首頁 探索 說明
登入
RISCI_ATOM
/
nextcloud-server
镜像来自 https://github.com/nextcloud/server.git
1
0
複刻 0
Files 問題管理 23 Wiki
目錄樹: 063d4df478
分支列表 標籤列表
nextcloud-serve...
/
apps
/
oauth2
/
lib
/
Db
/
AccessTokenMapper.php

AccessTokenMapper.php 2.3 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. /**
    6. 

  6.  * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors
    7. 

  7.  * SPDX-License-Identifier: AGPL-3.0-or-later
    8. 

  8.  */
    9. 

  9. namespace OCA\OAuth2\Db;
    10. 

  10. 

  11. use OCA\OAuth2\Controller\OauthApiController;
    12. 

  12. use OCA\OAuth2\Exceptions\AccessTokenNotFoundException;
    13. 

  13. use OCP\AppFramework\Db\IMapperException;
    14. 

  14. use OCP\AppFramework\Db\QBMapper;
    15. 

  15. use OCP\AppFramework\Utility\ITimeFactory;
    16. 

  16. use OCP\DB\Exception;
    17. 

  17. use OCP\DB\QueryBuilder\IQueryBuilder;
    18. 

  18. use OCP\IDBConnection;
    19. 

  19. 

  20. /**
    21. 

  21.  * @template-extends QBMapper<AccessToken>
    22. 

  22.  */
    23. 

  23. class AccessTokenMapper extends QBMapper {
    24. 

  24. 

  25. 	public function __construct(
    26. 

  26. 		IDBConnection $db,
    27. 

  27. 		private ITimeFactory $timeFactory,
    28. 

  28. 	) {
    29. 

  29. 		parent::__construct($db, 'oauth2_access_tokens');
    30. 

  30. 	}
    31. 

  31. 

  32. 	/**
    33. 

  33. 	 * @param string $code
    34. 

  34. 	 * @return AccessToken
    35. 

  35. 	 * @throws AccessTokenNotFoundException
    36. 

  36. 	 */
    37. 

  37. 	public function getByCode(string $code): AccessToken {
    38. 

  38. 		$qb = $this->db->getQueryBuilder();
    39. 

  39. 		$qb
    40. 

  40. 			->select('*')
    41. 

  41. 			->from($this->tableName)
    42. 

  42. 			->where($qb->expr()->eq('hashed_code', $qb->createNamedParameter(hash('sha512', $code))));
    43. 

  43. 

  44. 		try {
    45. 

  45. 			$token = $this->findEntity($qb);
    46. 

  46. 		} catch (IMapperException $e) {
    47. 

  47. 			throw new AccessTokenNotFoundException('Could not find access token', 0, $e);
    48. 

  48. 		}
    49. 

  49. 

  50. 		return $token;
    51. 

  51. 	}
    52. 

  52. 

  53. 	/**
    54. 

  54. 	 * delete all access token from a given client
    55. 

  55. 	 *
    56. 

  56. 	 * @param int $id
    57. 

  57. 	 */
    58. 

  58. 	public function deleteByClientId(int $id) {
    59. 

  59. 		$qb = $this->db->getQueryBuilder();
    60. 

  60. 		$qb
    61. 

  61. 			->delete($this->tableName)
    62. 

  62. 			->where($qb->expr()->eq('client_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
    63. 

  63. 		$qb->executeStatement();
    64. 

  64. 	}
    65. 

  65. 

  66. 	/**
    67. 

  67. 	 * Delete access tokens that have an expired authorization code
    68. 

  68. 	 * -> those that are old enough
    69. 

  69. 	 * and which never delivered any oauth token (still in authorization state)
    70. 

  70. 	 *
    71. 

  71. 	 * @return void
    72. 

  72. 	 * @throws Exception
    73. 

  73. 	 */
    74. 

  74. 	public function cleanupExpiredAuthorizationCode(): void {
    75. 

  75. 		$now = $this->timeFactory->now()->getTimestamp();
    76. 

  76. 		$maxTokenCreationTs = $now - OauthApiController::AUTHORIZATION_CODE_EXPIRES_AFTER;
    77. 

  77. 

  78. 		$qb = $this->db->getQueryBuilder();
    79. 

  79. 		$qb
    80. 

  80. 			->delete($this->tableName)
    81. 

  81. 			->where($qb->expr()->eq('token_count', $qb->createNamedParameter(0, IQueryBuilder::PARAM_INT)))
    82. 

  82. 			->andWhere($qb->expr()->lt('code_created_at', $qb->createNamedParameter($maxTokenCreationTs, IQueryBuilder::PARAM_INT)));
    83. 

  83. 		$qb->executeStatement();
    84. 

  84. 	}
    85. 

  85. }
    86.