DbHandler.php 8.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Björn Schießle <bjoern@schiessle.org>
  6. * @author Morris Jobke <hey@morrisjobke.de>
  7. * @author Robin Appelman <robin@icewind.nl>
  8. * @author Thomas Müller <thomas.mueller@tmit.eu>
  9. *
  10. * @license AGPL-3.0
  11. *
  12. * This code is free software: you can redistribute it and/or modify
  13. * it under the terms of the GNU Affero General Public License, version 3,
  14. * as published by the Free Software Foundation.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License, version 3,
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>
  23. *
  24. */
  25. namespace OCA\Federation;
  26. use OC\Files\Filesystem;
  27. use OC\HintException;
  28. use OCP\IDBConnection;
  29. use OCP\IL10N;
  30. /**
  31. * Class DbHandler
  32. *
  33. * handles all database calls for the federation app
  34. *
  35. * @group DB
  36. * @package OCA\Federation
  37. */
  38. class DbHandler {
  39. /** @var IDBConnection */
  40. private $connection;
  41. /** @var IL10N */
  42. private $IL10N;
  43. /** @var string */
  44. private $dbTable = 'trusted_servers';
  45. /**
  46. * @param IDBConnection $connection
  47. * @param IL10N $il10n
  48. */
  49. public function __construct(
  50. IDBConnection $connection,
  51. IL10N $il10n
  52. ) {
  53. $this->connection = $connection;
  54. $this->IL10N = $il10n;
  55. }
  56. /**
  57. * add server to the list of trusted servers
  58. *
  59. * @param string $url
  60. * @return int
  61. * @throws HintException
  62. */
  63. public function addServer($url) {
  64. $hash = $this->hash($url);
  65. $url = rtrim($url, '/');
  66. $query = $this->connection->getQueryBuilder();
  67. $query->insert($this->dbTable)
  68. ->values(
  69. [
  70. 'url' => $query->createParameter('url'),
  71. 'url_hash' => $query->createParameter('url_hash'),
  72. ]
  73. )
  74. ->setParameter('url', $url)
  75. ->setParameter('url_hash', $hash);
  76. $result = $query->execute();
  77. if ($result) {
  78. return (int)$this->connection->lastInsertId('*PREFIX*'.$this->dbTable);
  79. } else {
  80. $message = 'Internal failure, Could not add ownCloud as trusted server: ' . $url;
  81. $message_t = $this->IL10N->t('Could not add server');
  82. throw new HintException($message, $message_t);
  83. }
  84. }
  85. /**
  86. * remove server from the list of trusted servers
  87. *
  88. * @param int $id
  89. */
  90. public function removeServer($id) {
  91. $query = $this->connection->getQueryBuilder();
  92. $query->delete($this->dbTable)
  93. ->where($query->expr()->eq('id', $query->createParameter('id')))
  94. ->setParameter('id', $id);
  95. $query->execute();
  96. }
  97. /**
  98. * get trusted server with given ID
  99. *
  100. * @param int $id
  101. * @return array
  102. * @throws \Exception
  103. */
  104. public function getServerById($id) {
  105. $query = $this->connection->getQueryBuilder();
  106. $query->select('*')->from($this->dbTable)
  107. ->where($query->expr()->eq('id', $query->createParameter('id')))
  108. ->setParameter('id', $id);
  109. $query->execute();
  110. $result = $query->execute()->fetchAll();
  111. if (empty($result)) {
  112. throw new \Exception('No Server found with ID: ' . $id);
  113. }
  114. return $result[0];
  115. }
  116. /**
  117. * get all trusted servers
  118. *
  119. * @return array
  120. */
  121. public function getAllServer() {
  122. $query = $this->connection->getQueryBuilder();
  123. $query->select(['url', 'url_hash', 'id', 'status', 'shared_secret', 'sync_token'])->from($this->dbTable);
  124. $result = $query->execute()->fetchAll();
  125. return $result;
  126. }
  127. /**
  128. * check if server already exists in the database table
  129. *
  130. * @param string $url
  131. * @return bool
  132. */
  133. public function serverExists($url) {
  134. $hash = $this->hash($url);
  135. $query = $this->connection->getQueryBuilder();
  136. $query->select('url')->from($this->dbTable)
  137. ->where($query->expr()->eq('url_hash', $query->createParameter('url_hash')))
  138. ->setParameter('url_hash', $hash);
  139. $result = $query->execute()->fetchAll();
  140. return !empty($result);
  141. }
  142. /**
  143. * write token to database. Token is used to exchange the secret
  144. *
  145. * @param string $url
  146. * @param string $token
  147. */
  148. public function addToken($url, $token) {
  149. $hash = $this->hash($url);
  150. $query = $this->connection->getQueryBuilder();
