owncloud /
security
@@ -79,14 +79,14 @@ |
||
| 79 | 79 | * @param string $ip |
| 80 | 80 | * @throws LoginException |
| 81 | 81 | */ |
| 82 | - public function applyBruteForcePolicy($uid ,$ip) {
|
|
| 82 | + public function applyBruteForcePolicy($uid, $ip) {
|
|
| 83 | 83 | $banPeriod = $this->config->getBruteForceProtectionBanPeriod(); |
| 84 | - $banUntil = $this->dbConnection->getLastFailedLoginAttemptTimeForIp($ip)+$banPeriod; |
|
| 85 | - if($this->dbConnection->getSuspiciousActivityCountForUidIpCombination($uid, $ip) >= |
|
| 84 | + $banUntil = $this->dbConnection->getLastFailedLoginAttemptTimeForIp($ip) + $banPeriod; |
|
| 85 | + if ($this->dbConnection->getSuspiciousActivityCountForUidIpCombination($uid, $ip) >= |
|
| 86 | 86 | $this->config->getBruteForceProtectionFailTolerance() && |
| 87 | 87 | $banUntil > $this->timeFactory->getTime()) {
|
| 88 | 88 | throw new LoginException($this->l->t("Too many failed login attempts. Try again in %s minutes.",
|
| 89 | - ceil($banPeriod/60)) |
|
| 89 | + ceil($banPeriod / 60)) |
|
| 90 | 90 | ); |
| 91 | 91 | } |
| 92 | 92 | } |
@@ -88,7 +88,7 @@ discard block |
||
| 88 | 88 | ->will($this->returnValue($lastAttempt)); |
| 89 | 89 | $this->dbServiceMock->expects($this->once()) |
| 90 | 90 | ->method('getSuspiciousActivityCountForUidIpCombination')
|
| 91 | - ->with('test','192.168.1.1')
|
|
| 91 | + ->with('test', '192.168.1.1')
|
|
| 92 | 92 | ->will($this->returnValue($attemptCount)); |
| 93 | 93 | $this->configMock->expects($this->once()) |
| 94 | 94 | ->method('getBruteForceProtectionBanPeriod')
|
@@ -100,7 +100,7 @@ discard block |
||
| 100 | 100 | ->method('getTime')
|
| 101 | 101 | ->will($this->returnValue($time)); |
| 102 | 102 | $this->expectException('OC\User\LoginException');
|
| 103 | - $this->throttle->applyBruteForcePolicy('test','192.168.1.1');
|
|
| 103 | + $this->throttle->applyBruteForcePolicy('test', '192.168.1.1');
|
|
| 104 | 104 | } |
| 105 | 105 | public function bruteForceTestData() {
|
| 106 | 106 | return [ |
@@ -62,7 +62,7 @@ discard block |
||
| 62 | 62 | /** |
| 63 | 63 | * @param string $uid |
| 64 | 64 | */ |
| 65 | - public function addFailedLoginAttempt($uid, $ip){
|
|
| 65 | + public function addFailedLoginAttempt($uid, $ip) {
|
|
| 66 | 66 | $builder = $this->connection->getQueryBuilder(); |
| 67 | 67 | $builder->insert('failed_login_attempts')
|
| 68 | 68 | ->setValue('ip', $builder->createNamedParameter($ip))
|
@@ -78,7 +78,7 @@ discard block |
||
| 78 | 78 | */ |
| 79 | 79 | public function getSuspiciousActivityCountForUidIpCombination($uid, $ip) {
|
| 80 | 80 | $builder = $this->connection->getQueryBuilder(); |
| 81 | - $thresholdTime = (new \DateTime())->modify("-". $this->config->getBruteForceProtectionTimeThreshold() . "second")->getTimestamp();
|
|
| 81 | + $thresholdTime = (new \DateTime())->modify("-".$this->config->getBruteForceProtectionTimeThreshold()."second")->getTimestamp();
|
|
| 82 | 82 | $attempts = $builder->selectAlias($builder->createFunction('COUNT(*)'), 'count')
|
| 83 | 83 | ->from('failed_login_attempts')
|
| 84 | 84 | ->where($builder->expr()->gt('attempted_at', $builder->createNamedParameter($thresholdTime)))
|
@@ -95,7 +95,7 @@ discard block |
||
| 95 | 95 | */ |
| 96 | 96 | public function getSuspiciousActivityCountForUid($uid) {
|
| 97 | 97 | $builder = $this->connection->getQueryBuilder(); |
| 98 | - $thresholdTime = (new \DateTime())->modify("-". $this->config->getBruteForceProtectionTimeThreshold() . "second")->getTimestamp();
|
|
| 98 | + $thresholdTime = (new \DateTime())->modify("-".$this->config->getBruteForceProtectionTimeThreshold()."second")->getTimestamp();
|
|
| 99 | 99 | $attempts = $builder->selectAlias($builder->createFunction('COUNT(*)'), 'count')
|
| 100 | 100 | ->from('failed_login_attempts')
|
| 101 | 101 | ->where($builder->expr()->gt('attempted_at', $builder->createNamedParameter($thresholdTime)))
|
@@ -111,7 +111,7 @@ discard block |
||
