1
0

OCSController.php 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-License-Identifier: AGPL-3.0-or-later
  5. */
  6. namespace OC\Core\Controller;
  7. use OC\CapabilitiesManager;
  8. use OC\Security\IdentityProof\Manager;
  9. use OCP\AppFramework\Http;
  10. use OCP\AppFramework\Http\Attribute\ApiRoute;
  11. use OCP\AppFramework\Http\Attribute\BruteForceProtection;
  12. use OCP\AppFramework\Http\Attribute\OpenAPI;
  13. use OCP\AppFramework\Http\Attribute\PublicPage;
  14. use OCP\AppFramework\Http\DataResponse;
  15. use OCP\IRequest;
  16. use OCP\IUserManager;
  17. use OCP\IUserSession;
  18. use OCP\ServerVersion;
  19. class OCSController extends \OCP\AppFramework\OCSController {
  20. public function __construct(
  21. string $appName,
  22. IRequest $request,
  23. private CapabilitiesManager $capabilitiesManager,
  24. private IUserSession $userSession,
  25. private IUserManager $userManager,
  26. private Manager $keyManager,
  27. private ServerVersion $serverVersion,
  28. ) {
  29. parent::__construct($appName, $request);
  30. }
  31. #[PublicPage]
  32. #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
  33. #[ApiRoute(verb: 'GET', url: '/config', root: '')]
  34. public function getConfig(): DataResponse {
  35. $data = [
  36. 'version' => '1.7',
  37. 'website' => 'Nextcloud',
  38. 'host' => $this->request->getServerHost(),
  39. 'contact' => '',
  40. 'ssl' => 'false',
  41. ];
  42. return new DataResponse($data);
  43. }
  44. /**
  45. * Get the capabilities
  46. *
  47. * @return DataResponse<Http::STATUS_OK, array{version: array{major: int, minor: int, micro: int, string: string, edition: '', extendedSupport: bool}, capabilities: array<string, mixed>}, array{}>
  48. *
  49. * 200: Capabilities returned
  50. */
  51. #[PublicPage]
  52. #[ApiRoute(verb: 'GET', url: '/capabilities', root: '/cloud')]
  53. public function getCapabilities(): DataResponse {
  54. $result = [];
  55. $result['version'] = [
  56. 'major' => $this->serverVersion->getMajorVersion(),
  57. 'minor' => $this->serverVersion->getMinorVersion(),
  58. 'micro' => $this->serverVersion->getPatchVersion(),
  59. 'string' => $this->serverVersion->getVersionString(),
  60. 'edition' => '',
  61. 'extendedSupport' => \OCP\Util::hasExtendedSupport()
  62. ];
  63. if ($this->userSession->isLoggedIn()) {
  64. $result['capabilities'] = $this->capabilitiesManager->getCapabilities();
  65. } else {
  66. $result['capabilities'] = $this->capabilitiesManager->getCapabilities(true);
  67. }
  68. $response = new DataResponse($result);
  69. $response->setETag(md5(json_encode($result)));
  70. return $response;
  71. }
  72. #[PublicPage]
  73. #[BruteForceProtection(action: 'login')]
  74. #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
  75. #[ApiRoute(verb: 'POST', url: '/check', root: '/person')]
  76. public function personCheck(string $login = '', string $password = ''): DataResponse {
  77. if ($login !== '' && $password !== '') {
  78. if ($this->userManager->checkPassword($login, $password)) {
  79. return new DataResponse([
  80. 'person' => [
  81. 'personid' => $login
  82. ]
  83. ]);
  84. }
  85. $response = new DataResponse([], 102);
  86. $response->throttle();
  87. return $response;
  88. }
  89. return new DataResponse([], 101);
  90. }
  91. #[PublicPage]
  92. #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
  93. #[ApiRoute(verb: 'GET', url: '/key/{cloudId}', root: '/identityproof')]
  94. public function getIdentityProof(string $cloudId): DataResponse {
  95. $userObject = $this->userManager->get($cloudId);
  96. if ($userObject !== null) {
  97. $key = $this->keyManager->getKey($userObject);
  98. $data = [
  99. 'public' => $key->getPublic(),
  100. ];
  101. return new DataResponse($data);
  102. }
  103. return new DataResponse(['Account not found'], 404);
  104. }
  105. }