		- * @param mixed $new
139		- * @return bool
140		- */
141		- public function cas($key, $old, $new) {
142		- // apc only does cas for ints
143		- if (is_int($old) and is_int($new)) {
144		- return apcu_cas($this->getPrefix() . $key, $old, $new);
145		- } else {
146		- return $this->casEmulated($key, $old, $new);
147		- }
148		- }
	133	+ /**
	134	+ * Compare and set
	135	+ *
	136	+ * @param string $key
	137	+ * @param mixed $old
	138	+ * @param mixed $new
	139	+ * @return bool
	140	+ */
	141	+ public function cas($key, $old, $new) {
	142	+ // apc only does cas for ints
	143	+ if (is_int($old) and is_int($new)) {
	144	+ return apcu_cas($this->getPrefix() . $key, $old, $new);
	145	+ } else {
	146	+ return $this->casEmulated($key, $old, $new);
	147	+ }
	148	+ }
149	149
150		- /**
151		- * @return bool
152		- */
153		- static public function isAvailable() {
154		- if (!extension_loaded('apcu')) {
155		- return false;
156		- } elseif (!\OC::$server->getIniWrapper()->getBool('apc.enabled')) {
157		- return false;
158		- } elseif (!\OC::$server->getIniWrapper()->getBool('apc.enable_cli') && \OC::$CLI) {
159		- return false;
160		- } elseif (
161		- version_compare(phpversion('apc') ?: '0.0.0', '4.0.6') === -1 &&
162		- version_compare(phpversion('apcu') ?: '0.0.0', '5.1.0') === -1
163		- ) {
164		- return false;
165		- } else {
166		- return true;
167		- }
168		- }
	150	+ /**
	151	+ * @return bool
	152	+ */
	153	+ static public function isAvailable() {
	154	+ if (!extension_loaded('apcu')) {
	155	+ return false;
	156	+ } elseif (!\OC::$server->getIniWrapper()->getBool('apc.enabled')) {
	157	+ return false;
	158	+ } elseif (!\OC::$server->getIniWrapper()->getBool('apc.enable_cli') && \OC::$CLI) {
	159	+ return false;
	160	+ } elseif (
	161	+ version_compare(phpversion('apc') ?: '0.0.0', '4.0.6') === -1 &&
	162	+ version_compare(phpversion('apcu') ?: '0.0.0', '5.1.0') === -1
	163	+ ) {
	164	+ return false;
	165	+ } else {
	166	+ return true;
	167	+ }
	168	+ }
169	169	}

