Publish activity for app token created by client login flow

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
This commit is contained in:
Daniel Kesselberg 2019-02-17 23:49:54 +01:00
parent 2ade2bef8c
commit 149a98edf6
No known key found for this signature in database
GPG key ID: 36E3664E099D0614
2 changed files with 65 additions and 2 deletions

View file

@ -26,19 +26,23 @@
namespace OC\Core\Controller;
use BadMethodCallException;
use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Exceptions\PasswordlessTokenException;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OC\Settings\Activity\Provider;
use OCA\OAuth2\Db\AccessToken;
use OCA\OAuth2\Db\AccessTokenMapper;
use OCA\OAuth2\Db\ClientMapper;
use OCP\Activity\IManager as IActivityManager;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Response;
use OCP\AppFramework\Http\StandaloneTemplateResponse;
use OCP\Defaults;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
@ -68,6 +72,10 @@ class ClientFlowLoginController extends Controller {
private $accessTokenMapper;
/** @var ICrypto */
private $crypto;
/** @var IActivityManager */
private $activityManager;
/** @var ILogger */
private $logger;
const stateName = 'client.flow.state.token';
@ -84,6 +92,8 @@ class ClientFlowLoginController extends Controller {
* @param ClientMapper $clientMapper
* @param AccessTokenMapper $accessTokenMapper
* @param ICrypto $crypto
* @param IActivityManager $activityManager
* @param ILogger $logger
*/
public function __construct($appName,
IRequest $request,
@ -96,7 +106,9 @@ class ClientFlowLoginController extends Controller {
IURLGenerator $urlGenerator,
ClientMapper $clientMapper,
AccessTokenMapper $accessTokenMapper,
ICrypto $crypto) {
ICrypto $crypto,
IActivityManager $activityManager,
ILogger $logger) {
parent::__construct($appName, $request);
$this->userSession = $userSession;
$this->l10n = $l10n;
@ -108,6 +120,8 @@ class ClientFlowLoginController extends Controller {
$this->clientMapper = $clientMapper;
$this->accessTokenMapper = $accessTokenMapper;
$this->crypto = $crypto;
$this->activityManager = $activityManager;
$this->logger = $logger;
}
/**
@ -324,6 +338,21 @@ class ClientFlowLoginController extends Controller {
$this->tokenProvider->invalidateToken($sessionId);
}
$event = $this->activityManager->generateEvent();
$event->setApp('settings')
->setType('security')
->setAffectedUser($uid)
->setAuthor($uid)
->setSubject(Provider::APP_TOKEN_CREATED, ['name' => $generatedToken->getName()])
->setObject('app_token', $generatedToken->getId(), 'App Password');
try {
$this->activityManager->publish($event);
} catch (BadMethodCallException $e) {
$this->logger->warning('could not publish activity');
$this->logger->logException($e);
}
return new Http\RedirectResponse($redirectUri);
}

View file

@ -29,10 +29,13 @@ use OC\Core\Controller\ClientFlowLoginController;
use OCA\OAuth2\Db\AccessTokenMapper;
use OCA\OAuth2\Db\Client;
use OCA\OAuth2\Db\ClientMapper;
use OCP\Activity\IEvent;
use OCP\Activity\IManager as IActivityManager;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\StandaloneTemplateResponse;
use OCP\Defaults;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
@ -66,6 +69,8 @@ class ClientFlowLoginControllerTest extends TestCase {
private $accessTokenMapper;
/** @var ICrypto|\PHPUnit_Framework_MockObject_MockObject */
private $crypto;
/** @var IActivityManager|\PHPUnit_Framework_MockObject_MockObject */
private $activityManager;
/** @var ClientFlowLoginController */
private $clientFlowLoginController;
@ -90,6 +95,9 @@ class ClientFlowLoginControllerTest extends TestCase {
$this->clientMapper = $this->createMock(ClientMapper::class);
$this->accessTokenMapper = $this->createMock(AccessTokenMapper::class);
$this->crypto = $this->createMock(ICrypto::class);
$this->activityManager = $this->createMock(IActivityManager::class);
/** @var ILogger|\PHPUnit_Framework_MockObject_MockObject $logger */
$logger = $this->createMock(ILogger::class);
$this->clientFlowLoginController = new ClientFlowLoginController(
'core',
@ -103,7 +111,9 @@ class ClientFlowLoginControllerTest extends TestCase {
$this->urlGenerator,
$this->clientMapper,
$this->accessTokenMapper,
$this->crypto
$this->crypto,
$this->activityManager,
$logger
);
}
@ -378,6 +388,12 @@ class ClientFlowLoginControllerTest extends TestCase {
->method('getHeader')
->willReturn('');
$this->activityManager->expects($this->once())
->method('generateEvent')
->willReturn($this->createMock(IEvent::class));
$this->activityManager->expects($this->once())
->method('publish');
$expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken');
$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
}
@ -462,6 +478,12 @@ class ClientFlowLoginControllerTest extends TestCase {
->with('MyClientIdentifier')
->willReturn($client);
$this->activityManager->expects($this->once())
->method('generateEvent')
->willReturn($this->createMock(IEvent::class));
$this->activityManager->expects($this->once())
->method('publish');
$expected = new Http\RedirectResponse('https://example.com/redirect.php?state=MyOauthState&code=MyAccessCode');
$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken', 'MyClientIdentifier'));
}
@ -534,6 +556,12 @@ class ClientFlowLoginControllerTest extends TestCase {
->method('getHeader')
->willReturn('');
$this->activityManager->expects($this->once())
->method('generateEvent')
->willReturn($this->createMock(IEvent::class));
$this->activityManager->expects($this->once())
->method('publish');
$expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken');
$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
}
@ -662,6 +690,12 @@ class ClientFlowLoginControllerTest extends TestCase {
->method('getHeader')
->willReturnMap($headers);
$this->activityManager->expects($this->once())
->method('generateEvent')
->willReturn($this->createMock(IEvent::class));
$this->activityManager->expects($this->once())
->method('publish');
$expected = new Http\RedirectResponse('nc://login/server:' . $expected . '://example.com&user:MyLoginName&password:MyGeneratedToken');
$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
}