|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* @author Sujith Haridasan <[email protected]> |
|
4
|
|
|
* |
|
5
|
|
|
* @copyright Copyright (c) 2018, ownCloud GmbH |
|
6
|
|
|
* @license AGPL-3.0 |
|
7
|
|
|
* |
|
8
|
|
|
* This code is free software: you can redistribute it and/or modify |
|
9
|
|
|
* it under the terms of the GNU Affero General Public License, version 3, |
|
10
|
|
|
* as published by the Free Software Foundation. |
|
11
|
|
|
* |
|
12
|
|
|
* This program is distributed in the hope that it will be useful, |
|
13
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
14
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
15
|
|
|
* GNU Affero General Public License for more details. |
|
16
|
|
|
* |
|
17
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3, |
|
18
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/> |
|
19
|
|
|
* |
|
20
|
|
|
*/ |
|
21
|
|
|
|
|
22
|
|
|
namespace OC\User\Service; |
|
23
|
|
|
|
|
24
|
|
|
use OCP\AppFramework\Http\TemplateResponse; |
|
25
|
|
|
use OCP\AppFramework\Utility\ITimeFactory; |
|
26
|
|
|
use OCP\IConfig; |
|
27
|
|
|
use OCP\IL10N; |
|
28
|
|
|
use OCP\IURLGenerator; |
|
29
|
|
|
use OCP\IUser; |
|
30
|
|
|
use OCP\Mail\IMailer; |
|
31
|
|
|
use OCP\Security\ISecureRandom; |
|
32
|
|
|
use OCP\User\Exceptions\EmailSendFailedException; |
|
33
|
|
|
use OCP\User\Exceptions\InvalidUserTokenException; |
|
34
|
|
|
use OCP\User\Exceptions\UserTokenExpiredException; |
|
35
|
|
|
use OCP\User\Exceptions\UserTokenMismatchException; |
|
36
|
|
|
use OCP\Util; |
|
37
|
|
|
|
|
38
|
|
|
class UserSendMail { |
|
39
|
|
|
/** @var ISecureRandom */ |
|
40
|
|
|
private $secureRandom; |
|
41
|
|
|
/** @var IConfig */ |
|
42
|
|
|
private $config; |
|
43
|
|
|
/** @var IMailer */ |
|
44
|
|
|
private $mailer; |
|
45
|
|
|
/** @var IURLGenerator */ |
|
46
|
|
|
private $urlGenerator; |
|
47
|
|
|
/** @var \OC_Defaults */ |
|
48
|
|
|
private $defaults; |
|
49
|
|
|
/** @var ITimeFactory */ |
|
50
|
|
|
private $timeFactory; |
|
51
|
|
|
/** @var IL10N */ |
|
52
|
|
|
private $l10n; |
|
53
|
|
|
|
|
54
|
|
|
/** |
|
55
|
|
|
* UserSendMail constructor. |
|
56
|
|
|
* |
|
57
|
|
|
* @param ISecureRandom $secureRandom |
|
58
|
|
|
* @param IConfig $config |
|
59
|
|
|
* @param IMailer $mailer |
|
60
|
|
|
* @param IURLGenerator $urlGenerator |
|
61
|
|
|
* @param \OC_Defaults $defaults |
|
62
|
|
|
* @param ITimeFactory $timeFactory |
|
63
|
|
|
* @param IL10N $l10n |
|
64
|
|
|
*/ |
|
65
|
|
|
public function __construct(ISecureRandom $secureRandom, IConfig $config, |
|
66
|
|
|
IMailer $mailer, IURLGenerator $urlGenerator, |
|
67
|
|
|
\OC_Defaults $defaults, ITimeFactory $timeFactory, |
|
68
|
|
|
IL10N $l10n) { |
|
69
|
|
|
$this->secureRandom = $secureRandom; |
|
70
|
|
|
$this->config = $config; |
|
71
|
|
|
$this->mailer = $mailer; |
|
72
|
|
|
$this->urlGenerator = $urlGenerator; |
|
73
|
|
|
$this->defaults = $defaults; |
|
74
|
|
|
$this->timeFactory = $timeFactory; |
|
75
|
|
|
$this->l10n = $l10n; |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
/** |
|
79
|
|
|
* @param string $userId |
|
80
|
|
|
* @param string $email |
|
81
|
|
|
* @return null |
|
82
|
|
|
*/ |
|
83
|
|
|
public function generateTokenAndSendMail($userId, $email) { |
|
84
|
|
|
$fromMailAddress = Util::getDefaultEmailAddress('no-reply'); |
|
85
|
|
|
$token = $this->secureRandom->generate(21, |
|
86
|
|
|
ISecureRandom::CHAR_DIGITS, |
|
87
|
|
|
ISecureRandom::CHAR_LOWER, ISecureRandom::CHAR_UPPER); |
|
|
|
|
|
|
88
|
|
|
$this->config->setUserValue($userId, 'owncloud', |
|
89
|
|
|
'lostpassword', $this->timeFactory->getTime() . ':' . $token); |
|
90
|
|
|
|
|
91
|
|
|
// data for the mail template |
|
92
|
|
|
$mailData = [ |
|
93
|
|
|
'username' => $userId, |
|
94
|
|
|
'url' => $this->urlGenerator->linkToRouteAbsolute('core.user.setPasswordForm', ['userId' => $userId, 'token' => $token]) |