		@@ -30,90 +30,90 @@
		block discarded – undo
30	30
31	31	class FileSize implements ICheck {
32	32
33		- /** @var int */
34		- protected $size;
35		-
36		- /** @var IL10N */
37		- protected $l;
38		-
39		- /** @var IRequest */
40		- protected $request;
41		-
42		- /**
43		- * @param IL10N $l
44		- * @param IRequest $request
45		- */
46		- public function __construct(IL10N $l, IRequest $request) {
47		- $this->l = $l;
48		- $this->request = $request;
49		- }
50		-
51		- /**
52		- * @param IStorage $storage
53		- * @param string $path
54		- */
55		- public function setFileInfo(IStorage $storage, $path) {
56		- }
57		-
58		- /**
59		- * @param string $operator
60		- * @param string $value
61		- * @return bool
62		- */
63		- public function executeCheck($operator, $value) {
64		- $size = $this->getFileSizeFromHeader();
65		-
66		- $value = Util::computerFileSize($value);
67		- if ($size !== false) {
68		- switch ($operator) {
69		- case 'less':
70		- return $size < $value;
71		- case '!less':
72		- return $size >= $value;
73		- case 'greater':
74		- return $size > $value;
75		- case '!greater':
76		- return $size <= $value;
77		- }
78		- }
79		- return false;
80		- }
81		-
82		- /**
83		- * @param string $operator
84		- * @param string $value
85		- * @throws \UnexpectedValueException
86		- */
87		- public function validateCheck($operator, $value) {
88		- if (!in_array($operator, ['less', '!less', 'greater', '!greater'])) {
89		- throw new \UnexpectedValueException($this->l->t('The given operator is invalid'), 1);
90		- }
91		-
92		- if (!preg_match('/^[0-9]+[ ]?[kmgt]?b$/i', $value)) {
93		- throw new \UnexpectedValueException($this->l->t('The given file size is invalid'), 2);
94		- }
95		- }
96		-
97		- /**
98		- * @return string
99		- */
100		- protected function getFileSizeFromHeader() {
101		- if ($this->size !== null) {
102		- return $this->size;
103		- }
104		-
105		- $size = $this->request->getHeader('OC-Total-Length');
106		- if ($size === '') {
107		- if (in_array($this->request->getMethod(), ['POST', 'PUT'])) {
108		- $size = $this->request->getHeader('Content-Length');
109		- }
110		- }
111		-
112		- if ($size === '') {
113		- $size = false;
114		- }
115		-
116		- $this->size = $size;
117		- return $this->size;
118		- }
	33	+ /** @var int */
	34	+ protected $size;
	35	+
	36	+ /** @var IL10N */
	37	+ protected $l;
	38	+
	39	+ /** @var IRequest */
	40	+ protected $request;
	41	+
	42	+ /**
	43	+ * @param IL10N $l
	44	+ * @param IRequest $request
	45	+ */
	46	+ public function __construct(IL10N $l, IRequest $request) {
	47	+ $this->l = $l;
	48	+ $this->request = $request;
	49	+ }
	50	+
	51	+ /**
	52	+ * @param IStorage $storage
	53	+ * @param string $path
	54	+ */
	55	+ public function setFileInfo(IStorage $storage, $path) {
	56	+ }
	57	+
	58	+ /**
	59	+ * @param string $operator
	60	+ * @param string $value
	61	+ * @return bool
	62	+ */
	63	+ public function executeCheck($operator, $value) {
	64	+ $size = $this->getFileSizeFromHeader();
	65	+
	66	+ $value = Util::computerFileSize($value);
	67	+ if ($size !== false) {
	68	+ switch ($operator) {
	69	+ case 'less':
	70	+ return $size < $value;
	71	+ case '!less':
	72	+ return $size >= $value;
	73	+ case 'greater':
	74	+ return $size > $value;
	75	+ case '!greater':
	76	+ return $size <= $value;
	77	+ }
	78	+ }
	79	+ return false;
	80	+ }
	81	+
	82	+ /**
	83	+ * @param string $operator
	84	+ * @param string $value
	85	+ * @throws \UnexpectedValueException
	86	+ */
	87	+ public function validateCheck($operator, $value) {
	88	+ if (!in_array($operator, ['less', '!less', 'greater', '!greater'])) {
	89	+ throw new \UnexpectedValueException($this->l->t('The given operator is invalid'), 1);
	90	+ }
	91	+
	92	+ if (!preg_match('/^[0-9]+[ ]?[kmgt]?b$/i', $value)) {
	93	+ throw new \UnexpectedValueException($this->l->t('The given file size is invalid'), 2);
	94	+ }
	95	+ }
	96	+
	97	+ /**
	98	+ * @return string
	99	+ */
	100	+ protected function getFileSizeFromHeader() {
	101	+ if ($this->size !== null) {
	102	+ return $this->size;
	103	+ }
	104	+
	105	+ $size = $this->request->getHeader('OC-Total-Length');
	106	+ if ($size === '') {
	107	+ if (in_array($this->request->getMethod(), ['POST', 'PUT'])) {
	108	+ $size = $this->request->getHeader('Content-Length');
	109	+ }
	110	+ }
	111	+
	112	+ if ($size === '') {
	113	+ $size = false;
	114	+ }
	115	+
	116	+ $this->size = $size;
	117	+ return $this->size;
	118	+ }
119	119	}

