2017-05-04 17:46:59 -04:00
< ? php
2019-12-03 13:57:53 -05:00
2018-06-13 15:25:21 -04:00
declare ( strict_types = 1 );
2019-12-03 13:57:53 -05:00
2017-05-04 17:46:59 -04:00
/**
2024-05-30 14:13:41 -04:00
* SPDX - FileCopyrightText : 2017 Nextcloud GmbH and Nextcloud contributors
* SPDX - License - Identifier : AGPL - 3.0 - or - later
2017-05-04 17:46:59 -04:00
*/
namespace OCA\OAuth2\Controller ;
2017-05-12 10:14:32 -04:00
use OCA\OAuth2\Db\AccessTokenMapper ;
2017-05-04 17:46:59 -04:00
use OCA\OAuth2\Db\Client ;
use OCA\OAuth2\Db\ClientMapper ;
use OCP\AppFramework\Controller ;
2018-06-26 09:27:20 -04:00
use OCP\AppFramework\Http ;
2018-06-08 03:52:27 -04:00
use OCP\AppFramework\Http\JSONResponse ;
2023-11-23 04:22:34 -05:00
use OCP\Authentication\Token\IProvider as IAuthTokenProvider ;
2018-06-26 09:27:20 -04:00
use OCP\IL10N ;
2017-05-04 17:46:59 -04:00
use OCP\IRequest ;
2022-11-11 02:31:14 -05:00
use OCP\IUser ;
use OCP\IUserManager ;
2023-05-22 09:39:56 -04:00
use OCP\Security\ICrypto ;
2017-05-04 17:46:59 -04:00
use OCP\Security\ISecureRandom ;
class SettingsController extends Controller {
2023-05-22 09:39:56 -04:00
2020-04-10 10:54:27 -04:00
public const validChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789' ;
2017-05-04 17:46:59 -04:00
2023-05-22 09:39:56 -04:00
public function __construct (
string $appName ,
IRequest $request ,
private ClientMapper $clientMapper ,
private ISecureRandom $secureRandom ,
private AccessTokenMapper $accessTokenMapper ,
private IL10N $l ,
private IAuthTokenProvider $tokenProvider ,
private IUserManager $userManager ,
private ICrypto $crypto
2017-05-12 10:14:32 -04:00
) {
2017-05-04 17:46:59 -04:00
parent :: __construct ( $appName , $request );
}
2018-06-08 03:52:27 -04:00
public function addClient ( string $name ,
2023-11-23 04:22:34 -05:00
string $redirectUri ) : JSONResponse {
2018-09-03 18:58:44 -04:00
if ( filter_var ( $redirectUri , FILTER_VALIDATE_URL ) === false ) {
2018-06-30 02:49:44 -04:00
return new JSONResponse ([ 'message' => $this -> l -> t ( 'Your redirect URL needs to be a full URL for example: https://yourdomain.com/path' )], Http :: STATUS_BAD_REQUEST );
2018-06-26 09:27:20 -04:00
}
2017-05-04 17:46:59 -04:00
$client = new Client ();
$client -> setName ( $name );
$client -> setRedirectUri ( $redirectUri );
2023-05-22 09:39:56 -04:00
$secret = $this -> secureRandom -> generate ( 64 , self :: validChars );
2024-08-29 11:28:01 -04:00
$hashedSecret = bin2hex ( $this -> crypto -> calculateHMAC ( $secret ));
$client -> setSecret ( $hashedSecret );
2017-05-04 17:46:59 -04:00
$client -> setClientIdentifier ( $this -> secureRandom -> generate ( 64 , self :: validChars ));
2018-06-08 03:52:27 -04:00
$client = $this -> clientMapper -> insert ( $client );
$result = [
'id' => $client -> getId (),
'name' => $client -> getName (),
'redirectUri' => $client -> getRedirectUri (),
'clientId' => $client -> getClientIdentifier (),
2023-05-22 09:39:56 -04:00
'clientSecret' => $secret ,
2018-06-08 03:52:27 -04:00
];
return new JSONResponse ( $result );
2017-05-04 17:46:59 -04:00
}
2018-06-08 03:52:27 -04:00
public function deleteClient ( int $id ) : JSONResponse {
2017-05-12 10:14:32 -04:00
$client = $this -> clientMapper -> getByUid ( $id );
2022-11-11 02:31:14 -05:00
2023-03-17 04:17:35 -04:00
$this -> userManager -> callForSeenUsers ( function ( IUser $user ) use ( $client ) {
2022-11-21 06:43:21 -05:00
$this -> tokenProvider -> invalidateTokensOfUser ( $user -> getUID (), $client -> getName ());
2022-11-11 02:31:14 -05:00
});
2017-05-12 10:14:32 -04:00
$this -> accessTokenMapper -> deleteByClientId ( $id );
2017-05-04 17:46:59 -04:00
$this -> clientMapper -> delete ( $client );
2018-06-08 03:52:27 -04:00
return new JSONResponse ([]);
}
2017-05-04 17:46:59 -04:00
}
