1
0

PublicKeyTokenMapper.php 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl>
  5. *
  6. * @author Roeland Jago Douma <roeland@famdouma.nl>
  7. *
  8. * @license GNU AGPL version 3 or any later version
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as
  12. * published by the Free Software Foundation, either version 3 of the
  13. * License, or (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. */
  24. namespace OC\Authentication\Token;
  25. use OCP\AppFramework\Db\DoesNotExistException;
  26. use OCP\AppFramework\Db\QBMapper;
  27. use OCP\DB\QueryBuilder\IQueryBuilder;
  28. use OCP\IDBConnection;
  29. class PublicKeyTokenMapper extends QBMapper {
  30. public function __construct(IDBConnection $db) {
  31. parent::__construct($db, 'authtoken');
  32. }
  33. /**
  34. * Invalidate (delete) a given token
  35. *
  36. * @param string $token
  37. */
  38. public function invalidate(string $token) {
  39. /* @var $qb IQueryBuilder */
  40. $qb = $this->db->getQueryBuilder();
  41. $qb->delete('authtoken')
  42. ->where($qb->expr()->eq('token', $qb->createNamedParameter($token)))
  43. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)))
  44. ->execute();
  45. }
  46. /**
  47. * @param int $olderThan
  48. * @param int $remember
  49. */
  50. public function invalidateOld(int $olderThan, int $remember = IToken::DO_NOT_REMEMBER) {
  51. /* @var $qb IQueryBuilder */
  52. $qb = $this->db->getQueryBuilder();
  53. $qb->delete('authtoken')
  54. ->where($qb->expr()->lt('last_activity', $qb->createNamedParameter($olderThan, IQueryBuilder::PARAM_INT)))
  55. ->andWhere($qb->expr()->eq('type', $qb->createNamedParameter(IToken::TEMPORARY_TOKEN, IQueryBuilder::PARAM_INT)))
  56. ->andWhere($qb->expr()->eq('remember', $qb->createNamedParameter($remember, IQueryBuilder::PARAM_INT)))
  57. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)))
  58. ->execute();
  59. }
  60. /**
  61. * Get the user UID for the given token
  62. *
  63. * @throws DoesNotExistException
  64. */
  65. public function getToken(string $token): PublicKeyToken {
  66. /* @var $qb IQueryBuilder */
  67. $qb = $this->db->getQueryBuilder();
  68. $result = $qb->select('*')
  69. ->from('authtoken')
  70. ->where($qb->expr()->eq('token', $qb->createNamedParameter($token)))
  71. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)))
  72. ->execute();
  73. $data = $result->fetch();
  74. $result->closeCursor();
  75. if ($data === false) {
  76. throw new DoesNotExistException('token does not exist');
  77. }
  78. return PublicKeyToken::fromRow($data);
  79. }
  80. /**
  81. * Get the token for $id
  82. *
  83. * @throws DoesNotExistException
  84. */
  85. public function getTokenById(int $id): PublicKeyToken {
  86. /* @var $qb IQueryBuilder */
  87. $qb = $this->db->getQueryBuilder();
  88. $result = $qb->select('*')
  89. ->from('authtoken')
  90. ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
  91. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)))
  92. ->execute();
  93. $data = $result->fetch();
  94. $result->closeCursor();
  95. if ($data === false) {
  96. throw new DoesNotExistException('token does not exist');
  97. }
  98. return PublicKeyToken::fromRow($data);
  99. }
  100. /**
  101. * Get all tokens of a user
  102. *
  103. * The provider may limit the number of result rows in case of an abuse
  104. * where a high number of (session) tokens is generated
  105. *
  106. * @param string $uid
  107. * @return PublicKeyToken[]
  108. */
  109. public function getTokenByUser(string $uid): array {
  110. /* @var $qb IQueryBuilder */
  111. $qb = $this->db->getQueryBuilder();
  112. $qb->select('*')
  113. ->from('authtoken')
  114. ->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
  115. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)))
  116. ->setMaxResults(1000);
  117. $result = $qb->execute();
  118. $data = $result->fetchAll();
  119. $result->closeCursor();
  120. $entities = array_map(function ($row) {
  121. return PublicKeyToken::fromRow($row);
  122. }, $data);
  123. return $entities;
  124. }
  125. public function deleteById(string $uid, int $id) {
  126. /* @var $qb IQueryBuilder */
  127. $qb = $this->db->getQueryBuilder();
  128. $qb->delete('authtoken')
  129. ->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
  130. ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
  131. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)));
  132. $qb->execute();
  133. }
  134. /**
  135. * delete all auth token which belong to a specific client if the client was deleted
  136. *
  137. * @param string $name
  138. */
  139. public function deleteByName(string $name) {
  140. $qb = $this->db->getQueryBuilder();
  141. $qb->delete('authtoken')
  142. ->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR))
  143. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)));
  144. $qb->execute();
  145. }
  146. public function deleteTempToken(PublicKeyToken $except) {
  147. $qb = $this->db->getQueryBuilder();
  148. $qb->delete('authtoken')
  149. ->where($qb->expr()->eq('type', $qb->createNamedParameter(IToken::TEMPORARY_TOKEN)))
  150. ->andWhere($qb->expr()->neq('id', $qb->createNamedParameter($except->getId())))
  151. ->andWhere($qb->expr()->eq('version', $qb->createNamedParameter(PublicKeyToken::VERSION, IQueryBuilder::PARAM_INT)));
  152. $qb->execute();
  153. }
  154. public function hasExpiredTokens(string $uid): bool {
  155. $qb = $this->db->getQueryBuilder();
  156. $qb->select('*')
  157. ->from('authtoken')
  158. ->where($qb->expr()->eq('uid', $qb->createNamedParameter($uid)))
  159. ->andWhere($qb->expr()->eq('password_invalid', $qb->createNamedParameter(true), IQueryBuilder::PARAM_BOOL))
  160. ->setMaxResults(1);
  161. $cursor = $qb->execute();
  162. $data = $cursor->fetchAll();
  163. $cursor->closeCursor();
  164. return count($data) === 1;
  165. }
  166. }