1
0

AccessTokenMapper.php 3.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
  5. *
  6. * @author Bjoern Schiessle <bjoern@schiessle.org>
  7. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  8. * @author Lukas Reschke <lukas@statuscode.ch>
  9. * @author Roeland Jago Douma <roeland@famdouma.nl>
  10. *
  11. * @license GNU AGPL version 3 or any later version
  12. *
  13. * This program is free software: you can redistribute it and/or modify
  14. * it under the terms of the GNU Affero General Public License as
  15. * published by the Free Software Foundation, either version 3 of the
  16. * License, or (at your option) any later version.
  17. *
  18. * This program is distributed in the hope that it will be useful,
  19. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  20. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  21. * GNU Affero General Public License for more details.
  22. *
  23. * You should have received a copy of the GNU Affero General Public License
  24. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  25. *
  26. */
  27. namespace OCA\OAuth2\Db;
  28. use OCA\OAuth2\Controller\OauthApiController;
  29. use OCA\OAuth2\Exceptions\AccessTokenNotFoundException;
  30. use OCP\AppFramework\Db\IMapperException;
  31. use OCP\AppFramework\Db\QBMapper;
  32. use OCP\AppFramework\Utility\ITimeFactory;
  33. use OCP\DB\Exception;
  34. use OCP\DB\QueryBuilder\IQueryBuilder;
  35. use OCP\IDBConnection;
  36. /**
  37. * @template-extends QBMapper<AccessToken>
  38. */
  39. class AccessTokenMapper extends QBMapper {
  40. public function __construct(
  41. IDBConnection $db,
  42. private ITimeFactory $timeFactory,
  43. ) {
  44. parent::__construct($db, 'oauth2_access_tokens');
  45. }
  46. /**
  47. * @param string $code
  48. * @return AccessToken
  49. * @throws AccessTokenNotFoundException
  50. */
  51. public function getByCode(string $code): AccessToken {
  52. $qb = $this->db->getQueryBuilder();
  53. $qb
  54. ->select('*')
  55. ->from($this->tableName)
  56. ->where($qb->expr()->eq('hashed_code', $qb->createNamedParameter(hash('sha512', $code))));
  57. try {
  58. $token = $this->findEntity($qb);
  59. } catch (IMapperException $e) {
  60. throw new AccessTokenNotFoundException('Could not find access token', 0, $e);
  61. }
  62. return $token;
  63. }
  64. /**
  65. * delete all access token from a given client
  66. *
  67. * @param int $id
  68. */
  69. public function deleteByClientId(int $id) {
  70. $qb = $this->db->getQueryBuilder();
  71. $qb
  72. ->delete($this->tableName)
  73. ->where($qb->expr()->eq('client_id', $qb->createNamedParameter($id, IQueryBuilder::PARAM_INT)));
  74. $qb->executeStatement();
  75. }
  76. /**
  77. * Delete access tokens that have an expired authorization code
  78. * -> those that are old enough
  79. * and which never delivered any oauth token (still in authorization state)
  80. *
  81. * @return void
  82. * @throws Exception
  83. */
  84. public function cleanupExpiredAuthorizationCode(): void {
  85. $now = $this->timeFactory->now()->getTimestamp();
  86. $maxTokenCreationTs = $now - OauthApiController::AUTHORIZATION_CODE_EXPIRES_AFTER;
  87. $qb = $this->db->getQueryBuilder();
  88. $qb
  89. ->delete($this->tableName)
  90. ->where($qb->expr()->eq('token_count', $qb->createNamedParameter(0, IQueryBuilder::PARAM_INT)))
  91. ->andWhere($qb->expr()->lt('code_created_at', $qb->createNamedParameter($maxTokenCreationTs, IQueryBuilder::PARAM_INT)));
  92. $qb->executeStatement();
  93. }
  94. }