|
95
|
|
|
]; |
|
96
|
|
|
|
|
97
|
|
|
$mail = new TemplateResponse('core', 'new_user/email-html', $mailData, 'blank'); |
|
98
|
|
|
$mailContent = $mail->render(); |
|
99
|
|
|
|
|
100
|
|
|
$mail = new TemplateResponse('core', 'new_user/email-plain_text', $mailData, 'blank'); |
|
101
|
|
|
$plainTextMailContent = $mail->render(); |
|
102
|
|
|
|
|
103
|
|
|
$subject = $this->l10n->t('Your %s account was created', [$this->defaults->getName()]); |
|
104
|
|
|
|
|
105
|
|
|
$message = $this->mailer->createMessage(); |
|
106
|
|
|
$message->setTo([$email => $userId]); |
|
107
|
|
|
$message->setSubject($subject); |
|
108
|
|
|
$message->setHtmlBody($mailContent); |
|
|
|
|
|
|
109
|
|
|
$message->setPlainBody($plainTextMailContent); |
|
|
|
|
|
|
110
|
|
|
$message->setFrom([$fromMailAddress => $this->defaults->getName()]); |
|
111
|
|
|
$this->mailer->send($message); |
|
112
|
|
|
} |
|
113
|
|
|
|
|
114
|
|
|
/** |
|
115
|
|
|
* @param string $token |
|
116
|
|
|
* @param IUser $user |
|
117
|
|
|
* @return null |
|
118
|
|
|
* @throws InvalidUserTokenException |
|
119
|
|
|
* @throws UserTokenExpiredException |
|
120
|
|
|
* @throws UserTokenMismatchException |
|
121
|
|
|
*/ |
|
122
|
|
|
public function checkPasswordSetToken($token, IUser $user) { |
|
123
|
|
|
$splittedToken = \explode(':', $this->config->getUserValue($user->getUID(), 'owncloud', 'lostpassword', null)); |
|
124
|
|
|
if (\count($splittedToken) !== 2) { |
|
125
|
|
|
$this->config->deleteUserValue($user->getUID(), 'owncloud', 'lostpassword'); |
|
126
|
|
|
throw new InvalidUserTokenException('The token provided is invalid.'); |
|
127
|
|
|
} |
|
128
|
|
|
|
|
129
|
|
|
//The value 43200 = 60*60*12 = 1/2 day |
|
130
|
|
View Code Duplication |
if ($splittedToken[0] < ($this->timeFactory->getTime() - (int)$this->config->getAppValue('core', 'token_expire_time', '43200')) || |
|
|
|
|
|
|
131
|
|
|
$user->getLastLogin() > $splittedToken[0]) { |
|
132
|
|
|
$this->config->deleteUserValue($user->getUID(), 'owncloud', 'lostpassword'); |
|
133
|
|
|
throw new UserTokenExpiredException('The token provided had expired.'); |
|
134
|
|
|
} |
|
135
|
|
|
|
|
136
|
|
|
if (!\hash_equals($splittedToken[1], $token)) { |
|
137
|
|
|
throw new UserTokenMismatchException('The token provided is invalid.'); |
|
138
|
|
|
} |
|
139
|
|
|
} |
|
140
|
|
|
|
|
141
|
|
|
/** |
|
142
|
|
|
* @param $user |
|
143
|
|
|
* @return bool true when email is sent to user successfully, false when no email set to user |
|
144
|
|
|
* @throws EmailSendFailedException while sending email to user fails |
|
145
|
|
|
*/ |
|
146
|
|
|
public function sendNotificationMail($user) { |
|
147
|
|
|
$email = $user->getEMailAddress(); |
|
148
|
|
|
|
|
149
|
|
|
if ($email !== '') { |
|
150
|
|
|
try { |
|
151
|
|
|
$tmpl = new \OC_Template('core', 'lostpassword/notify'); |
|
152
|
|
|
$msg = $tmpl->fetchPage(); |
|
153
|
|
|
|
|
154
|
|
|
$message = $this->mailer->createMessage(); |
|
155
|
|
|
$message->setTo([$email => $user->getUID()]); |
|
156
|
|
|
$message->setSubject($this->l10n->t('%s password changed successfully', [$this->defaults->getName()])); |
|
157
|
|
|
$message->setPlainBody($msg); |
|
|
|
|
|
|
158
|
|
|
$message->setFrom([$email => $this->defaults->getName()]); |
|
159
|
|
|
$this->mailer->send($message); |
|
160
|
|
|
return true; |
|
161
|
|
|
} catch (\Exception $exception) { |
|
162
|
|
|
throw new EmailSendFailedException("Email could not be sent."); |
|
163
|
|
|
} |
|
164
|
|
|
} |
|
165
|
|
|
return false; |
|
166
|
|
|
} |
|
167
|
|
|
} |
|
168
|
|
|
|
owncloud /
core
Loading history...
This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.
If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.
In this case you can add the
@ignorePhpDoc annotation to the duplicate definition and it will be ignored.