|
@@ -99,7 +99,7 @@ discard block |
|
|
block discarded – undo |
|
99
|
99
|
int $type = IToken::TEMPORARY_TOKEN, |
|
100
|
100
|
int $remember = IToken::DO_NOT_REMEMBER): IToken { |
|
101
|
101
|
if (mb_strlen($name) > 128) { |
|
102
|
|
- $name = mb_substr($name, 0, 120) . '…'; |
|
|
102
|
+ $name = mb_substr($name, 0, 120).'…'; |
|
103
|
103
|
} |
|
104
|
104
|
|
|
105
|
105
|
$dbToken = $this->newToken($token, $uid, $loginName, $password, $name, $type, $remember); |
|
@@ -117,7 +117,7 @@ discard block |
|
|
block discarded – undo |
|
117
|
117
|
if (isset($this->cache[$tokenHash])) { |
|
118
|
118
|
if ($this->cache[$tokenHash] instanceof DoesNotExistException) { |
|
119
|
119
|
$ex = $this->cache[$tokenHash]; |
|
120
|
|
- throw new InvalidTokenException("Token does not exist: " . $ex->getMessage(), 0, $ex); |
|
|
120
|
+ throw new InvalidTokenException("Token does not exist: ".$ex->getMessage(), 0, $ex); |
|
121
|
121
|
} |
|
122
|
122
|
$token = $this->cache[$tokenHash]; |
|
123
|
123
|
} else { |
|
@@ -131,12 +131,12 @@ discard block |
|
|
block discarded – undo |
|
131
|
131
|
$this->rotate($token, $tokenId, $tokenId); |
|
132
|
132
|
} catch (DoesNotExistException $ex2) { |
|
133
|
133
|
$this->cache[$tokenHash] = $ex2; |
|
134
|
|
- throw new InvalidTokenException("Token does not exist: " . $ex->getMessage(), 0, $ex); |
|
|
134
|
+ throw new InvalidTokenException("Token does not exist: ".$ex->getMessage(), 0, $ex); |
|
135
|
135
|
} |
|
136
|
136
|
} |
|
137
|
137
|
} |
|
138
|
138
|
|
|
139
|
|
- if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) { |
|
|
139
|
+ if ((int) $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) { |
|
140
|
140
|
throw new ExpiredTokenException($token); |
|
141
|
141
|
} |
|
142
|
142
|
|
|
@@ -156,10 +156,10 @@ discard block |
|
|
block discarded – undo |
|
156
|
156
|
try { |
|
157
|
157
|
$token = $this->mapper->getTokenById($tokenId); |
|
158
|
158
|
} catch (DoesNotExistException $ex) { |
|
159
|
|
- throw new InvalidTokenException("Token with ID $tokenId does not exist: " . $ex->getMessage(), 0, $ex); |
|
|
159
|
+ throw new InvalidTokenException("Token with ID $tokenId does not exist: ".$ex->getMessage(), 0, $ex); |
|
160
|
160
|
} |
|
161
|
161
|
|
|
162
|
|
- if ((int)$token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) { |
|
|
162
|
+ if ((int) $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) { |
|
163
|
163
|
throw new ExpiredTokenException($token); |
|
164
|
164
|
} |
|
165
|
165
|
|
|
@@ -178,7 +178,7 @@ discard block |
|
|
block discarded – undo |
|
178
|
178
|
public function renewSessionToken(string $oldSessionId, string $sessionId): IToken { |
|
179
|
179
|
$this->cache->clear(); |
|
180
|
180
|
|
|
181
|
|
- return $this->atomic(function () use ($oldSessionId, $sessionId) { |
|
|
181
|
+ return $this->atomic(function() use ($oldSessionId, $sessionId) { |
|
182
|
182
|
$token = $this->getToken($oldSessionId); |
|
183
|
183
|
|
|
184
|
184
|
if (!($token instanceof PublicKeyToken)) { |
|
@@ -223,10 +223,10 @@ discard block |
|
|
block discarded – undo |
|
223
|
223
|
$this->cache->clear(); |
|
224
|
224
|
|
|
225
|
225
|
$olderThan = $this->time->getTime() - (int) $this->config->getSystemValue('session_lifetime', 60 * 60 * 24); |
|
226
|
|
- $this->logger->debug('Invalidating session tokens older than ' . date('c', $olderThan), ['app' => 'cron']); |
|
|
226
|
+ $this->logger->debug('Invalidating session tokens older than '.date('c', $olderThan), ['app' => 'cron']); |
|
227
|
227
|
$this->mapper->invalidateOld($olderThan, IToken::DO_NOT_REMEMBER); |
|
228
|
228
|
$rememberThreshold = $this->time->getTime() - (int) $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); |
|
229
|
|