		@@ -40,74 +40,74 @@
		block discarded – undo
40	40
41	41	class CssController extends Controller {
42	42
43		- /** @var IAppData */
44		- protected $appData;
	43	+ /** @var IAppData */
	44	+ protected $appData;
45	45
46		- /** @var ITimeFactory */
47		- protected $timeFactory;
	46	+ /** @var ITimeFactory */
	47	+ protected $timeFactory;
48	48
49		- /**
50		- * @param string $appName
51		- * @param IRequest $request
52		- * @param Factory $appDataFactory
53		- * @param ITimeFactory $timeFactory
54		- */
55		- public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
56		- parent::__construct($appName, $request);
	49	+ /**
	50	+ * @param string $appName
	51	+ * @param IRequest $request
	52	+ * @param Factory $appDataFactory
	53	+ * @param ITimeFactory $timeFactory
	54	+ */
	55	+ public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
	56	+ parent::__construct($appName, $request);
57	57
58		- $this->appData = $appDataFactory->get('css');
59		- $this->timeFactory = $timeFactory;
60		- }
	58	+ $this->appData = $appDataFactory->get('css');
	59	+ $this->timeFactory = $timeFactory;
	60	+ }
61	61
62		- /**
63		- * @PublicPage
64		- * @NoCSRFRequired
65		- *
66		- * @param string $fileName css filename with extension
67		- * @param string $appName css folder name
68		- * @return FileDisplayResponse\|NotFoundResponse
69		- */
70		- public function getCss($fileName, $appName) {
71		- try {
72		- $folder = $this->appData->getFolder($appName);
73		- $gzip = false;
74		- $file = $this->getFile($folder, $fileName, $gzip);
75		- } catch(NotFoundException $e) {
76		- return new NotFoundResponse();
77		- }
	62	+ /**
	63	+ * @PublicPage
	64	+ * @NoCSRFRequired
	65	+ *
	66	+ * @param string $fileName css filename with extension
	67	+ * @param string $appName css folder name
	68	+ * @return FileDisplayResponse\|NotFoundResponse
	69	+ */
	70	+ public function getCss($fileName, $appName) {
	71	+ try {
	72	+ $folder = $this->appData->getFolder($appName);
	73	+ $gzip = false;
	74	+ $file = $this->getFile($folder, $fileName, $gzip);
	75	+ } catch(NotFoundException $e) {
	76	+ return new NotFoundResponse();
	77	+ }
78	78
79		- $response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'text/css']);
80		- if ($gzip) {
81		- $response->addHeader('Content-Encoding', 'gzip');
82		- }
83		- $response->cacheFor(86400);
84		- $expires = new \DateTime();
85		- $expires->setTimestamp($this->timeFactory->getTime());
86		- $expires->add(new \DateInterval('PT24H'));
87		- $response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
88		- $response->addHeader('Pragma', 'cache');
89		- return $response;
90		- }
	79	+ $response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'text/css']);
	80	+ if ($gzip) {
	81	+ $response->addHeader('Content-Encoding', 'gzip');
	82	+ }
	83	+ $response->cacheFor(86400);
	84	+ $expires = new \DateTime();
	85	+ $expires->setTimestamp($this->timeFactory->getTime());
	86	+ $expires->add(new \DateInterval('PT24H'));
	87	+ $response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
	88	+ $response->addHeader('Pragma', 'cache');
	89	+ return $response;
	90	+ }
91	91
92		- /**
93		- * @param ISimpleFolder $folder
94		- * @param string $fileName
95		- * @param bool $gzip is set to true if we use the gzip file
96		- * @return ISimpleFile
97		- */
98		- private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
99		- $encoding = $this->request->getHeader('Accept-Encoding');
	92	+ /**
	93	+ * @param ISimpleFolder $folder
	94	+ * @param string $fileName
	95	+ * @param bool $gzip is set to true if we use the gzip file
	96	+ * @return ISimpleFile
	97	+ */
	98	+ private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
	99	+ $encoding = $this->request->getHeader('Accept-Encoding');
100	100
101		- if (strpos($encoding, 'gzip') !== false) {
102		- try {
103		- $gzip = true;
104		- return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
105		- } catch (NotFoundException $e) {
106		- // continue
107		- }
108		- }
	101	+ if (strpos($encoding, 'gzip') !== false) {
	102	+ try {
	103	+ $gzip = true;
	104	+ return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
	105	+ } catch (NotFoundException $e) {
	106	+ // continue
	107	+ }
	108	+ }
109	109
110		- $gzip = false;
111		- return $folder->getFile($fileName);
112		- }
	110	+ $gzip = false;
	111	+ return $folder->getFile($fileName);
	112	+ }
113	113	}

		@@ -72,7 +72,7 @@ discard block
		block discarded – undo
72	72	$folder = $this->appData->getFolder($appName);
73	73	$gzip = false;
74	74	$file = $this->getFile($folder, $fileName, $gzip);
75		- } catch(NotFoundException $e) {
	75	+ } catch (NotFoundException $e) {
76	76	return new NotFoundResponse();
77	77	}
78	78
		@@ -101,7 +101,7 @@ discard block
		block discarded – undo
101	101	if (strpos($encoding, 'gzip') !== false) {
102	102	try {
103	103	$gzip = true;
104		- return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
	104	+ return $folder->getFile($fileName.'.gzip'); # Safari doesn't like .gz
105	105	} catch (NotFoundException $e) {
106	106	// continue
107	107	}

