Login flow V2

This adds the new login flow. The desktop client will open up a browser
and poll a returned endpoint at regular intervals to check if the flow
is done.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

2 files changed, 185 insertions, 0 deletions

diff --git a/core/Db/LoginFlowV2.php b/core/Db/LoginFlowV2.php
new file mode 100644
index 00000000000..07ecb659c44
--- /dev/null
+++ b/core/Db/LoginFlowV2.php
@@ -0,0 +1,85 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Core\Db;
+
+use OCP\AppFramework\Db\Entity;
+
+/**
+ * @method int getTimestamp()
+ * @method void setTimestamp(int $timestamp)
+ * @method int getStarted()
+ * @method void setStarted(int $started)
+ * @method string getPollToken()
+ * @method void setPollToken(string $token)
+ * @method string getLoginToken()
+ * @method void setLoginToken(string $token)
+ * @method string getPublicKey()
+ * @method void setPublicKey(string $key)
+ * @method string getPrivateKey()
+ * @method void setPrivateKey(string $key)
+ * @method string getClientName()
+ * @method void setClientName(string $clientName)
+ * @method string getLoginName()
+ * @method void setLoginName(string $loginName)
+ * @method string getServer()
+ * @method void setServer(string $server)
+ * @method string getAppPassword()
+ * @method void setAppPassword(string $appPassword)
+ */
+class LoginFlowV2 extends Entity {
+	/** @var int */
+	protected $timestamp;
+	/** @var int */
+	protected $started;
+	/** @var string */
+	protected $pollToken;
+	/** @var string */
+	protected $loginToken;
+	/** @var string */
+	protected $publicKey;
+	/** @var string */
+	protected $privateKey;
+	/** @var string */
+	protected $clientName;
+	/** @var string */
+	protected $loginName;
+	/** @var string */
+	protected $server;
+	/** @var string */
+	protected $appPassword;
+
+	public function __construct() {
+		$this->addType('timestamp', 'int');
+		$this->addType('started', 'int');
+		$this->addType('pollToken', 'string');
+		$this->addType('loginToken', 'string');
+		$this->addType('publicKey', 'string');
+		$this->addType('privateKey', 'string');
+		$this->addType('clientName', 'string');
+		$this->addType('loginName', 'string');
+		$this->addType('server', 'string');
+		$this->addType('appPassword', 'string');
+	}
+}
diff --git a/core/Db/LoginFlowV2Mapper.php b/core/Db/LoginFlowV2Mapper.php
new file mode 100644
index 00000000000..a9104557a76
--- /dev/null
+++ b/core/Db/LoginFlowV2Mapper.php
@@ -0,0 +1,100 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Core\Db;
+
+use OCP\AppFramework\Db\DoesNotExistException;
+use OCP\AppFramework\Db\QBMapper;
+use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\IDBConnection;
+
+class LoginFlowV2Mapper extends QBMapper {
+	private const lifetime = 1200;
+
+	/** @var ITimeFactory */
+	private $timeFactory;
+
+	public function __construct(IDBConnection $db, ITimeFactory $timeFactory) {
+		parent::__construct($db, 'login_flow_v2', LoginFlowV2::class);
+		$this->timeFactory = $timeFactory;
+	}
+
+	/**
+	 * @param string $pollToken
+	 * @return LoginFlowV2
+	 * @throws DoesNotExistException
+	 */
+	public function getByPollToken(string $pollToken): LoginFlowV2 {
+		$qb = $this->db->getQueryBuilder();
+		$qb->select('*')
+			->from($this->getTableName())
+			->where(
+				$qb->expr()->eq('poll_token', $qb->createNamedParameter($pollToken))
+			);
+
+		$entity = $this->findEntity($qb);
+		return $this->validateTimestamp($entity);
+	}
+
+	/**
+	 * @param string $loginToken
+	 * @return LoginFlowV2
+	 * @throws DoesNotExistException
+	 */
+	public function getByLoginToken(string $loginToken): LoginFlowV2 {
+		$qb = $this->db->getQueryBuilder();
+		$qb->select('*')
+			->from($this->getTableName())
+			->where(
+				$qb->expr()->eq('login_token', $qb->createNamedParameter($loginToken))
+			);
+
+		$entity = $this->findEntity($qb);
+		return $this->validateTimestamp($entity);
+	}
+
+	public function cleanup(): void {
+		$qb = $this->db->getQueryBuilder();
+		$qb->delete($this->getTableName())
+			->where(
+				$qb->expr()->lt('timestamp', $qb->createNamedParameter($this->timeFactory->getTime() - self::lifetime))
+			);
+
+		$qb->execute();
+	}
+
+	/**
+	 * @param LoginFlowV2 $flowV2
+	 * @return LoginFlowV2
+	 * @throws DoesNotExistException
+	 */
+	private function validateTimestamp(LoginFlowV2 $flowV2): LoginFlowV2 {
+		if ($flowV2->getTimestamp() < ($this->timeFactory->getTime() - self::lifetime)) {
+			$this->delete($flowV2);
+			throw new DoesNotExistException('Token expired');
+		}
+
+		return $flowV2;
+	}
+}