nextcloud · shdehnavi · Jul 7, 2023 · Jul 14, 2023 · Jul 14, 2023 · Jul 14, 2023
@@ -102,6 +102,7 @@ public function getAppPassword(): DataResponse {
 
 	/**
 	 * @NoAdminRequired
+	 * @throws OCSForbiddenException
 	 */
 	public function deleteAppPassword(): DataResponse {
 		if (!$this->session->exists('app_password')) {
@@ -122,6 +123,7 @@ public function deleteAppPassword(): DataResponse {
 
 	/**
 	 * @NoAdminRequired
+	 * @throws OCSForbiddenException
 	 */
 	public function rotateAppPassword(): DataResponse {
 		if (!$this->session->exists('app_password')) {

@@ -31,16 +31,20 @@
 namespace OC\Core\Controller;
 
 use OC\AppFramework\Utility\TimeFactory;
+use OC\Files\Filesystem;
+use OC\NotSquareException;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\DataDisplayResponse;
 use OCP\AppFramework\Http\FileDisplayResponse;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\Files\File;
 use OCP\Files\IRootFolder;
+use OCP\Files\NotPermittedException;
 use OCP\IAvatarManager;
 use OCP\ICache;
 use OCP\IL10N;
+use OCP\Image;
 use OCP\IRequest;
 use OCP\IUserManager;
 use Psr\Log\LoggerInterface;
@@ -74,7 +78,7 @@ public function __construct(
 	 *
 	 * @return JSONResponse|FileDisplayResponse
 	 */
-	public function getAvatarDark(string $userId, int $size) {
+	public function getAvatarDark(string $userId, int $size): FileDisplayResponse|JSONResponse {
 		if ($size <= 64) {
 			if ($size !== 64) {
 				$this->logger->debug('Avatar requested in deprecated size ' . $size);
@@ -113,7 +117,7 @@ public function getAvatarDark(string $userId, int $size) {
 	 *
 	 * @return JSONResponse|FileDisplayResponse
 	 */
-	public function getAvatar(string $userId, int $size) {
+	public function getAvatar(string $userId, int $size): FileDisplayResponse|JSONResponse {
 		if ($size <= 64) {
 			if ($size !== 64) {
 				$this->logger->debug('Avatar requested in deprecated size ' . $size);
@@ -173,7 +177,7 @@ public function postAvatar(?string $path = null): JSONResponse {
 
 			try {
 				$content = $node->getContent();
-			} catch (\OCP\Files\NotPermittedException $e) {
+			} catch (NotPermittedException $e) {
 				return new JSONResponse(
 					['data' => ['message' => $this->l10n->t('The selected file cannot be read.')]],
 					Http::STATUS_BAD_REQUEST
@@ -183,7 +187,7 @@ public function postAvatar(?string $path = null): JSONResponse {
 			if (
 				$files['error'][0] === 0 &&
 				 is_uploaded_file($files['tmp_name'][0]) &&
-				!\OC\Files\Filesystem::isFileBlacklisted($files['tmp_name'][0])
+				!Filesystem::isFileBlacklisted($files['tmp_name'][0])
 			) {
 				if ($files['size'][0] > 20 * 1024 * 1024) {
 					return new JSONResponse(
@@ -221,7 +225,7 @@ public function postAvatar(?string $path = null): JSONResponse {
 		}
 
 		try {
-			$image = new \OCP\Image();
+			$image = new Image();
 			$image->loadFromData($content);
 			$image->readExif($content);
 			$image->fixOrientation();
@@ -284,7 +288,7 @@ public function deleteAvatar(): JSONResponse {
 	 *
 	 * @return JSONResponse|DataDisplayResponse
 	 */
-	public function getTmpAvatar() {
+	public function getTmpAvatar(): JSONResponse|DataDisplayResponse {
 		$tmpAvatar = $this->cache->get('tmpAvatar');
 		if (is_null($tmpAvatar)) {
 			return new JSONResponse(['data' => [
@@ -293,7 +297,7 @@ public function getTmpAvatar() {
 				Http::STATUS_NOT_FOUND);
 		}
 
-		$image = new \OCP\Image();
+		$image = new Image();
 		$image->loadFromData($tmpAvatar);
 
 		$resp = new DataDisplayResponse(
@@ -329,7 +333,7 @@ public function postCroppedAvatar(?array $crop = null): JSONResponse {
 				Http::STATUS_BAD_REQUEST);
 		}
 