		@@ -38,74 +38,74 @@
		block discarded – undo
38	38
39	39	class JsController extends Controller {
40	40
41		- /** @var IAppData */
42		- protected $appData;
	41	+ /** @var IAppData */
	42	+ protected $appData;
43	43
44		- /** @var ITimeFactory */
45		- protected $timeFactory;
	44	+ /** @var ITimeFactory */
	45	+ protected $timeFactory;
46	46
47		- /**
48		- * @param string $appName
49		- * @param IRequest $request
50		- * @param Factory $appDataFactory
51		- * @param ITimeFactory $timeFactory
52		- */
53		- public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
54		- parent::__construct($appName, $request);
	47	+ /**
	48	+ * @param string $appName
	49	+ * @param IRequest $request
	50	+ * @param Factory $appDataFactory
	51	+ * @param ITimeFactory $timeFactory
	52	+ */
	53	+ public function __construct($appName, IRequest $request, Factory $appDataFactory, ITimeFactory $timeFactory) {
	54	+ parent::__construct($appName, $request);
55	55
56		- $this->appData = $appDataFactory->get('js');
57		- $this->timeFactory = $timeFactory;
58		- }
	56	+ $this->appData = $appDataFactory->get('js');
	57	+ $this->timeFactory = $timeFactory;
	58	+ }
59	59
60		- /**
61		- * @PublicPage
62		- * @NoCSRFRequired
63		- *
64		- * @param string $fileName css filename with extension
65		- * @param string $appName css folder name
66		- * @return FileDisplayResponse\|NotFoundResponse
67		- */
68		- public function getJs($fileName, $appName) {
69		- try {
70		- $folder = $this->appData->getFolder($appName);
71		- $gzip = false;
72		- $file = $this->getFile($folder, $fileName, $gzip);
73		- } catch(NotFoundException $e) {
74		- return new NotFoundResponse();
75		- }
	60	+ /**
	61	+ * @PublicPage
	62	+ * @NoCSRFRequired
	63	+ *
	64	+ * @param string $fileName css filename with extension
	65	+ * @param string $appName css folder name
	66	+ * @return FileDisplayResponse\|NotFoundResponse
	67	+ */
	68	+ public function getJs($fileName, $appName) {
	69	+ try {
	70	+ $folder = $this->appData->getFolder($appName);
	71	+ $gzip = false;
	72	+ $file = $this->getFile($folder, $fileName, $gzip);
	73	+ } catch(NotFoundException $e) {
	74	+ return new NotFoundResponse();
	75	+ }
76	76
77		- $response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'application/javascript']);
78		- if ($gzip) {
79		- $response->addHeader('Content-Encoding', 'gzip');
80		- }
81		- $response->cacheFor(86400);
82		- $expires = new \DateTime();
83		- $expires->setTimestamp($this->timeFactory->getTime());
84		- $expires->add(new \DateInterval('PT24H'));
85		- $response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
86		- $response->addHeader('Pragma', 'cache');
87		- return $response;
88		- }
	77	+ $response = new FileDisplayResponse($file, Http::STATUS_OK, ['Content-Type' => 'application/javascript']);
	78	+ if ($gzip) {
	79	+ $response->addHeader('Content-Encoding', 'gzip');
	80	+ }
	81	+ $response->cacheFor(86400);
	82	+ $expires = new \DateTime();
	83	+ $expires->setTimestamp($this->timeFactory->getTime());
	84	+ $expires->add(new \DateInterval('PT24H'));
	85	+ $response->addHeader('Expires', $expires->format(\DateTime::RFC1123));
	86	+ $response->addHeader('Pragma', 'cache');
	87	+ return $response;
	88	+ }
89	89
90		- /**
91		- * @param ISimpleFolder $folder
92		- * @param string $fileName
93		- * @param bool $gzip is set to true if we use the gzip file
94		- * @return ISimpleFile
95		- */
96		- private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
97		- $encoding = $this->request->getHeader('Accept-Encoding');
	90	+ /**
	91	+ * @param ISimpleFolder $folder
	92	+ * @param string $fileName
	93	+ * @param bool $gzip is set to true if we use the gzip file
	94	+ * @return ISimpleFile
	95	+ */
	96	+ private function getFile(ISimpleFolder $folder, $fileName, &$gzip) {
	97	+ $encoding = $this->request->getHeader('Accept-Encoding');
98	98
99		- if (strpos($encoding, 'gzip') !== false) {
100		- try {
101		- $gzip = true;
102		- return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
103		- } catch (NotFoundException $e) {
104		- // continue
105		- }
106		- }
	99	+ if (strpos($encoding, 'gzip') !== false) {
	100	+ try {
	101	+ $gzip = true;
	102	+ return $folder->getFile($fileName . '.gzip'); # Safari doesn't like .gz
	103	+ } catch (NotFoundException $e) {
	104	+ // continue
	105	+ }
	106	+ }
107	107
108		- $gzip = false;
109		- return $folder->getFile($fileName);
110		- }
	108	+ $gzip = false;
	109	+ return $folder->getFile($fileName);
	110	+ }
111	111	}

