publish activities when a device is added/removed

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

3 files changed, 157 insertions, 3 deletions

diff --git a/lib/Activity/Provider.php b/lib/Activity/Provider.php
new file mode 100644
index 0000000..8e7abfe
--- /dev/null
+++ b/lib/Activity/Provider.php
@@ -0,0 +1,68 @@
+<?php
+
+/**
+ * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * Two-factor U2F
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\TwoFactorU2F\Activity;
+
+use InvalidArgumentException;
+use OCP\Activity\IEvent;
+use OCP\Activity\IProvider;
+use OCP\ILogger;
+use OCP\IURLGenerator;
+use OCP\L10N\IFactory as L10nFactory;
+
+class Provider implements IProvider {
+
+	/** @var L10nFactory */
+	private $l10n;
+
+	/** @var IURLGenerator */
+	private $urlGenerator;
+
+	/** @var ILogger */
+	private $logger;
+
+	public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) {
+		$this->logger = $logger;
+		$this->urlGenerator = $urlGenerator;
+		$this->l10n = $l10n;
+	}
+
+	public function parse($language, IEvent $event, IEvent $previousEvent = null) {
+		if ($event->getApp() !== 'twofactor_u2f') {
+			throw new InvalidArgumentException();
+		}
+
+		$l = $this->l10n->get('twofactor_u2f', $language);
+
+		$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
+		switch ($event->getSubject()) {
+			case 'u2f_device_added':
+				$event->setSubject($l->t('You added an U2F hardware token'));
+				break;
+			case 'u2f_device_removed':
+				$event->setSubject($l->t('You removed an U2F hardware token'));
+				break;
+		}
+		return $event;
+	}
+
+}
diff --git a/lib/Activity/Setting.php b/lib/Activity/Setting.php
new file mode 100644
index 0000000..be0db55
--- /dev/null
+++ b/lib/Activity/Setting.php
@@ -0,0 +1,65 @@
+<?php
+
+/**
+ * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * Two-factor U2F
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\TwoFactorU2F\Activity;
+
+use OCP\Activity\ISetting;
+use OCP\IL10N;
+
+class Setting implements ISetting {
+
+	/** @var IL10N */
+	private $l10n;
+
+	public function __construct(IL10N $l10n) {
+		$this->l10n = $l10n;
+	}
+
+	public function canChangeMail() {
+		return false;
+	}
+
+	public function canChangeStream() {
+		return false;
+	}
+
+	public function getIdentifier() {
+		return 'twofactor_u2f';
+	}
+
+	public function getName() {
+		return $this->l10n->t('U2F device');
+	}
+
+	public function getPriority() {
+		return 30;
+	}
+
+	public function isDefaultEnabledMail() {
+		return true;
+	}
+
+	public function isDefaultEnabledStream() {
+		return true;
+	}
+
+}
diff --git a/lib/Service/U2FManager.php b/lib/Service/U2FManager.php
index ac586cb..7b1c419 100644
--- a/lib/Service/U2FManager.php
+++ b/lib/Service/U2FManager.php
@@ -15,13 +15,12 @@ namespace OCA\TwoFactorU2F\Service;
 require_once(__DIR__ . '/../../vendor/yubico/u2flib-server/src/u2flib_server/U2F.php');
 
 use InvalidArgumentException;
-use OC;
 use OCA\TwoFactorU2F\Db\Registration;
 use OCA\TwoFactorU2F\Db\RegistrationMapper;
+use OCP\Activity\IManager;
 use OCP\ILogger;
 use OCP\IRequest;
 use OCP\ISession;
-use OCP\IURLGenerator;
 use OCP\IUser;
 use u2flib_server\Error;
 use u2flib_server\U2F;
@@ -40,11 +39,15 @@ class U2FManager {
 	/** @var IRequest */
 	private $request;
 
-	public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request) {
+	/** @var IManager */
+	private $activityManager;
+
+	public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request, IManager $activityManager) {
 		$this->mapper = $mapper;
 		$this->session = $session;
 		$this->logger = $logger;
 		$this->request = $request;
+		$this->activityManager = $activityManager;
 	}
 
 	private function getU2f() {
@@ -69,6 +72,7 @@ class U2FManager {
 		// TODO: use single query instead
 		foreach ($this->mapper->findRegistrations($user) as $registration) {
 			$this->mapper->delete($registration);
+			$this->publishEvent($user, 'u2f_device_removed');
 		}
 	}
 
@@ -107,10 +111,27 @@ class U2FManager {
 		$registration->setCertificate($reg->certificate);
 		$registration->setCounter($reg->counter);
 		$this->mapper->insert($registration);
+		$this->publishEvent($user, 'u2f_device_added');
 
 		$this->logger->debug(json_encode($reg));
 	}
 
+	/**
+	 * Push an U2F event the user's activity stream
+	 *
+	 * @param IUser $user
+	 * @param string $event
+	 */
+	private function publishEvent(IUser $user, $event) {
+		$activity = $this->activityManager->generateEvent();
+		$activity->setApp('twofactor_u2f')
+			->setType('twofactor')
+			->setAuthor($user->getUID())
+			->setAffectedUser($user->getUID());
+		$activity->setSubject($event);
+		$this->activityManager->publish($activity);
+	}
+
 	public function startAuthenticate(IUser $user) {
 		$u2f = $this->getU2f();
 		$reqs = $u2f->getAuthenticateData($this->getRegistrations($user));