Store.php 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
  5. *
  6. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. *
  9. * @license GNU AGPL version 3 or any later version
  10. *
  11. * This program is free software: you can redistribute it and/or modify
  12. * it under the terms of the GNU Affero General Public License as
  13. * published by the Free Software Foundation, either version 3 of the
  14. * License, or (at your option) any later version.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  23. *
  24. */
  25. namespace OC\Authentication\LoginCredentials;
  26. use OC\Authentication\Exceptions\PasswordlessTokenException;
  27. use OC\Authentication\Token\IProvider;
  28. use OCP\Authentication\Exceptions\CredentialsUnavailableException;
  29. use OCP\Authentication\Exceptions\InvalidTokenException;
  30. use OCP\Authentication\LoginCredentials\ICredentials;
  31. use OCP\Authentication\LoginCredentials\IStore;
  32. use OCP\ISession;
  33. use OCP\Session\Exceptions\SessionNotAvailableException;
  34. use OCP\Util;
  35. use Psr\Log\LoggerInterface;
  36. class Store implements IStore {
  37. /** @var ISession */
  38. private $session;
  39. /** @var LoggerInterface */
  40. private $logger;
  41. /** @var IProvider|null */
  42. private $tokenProvider;
  43. public function __construct(ISession $session,
  44. LoggerInterface $logger,
  45. ?IProvider $tokenProvider = null) {
  46. $this->session = $session;
  47. $this->logger = $logger;
  48. $this->tokenProvider = $tokenProvider;
  49. Util::connectHook('OC_User', 'post_login', $this, 'authenticate');
  50. }
  51. /**
  52. * Hook listener on post login
  53. *
  54. * @param array $params
  55. */
  56. public function authenticate(array $params) {
  57. $this->session->set('login_credentials', json_encode($params));
  58. }
  59. /**
  60. * Replace the session implementation
  61. *
  62. * @param ISession $session
  63. */
  64. public function setSession(ISession $session) {
  65. $this->session = $session;
  66. }
  67. /**
  68. * @since 12
  69. *
  70. * @return ICredentials the login credentials of the current user
  71. * @throws CredentialsUnavailableException
  72. */
  73. public function getLoginCredentials(): ICredentials {
  74. if ($this->tokenProvider === null) {
  75. throw new CredentialsUnavailableException();
  76. }
  77. $trySession = false;
  78. try {
  79. $sessionId = $this->session->getId();
  80. $token = $this->tokenProvider->getToken($sessionId);
  81. $uid = $token->getUID();
  82. $user = $token->getLoginName();
  83. $password = $this->tokenProvider->getPassword($token, $sessionId);
  84. return new Credentials($uid, $user, $password);
  85. } catch (SessionNotAvailableException $ex) {
  86. $this->logger->debug('could not get login credentials because session is unavailable', ['app' => 'core', 'exception' => $ex]);
  87. } catch (InvalidTokenException $ex) {
  88. $this->logger->debug('could not get login credentials because the token is invalid: ' . $ex->getMessage(), ['app' => 'core']);
  89. $trySession = true;
  90. } catch (PasswordlessTokenException $ex) {
  91. $this->logger->debug('could not get login credentials because the token has no password', ['app' => 'core', 'exception' => $ex]);
  92. $trySession = true;
  93. }
  94. if ($trySession && $this->session->exists('login_credentials')) {
  95. /** @var array $creds */
  96. $creds = json_decode($this->session->get('login_credentials'), true);
  97. return new Credentials(
  98. $creds['uid'],
  99. $creds['loginName'] ?? $this->session->get('loginname') ?? $creds['uid'], // Pre 20 didn't have a loginName property, hence fall back to the session value and then to the UID
  100. $creds['password']
  101. );
  102. }
  103. // If we reach this line, an exception was thrown.
  104. throw new CredentialsUnavailableException();
  105. }
  106. }