-		$image = new \OCP\Image();
+		$image = new Image();
 		$image->loadFromData($tmpAvatar);
 		$image->crop($crop['x'], $crop['y'], (int)round($crop['w']), (int)round($crop['h']));
 		try {
@@ -338,7 +342,7 @@ public function postCroppedAvatar(?array $crop = null): JSONResponse {
 			// Clean up
 			$this->cache->remove('tmpAvatar');
 			return new JSONResponse(['status' => 'success']);
-		} catch (\OC\NotSquareException $e) {
+		} catch (NotSquareException $e) {
 			return new JSONResponse(['data' => ['message' => $this->l10n->t('Crop is not square')]],
 				Http::STATUS_BAD_REQUEST);
 		} catch (\Exception $e) {

@@ -39,11 +39,14 @@
 use OCA\OAuth2\Db\AccessToken;
 use OCA\OAuth2\Db\AccessTokenMapper;
 use OCA\OAuth2\Db\ClientMapper;
+use OCA\OAuth2\Exceptions\ClientNotFoundException;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\UseSession;
+use OCP\AppFramework\Http\RedirectResponse;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Http\StandaloneTemplateResponse;
+use OCP\DB\Exception;
 use OCP\Defaults;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\IL10N;
@@ -224,11 +227,15 @@ public function grantPage(string $stateToken = '',
 	/**
 	 * @NoAdminRequired
 	 *
-	 * @return Http\RedirectResponse|Response
+	 * @param string $stateToken
+	 * @param string $clientIdentifier
+	 * @return Response|StandaloneTemplateResponse|RedirectResponse
+	 * @throws ClientNotFoundException
+	 * @throws Exception
 	 */
 	#[UseSession]
 	public function generateAppPassword(string $stateToken,
-										string $clientIdentifier = '') {
+										string $clientIdentifier = ''): Response|StandaloneTemplateResponse|Http\RedirectResponse {
 		if (!$this->isValidToken($stateToken)) {
 			$this->session->remove(self::STATE_NAME);
 			return $this->stateTokenForbiddenResponse();

@@ -28,6 +28,7 @@
 namespace OC\Core\Controller;
 
 use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Token\IProvider;
 use OC\Core\Db\LoginFlowV2;
 use OC\Core\Exception\LoginFlowV2NotFoundException;
 use OC\Core\Service\LoginFlowV2Service;
@@ -170,7 +171,7 @@ public function grantPage(?string $stateToken): StandaloneTemplateResponse {
 	/**
 	 * @PublicPage
 	 */
-	public function apptokenRedirect(?string $stateToken, string $user, string $password) {
+	public function apptokenRedirect(?string $stateToken, string $user, string $password): StandaloneTemplateResponse {
 		if ($stateToken === null) {
 			return $this->stateTokenMissingResponse();
 		}
@@ -192,7 +193,7 @@ public function apptokenRedirect(?string $stateToken, string $user, string $pass
 		$this->session->remove(self::STATE_NAME);
 
 		try {
-			$token = \OC::$server->get(\OC\Authentication\Token\IProvider::class)->getToken($password);
+			$token = \OC::$server->get(IProvider::class)->getToken($password);
 			if ($token->getLoginName() !== $user) {
 				throw new InvalidTokenException('login name does not match');
 			}

@@ -54,10 +54,12 @@ public function index(?string $filter = null): array {
 	/**
 	 * @NoAdminRequired
 	 *
+	 * @param int $shareType
+	 * @param string $shareWith
 	 * @return JSONResponse|\JsonSerializable
 	 * @throws Exception
 	 */
-	public function findOne(int $shareType, string $shareWith) {
+	public function findOne(int $shareType, string $shareWith): JSONResponse|\JsonSerializable {
 		$contact = $this->manager->findOne($this->userSession->getUser(), $shareType, $shareWith);
 
 		if ($contact) {

@@ -64,7 +64,8 @@ public function __construct(
 	 *
 	 * @param string $fileName css filename with extension
 	 * @param string $appName css folder name
-	 * @return FileDisplayResponse|NotFoundResponse
+	 * @return Response
+	 * @throws \Exception
 	 */
 	public function getCss(string $fileName, string $appName): Response {
 		try {

@@ -25,6 +25,7 @@
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\FileDisplayResponse;
+use OCP\AppFramework\Http\Response;
 use OCP\IAvatarManager;
 use OCP\IRequest;
 use Psr\Log\LoggerInterface;
@@ -53,9 +54,10 @@ public function __construct(
 	 *
 	 * @param string $guestName The guest name, e.g. "Albert"
 	 * @param string $size The desired avatar size, e.g. 64 for 64x64px
-	 * @return FileDisplayResponse|Http\Response
+	 * @param bool|null $darkTheme
+	 * @return FileDisplayResponse|Response
 	 */
-	public function getAvatar(string $guestName, string $size, ?bool $darkTheme = false) {
+	public function getAvatar(string $guestName, string $size, ?bool $darkTheme = false): Http\Response|FileDisplayResponse {
 		$size = (int) $size;
 		$darkTheme = $darkTheme ?? false;
 
