improve error reporting and move format parameter to the options

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
author: Bjoern Schiessle <bjoern@schiessle.org> 2018-04-20 16:53:10 +0300
committer: Morris Jobke <hey@morrisjobke.de> 2018-04-25 14:53:56 +0300
commit: 0e0cfa0fa1b4ebc220977dfa5789f65b8d830c6e (patch)
tree: f878f301d16c23bf41aaad96dbfa6f2d2da138b5 /apps/federation/lib
parent: 63dfbb2127ec9a930778dd5d31b640c5f2cc3652 (diff)
3 files changed, 7 insertions, 32 deletions
diff --git a/apps/federation/lib/BackgroundJob/GetSharedSecret.php b/apps/federation/lib/BackgroundJob/GetSharedSecret.php
index e5e30406f0d..6f901062aca 100644
--- a/apps/federation/lib/BackgroundJob/GetSharedSecret.php
+++ b/apps/federation/lib/BackgroundJob/GetSharedSecret.php
@@ -35,7 +35,6 @@ use GuzzleHttp\Exception\RequestException;
 use GuzzleHttp\Ring\Exception\RingException;
 use OC\BackgroundJob\JobList;
 use OC\BackgroundJob\Job;
-use OCA\Federation\DbHandler;
 use OCA\Federation\TrustedServers;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Utility\ITimeFactory;
@@ -68,9 +67,6 @@ class GetSharedSecret extends Job {
 	/** @var TrustedServers  */
 	private $trustedServers;
 
-	/** @var DbHandler */
-	private $dbHandler;
-
 	/** @var IDiscoveryService  */
 	private $ocsDiscoveryService;
 
@@ -83,8 +79,6 @@ class GetSharedSecret extends Job {
 	/** @var bool */
 	protected $retainJob = false;
 
-	private $format = '?format=json';
-
 	private $defaultEndPoint = '/ocs/v2.php/apps/federation/api/v1/shared-secret';
 
 	/** @var  int  30 day = 2592000sec */
@@ -98,7 +92,6 @@ class GetSharedSecret extends Job {
 	 * @param IJobList $jobList
 	 * @param TrustedServers $trustedServers
 	 * @param ILogger $logger
-	 * @param DbHandler $dbHandler
 	 * @param IDiscoveryService $ocsDiscoveryService
 	 * @param ITimeFactory $timeFactory
 	 */
@@ -108,7 +101,6 @@ class GetSharedSecret extends Job {
 		IJobList $jobList,
 		TrustedServers $trustedServers,
 		ILogger $logger,
-		DbHandler $dbHandler,
 		IDiscoveryService $ocsDiscoveryService,
 		ITimeFactory $timeFactory
 	) {
@@ -116,7 +108,6 @@ class GetSharedSecret extends Job {
 		$this->httpClient = $httpClientService->newClient();
 		$this->jobList = $jobList;
 		$this->urlGenerator = $urlGenerator;
-		$this->dbHandler = $dbHandler;
 		$this->ocsDiscoveryService = $ocsDiscoveryService;
 		$this->trustedServers = $trustedServers;
 		$this->timeFactory = $timeFactory;
@@ -172,7 +163,7 @@ class GetSharedSecret extends Job {
 		$endPoint = isset($endPoints['shared-secret']) ? $endPoints['shared-secret'] : $this->defaultEndPoint;
 
 		// make sure that we have a well formatted url
-		$url = rtrim($target, '/') . '/' . trim($endPoint, '/') . $this->format;
+		$url = rtrim($target, '/') . '/' . trim($endPoint, '/');
 
 		$result = null;
 		try {
@@ -182,7 +173,8 @@ class GetSharedSecret extends Job {
 					'query' =>
 						[
 							'url' => $source,
-							'token' => $token
+							'token' => $token,
+							'format' => 'json',
 						],
 					'timeout' => 3,
 					'connect_timeout' => 3,
@@ -223,9 +215,6 @@ class GetSharedSecret extends Job {
 			&& $status !== Http::STATUS_FORBIDDEN
 		) {
 			$this->retainJob = true;
-		}  else {
-			// reset token if we received a valid response
-			$this->dbHandler->addToken($target, '');
 		}
 
 		if ($status === Http::STATUS_OK && $result instanceof IResponse) {
@@ -238,7 +227,7 @@ class GetSharedSecret extends Job {
 				);
 			} else {
 				$this->logger->error(
-						'remote server "' . $target . '"" does not return a valid shared secret',
+						'remote server "' . $target . '"" does not return a valid shared secret. Received data: ' . $body,
 						['app' => 'federation']
 				);
 				$this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE);
diff --git a/apps/federation/lib/BackgroundJob/RequestSharedSecret.php b/apps/federation/lib/BackgroundJob/RequestSharedSecret.php
index e165c24bdf2..fb9fd25888f 100644
--- a/apps/federation/lib/BackgroundJob/RequestSharedSecret.php
+++ b/apps/federation/lib/BackgroundJob/RequestSharedSecret.php
@@ -36,7 +36,6 @@ use GuzzleHttp\Exception\RequestException;
 use GuzzleHttp\Ring\Exception\RingException;
 use OC\BackgroundJob\JobList;
 use OC\BackgroundJob\Job;
-use OCA\Federation\DbHandler;
 use OCA\Federation\TrustedServers;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Utility\ITimeFactory;
@@ -65,9 +64,6 @@ class RequestSharedSecret extends Job {
 	/** @var IURLGenerator */
 	private $urlGenerator;
 
