diff options
author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2016-12-13 16:37:08 +0300 |
---|---|---|
committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2016-12-13 16:37:08 +0300 |
commit | 69a4ca70afaf67c7b35623e407eac4f47b59cce0 (patch) | |
tree | bd30388295418d3be2ea5f43509f58c653c7b568 /lib | |
parent | 323a06770bb6101ba85e761da0856a16e0780d40 (diff) |
publish activities when a device is added/removed
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Activity/Provider.php | 68 | ||||
-rw-r--r-- | lib/Activity/Setting.php | 65 | ||||
-rw-r--r-- | lib/Service/U2FManager.php | 27 |
3 files changed, 157 insertions, 3 deletions
diff --git a/lib/Activity/Provider.php b/lib/Activity/Provider.php new file mode 100644 index 0000000..8e7abfe --- /dev/null +++ b/lib/Activity/Provider.php @@ -0,0 +1,68 @@ +<?php + +/** + * @author Christoph Wurst <christoph@winzerhof-wurst.at> + * @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * Two-factor U2F + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\TwoFactorU2F\Activity; + +use InvalidArgumentException; +use OCP\Activity\IEvent; +use OCP\Activity\IProvider; +use OCP\ILogger; +use OCP\IURLGenerator; +use OCP\L10N\IFactory as L10nFactory; + +class Provider implements IProvider { + + /** @var L10nFactory */ + private $l10n; + + /** @var IURLGenerator */ + private $urlGenerator; + + /** @var ILogger */ + private $logger; + + public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) { + $this->logger = $logger; + $this->urlGenerator = $urlGenerator; + $this->l10n = $l10n; + } + + public function parse($language, IEvent $event, IEvent $previousEvent = null) { + if ($event->getApp() !== 'twofactor_u2f') { + throw new InvalidArgumentException(); + } + + $l = $this->l10n->get('twofactor_u2f', $language); + + $event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg'))); + switch ($event->getSubject()) { + case 'u2f_device_added': + $event->setSubject($l->t('You added an U2F hardware token')); + break; + case 'u2f_device_removed': + $event->setSubject($l->t('You removed an U2F hardware token')); + break; + } + return $event; + } + +} diff --git a/lib/Activity/Setting.php b/lib/Activity/Setting.php new file mode 100644 index 0000000..be0db55 --- /dev/null +++ b/lib/Activity/Setting.php @@ -0,0 +1,65 @@ +<?php + +/** + * @author Christoph Wurst <christoph@winzerhof-wurst.at> + * @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at> + * + * Two-factor U2F + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\TwoFactorU2F\Activity; + +use OCP\Activity\ISetting; +use OCP\IL10N; + +class Setting implements ISetting { + + /** @var IL10N */ + private $l10n; + + public function __construct(IL10N $l10n) { + $this->l10n = $l10n; + } + + public function canChangeMail() { + return false; + } + + public function canChangeStream() { + return false; + } + + public function getIdentifier() { + return 'twofactor_u2f'; + } + + public function getName() { + return $this->l10n->t('U2F device'); + } + + public function getPriority() { + return 30; + } + + public function isDefaultEnabledMail() { + return true; + } + + public function isDefaultEnabledStream() { + return true; + } + +} diff --git a/lib/Service/U2FManager.php b/lib/Service/U2FManager.php index ac586cb..7b1c419 100644 --- a/lib/Service/U2FManager.php +++ b/lib/Service/U2FManager.php @@ -15,13 +15,12 @@ namespace OCA\TwoFactorU2F\Service; require_once(__DIR__ . '/../../vendor/yubico/u2flib-server/src/u2flib_server/U2F.php'); use InvalidArgumentException; -use OC; use OCA\TwoFactorU2F\Db\Registration; use OCA\TwoFactorU2F\Db\RegistrationMapper; +use OCP\Activity\IManager; use OCP\ILogger; use OCP\IRequest; use OCP\ISession; -use OCP\IURLGenerator; use OCP\IUser; use u2flib_server\Error; use u2flib_server\U2F; @@ -40,11 +39,15 @@ class U2FManager { /** @var IRequest */ private $request; - public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request) { + /** @var IManager */ + private $activityManager; + + public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request, IManager $activityManager) { $this->mapper = $mapper; $this->session = $session; $this->logger = $logger; $this->request = $request; + $this->activityManager = $activityManager; } private function getU2f() { @@ -69,6 +72,7 @@ class U2FManager { // TODO: use single query instead foreach ($this->mapper->findRegistrations($user) as $registration) { $this->mapper->delete($registration); + $this->publishEvent($user, 'u2f_device_removed'); } } @@ -107,10 +111,27 @@ class U2FManager { $registration->setCertificate($reg->certificate); $registration->setCounter($reg->counter); $this->mapper->insert($registration); + $this->publishEvent($user, 'u2f_device_added'); $this->logger->debug(json_encode($reg)); } + /** + * Push an U2F event the user's activity stream + * + * @param IUser $user + * @param string $event + */ + private function publishEvent(IUser $user, $event) { + $activity = $this->activityManager->generateEvent(); + $activity->setApp('twofactor_u2f') + ->setType('twofactor') + ->setAuthor($user->getUID()) + ->setAffectedUser($user->getUID()); + $activity->setSubject($event); + $this->activityManager->publish($activity); + } + public function startAuthenticate(IUser $user) { $u2f = $this->getU2f(); $reqs = $u2f->getAuthenticateData($this->getRegistrations($user)); |