@@ -98,7 +100,7 @@ public function getAvatar(string $guestName, string $size, ?bool $darkTheme = fa
 	 * @PublicPage
 	 * @NoCSRFRequired
 	 */
-	public function getAvatarDark(string $guestName, string $size) {
+	public function getAvatarDark(string $guestName, string $size): Response|FileDisplayResponse {
 		return $this->getAvatar($guestName, $size, true);
 	}
 }
@@ -64,7 +64,8 @@ public function __construct(
 	 *
 	 * @param string $fileName js filename with extension
 	 * @param string $appName js folder name
-	 * @return FileDisplayResponse|NotFoundResponse
+	 * @return Response
+	 * @throws \Exception
 	 */
 	public function getJs(string $fileName, string $appName): Response {
 		try {

@@ -45,6 +45,7 @@
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\RedirectResponse;
+use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\Defaults;
 use OCP\IConfig;
@@ -86,7 +87,7 @@ public function __construct(
 	 * @return RedirectResponse
 	 */
 	#[UseSession]
-	public function logout() {
+	public function logout(): RedirectResponse {
 		$loginToken = $this->request->getCookie('nc_token');
 		if (!is_null($loginToken)) {
 			$this->config->deleteUserValue($this->userSession->getUser()->getUID(), 'login_token', $loginToken);
@@ -113,10 +114,10 @@ public function logout() {
 	 * @PublicPage
 	 * @NoCSRFRequired
 	 *
-	 * @param string $user
-	 * @param string $redirect_url
+	 * @param string|null $user
+	 * @param string|null $redirect_url
 	 *
-	 * @return TemplateResponse|RedirectResponse
+	 * @return Response
 	 */
 	#[UseSession]
 	public function showLoginForm(string $user = null, string $redirect_url = null): Http\Response {
@@ -196,7 +197,7 @@ public function showLoginForm(string $user = null, string $redirect_url = null):
 	/**
 	 * Sets the password reset state
 	 *
-	 * @param string $username
+	 * @param string|null $username
 	 */
 	private function setPasswordResetInitialState(?string $username): void {
 		if ($username !== null && $username !== '') {
@@ -264,6 +265,12 @@ private function generateRedirect(?string $redirectUrl): RedirectResponse {
 	 * @NoCSRFRequired
 	 * @BruteForceProtection(action=login)
 	 *
+	 * @param Chain $loginChain
+	 * @param string $user
+	 * @param string $password
+	 * @param string|null $redirect_url
+	 * @param string $timezone
+	 * @param string $timezone_offset
 	 * @return RedirectResponse
 	 */
 	#[UseSession]
@@ -327,7 +334,7 @@ public function tryLogin(Chain $loginChain,
 	 * @return RedirectResponse
 	 */
 	private function createLoginFailedResponse(
-		$user, $originalUser, $redirect_url, string $loginMessage) {
+		string $user, string $originalUser, string $redirect_url, string $loginMessage): RedirectResponse {
 		// Read current user and append if possible we need to
 		// return the unmodified user otherwise we will leak the login name
 		$args = $user !== null ? ['user' => $originalUser, 'direct' => 1] : [];

@@ -60,6 +60,7 @@
 use OC\Core\Exception\ResetPasswordException;
 use OC\Security\RateLimiting\Exception\RateLimitExceededException;
 use OC\Security\RateLimiting\Limiter;
+use OCP\Util;
 use Psr\Log\LoggerInterface;
 use function array_filter;
 use function count;
@@ -176,7 +177,7 @@ public function email(string $user): JSONResponse {
 
 		$user = trim($user);
 
-		\OCP\Util::emitHook(
+		Util::emitHook(
 			'\OCA\Files_Sharing\API\Server2Server',
 			'preLoginNameUsedAsUserName',
 			['uid' => &$user]
@@ -252,7 +253,6 @@ public function setPassword(string $token, string $userId, string $password, boo
 
 	/**
 	 * @throws ResetPasswordException
-	 * @throws \OCP\PreConditionNotMetException
 	 */
 	protected function sendEmail(string $input): void {
 		$user = $this->findUserByIdOrMail($input);