-	/** @var DbHandler */
-	private $dbHandler;
-
 	/** @var TrustedServers */
 	private $trustedServers;
 
@@ -83,8 +79,6 @@ class RequestSharedSecret extends Job {
 	/** @var bool */
 	protected $retainJob = false;
 
-	private $format = '?format=json';
-
 	private $defaultEndPoint = '/ocs/v2.php/apps/federation/api/v1/request-shared-secret';
 
 	/** @var  int  30 day = 2592000sec */
@@ -97,7 +91,6 @@ class RequestSharedSecret extends Job {
 	 * @param IURLGenerator $urlGenerator
 	 * @param IJobList $jobList
 	 * @param TrustedServers $trustedServers
-	 * @param DbHandler $dbHandler
 	 * @param IDiscoveryService $ocsDiscoveryService
 	 * @param ILogger $logger
 	 * @param ITimeFactory $timeFactory
@@ -107,7 +100,6 @@ class RequestSharedSecret extends Job {
 		IURLGenerator $urlGenerator,
 		IJobList $jobList,
 		TrustedServers $trustedServers,
-		DbHandler $dbHandler,
 		IDiscoveryService $ocsDiscoveryService,
 		ILogger $logger,
 		ITimeFactory $timeFactory
@@ -115,7 +107,6 @@ class RequestSharedSecret extends Job {
 		$this->httpClient = $httpClientService->newClient();
 		$this->jobList = $jobList;
 		$this->urlGenerator = $urlGenerator;
-		$this->dbHandler = $dbHandler;
 		$this->logger = $logger;
 		$this->ocsDiscoveryService = $ocsDiscoveryService;
 		$this->trustedServers = $trustedServers;
@@ -174,7 +165,7 @@ class RequestSharedSecret extends Job {
 		$endPoint = isset($endPoints['shared-secret']) ? $endPoints['shared-secret'] : $this->defaultEndPoint;
 
 		// make sure that we have a well formated url
-		$url = rtrim($target, '/') . '/' . trim($endPoint, '/') . $this->format;
+		$url = rtrim($target, '/') . '/' . trim($endPoint, '/');
 
 		try {
 			$result = $this->httpClient->post(
@@ -183,6 +174,7 @@ class RequestSharedSecret extends Job {
 					'body' => [
 						'url' => $source,
 						'token' => $token,
+						'format' => 'json',
 					],
 					'timeout' => 3,
 					'connect_timeout' => 3,
@@ -217,11 +209,6 @@ class RequestSharedSecret extends Job {
 			$this->retainJob = true;
 		}
 
-		if ($status === Http::STATUS_FORBIDDEN) {
-			// clear token if remote server refuses to ask for shared secret
-			$this->dbHandler->addToken($target, '');
-		}
-
 	}
 
 	/**
diff --git a/apps/federation/lib/Controller/OCSAuthAPIController.php b/apps/federation/lib/Controller/OCSAuthAPIController.php
index a1284a4e3ad..0433cd04b1b 100644
--- a/apps/federation/lib/Controller/OCSAuthAPIController.php
+++ b/apps/federation/lib/Controller/OCSAuthAPIController.php
@@ -182,6 +182,7 @@ class OCSAuthAPIController extends OCSController{
 	 * @throws OCSForbiddenException
 	 */
 	public function getSharedSecret($url, $token) {
+
 		if ($this->trustedServers->isTrustedServer($url) === false) {
 			$this->logger->error('remote server not trusted (' . $url . ') while getting shared secret', ['app' => 'federation']);
 			throw new OCSForbiddenException();
@@ -199,8 +200,6 @@ class OCSAuthAPIController extends OCSController{
 		$sharedSecret = $this->secureRandom->generate(32);
 
 		$this->trustedServers->addSharedSecret($url, $sharedSecret);
-		// reset token after the exchange of the shared secret was successful
-		$this->dbHandler->addToken($url, '');
 
 		return new Http\DataResponse([
 			'sharedSecret' => $sharedSecret
author	Bjoern Schiessle <bjoern@schiessle.org>	2018-04-20 16:53:10 +0300
committer	Morris Jobke <hey@morrisjobke.de>	2018-04-25 14:53:56 +0300
commit	0e0cfa0fa1b4ebc220977dfa5789f65b8d830c6e (patch)
tree	f878f301d16c23bf41aaad96dbfa6f2d2da138b5 /apps/federation/lib
parent	63dfbb2127ec9a930778dd5d31b640c5f2cc3652 (diff)