Publish activity for app token created by client login flow

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-17 23:49:54 +01:00 · 2019-02-17 23:49:54 +01:00 · 149a98edf6
commit 149a98edf6
parent 2ade2bef8c
2 changed files with 65 additions and 2 deletions
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@ -26,19 +26,23 @@

 namespace OC\Core\Controller;

+use BadMethodCallException;
 use OC\Authentication\Exceptions\InvalidTokenException;
 use OC\Authentication\Exceptions\PasswordlessTokenException;
 use OC\Authentication\Token\IProvider;
 use OC\Authentication\Token\IToken;
+use OC\Settings\Activity\Provider;
 use OCA\OAuth2\Db\AccessToken;
 use OCA\OAuth2\Db\AccessTokenMapper;
 use OCA\OAuth2\Db\ClientMapper;
+use OCP\Activity\IManager as IActivityManager;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Http\StandaloneTemplateResponse;
 use OCP\Defaults;
 use OCP\IL10N;
+use OCP\ILogger;
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
@ -68,6 +72,10 @@ class ClientFlowLoginController extends Controller {
 	private $accessTokenMapper;
 	/** @var ICrypto */
 	private $crypto;
+	/** @var IActivityManager */
+	private $activityManager;
+	/** @var ILogger */
+	private $logger;

 	const stateName = 'client.flow.state.token';

@ -84,6 +92,8 @@ class ClientFlowLoginController extends Controller {
 	 * @param ClientMapper $clientMapper
 	 * @param AccessTokenMapper $accessTokenMapper
 	 * @param ICrypto $crypto
+	 * @param IActivityManager $activityManager
+	 * @param ILogger $logger
 	 */
 	public function __construct($appName,
 								IRequest $request,
@ -96,7 +106,9 @@ class ClientFlowLoginController extends Controller {
 								IURLGenerator $urlGenerator,
 								ClientMapper $clientMapper,
 								AccessTokenMapper $accessTokenMapper,
-								ICrypto $crypto) {
+								ICrypto $crypto,
+								IActivityManager $activityManager,
+								ILogger $logger) {
 		parent::__construct($appName, $request);
 		$this->userSession = $userSession;
 		$this->l10n = $l10n;
@ -108,6 +120,8 @@ class ClientFlowLoginController extends Controller {
 		$this->clientMapper = $clientMapper;
 		$this->accessTokenMapper = $accessTokenMapper;
 		$this->crypto = $crypto;
+		$this->activityManager = $activityManager;
+		$this->logger = $logger;
 	}

 	/**
@ -324,6 +338,21 @@ class ClientFlowLoginController extends Controller {
 			$this->tokenProvider->invalidateToken($sessionId);
 		}

+		$event = $this->activityManager->generateEvent();
+		$event->setApp('settings')
+			->setType('security')
+			->setAffectedUser($uid)
+			->setAuthor($uid)
+			->setSubject(Provider::APP_TOKEN_CREATED, ['name' => $generatedToken->getName()])
+			->setObject('app_token', $generatedToken->getId(), 'App Password');
+
+		try {
+			$this->activityManager->publish($event);
+		} catch (BadMethodCallException $e) {
+			$this->logger->warning('could not publish activity');
+			$this->logger->logException($e);
+		}
+
 		return new Http\RedirectResponse($redirectUri);
 	}

--- a/tests/Core/Controller/ClientFlowLoginControllerTest.php
+++ b/tests/Core/Controller/ClientFlowLoginControllerTest.php
@ -29,10 +29,13 @@ use OC\Core\Controller\ClientFlowLoginController;
 use OCA\OAuth2\Db\AccessTokenMapper;
 use OCA\OAuth2\Db\Client;
 use OCA\OAuth2\Db\ClientMapper;
+use OCP\Activity\IEvent;
+use OCP\Activity\IManager as IActivityManager;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\StandaloneTemplateResponse;
 use OCP\Defaults;
 use OCP\IL10N;
+use OCP\ILogger;
 use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
@ -66,6 +69,8 @@ class ClientFlowLoginControllerTest extends TestCase {
 	private $accessTokenMapper;
 	/** @var ICrypto|\PHPUnit_Framework_MockObject_MockObject */
 	private $crypto;
+	/** @var IActivityManager|\PHPUnit_Framework_MockObject_MockObject */
+	private $activityManager;

 	/** @var ClientFlowLoginController */
 	private $clientFlowLoginController;
@ -90,6 +95,9 @@ class ClientFlowLoginControllerTest extends TestCase {
 		$this->clientMapper = $this->createMock(ClientMapper::class);
 		$this->accessTokenMapper = $this->createMock(AccessTokenMapper::class);
 		$this->crypto = $this->createMock(ICrypto::class);
+		$this->activityManager = $this->createMock(IActivityManager::class);
+		/** @var ILogger|\PHPUnit_Framework_MockObject_MockObject $logger */
+		$logger = $this->createMock(ILogger::class);

 		$this->clientFlowLoginController = new ClientFlowLoginController(
 			'core',
@ -103,7 +111,9 @@ class ClientFlowLoginControllerTest extends TestCase {
 			$this->urlGenerator,
 			$this->clientMapper,
 			$this->accessTokenMapper,
-			$this->crypto
+			$this->crypto,
+			$this->activityManager,
+			$logger
 		);
 	}

@ -378,6 +388,12 @@ class ClientFlowLoginControllerTest extends TestCase {
 			->method('getHeader')
 			->willReturn('');

+		$this->activityManager->expects($this->once())
+			->method('generateEvent')
+			->willReturn($this->createMock(IEvent::class));
+		$this->activityManager->expects($this->once())
+			->method('publish');
+
 		$expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken');
 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
 	}
@ -462,6 +478,12 @@ class ClientFlowLoginControllerTest extends TestCase {
 			->with('MyClientIdentifier')
 			->willReturn($client);

+		$this->activityManager->expects($this->once())
+			->method('generateEvent')
+			->willReturn($this->createMock(IEvent::class));
+		$this->activityManager->expects($this->once())
+			->method('publish');
+
 		$expected = new Http\RedirectResponse('https://example.com/redirect.php?state=MyOauthState&code=MyAccessCode');
 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken', 'MyClientIdentifier'));
 	}
@ -534,6 +556,12 @@ class ClientFlowLoginControllerTest extends TestCase {
 			->method('getHeader')
 			->willReturn('');

+		$this->activityManager->expects($this->once())
+			->method('generateEvent')
+			->willReturn($this->createMock(IEvent::class));
+		$this->activityManager->expects($this->once())
+			->method('publish');
+
 		$expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken');
 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
 	}
@ -662,6 +690,12 @@ class ClientFlowLoginControllerTest extends TestCase {
 			->method('getHeader')
 			->willReturnMap($headers);

+		$this->activityManager->expects($this->once())
+			->method('generateEvent')
+			->willReturn($this->createMock(IEvent::class));
+		$this->activityManager->expects($this->once())
+			->method('publish');
+
 		$expected = new Http\RedirectResponse('nc://login/server:' . $expected . '://example.com&user:MyLoginName&password:MyGeneratedToken');
 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
 	}