OCSController.php 4.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016 Roeland Jago Douma <roeland@famdouma.nl>
  4. *
  5. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  6. * @author Daniel Kesselberg <mail@danielkesselberg.de>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. * @author Julius Härtl <jus@bitgrid.net>
  9. * @author Lukas Reschke <lukas@statuscode.ch>
  10. * @author Roeland Jago Douma <roeland@famdouma.nl>
  11. * @author Kate Döen <kate.doeen@nextcloud.com>
  12. *
  13. * @license GNU AGPL version 3 or any later version
  14. *
  15. * This program is free software: you can redistribute it and/or modify
  16. * it under the terms of the GNU Affero General Public License as
  17. * published by the Free Software Foundation, either version 3 of the
  18. * License, or (at your option) any later version.
  19. *
  20. * This program is distributed in the hope that it will be useful,
  21. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  22. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  23. * GNU Affero General Public License for more details.
  24. *
  25. * You should have received a copy of the GNU Affero General Public License
  26. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  27. *
  28. */
  29. namespace OC\Core\Controller;
  30. use OC\CapabilitiesManager;
  31. use OC\Security\IdentityProof\Manager;
  32. use OCP\AppFramework\Http;
  33. use OCP\AppFramework\Http\Attribute\ApiRoute;
  34. use OCP\AppFramework\Http\Attribute\OpenAPI;
  35. use OCP\AppFramework\Http\DataResponse;
  36. use OCP\IRequest;
  37. use OCP\IUserManager;
  38. use OCP\IUserSession;
  39. class OCSController extends \OCP\AppFramework\OCSController {
  40. public function __construct(
  41. string $appName,
  42. IRequest $request,
  43. private CapabilitiesManager $capabilitiesManager,
  44. private IUserSession $userSession,
  45. private IUserManager $userManager,
  46. private Manager $keyManager,
  47. ) {
  48. parent::__construct($appName, $request);
  49. }
  50. /**
  51. * @PublicPage
  52. */
  53. #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
  54. #[ApiRoute(verb: 'GET', url: '/config', root: '')]
  55. public function getConfig(): DataResponse {
  56. $data = [
  57. 'version' => '1.7',
  58. 'website' => 'Nextcloud',
  59. 'host' => $this->request->getServerHost(),
  60. 'contact' => '',
  61. 'ssl' => 'false',
  62. ];
  63. return new DataResponse($data);
  64. }
  65. /**
  66. * @PublicPage
  67. *
  68. * Get the capabilities
  69. *
  70. * @return DataResponse<Http::STATUS_OK, array{version: array{major: int, minor: int, micro: int, string: string, edition: '', extendedSupport: bool}, capabilities: array<string, mixed>}, array{}>
  71. *
  72. * 200: Capabilities returned
  73. */
  74. #[ApiRoute(verb: 'GET', url: '/capabilities', root: '/cloud')]
  75. public function getCapabilities(): DataResponse {
  76. $result = [];
  77. [$major, $minor, $micro] = \OCP\Util::getVersion();
  78. $result['version'] = [
  79. 'major' => (int)$major,
  80. 'minor' => (int)$minor,
  81. 'micro' => (int)$micro,
  82. 'string' => \OC_Util::getVersionString(),
  83. 'edition' => '',
  84. 'extendedSupport' => \OCP\Util::hasExtendedSupport()
  85. ];
  86. if ($this->userSession->isLoggedIn()) {
  87. $result['capabilities'] = $this->capabilitiesManager->getCapabilities();
  88. } else {
  89. $result['capabilities'] = $this->capabilitiesManager->getCapabilities(true);
  90. }
  91. $response = new DataResponse($result);
  92. $response->setETag(md5(json_encode($result)));
  93. return $response;
  94. }
  95. /**
  96. * @PublicPage
  97. * @BruteForceProtection(action=login)
  98. */
  99. #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
  100. #[ApiRoute(verb: 'POST', url: '/check', root: '/person')]
  101. public function personCheck(string $login = '', string $password = ''): DataResponse {
  102. if ($login !== '' && $password !== '') {
  103. if ($this->userManager->checkPassword($login, $password)) {
  104. return new DataResponse([
  105. 'person' => [
  106. 'personid' => $login
  107. ]
  108. ]);
  109. }
  110. $response = new DataResponse([], 102);
  111. $response->throttle();
  112. return $response;
  113. }
  114. return new DataResponse([], 101);
  115. }
  116. /**
  117. * @PublicPage
  118. */
  119. #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
  120. #[ApiRoute(verb: 'GET', url: '/key/{cloudId}', root: '/identityproof')]
  121. public function getIdentityProof(string $cloudId): DataResponse {
  122. $userObject = $this->userManager->get($cloudId);
  123. if ($userObject !== null) {
  124. $key = $this->keyManager->getKey($userObject);
  125. $data = [
  126. 'public' => $key->getPublic(),
  127. ];
  128. return new DataResponse($data);
  129. }
  130. return new DataResponse(['Account not found'], 404);
  131. }
  132. }