		@@ -48,291 +48,291 @@
		block discarded – undo
48	48	use OCP\Session\Exceptions\SessionNotAvailableException;
49	49
50	50	class ClientFlowLoginController extends Controller {
51		- /** @var IUserSession */
52		- private $userSession;
53		- /** @var IL10N */
54		- private $l10n;
55		- /** @var Defaults */
56		- private $defaults;
57		- /** @var ISession */
58		- private $session;
59		- /** @var IProvider */
60		- private $tokenProvider;
61		- /** @var ISecureRandom */
62		- private $random;
63		- /** @var IURLGenerator */
64		- private $urlGenerator;
65		- /** @var ClientMapper */
66		- private $clientMapper;
67		- /** @var AccessTokenMapper */
68		- private $accessTokenMapper;
69		- /** @var ICrypto */
70		- private $crypto;
	51	+ /** @var IUserSession */
	52	+ private $userSession;
	53	+ /** @var IL10N */
	54	+ private $l10n;
	55	+ /** @var Defaults */
	56	+ private $defaults;
	57	+ /** @var ISession */
	58	+ private $session;
	59	+ /** @var IProvider */
	60	+ private $tokenProvider;
	61	+ /** @var ISecureRandom */
	62	+ private $random;
	63	+ /** @var IURLGenerator */
	64	+ private $urlGenerator;
	65	+ /** @var ClientMapper */
	66	+ private $clientMapper;
	67	+ /** @var AccessTokenMapper */
	68	+ private $accessTokenMapper;
	69	+ /** @var ICrypto */
	70	+ private $crypto;
71	71
72		- const stateName = 'client.flow.state.token';
	72	+ const stateName = 'client.flow.state.token';
73	73
74		- /**
75		- * @param string $appName
76		- * @param IRequest $request
77		- * @param IUserSession $userSession
78		- * @param IL10N $l10n
79		- * @param Defaults $defaults
80		- * @param ISession $session
81		- * @param IProvider $tokenProvider
82		- * @param ISecureRandom $random
83		- * @param IURLGenerator $urlGenerator
84		- * @param ClientMapper $clientMapper
85		- * @param AccessTokenMapper $accessTokenMapper
86		- * @param ICrypto $crypto
87		- */
88		- public function __construct($appName,
89		- IRequest $request,
90		- IUserSession $userSession,
91		- IL10N $l10n,
92		- Defaults $defaults,
93		- ISession $session,
94		- IProvider $tokenProvider,
95		- ISecureRandom $random,
96		- IURLGenerator $urlGenerator,
97		- ClientMapper $clientMapper,
98		- AccessTokenMapper $accessTokenMapper,
99		- ICrypto $crypto) {
100		- parent::__construct($appName, $request);
101		- $this->userSession = $userSession;
102		- $this->l10n = $l10n;
103		- $this->defaults = $defaults;
104		- $this->session = $session;
105		- $this->tokenProvider = $tokenProvider;
106		- $this->random = $random;
107		- $this->urlGenerator = $urlGenerator;
108		- $this->clientMapper = $clientMapper;
109		- $this->accessTokenMapper = $accessTokenMapper;
110		- $this->crypto = $crypto;
111		- }
	74	+ /**
	75	+ * @param string $appName
	76	+ * @param IRequest $request
	77	+ * @param IUserSession $userSession
	78	+ * @param IL10N $l10n
	79	+ * @param Defaults $defaults
	80	+ * @param ISession $session
	81	+ * @param IProvider $tokenProvider
	82	+ * @param ISecureRandom $random
	83	+ * @param IURLGenerator $urlGenerator
	84	+ * @param ClientMapper $clientMapper
	85	+ * @param AccessTokenMapper $accessTokenMapper
	86	+ * @param ICrypto $crypto
	87	+ */
	88	+ public function __construct($appName,
	89	+ IRequest $request,
	90	+ IUserSession $userSession,
	91	+ IL10N $l10n,
	92	+ Defaults $defaults,
	93	+ ISession $session,
	94	+ IProvider $tokenProvider,
	95	+ ISecureRandom $random,
	96	+ IURLGenerator $urlGenerator,
	97	+ ClientMapper $clientMapper,
	98	+ AccessTokenMapper $accessTokenMapper,
	99	+ ICrypto $crypto) {
	100	+ parent::__construct($appName, $request);
	101	+ $this->userSession = $userSession;
	102	+ $this->l10n = $l10n;
	103	+ $this->defaults = $defaults;
	104	+ $this->session = $session;
	105	+ $this->tokenProvider = $tokenProvider;
	106	+ $this->random = $random;
	107	+ $this->urlGenerator = $urlGenerator;
	108	+ $this->clientMapper = $clientMapper;
	109	+ $this->accessTokenMapper = $accessTokenMapper;
	110	+ $this->crypto = $crypto;
	111	+ }
112	112
113		- /**
114		- * @return string
115		- */
116		- private function getClientName() {
117		- $userAgent = $this->request->getHeader('USER_AGENT');
118		- return $userAgent !== '' ? $userAgent : 'unknown';
119		- }
	113	+ /**
	114	+ * @return string
	115	+ */
	116	+ private function getClientName() {
	117	+ $userAgent = $this->request->getHeader('USER_AGENT');
	118	+ return $userAgent !== '' ? $userAgent : 'unknown';
	119	+ }
120	120
121		- /**
122		- * @param string $stateToken
123		- * @return bool
124		- */
125		- private function isValidToken($stateToken) {
126		- $currentToken = $this->session->get(self::stateName);
