123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 |
- <?php
- declare(strict_types=1);
- namespace OCP\AppFramework;
- use OCP\AppFramework\Http\Attribute\BruteForceProtection;
- use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
- use OCP\AppFramework\Http\Attribute\PublicPage;
- use OCP\AppFramework\Http\Attribute\UseSession;
- use OCP\AppFramework\Http\RedirectResponse;
- use OCP\AppFramework\Http\TemplateResponse;
- use OCP\IRequest;
- use OCP\ISession;
- use OCP\IURLGenerator;
- abstract class AuthPublicShareController extends PublicShareController {
-
- protected $urlGenerator;
-
- public function __construct(string $appName,
- IRequest $request,
- ISession $session,
- IURLGenerator $urlGenerator) {
- parent::__construct($appName, $request, $session);
- $this->urlGenerator = $urlGenerator;
- }
-
-
-
- public function showAuthenticate(): TemplateResponse {
- return new TemplateResponse('core', 'publicshareauth', [], 'guest');
- }
-
- protected function showAuthFailed(): TemplateResponse {
- return new TemplateResponse('core', 'publicshareauth', ['wrongpw' => true], 'guest');
- }
-
- protected function showIdentificationResult(bool $success): TemplateResponse {
- return new TemplateResponse('core', 'publicshareauth', ['identityOk' => $success], 'guest');
- }
-
- protected function validateIdentity(?string $identityToken = null): bool {
- return false;
- }
-
- protected function generatePassword(): void {
- }
-
- protected function verifyPassword(string $password): bool {
- return false;
- }
-
- protected function authFailed() {
- }
-
- protected function authSucceeded() {
- }
-
-
-
-
- final public function authenticate(string $password = '', string $passwordRequest = 'no', string $identityToken = '') {
-
- if ($this->isAuthenticated()) {
- return $this->getRedirect();
- }
-
- if ($passwordRequest == '') {
- if ($this->validateIdentity($identityToken)) {
- $this->generatePassword();
- $response = $this->showIdentificationResult(true);
- return $response;
- } else {
- $response = $this->showIdentificationResult(false);
- $response->throttle();
- return $response;
- }
- }
- if (!$this->verifyPassword($password)) {
- $this->authFailed();
- $response = $this->showAuthFailed();
- $response->throttle();
- return $response;
- }
- $this->session->regenerateId(true, true);
- $response = $this->getRedirect();
- $this->session->set('public_link_authenticated_token', $this->getToken());
- $this->session->set('public_link_authenticated_password_hash', $this->getPasswordHash());
- $this->authSucceeded();
- return $response;
- }
-
- abstract public function showShare(): TemplateResponse;
-
- final public function getAuthenticationRedirect(string $redirect): RedirectResponse {
- return new RedirectResponse(
- $this->urlGenerator->linkToRoute($this->getRoute('showAuthenticate'), ['token' => $this->getToken(), 'redirect' => $redirect])
- );
- }
-
- private function getRoute(string $function): string {
- $app = strtolower($this->appName);
- $class = (new \ReflectionClass($this))->getShortName();
- if (str_ends_with($class, 'Controller')) {
- $class = substr($class, 0, -10);
- }
- return $app . '.' . $class . '.' . $function;
- }
-
- private function getRedirect(): RedirectResponse {
-
- $params = $this->session->get('public_link_authenticate_redirect');
- $route = $this->getRoute('showShare');
- if ($params === null) {
- $params = [
- 'token' => $this->getToken(),
- ];
- } else {
- $params = json_decode($params, true);
- if (isset($params['_route'])) {
- $route = $params['_route'];
- unset($params['_route']);
- }
-
- if (isset($params['token']) && $params['token'] !== $this->getToken()) {
- $params = [
- 'token' => $this->getToken(),
- ];
- }
-
- if (!isset($params['token'])) {
- $params = [
- 'token' => $this->getToken(),
- ];
- }
- }
- return new RedirectResponse($this->urlGenerator->linkToRoute($route, $params));
- }
- }
|