  151. $query->update($this->dbTable)
  152. ->set('token', $query->createParameter('token'))
  153. ->where($query->expr()->eq('url_hash', $query->createParameter('url_hash')))
  154. ->setParameter('url_hash', $hash)
  155. ->setParameter('token', $token);
  156. $query->execute();
  157. }
  158. /**
  159. * get token stored in database
  160. *
  161. * @param string $url
  162. * @return string
  163. * @throws \Exception
  164. */
  165. public function getToken($url) {
  166. $hash = $this->hash($url);
  167. $query = $this->connection->getQueryBuilder();
  168. $query->select('token')->from($this->dbTable)
  169. ->where($query->expr()->eq('url_hash', $query->createParameter('url_hash')))
  170. ->setParameter('url_hash', $hash);
  171. $result = $query->execute()->fetch();
  172. if (!isset($result['token'])) {
  173. throw new \Exception('No token found for: ' . $url);
  174. }
  175. return $result['token'];
  176. }
  177. /**
  178. * add shared Secret to database
  179. *
  180. * @param string $url
  181. * @param string $sharedSecret
  182. */
  183. public function addSharedSecret($url, $sharedSecret) {
  184. $hash = $this->hash($url);
  185. $query = $this->connection->getQueryBuilder();
  186. $query->update($this->dbTable)
  187. ->set('shared_secret', $query->createParameter('sharedSecret'))
  188. ->where($query->expr()->eq('url_hash', $query->createParameter('url_hash')))
  189. ->setParameter('url_hash', $hash)
  190. ->setParameter('sharedSecret', $sharedSecret);
  191. $query->execute();
  192. }
  193. /**
  194. * get shared secret from database
  195. *
  196. * @param string $url
  197. * @return string
  198. */
  199. public function getSharedSecret($url) {
  200. $hash = $this->hash($url);
  201. $query = $this->connection->getQueryBuilder();
  202. $query->select('shared_secret')->from($this->dbTable)
  203. ->where($query->expr()->eq('url_hash', $query->createParameter('url_hash')))
  204. ->setParameter('url_hash', $hash);
  205. $result = $query->execute()->fetch();
  206. return $result['shared_secret'];
  207. }
  208. /**
  209. * set server status
  210. *
  211. * @param string $url
  212. * @param int $status
  213. * @param string|null $token
  214. */
  215. public function setServerStatus($url, $status, $token = null) {
  216. $hash = $this->hash($url);
  217. $query = $this->connection->getQueryBuilder();
  218. $query->update($this->dbTable)
  219. ->set('status', $query->createNamedParameter($status))
  220. ->where($query->expr()->eq('url_hash', $query->createNamedParameter($hash)));
  221. if (!is_null($token)) {
  222. $query->set('sync_token', $query->createNamedParameter($token));
  223. }
  224. $query->execute();
  225. }
  226. /**
  227. * get server status
  228. *
  229. * @param string $url
  230. * @return int
  231. */
  232. public function getServerStatus($url) {
  233. $hash = $this->hash($url);
  234. $query = $this->connection->getQueryBuilder();
  235. $query->select('status')->from($this->dbTable)
  236. ->where($query->expr()->eq('url_hash', $query->createParameter('url_hash')))
  237. ->setParameter('url_hash', $hash);
  238. $result = $query->execute()->fetch();
  239. return (int)$result['status'];
  240. }
  241. /**
  242. * create hash from URL
  243. *
  244. * @param string $url
  245. * @return string
  246. */
  247. protected function hash($url) {
  248. $normalized = $this->normalizeUrl($url);
  249. return sha1($normalized);
  250. }
  251. /**
  252. * normalize URL, used to create the sha1 hash
  253. *
  254. * @param string $url
  255. * @return string
  256. */
  257. protected function normalizeUrl($url) {
  258. $normalized = $url;
  259. if (strpos($url, 'https://') === 0) {
  260. $normalized = substr($url, strlen('https://'));
  261. } else if (strpos($url, 'http://') === 0) {
  262. $normalized = substr($url, strlen('http://'));
  263. }
  264. $normalized = Filesystem::normalizePath($normalized);
  265. $normalized = trim($normalized, '/');
  266. return $normalized;
  267. }
  268. /**
  269. * @param $username
  270. * @param $password
  271. * @return bool
  272. */
  273. public function auth($username, $password) {
  274. if ($username !== 'system') {
  275. return false;
  276. }
  277. $query = $this->connection->getQueryBuilder();
  278. $query->select('url')->from($this->dbTable)
  279. ->where($query->expr()->eq('shared_secret', $query->createNamedParameter($password)));
  280. $result = $query->execute()->fetch();
  281. return !empty($result);
  282. }
  283. }