127		- if(!is_string($stateToken) \|\| !is_string($currentToken)) {
128		- return false;
129		- }
130		- return hash_equals($currentToken, $stateToken);
131		- }
	121	+ /**
	122	+ * @param string $stateToken
	123	+ * @return bool
	124	+ */
	125	+ private function isValidToken($stateToken) {
	126	+ $currentToken = $this->session->get(self::stateName);
	127	+ if(!is_string($stateToken) \|\| !is_string($currentToken)) {
	128	+ return false;
	129	+ }
	130	+ return hash_equals($currentToken, $stateToken);
	131	+ }
132	132
133		- /**
134		- * @return TemplateResponse
135		- */
136		- private function stateTokenForbiddenResponse() {
137		- $response = new TemplateResponse(
138		- $this->appName,
139		- '403',
140		- [
141		- 'file' => $this->l10n->t('State token does not match'),
142		- ],
143		- 'guest'
144		- );
145		- $response->setStatus(Http::STATUS_FORBIDDEN);
146		- return $response;
147		- }
	133	+ /**
	134	+ * @return TemplateResponse
	135	+ */
	136	+ private function stateTokenForbiddenResponse() {
	137	+ $response = new TemplateResponse(
	138	+ $this->appName,
	139	+ '403',
	140	+ [
	141	+ 'file' => $this->l10n->t('State token does not match'),
	142	+ ],
	143	+ 'guest'
	144	+ );
	145	+ $response->setStatus(Http::STATUS_FORBIDDEN);
	146	+ return $response;
	147	+ }
148	148
149		- /**
150		- * @PublicPage
151		- * @NoCSRFRequired
152		- * @UseSession
153		- *
154		- * @param string $clientIdentifier
155		- *
156		- * @return TemplateResponse
157		- */
158		- public function showAuthPickerPage($clientIdentifier = '') {
159		- $clientName = $this->getClientName();
160		- $client = null;
161		- if($clientIdentifier !== '') {
162		- $client = $this->clientMapper->getByIdentifier($clientIdentifier);
163		- $clientName = $client->getName();
164		- }
	149	+ /**
	150	+ * @PublicPage
	151	+ * @NoCSRFRequired
	152	+ * @UseSession
	153	+ *
	154	+ * @param string $clientIdentifier
	155	+ *
	156	+ * @return TemplateResponse
	157	+ */
	158	+ public function showAuthPickerPage($clientIdentifier = '') {
	159	+ $clientName = $this->getClientName();
	160	+ $client = null;
	161	+ if($clientIdentifier !== '') {
	162	+ $client = $this->clientMapper->getByIdentifier($clientIdentifier);
	163	+ $clientName = $client->getName();
	164	+ }
165	165
166		- // No valid clientIdentifier given and no valid API Request (APIRequest header not set)
167		- $clientRequest = $this->request->getHeader('OCS-APIREQUEST');
168		- if ($clientRequest !== 'true' && $client === null) {
169		- return new TemplateResponse(
170		- $this->appName,
171		- 'error',
172		- [
173		- 'errors' =>
174		- [
175		- [
176		- 'error' => 'Access Forbidden',
177		- 'hint' => 'Invalid request',
178		- ],
179		- ],
180		- ],
181		- 'guest'
182		- );
183		- }
	166	+ // No valid clientIdentifier given and no valid API Request (APIRequest header not set)
	167	+ $clientRequest = $this->request->getHeader('OCS-APIREQUEST');
	168	+ if ($clientRequest !== 'true' && $client === null) {
	169	+ return new TemplateResponse(
	170	+ $this->appName,
	171	+ 'error',
	172	+ [
	173	+ 'errors' =>
	174	+ [
	175	+ [
	176	+ 'error' => 'Access Forbidden',
	177	+ 'hint' => 'Invalid request',
	178	+ ],
	179	+ ],
	180	+ ],
	181	+ 'guest'
	182	+ );
	183	+ }
184	184
185		- $stateToken = $this->random->generate(
186		- 64,
187		- ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
188		- );
189		- $this->session->set(self::stateName, $stateToken);
	185	+ $stateToken = $this->random->generate(
	186	+ 64,
	187	+ ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
	188	+ );
	189	+ $this->session->set(self::stateName, $stateToken);
190	190
191		- return new TemplateResponse(
192		- $this->appName,
193		- 'loginflow/authpicker',
194		- [
195		- 'client' => $clientName,
196		- 'clientIdentifier' => $clientIdentifier,
197		- 'instanceName' => $this->defaults->getName(),
198		- 'urlGenerator' => $this->urlGenerator,
199		- 'stateToken' => $stateToken,
200		- 'serverHost' => $this->request->getServerHost(),
201		- 'oauthState' => $this->session->get('oauth.state'),
202		- ],
203		- 'guest'
204		- );
205		- }
	191	+ return new TemplateResponse(
	192	+ $this->appName,
	193	+ 'loginflow/authpicker',
	194	+ [
	195	+ 'client' => $clientName,
	196	+ 'clientIdentifier' => $clientIdentifier,
	197	+ 'instanceName' => $this->defaults->getName(),
	198	+ 'urlGenerator' => $this->urlGenerator,
	199	+ 'stateToken' => $stateToken,
	200	+ 'serverHost' => $this->request->getServerHost(),
	201	+ 'oauthState' => $this->session->get('oauth.state'),
	202	+ ],
	203	+ 'guest'
	204	+ );
	205	+ }
206	206
207		- /**
208		- * @NoAdminRequired
209		- * @NoCSRFRequired