- $this->logger->debug('Invalidating remembered session tokens older than ' . date('c', $rememberThreshold), ['app' => 'cron']); |
|
|
229
|
+ $this->logger->debug('Invalidating remembered session tokens older than '.date('c', $rememberThreshold), ['app' => 'cron']); |
|
230
|
230
|
$this->mapper->invalidateOld($rememberThreshold, IToken::REMEMBER); |
|
231
|
231
|
} |
|
232
|
232
|
|
|
@@ -298,7 +298,7 @@ discard block |
|
|
block discarded – undo |
|
298
|
298
|
} |
|
299
|
299
|
|
|
300
|
300
|
private function hashPassword(string $password): string { |
|
301
|
|
- return $this->hasher->hash(sha1($password) . $password); |
|
|
301
|
+ return $this->hasher->hash(sha1($password).$password); |
|
302
|
302
|
} |
|
303
|
303
|
|
|
304
|
304
|
public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken { |
|
@@ -321,7 +321,7 @@ discard block |
|
|
block discarded – undo |
|
321
|
321
|
|
|
322
|
322
|
private function encrypt(string $plaintext, string $token): string { |
|
323
|
323
|
$secret = $this->config->getSystemValue('secret'); |
|
324
|
|
- return $this->crypto->encrypt($plaintext, $token . $secret); |
|
|
324
|
+ return $this->crypto->encrypt($plaintext, $token.$secret); |
|
325
|
325
|
} |
|
326
|
326
|
|
|
327
|
327
|
/** |
|
@@ -330,7 +330,7 @@ discard block |
|
|
block discarded – undo |
|
330
|
330
|
private function decrypt(string $cipherText, string $token): string { |
|
331
|
331
|
$secret = $this->config->getSystemValue('secret'); |
|
332
|
332
|
try { |
|
333
|
|
- return $this->crypto->decrypt($cipherText, $token . $secret); |
|
|
333
|
+ return $this->crypto->decrypt($cipherText, $token.$secret); |
|
334
|
334
|
} catch (\Exception $ex) { |
|
335
|
335
|
// Retry with empty secret as a fallback for instances where the secret might not have been set by accident |
|
336
|
336
|
try { |
|
@@ -338,7 +338,7 @@ discard block |
|
|
block discarded – undo |
|
338
|
338
|
} catch (\Exception $ex2) { |
|
339
|
339
|
// Delete the invalid token |
|
340
|
340
|
$this->invalidateToken($token); |
|
341
|
|
- throw new InvalidTokenException("Could not decrypt token password: " . $ex->getMessage(), 0, $ex2); |
|
|
341
|
+ throw new InvalidTokenException("Could not decrypt token password: ".$ex->getMessage(), 0, $ex2); |
|
342
|
342
|
} |
|
343
|
343
|
} |
|
344
|
344
|
} |
|
@@ -359,7 +359,7 @@ discard block |
|
|
block discarded – undo |
|
359
|
359
|
|
|
360
|
360
|
private function hashToken(string $token): string { |
|
361
|
361
|
$secret = $this->config->getSystemValue('secret'); |
|
362
|
|
- return hash('sha512', $token . $secret); |
|
|
362
|
+ return hash('sha512', $token.$secret); |
|
363
|
363
|
} |
|
364
|
364
|
|
|
365
|
365
|
/** |
|
@@ -450,7 +450,7 @@ discard block |
|
|
block discarded – undo |
|
450
|
450
|
$passwordHash = $this->hashPassword($password); |
|
451
|
451
|
foreach ($tokens as $t) { |
|
452
|
452
|
$publicKey = $t->getPublicKey(); |
|
453
|
|
- if ($t->getPasswordHash() === null || $this->hasher->verify(sha1($password) . $password, $t->getPasswordHash())) { |
|
|
453
|
+ if ($t->getPasswordHash() === null || $this->hasher->verify(sha1($password).$password, $t->getPasswordHash())) { |
|
454
|
454
|
$t->setPassword($this->encryptPassword($password, $publicKey)); |
|
455
|
455
|
$t->setPasswordHash($passwordHash); |
|
456
|
456
|
$t->setPasswordInvalid(false); |
|
@@ -464,6 +464,6 @@ discard block |
|
|
block discarded – undo |
|
464
|
464
|
while ($error = openssl_error_string()) { |
|
465
|
465
|
$errors[] = $error; |
|
466
|
466
|
} |
|
467
|
|
- $this->logger->critical('Something is wrong with your openssl setup: ' . implode(', ', $errors)); |
|
|
467
|
+ $this->logger->critical('Something is wrong with your openssl setup: '.implode(', ', $errors)); |
|
468
|
468
|
} |
|
469
|
469
|
} |
nextcloud /
server