| 111 | 111 | */ |
| 112 | 112 | public function getSuspiciousActivityCountForIp($ip) {
|
| 113 | 113 | $builder = $this->connection->getQueryBuilder(); |
| 114 | - $thresholdTime = (new \DateTime())->modify("-". $this->config->getBruteForceProtectionTimeThreshold() . "second")->getTimestamp();
|
|
| 114 | + $thresholdTime = (new \DateTime())->modify("-".$this->config->getBruteForceProtectionTimeThreshold()."second")->getTimestamp();
|
|
| 115 | 115 | $attempts = $builder->selectAlias($builder->createFunction('COUNT(*)'), 'count')
|
| 116 | 116 | ->from('failed_login_attempts')
|
| 117 | 117 | ->where($builder->expr()->gt('attempted_at', $builder->createNamedParameter($thresholdTime)))
|
@@ -127,12 +127,12 @@ discard block |
||
| 127 | 127 | */ |
| 128 | 128 | public function getLastFailedLoginAttemptTimeForIp($ip) {
|
| 129 | 129 | $builder = $this->connection->getQueryBuilder(); |
| 130 | - $thresholdTime = (new \DateTime())->modify("-". $this->config->getBruteForceProtectionTimeThreshold() . "second")->getTimestamp();
|
|
| 130 | + $thresholdTime = (new \DateTime())->modify("-".$this->config->getBruteForceProtectionTimeThreshold()."second")->getTimestamp();
|
|
| 131 | 131 | $lastAttempt = $builder->select('attempted_at')
|
| 132 | 132 | ->from('failed_login_attempts')
|
| 133 | 133 | ->where($builder->expr()->gt('attempted_at', $builder->createNamedParameter($thresholdTime)))
|
| 134 | 134 | ->andWhere($builder->expr()->eq('ip', $builder->createNamedParameter($ip)))
|
| 135 | - ->orderBy('attempted_at','DESC')
|
|
| 135 | + ->orderBy('attempted_at', 'DESC')
|
|
| 136 | 136 | ->setMaxResults(1) |
| 137 | 137 | ->execute() |
| 138 | 138 | ->fetch(); |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | public function deleteSuspiciousAttemptsForIp($ip) {
|
| 146 | 146 | $builder = $this->connection->getQueryBuilder(); |
| 147 | 147 | $builder->delete('failed_login_attempts')
|
| 148 | - ->where($builder->expr()->eq('ip',$builder->createNamedParameter($ip)))
|
|
| 148 | + ->where($builder->expr()->eq('ip', $builder->createNamedParameter($ip)))
|
|
| 149 | 149 | ->execute(); |
| 150 | 150 | } |
| 151 | 151 | |
@@ -156,7 +156,7 @@ discard block |
||
| 156 | 156 | public function deleteSuspiciousAttemptsForUidIpCombination($uid, $ip) {
|
| 157 | 157 | $builder = $this->connection->getQueryBuilder(); |
| 158 | 158 | $builder->delete('failed_login_attempts')
|
| 159 | - ->where($builder->expr()->eq('uid',$builder->createNamedParameter($uid)))
|
|
| 159 | + ->where($builder->expr()->eq('uid', $builder->createNamedParameter($uid)))
|
|
| 160 | 160 | ->andWhere($builder->expr()->eq('ip', $builder->createNamedParameter($ip)))
|
| 161 | 161 | ->execute(); |
| 162 | 162 | } |
@@ -106,7 +106,7 @@ discard block |
||
| 106 | 106 | $this->dbService->addFailedLoginAttempt("test1", "192.168.1.1");
|
| 107 | 107 | $this->dbService->addFailedLoginAttempt("test1", "192.168.1.1");
|
| 108 | 108 | $this->dbService->addFailedLoginAttempt("test2", "192.168.1.1");
|
| 109 | - $this->assertEquals(2, $this->dbService->getSuspiciousActivityCountForUidIpCombination('test1','192.168.1.1'));
|
|
| 109 | + $this->assertEquals(2, $this->dbService->getSuspiciousActivityCountForUidIpCombination('test1', '192.168.1.1'));
|
|
| 110 | 110 | } |
| 111 | 111 | |
| 112 | 112 | public function testGetLastFailedLoginAttemptTimeForIp() {
|
@@ -149,7 +149,7 @@ discard block |
||
| 149 | 149 | $result = $query->execute()->fetchAll(); |
| 150 | 150 | $this->assertSame(2, count($result)); |
| 151 | 151 | |
| 152 | - $this->dbService->deleteSuspiciousAttemptsForUidIpCombination('test1',"192.168.1.1");
|
|
| 152 | + $this->dbService->deleteSuspiciousAttemptsForUidIpCombination('test1', "192.168.1.1");
|
|
| 153 | 153 | $query = $builder->select('*')->from($this->dbTable)
|
| 154 | 154 | ->Where($builder->expr()->eq('ip', $builder->createNamedParameter("192.168.1.1")));
|
| 155 | 155 | $result = $query->execute()->fetchAll(); |