210		- * @UseSession
211		- *
212		- * @param string $stateToken
213		- * @param string $clientIdentifier
214		- * @return TemplateResponse
215		- */
216		- public function redirectPage($stateToken = '',
217		- $clientIdentifier = '') {
218		- if(!$this->isValidToken($stateToken)) {
219		- return $this->stateTokenForbiddenResponse();
220		- }
	207	+ /**
	208	+ * @NoAdminRequired
	209	+ * @NoCSRFRequired
	210	+ * @UseSession
	211	+ *
	212	+ * @param string $stateToken
	213	+ * @param string $clientIdentifier
	214	+ * @return TemplateResponse
	215	+ */
	216	+ public function redirectPage($stateToken = '',
	217	+ $clientIdentifier = '') {
	218	+ if(!$this->isValidToken($stateToken)) {
	219	+ return $this->stateTokenForbiddenResponse();
	220	+ }
221	221
222		- return new TemplateResponse(
223		- $this->appName,
224		- 'loginflow/redirect',
225		- [
226		- 'urlGenerator' => $this->urlGenerator,
227		- 'stateToken' => $stateToken,
228		- 'clientIdentifier' => $clientIdentifier,
229		- 'oauthState' => $this->session->get('oauth.state'),
230		- ],
231		- 'guest'
232		- );
233		- }
	222	+ return new TemplateResponse(
	223	+ $this->appName,
	224	+ 'loginflow/redirect',
	225	+ [
	226	+ 'urlGenerator' => $this->urlGenerator,
	227	+ 'stateToken' => $stateToken,
	228	+ 'clientIdentifier' => $clientIdentifier,
	229	+ 'oauthState' => $this->session->get('oauth.state'),
	230	+ ],
	231	+ 'guest'
	232	+ );
	233	+ }
234	234
235		- /**
236		- * @NoAdminRequired
237		- * @UseSession
238		- *
239		- * @param string $stateToken
240		- * @param string $clientIdentifier
241		- * @return Http\RedirectResponse\|Response
242		- */
243		- public function generateAppPassword($stateToken,
244		- $clientIdentifier = '') {
245		- if(!$this->isValidToken($stateToken)) {
246		- $this->session->remove(self::stateName);
247		- return $this->stateTokenForbiddenResponse();
248		- }
	235	+ /**
	236	+ * @NoAdminRequired
	237	+ * @UseSession
	238	+ *
	239	+ * @param string $stateToken
	240	+ * @param string $clientIdentifier
	241	+ * @return Http\RedirectResponse\|Response
	242	+ */
	243	+ public function generateAppPassword($stateToken,
	244	+ $clientIdentifier = '') {
	245	+ if(!$this->isValidToken($stateToken)) {
	246	+ $this->session->remove(self::stateName);
	247	+ return $this->stateTokenForbiddenResponse();
	248	+ }
249	249
250		- $this->session->remove(self::stateName);
	250	+ $this->session->remove(self::stateName);
251	251
252		- try {
253		- $sessionId = $this->session->getId();
254		- } catch (SessionNotAvailableException $ex) {
255		- $response = new Response();
256		- $response->setStatus(Http::STATUS_FORBIDDEN);
257		- return $response;
258		- }
	252	+ try {
	253	+ $sessionId = $this->session->getId();
	254	+ } catch (SessionNotAvailableException $ex) {
	255	+ $response = new Response();
	256	+ $response->setStatus(Http::STATUS_FORBIDDEN);
	257	+ return $response;
	258	+ }
259	259
260		- try {
261		- $sessionToken = $this->tokenProvider->getToken($sessionId);
262		- $loginName = $sessionToken->getLoginName();
263		- try {
264		- $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
265		- } catch (PasswordlessTokenException $ex) {
266		- $password = null;
267		- }
268		- } catch (InvalidTokenException $ex) {
269		- $response = new Response();
270		- $response->setStatus(Http::STATUS_FORBIDDEN);
271		- return $response;
272		- }
	260	+ try {
	261	+ $sessionToken = $this->tokenProvider->getToken($sessionId);
	262	+ $loginName = $sessionToken->getLoginName();
	263	+ try {
	264	+ $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
	265	+ } catch (PasswordlessTokenException $ex) {
	266	+ $password = null;
	267	+ }
	268	+ } catch (InvalidTokenException $ex) {
	269	+ $response = new Response();
	270	+ $response->setStatus(Http::STATUS_FORBIDDEN);
	271	+ return $response;
	272	+ }
273	273
274		- $clientName = $this->getClientName();
275		- $client = false;
276		- if($clientIdentifier !== '') {
277		- $client = $this->clientMapper->getByIdentifier($clientIdentifier);
278		- $clientName = $client->getName();
279		- }
	274	+ $clientName = $this->getClientName();
	275	+ $client = false;
	276	+ if($clientIdentifier !== '') {
	277	+ $client = $this->clientMapper->getByIdentifier($clientIdentifier);
	278	+ $clientName = $client->getName();
	279	+ }
280	280
281		- $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
282		- $uid = $this->userSession->getUser()->getUID();
283		- $generatedToken = $this->tokenProvider->generateToken(
284		- $token,
285		- $uid,
286		- $loginName,
287		- $password,
288		- $clientName,
289		- IToken::PERMANENT_TOKEN,
290		- IToken::DO_NOT_REMEMBER
291		- );
