Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/server.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/core
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2020-07-17 10:05:16 +0300
committerJoas Schilling <coding@schilljs.com>2020-07-17 10:06:13 +0300
commit543fabe27919df81e79a16644fe4eedf9eceb07c (patch)
tree2b75d9fff2dc44e55db0e6af7a820c9ce4f9bf93 /core
parent79c677e26d861fd92cff5281aea15e9cfc7e0011 (diff)
Make magic strings of ClientFlowLogin and v2 publicly available
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'core')
-rw-r--r--core/Controller/ClientFlowLoginController.php12
-rw-r--r--core/Controller/ClientFlowLoginV2Controller.php18
2 files changed, 15 insertions, 15 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index 80cf94a7900..12c01cba651 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -78,7 +78,7 @@ class ClientFlowLoginController extends Controller {
/** @var EventDispatcherInterface */
private $eventDispatcher;
- public const stateName = 'client.flow.state.token';
+ public const STATE_NAME = 'client.flow.state.token';
/**
* @param string $appName
@@ -135,7 +135,7 @@ class ClientFlowLoginController extends Controller {
* @return bool
*/
private function isValidToken($stateToken) {
- $currentToken = $this->session->get(self::stateName);
+ $currentToken = $this->session->get(self::STATE_NAME);
if (!is_string($stateToken) || !is_string($currentToken)) {
return false;
}
@@ -198,7 +198,7 @@ class ClientFlowLoginController extends Controller {
64,
ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
);
- $this->session->set(self::stateName, $stateToken);
+ $this->session->set(self::STATE_NAME, $stateToken);
$csp = new Http\ContentSecurityPolicy();
if ($client) {
@@ -286,11 +286,11 @@ class ClientFlowLoginController extends Controller {
public function generateAppPassword($stateToken,
$clientIdentifier = '') {
if (!$this->isValidToken($stateToken)) {
- $this->session->remove(self::stateName);
+ $this->session->remove(self::STATE_NAME);
return $this->stateTokenForbiddenResponse();
}
- $this->session->remove(self::stateName);
+ $this->session->remove(self::STATE_NAME);
try {
$sessionId = $this->session->getId();
@@ -343,7 +343,7 @@ class ClientFlowLoginController extends Controller {
$this->accessTokenMapper->insert($accessToken);
$redirectUri = $client->getRedirectUri();
-
+
if (parse_url($redirectUri, PHP_URL_QUERY)) {
$redirectUri .= '&';
} else {
diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php
index d5b50dd413c..e3644531393 100644
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@@ -44,8 +44,8 @@ use OCP\IURLGenerator;
use OCP\Security\ISecureRandom;
class ClientFlowLoginV2Controller extends Controller {
- private const tokenName = 'client.flow.v2.login.token';
- private const stateName = 'client.flow.v2.state.token';
+ public const TOKEN_NAME = 'client.flow.v2.login.token';
+ public const STATE_NAME = 'client.flow.v2.state.token';
/** @var LoginFlowV2Service */
private $loginFlowV2Service;
@@ -105,7 +105,7 @@ class ClientFlowLoginV2Controller extends Controller {
return $this->loginTokenForbiddenResponse();
}
- $this->session->set(self::tokenName, $token);
+ $this->session->set(self::TOKEN_NAME, $token);
return new RedirectResponse(
$this->urlGenerator->linkToRouteAbsolute('core.ClientFlowLoginV2.showAuthPickerPage')
@@ -128,7 +128,7 @@ class ClientFlowLoginV2Controller extends Controller {
64,
ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
);
- $this->session->set(self::stateName, $stateToken);
+ $this->session->set(self::STATE_NAME, $stateToken);
return new StandaloneTemplateResponse(
$this->appName,
@@ -188,11 +188,11 @@ class ClientFlowLoginV2Controller extends Controller {
return $this->loginTokenForbiddenResponse();
}
- $loginToken = $this->session->get(self::tokenName);
+ $loginToken = $this->session->get(self::TOKEN_NAME);
// Clear session variables
- $this->session->remove(self::tokenName);
- $this->session->remove(self::stateName);
+ $this->session->remove(self::TOKEN_NAME);
+ $this->session->remove(self::STATE_NAME);
$sessionId = $this->session->getId();
$result = $this->loginFlowV2Service->flowDone($loginToken, $sessionId, $this->getServerPath(), $this->userId);
@@ -240,7 +240,7 @@ class ClientFlowLoginV2Controller extends Controller {
}
private function isValidStateToken(string $stateToken): bool {
- $currentToken = $this->session->get(self::stateName);
+ $currentToken = $this->session->get(self::STATE_NAME);
if (!is_string($stateToken) || !is_string($currentToken)) {
return false;
}
@@ -265,7 +265,7 @@ class ClientFlowLoginV2Controller extends Controller {
* @throws LoginFlowV2NotFoundException
*/
private function getFlowByLoginToken(): LoginFlowV2 {
- $currentToken = $this->session->get(self::tokenName);
+ $currentToken = $this->session->get(self::TOKEN_NAME);
if (!is_string($currentToken)) {
throw new LoginFlowV2NotFoundException('Login token not set in session');
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 13:58:47 +0300