	281	+ $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
	282	+ $uid = $this->userSession->getUser()->getUID();
	283	+ $generatedToken = $this->tokenProvider->generateToken(
	284	+ $token,
	285	+ $uid,
	286	+ $loginName,
	287	+ $password,
	288	+ $clientName,
	289	+ IToken::PERMANENT_TOKEN,
	290	+ IToken::DO_NOT_REMEMBER
	291	+ );
292	292
293		- if($client) {
294		- $code = $this->random->generate(128);
295		- $accessToken = new AccessToken();
296		- $accessToken->setClientId($client->getId());
297		- $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
298		- $accessToken->setHashedCode(hash('sha512', $code));
299		- $accessToken->setTokenId($generatedToken->getId());
300		- $this->accessTokenMapper->insert($accessToken);
	293	+ if($client) {
	294	+ $code = $this->random->generate(128);
	295	+ $accessToken = new AccessToken();
	296	+ $accessToken->setClientId($client->getId());
	297	+ $accessToken->setEncryptedToken($this->crypto->encrypt($token, $code));
	298	+ $accessToken->setHashedCode(hash('sha512', $code));
	299	+ $accessToken->setTokenId($generatedToken->getId());
	300	+ $this->accessTokenMapper->insert($accessToken);
301	301
302		- $redirectUri = sprintf(
303		- '%s?state=%s&code=%s',
304		- $client->getRedirectUri(),
305		- urlencode($this->session->get('oauth.state')),
306		- urlencode($code)
307		- );
308		- $this->session->remove('oauth.state');
309		- } else {
310		- $serverPostfix = '';
	302	+ $redirectUri = sprintf(
	303	+ '%s?state=%s&code=%s',
	304	+ $client->getRedirectUri(),
	305	+ urlencode($this->session->get('oauth.state')),
	306	+ urlencode($code)
	307	+ );
	308	+ $this->session->remove('oauth.state');
	309	+ } else {
	310	+ $serverPostfix = '';
311	311
312		- if (strpos($this->request->getRequestUri(), '/index.php') !== false) {
313		- $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/index.php'));
314		- } else if (strpos($this->request->getRequestUri(), '/login/flow') !== false) {
315		- $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow'));
316		- }
	312	+ if (strpos($this->request->getRequestUri(), '/index.php') !== false) {
	313	+ $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/index.php'));
	314	+ } else if (strpos($this->request->getRequestUri(), '/login/flow') !== false) {
	315	+ $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow'));
	316	+ }
317	317
318		- $protocol = $this->request->getServerProtocol();
	318	+ $protocol = $this->request->getServerProtocol();
319	319
320		- if ($protocol !== "https") {
321		- $xForwardedProto = $this->request->getHeader('X-Forwarded-Proto');
322		- $xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl');
323		- if ($xForwardedProto === 'https' \|\| $xForwardedSSL === 'on') {
324		- $protocol = 'https';
325		- }
326		- }
	320	+ if ($protocol !== "https") {
	321	+ $xForwardedProto = $this->request->getHeader('X-Forwarded-Proto');
	322	+ $xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl');
	323	+ if ($xForwardedProto === 'https' \|\| $xForwardedSSL === 'on') {
	324	+ $protocol = 'https';
	325	+ }
	326	+ }
327	327
328	328
329		- $serverPath = $protocol . "://" . $this->request->getServerHost() . $serverPostfix;
330		- $redirectUri = 'nc://login/server:' . $serverPath . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
331		- }
	329	+ $serverPath = $protocol . "://" . $this->request->getServerHost() . $serverPostfix;
	330	+ $redirectUri = 'nc://login/server:' . $serverPath . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
	331	+ }
332	332
333		- // Clear the token from the login here
334		- $this->tokenProvider->invalidateToken($sessionId);
	333	+ // Clear the token from the login here
	334	+ $this->tokenProvider->invalidateToken($sessionId);
335	335
336		- return new Http\RedirectResponse($redirectUri);
337		- }
	336	+ return new Http\RedirectResponse($redirectUri);
	337	+ }
338	338	}

nextcloud / server

Push — master ( 9222dc...c12161 )

Status

Category

Indentation +809 added lines, -809 removed lines patch added patch discarded remove patch

Indentation +156 added lines, -156 removed lines patch added patch discarded remove patch

Indentation +400 added lines, -400 removed lines patch added patch discarded remove patch

Indentation +125 added lines, -125 removed lines patch added patch discarded remove patch

Indentation +86 added lines, -86 removed lines patch added patch discarded remove patch

Indentation +62 added lines, -62 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +62 added lines, -62 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +261 added lines, -261 removed lines patch added patch discarded remove patch